Nginx configuration detailed-url rewrite, reverse proxy, load balancer

load balancing for application tiers
How Nginx requests are connected
Epoll is an enhanced version of the Select/poll IO interface for Linux

Select traversal
Epoll No traversal

1.nginx installation (mail server module not installed)

./configure--help View compilation options

The path in the configuration file does not start with the path specified in prefix
./configure \
--PREFIX=/USR \
--sbin-path=/usr/sbin/nginx \
--conf-path=/etc/nginx/nginx.conf \
--error-log-path=/var/log/nginx/error.log \
--pid-path=/var/run/nginx/nginx.pid \
--lock-path=/var/lock/nginx.lock \
--user=nginx \
--group=nginx \
--with-http_ssl_module \
--with-http_flv_module \
--with-http_gzip_static_module \
--http-log-path=/var/log/nginx/access.log \
--http-client-body-temp-path=/var/tmp/nginx/client \
--http-proxy-temp-path=/var/tmp/nginx/proxy \
--HTTP-FASTCGI-TEMP-PATH=/VAR/TMP/NGINX/FCGI \
--with-http_stub_status_module

Make && make install

2.nginx Configuration
Nginx-t-c/etc/nginx/nginx.conf Detecting a configuration file for syntax errors


PS Aux|grep Nginx


#设置工作进程数
Work_processes 2;

Events {
#最大连接数, more than just waiting to queue in queues
Worker_connections 1024;
｝

http{

#日志格式定义
Log_format Main ' $remote _addr-$remote _user [$time _local] "$request" '
' $status $body _bytes_sent ' $http _refer '
' "$http _user_agent" "$http _x_forward_for";

#Linux内存 operating system and drivers run at the kernel level, applications run at the user level
Sendfile on;

Keepalive_timeout 65;


#启用压缩功能
gzip on;


#反向代理缓存目录
Proxy_cache_path/data/proxy/cache levels=1:2 keys_zone=cache_one:500m inactive=1d max_size=1g;

#负载均衡
Upstream My_server_pool {
Server 192.168.1.109:80 weight=1 max_fails=2 fail_timeout=30;
Server 192.168.1.10:80 weight=2 max_fails=2 fail_timeout=30;
}

#虚拟主机配置
server {
Listen 192.168.1.1:80 default_server;
server_name www.example.org;
Root/var/www/web1;
｝

server{
Listen 80;
server_name www8.example.org;
ROOT/VAR/WWW/WEB2;

#根据不同的浏览器URL重写
if ($http _user_agent ~ Firefox) {
Rewrite ^ (. *) $/firefox/$1 break;
}
if ($http _user_agent ~ MSIE) {
Rewrite ^ (. *) $/msie/$1 break;
}

#实现域名跳转
Location/{
Rewrite ^/(. *) $ https://web8.example.com$1 permanent;
}

Index index.html;
#日志缓冲区
Access_log/var/log/nginx/www8.example.com-access.log main buffer=32k;
Error_log/var/log/nginx/www8.example.com-error.log warn;
#什么样的日志文件描述符放到缓存中
Open_log_file_cache max=1000 inactive=20s min_uses=2 valid=1m;
#防止盗链
Location ~* \. (gif|jpg|png|swf|flv) $ {
Valid_referers none blocked www.test.com*.test.com;
if ($invalid _refer) {
Rewrite ^/(. *) http://www.test.com/block.html;
}
}

#浏览器本地缓存设置
#静态页面
Location ~. *\. (gif|jpg|jpge|png|bmp|swf|flv) $ {
Expires 30d;
}
#动态页面
Location ~. *\. (JS|CSS) $ {
Expires 1h;
}

Location/data {
#自动索引开启, list the files in the directory
AutoIndex on;
#将/data directory rewrite to/bbs
Rewrite ^/data/?$/bbs permanent;
#控制访问, the equivalent of a firewall
Deny 192.168.0.132;
Allow 192.168.0.0/24;
Allow 192.168.1.1;
Deny all;
#只允许 user Access in the. htpasswd file
#账号生成口令htpasswd-C/home/test1/a/.htpasswd username
#系统会要求输入两遍该用户的密码.
#修改密码也是同样 htpasswd-c/home/test1/a/.htpasswd username
Auth_basic "Awstatauth";
AUTH_BASIC_USER_FILE/ETC/NGINX/.HTPASSWD;
}

Location/bbs {
Index index.html
}
location/b {
#uri别名, the path too long shorthand
Alias/var/www/web2/data/redhat;
}

Location/nginx_status {
#nginx状态检查, for monitoring nginx status
Stub_status on;
#不记录日志
Access_log off;
}


#自定义错误页面
Error_page 403 404/40x.html;
location/40x.html {
Root/var/www/error;
}

}

#https访问 https://
server {
Listen 443;
server_name web8.example.com;

SSL on;
SSL_CERTIFICATE/ETC/PKI/TLS/CERTS/HTTPD.CRT;
Ssl_certificate_key/etc/pki/tls/private/httpd.key;

Ssl_session_timeout 5m;

Ssl_protocols SSLv2 SSLv3 TLSv1;
Ssl_ciphers high:!anull:! MD5;
Ssl_prefer_server_cihers on;

Location/{
ROOT/VAR/WWW/WEB3;
Index index.html index.htm
}

#url重写和反向代理同时进行
location/sports/{
Proxy_pass http://192.168.0.2;
}

location/news/{
Proxy_pass Http://192.168.0.109:8080/bbs;
Proxy_cache_valid 10m;
Proxy_cache_valid 304 1m;
Proxy_cache_valid 301 302 1h;
Proxy_cache_valid any 1m;
Proxy_cache_key $host $uri$is_args$args;
Proxy_set_header Host $host; The backend log records the remote address instead of the proxy server itself
Proxy_cache cache_one;//Reference Cache
Proxy_set_header x-forwarded-for $remote _addr;
}

#流媒体限速
Location/downlod {
Limit_rate_after 20m;//Front 20M Unlimited speed
Limit_rate 256K;
}

#反向代理加负载均衡
location/sms {
Proxy_pass Http://my_server_pool;
}
}
｝


Nginx URI matching rule (location)

Syntax: Location [=|~|~*|^~]/uri/{...}

=: Exact match
~: Case Sensitive
~*: Case insensitive
^~: Disable Regular expression matching

Address Rewriting rewrite
If directive \return Directive \set Rewrite instruction


301 Permanent Permanent Redirect, the new URL completely inherits the old URL, the old URL ranking, etc. completely zeroed
302 redirect Temporary redirect has no effect on old URLs, but new URLs don't rank
304 represents the page from the cache

Rewrite the last parameter is the flag flag
1.last Browser URL address unchanged
2.break Browser URL address unchanged
3.redirect browser will display the URL after the jump
4.permanent browser will display the URL after the jump

Last re-initiates a new request to the server tag, enters the server block again, retries the location match

Break directly using the resources of the current location to access, no longer execute the rest of the statement, complete the request

It is generally recommended to use the last tag in the root location or server tag, and in the non-root location, use the break

Nginx Log Management (cache)
Log split script (prevents log files from becoming large), split once a day
vim/data/logs.sh
#!/bin/bash
#Nginx日志存放位置
Logs_path= "/data/logs/"
#将日志改名
Mkdir-p ${logs_path}${date-d "Yesterday" + "%Y"}/${date-d "Yesterday" + "%m"}/
MV ${logs_path}access.log ${logs_path}${date-d "Yesterday" + "%Y"}/${date-d "Yesterday" + "%m"}/access_${date-d "yester Day "+"%y%m%d "}.log
#重启Nginx服务, regenerate the Access.log file
Service Nginx Reload


#创建计划任务
#crontab-|
* * * */bin/bash/data/logs.sh

Load Balancing
Upstream My_server_pool {

}

Copies the specified input file into the specified output file, and can be converted to a format during the copy process
DD If=/dev/zero of=test bs=1m count=100

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/75/10/wKiom1YxtzWAUYLGAAX8kTBNTDU235.jpg "style=" float: none; "Title=" Yu Tian Zou teacher nginx website Architecture 04-nginx Log management and speed limit. Wmv_20151029_094023.869.jpg "alt=" wkiom1yxtzwauylgaax8ktbntdu235.jpg "/>

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/75/0D/wKioL1Yxt2vjVK_kAASI482Fpcw903.jpg "style=" float: none; "Title=" Yu Tian Zou teacher nginx website Architecture 02-nginx Virtual host and related configuration. Wmv_20151028_214327.888.jpg "alt=" Wkiol1yxt2vjvk_ Kaasi482fpcw903.jpg "/>

This article is from the "Nothing qq:934033381" blog, please be sure to keep this source http://tianxingzhe.blog.51cto.com/3390077/1707660

Nginx configuration detailed-url rewrite, reverse proxy, load balancer