nginx learning summary 5 (nginx reverse proxy)
- 2020-05-06 12:17:59
- OfStack
Nginx agent with load balancing configuration and optimization
Nginx agent
Starting with version 0.7.48, Nginx supports caching similar to Squid. The Web cache service of Nginx is mainly composed of proxy_cache related instruction set and fastcgi_cache related instruction set. The former is used to cache the back-end content source server when reverse proxy, while the latter is mainly used to cache the dynamic program of FastCGI. The function is basically the same.
Nginx version 0.8.32, proxy_cache and fastcgi_cache have been improved, and ngx_cache_purge module (for clearing the cache of URL specified) has been added to replace Squid completely.
In terms of functions, Nginx already has Squid's Web cache acceleration function and the ability to clear the specified URL cache. In terms of performance, Nginx makes much better use of multi-core CPU than Squid. In addition, Nginx is much more powerful than Squid in terms of reverse proxy, load balancing, health check, back-end server failover, Rewrite rewrite, and ease of use. This allows an Nginx to be used as both a "load balancing server" and an "Web cache server".
The following documentation shows how nginx can act as a proxy server, forwarding requests to other servers and not caching itself. The use version is nginx-0.8.15, configured as follows:
The following configuration, which returns the same effect as the above error, may not be written here.
2. Nginx load balancing instruction
Nginx belongs to the seven-layer load balancing of software (lvs is the representative of the four-layer load balancing of software), and the seven-layer load balancing software includes L7SW (Layer7 switching), HAProxy and so on. The module that supports load balancing is Http Upstream. The module and its following instructions
are described below HTTP Upstream module
(1) ip_hash directive
When load balancing is done on multiple dynamic application servers on the backend, the ip_hash directive locates a request from a client IP to the same back-end server by hashing. This way, when a user from an ip logs in on Sever A and visits other URL on the site, the access is still on Server A. If you do not add ip_hash, join the user to log in on Server A, and then visit other URL of the site, it is possible to jump to Sever B, C... . , session records on A, B, C does not, will prompt the user is not logged in.
Note: however, this access does not guarantee load balancing of the back-end server. Some of the back-end server may receive more requests and some server may receive less.
It is recommended that if the back-end dynamic application server can share session instead of configuring ip_hash on nginx.
(2) server instruction
This directive specifies the name and parameters of the back-end server. The name of the server can be a domain name, an ip, port number, or UNIX Socket.
Parameter description:
weight=number: set the server weight. The higher the weight, the more requests are assigned to the client. Default is 1;
max_fails=numbser: the number of failed requests to the backend server within the time specified by fail_timeout, marked as failure if the backend server fails to connect and an error occurs (except 404) is detected. If not, the default is 1. Set to 0 to turn off the check.
fail_timeout=time: the time to pause after experiencing the number of failures of the max_fails setting.
down: indicates that the server is permanently offline.
Backup: only enabled when the non-backup server is full down or busy.
The configuration is as follows:
This article is from the blog forever
Nginx agent
Starting with version 0.7.48, Nginx supports caching similar to Squid. The Web cache service of Nginx is mainly composed of proxy_cache related instruction set and fastcgi_cache related instruction set. The former is used to cache the back-end content source server when reverse proxy, while the latter is mainly used to cache the dynamic program of FastCGI. The function is basically the same.
Nginx version 0.8.32, proxy_cache and fastcgi_cache have been improved, and ngx_cache_purge module (for clearing the cache of URL specified) has been added to replace Squid completely.
In terms of functions, Nginx already has Squid's Web cache acceleration function and the ability to clear the specified URL cache. In terms of performance, Nginx makes much better use of multi-core CPU than Squid. In addition, Nginx is much more powerful than Squid in terms of reverse proxy, load balancing, health check, back-end server failover, Rewrite rewrite, and ease of use. This allows an Nginx to be used as both a "load balancing server" and an "Web cache server".
