Nginx server set up reverse proxy strategy

  • 2020-05-14 05:33:01
  • OfStack

The Nginx reverse agent has a lot of problems that need to be solved, many of which are based on the installation, and the related debugging after the installation is completed is also a headache for many people. The following is the introduction of the installation and debugging of the relevant introduction.

Due to server apache resist the concurrent. Plus the front-end squid configuration, still can solve problem. And the most dynamic page program. Can't use fastcgi to deal with. So want to use Nginx reverse proxy apache. The entire configuration installation process is simple. In the case of considering the high concurrency, do some optimization before installation. The current configuration can withstand more than 3000 concurrent. As if is not particularly big & # 63; Ha ~~ but enough ~~ there are only a few problems with 499.. I am looking forward to someone to discuss it with me.

Part 1: installation

Create users and groups

  /usr/sbin/groupadd www 
  /usr/sbin/useradd -g www www 

2. Install pcre to make Nginx reverse proxy support rewrite convenient for later use

  tar zxvf pcre-7.8.tar.gz 
  cd pcre-7.8/ 
  make && make install 

Install the Nginx reverse agent

  tar zxvf nginx-0.7.58.tar.gz 
  cd nginx-0.7.58/ 
  ./configure --user=www --group=www --prefix=/usr/
  local/webserver/nginx --with-http_stub_status_module 
  --with-http_ssl_module --with-cc-opt='-O2' --with-cpu-opt
  make && make install 

Note the above -- with-cc-opt =' -O2 '-- with-cpu-opt =' opteron'. This is compiler optimization, and is currently most commonly used for -02 instead of 3.

Part 2: configuring and optimizing configuration files

1 Nginx.conf configuration file:

  user www www; 
  worker_processes 4; 
  # [ debug | info | notice | warn | error | crit ] 
  error_log /usr/local/webserver/nginx/logs/nginx_error.log crit; 
  pid /usr/local/webserver/nginx/; 
  #Specifies the value for maximum file descriptors that 
  can be opened by this process. 
  worker_rlimit_nofile 51200; 
  use epoll; 
  worker_connections 51200; 
  include mime.types; 
  default_type application/octet-stream; 
  source_charset GB2312; 
  server_names_hash_bucket_size 256; 
  client_header_buffer_size 256k; 
  large_client_header_buffers 4 256k; 
  #size limits 
  client_max_body_size 50m; 
  client_body_buffer_size 256k; 
  client_header_timeout 3m; 
  client_body_timeout 3m; 
  send_timeout 3m; 
  # The parameters are adjusted . The purpose is to resolve issues that arise during the proxy process 1 some 502 499 error   
  sendfile on; 
  tcp_nopush on; 
  keepalive_timeout 120; # Parameters increase , To solve when acting as an agent 502 error  
  tcp_nodelay on; 
  include vhosts/upstream.conf; 
  include vhosts/bbs.linuxtone.conf;  

2 upstream.conf configuration file (this is also how you configure the load

  upstream { 

3. Site profile

  listen 80; 
  server_name bbs.linuxtone.conf; 
  charset GB2312; 
  index index.html index.htm; 
  root /date/wwwroot/linuxtone/; 
  location ~ ^/NginxStatus/ { 
  stub_status on; 
  access_log off; 
  location / { 
  root /date/wwwroot/linuxtone/; 
  proxy_redirect off ; 
  proxy_set_header Host $host; 
  proxy_set_header X-Real-IP $remote_addr; 
  proxy_set_header REMOTE-HOST $remote_addr; 
  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 
  client_max_body_size 50m; 
  client_body_buffer_size 256k; 
  proxy_connect_timeout 30; 
  proxy_send_timeout 30; 
  proxy_read_timeout 60; 
  proxy_buffer_size 256k; 
  proxy_buffers 4 256k; 
  proxy_busy_buffers_size 256k; 
  proxy_temp_file_write_size 256k; 
  proxy_next_upstream error timeout invalid_header http_500 
  http_503 http_404; 
  proxy_max_temp_file_size 128m; 

The parameters have been adjusted to resolve 1 502 499 errors in the proxy process

  #Add expires header for static content 
  location ~* \.(jpg|jpeg|gif|png|swf)$ { 
  if (-f $request_filename) { 
  root /date/wwwroot/linuxtone/; 
  expires 1d; 
  log_format access '$remote_addr - $remote_user [$time_local] "$request" ' 
  '$status $body_bytes_sent "$http_referer" ' 
  '"$http_user_agent" $http_x_forwarded_for'; 
  access_log /exp/nginxlogs/bbs.linuxtone_access.log access; 

Commonly used instructions
Let's take a look at some common reverse proxy instructions for Nginx

proxy_pass instruction

  proxy_pass  [url | upstream] 

This directive is used to set the proxy server port or socket, as well as URL

proxy_redirect instruction

  proxy_redirect  [off | default | redirect replacement] 

This directive is used to change "location" and "refresh" in the reply Header header of the proxy server
I have not mastered the function of this command, and off is used in the actual Settings. If you have any idea, please leave a comment on the blog to guide me

proxy_next_upstream instruction

proxy_next_upstream [error|timeout|invalid_header|http_500|http_502|http_503|http_504|http_404|off] 

This directive is used to set when the request is forwarded to the next server. In the upstream load balancing proxy server pool, this directive can be used to forward requests to the next server in the pool, assuming that one server at the back end is unable to access or return the specified error response code.
Parameters that

error: if an error occurs when connecting to a server, sending a request, or reading a reply message
timeout: timeout if connecting to a server, passing a request, or reading a reply message from a back-end server
invalid_header: the backend server returns an empty or incorrect reply
http_[500|502|503|504|404] : the backend server returns the specified reply status code
off: request forwarding to the next backend server is not allowed

proxy_set_header instruction

  proxy_set_header header value 

This directive allows you to redefine or add the header line to the request information forwarded to the proxy server, whose value can be text, can be a variable, or can be a combination of text and variables

Related articles: