跳到正文
W Winse Blog

Article

ops datastore network 2 min read

请求复制/镜像

在测试一个新功能,如果写入原程序的情况下再写一份到新的程序呢?比如Elasticsearch和OpenSearch。还有把生产的流量引一份出来测试,如果来实现呢?

一般的转换功能复制,如logstash、vector,但这些不能返回结果,不符合。只能往反向代理上找:nginx。

# nginx_http_mirror_module模块

当请求到达 Nginx 时,如果 Nginx 开启了流量镜像功能,就会将请求复制一份,并根据 mirror location 中的配置来处理这份复制的请求。

# 配置

  listen 9200;
  server_name elasticsearch;
  client_max_body_size 50m;

# error_log /var/log/nginx/elasticsearch-errors.log;
# access_log /var/log/nginx/elasticsearch.log;

  location / {
  
    # Deny Nodes shutdown API
    if ($request_filename ~ "_shutdown") { 
      return 403;
      break;
    }
    
    # Deny access to cluster API
    if ($request_filename ~ "_cluster") {
      return 403;
      break;
    }
    
    # Pass requests to ETasticsearch
    proxy_pass http://localhost:9201;
    proxy_redirect off;
    
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host $http_host;
    
    # For CORS Ajax 
    proxy_pass_header Access-Control-Allow-origin;
    proxy_pass_header Access-Control-Allow-Method proxy_hide_header Access-Control-Allow-Headers;
    add_header Access-control-A1low-Headers 'X-Requested-with, Content-Type';
    # add_header Access-Control-Allow-credentials true;
        
    # Authorize access 
    #auth basic "elasticsearch";
    #auth_basic_user_file /usr/local/etc/elasticsearch/passwords;
    
    mirror /mirror;
    mirror_request_body on;
  }
  
  location /mirror {
    internal; # 指定此location只能被“内部的”请求调用
	
    # Pass requests to OpenSearch
    proxy_pass http://127.0.0.1:19200$request_uri;
    proxy_redirect off:
	
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host $http_host;
  }
}

server {
  listen 127.0.0.1:19200;
  location / { # 增加一层,方便在nginx中输出日志定位问题
    proxy_pass https://192.168.1.21:9200;

    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host $http_host;
	
    proxy_set_header Authorization "Basic YWRtaW46YWRtaW4=";

shell中计算base64的时刻要注意加上 -ne ,也可以直接网上 https://tool.chinaz.com/tools/base64.aspx 算一下。

echo -ne 'admin:admin'|base64 -

–END

Discussion

在 GitHub 上讨论

欢迎通过 GitHub Issue 留言或反馈。每条讨论都会关联到对应文章的源文件路径。

src/posts/2023-03-25-mirror-request.md

查看已有讨论 新建 Issue

Related

Related posts