The following documentation shows how nginx can act as a proxy server, forwarding requests to other servers and not caching itself. The use version is nginx-0.8.15, configured as follows:
http
{
... ..
client_max_body_size 300m ; // Maximum number of bytes per file allowed for client request
client_body_buffer_size 128k;
// The buffer agent buffers the maximum number of bytes requested by the client and is understood to be saved locally before being passed to the user
proxy_connect_timeout 600;
// Timeout for connecting to the backend server _ Initiate handshake wait response timeout
proxy_read_timeout 600;
// After successful connection _ Wait for backend server response time _ In fact, has entered the back-end queue waiting for processing
proxy_send_timeout 600;
proxy_buffer_size 16k; // Will save the user's header information for nginx Rule processing
proxy_buffers 4 32k; // tell nginx Save a few for a single use buffer What's the maximum space
proxy_busy_buffers_size 64k;
proxy_max_temp_file_size 64k;
// proxy Cache the size of the temporary file
upstream clubsrv {
server 192.168.0.110:80 weight=5;
server 192.168.0.121:80 weight=5;
}
upstream mysrv {
server 192.168.0.32:80 weight=2;
server 127.0.0.1:8000 weight=8;
}
server {
listen 80;
server_name club.xywy.com;
charset gbk;
root /www;
access_log logs/aaa.log combined;
// Below is the first domain name used clubsrv The agent of
location / {
proxy_next_upstream http_502 http_504 error timeout invalid_header;
// If the back-end server returns 502 , 504 Or an error, such as an execution timeout, automatically forwards the request to upstream Another server
proxy_pass http://clubsrv;
// With the above upstream Fill in the name that oneself name is consistent
proxy_redirect off;
proxy_set_header Host club.xywy.com;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
// nginx Proxy in the front end, the back end of the log will be displayed 127.0.0.1 , the above configuration can show the real user IP (third-party software also needs to be installed, please refer to the detailed instructions below)
index index.htm index.html index.php;
}
// Below is the second domain name used mysrv Proxy, access www.sum.com/message In the directory
server {
listen 80;
server_name www.sum.com;
location /message {
proxy_pass http://mysrv;
proxy_set_header Host $host;
// Access to this domain name, only mysrv Locally accessible
}
// Visit in addition to /message In addition to the www.sum.com/ The address,
location / {
proxy_pass http://mysrv;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
The following configuration, which returns the same effect as the above error, may not be written here.
error_page 500 502 503 504 /50x.html;
location = /50x.html
{
root html;
}
2. Nginx load balancing instruction
Nginx belongs to the seven-layer load balancing of software (lvs is the representative of the four-layer load balancing of software), and the seven-layer load balancing software includes L7SW (Layer7 switching), HAProxy and so on. The module that supports load balancing is Http Upstream. The module and its following instructions
are described below HTTP Upstream module
(1) ip_hash directive
When load balancing is done on multiple dynamic application servers on the backend, the ip_hash directive locates a request from a client IP to the same back-end server by hashing. This way, when a user from an ip logs in on Sever A and visits other URL on the site, the access is still on Server A. If you do not add ip_hash, join the user to log in on Server A, and then visit other URL of the site, it is possible to jump to Sever B, C... . , session records on A, B, C does not, will prompt the user is not logged in.
Note: however, this access does not guarantee load balancing of the back-end server. Some of the back-end server may receive more requests and some server may receive less.
It is recommended that if the back-end dynamic application server can share session instead of configuring ip_hash on nginx.
upstream mysrv {
ip_hash;
server 192.168.0.110:80 weight=2;
server 127.0.0.1:8000 down;
server 192.168.0.212:80 weight=8;
}
(2) server instruction
This directive specifies the name and parameters of the back-end server. The name of the server can be a domain name, an ip, port number, or UNIX Socket.
Parameter description:
weight=number: set the server weight. The higher the weight, the more requests are assigned to the client. Default is 1;
max_fails=numbser: the number of failed requests to the backend server within the time specified by fail_timeout, marked as failure if the backend server fails to connect and an error occurs (except 404) is detected. If not, the default is 1. Set to 0 to turn off the check.
fail_timeout=time: the time to pause after experiencing the number of failures of the max_fails setting.
down: indicates that the server is permanently offline.
Backup: only enabled when the non-backup server is full down or busy.
The configuration is as follows:
upstream mysrv {
ip_hash;
server www.xywy.com weight=2;
server 127.0.0.1:8000 down;
server 192.168.0.212:80 max_fails=3 fail_timeout=30s;
server unix:/tmp/bakend3;
}
This article is from the blog forever