You need to use NGINX's reverse proxy function, the test environment is Centos+nginx 1.8.0.
Steps跳过一些繁琐的问题,直接记录核心
Realize(1)centos 安装在VM中,因此需要注意网络连接问题(2)安装nginx使用的是具有网络的yum功能(3)配置centos防火墙,需要开启80 端口(4)nginx 反向代理配置(5)性能优化设置(后续工作...)
A. Yum installation Nginx
Add Nginx source First, test using the latest Nginx 1.8.0
rpm -ivh
Execute command:
yum install nginxservice nginx start
If not unexpected, in the browser input 127.0.0.1:80, you can see the Nginx welcome interface.
Two. View Nginx configuration
rpm -ql nginx此命令可以查看nginx的配置信息
Three. Turn off firewall and configure Iptables
CentOS uses firewall to configure the port and network by default, but now most of the online data is using iptables, in view of the reason of sufficient data, use Iptalbes.
Static firewall rules using Iptables and Ip6tables
If you want to use your own iptables and ip6tables static firewall rules, then install iptables-services and disable FIREWALLD, enable Iptables and Ip6tables:
yum install iptables-servicessystemctl mask firewalld.servicesystemctl enable iptables.servicesystemctl enable ip6tables.service
When Iptables is enabled, the settings for ports and access rules are required.
(1)编辑 /etc/sysconfig/iptables(2)清空规则(3)添加需要的规则
Example:
# allow established or connected passes
-A input-m state–state established,related-j ACCEPT
#允许本地回环接口
-A input-s 127.0.0.1-d 127.0.0.1-j ACCEPT
#允许本机对外访问
-A output-j ACCEPT
# Allow access to SSH port, if port modified can change the corresponding port number
-A input-p tcp–dport 22-j ACCEPT
#允许访问80 (HTTP) port
-A input-p tcp–dport 80-j ACCEPT
#允许访问FTP端口: 21, 20
-A input-p tcp–dport 21-j ACCEPT
-A input-p tcp–dport 20-j ACCEPT
#允许访问161 (SNMP) port:
-A input-p udp–dport 161-j ACCEPT
Based on the above configuration, the site can be accessed from each other within the LAN.
Four. Configure Nginx's reverse proxy function
本次只是使用反向代理功能,因此nginx的负载均衡功能就不涉及。
The reverse proxy function uses the Proxy_pass and Sub_filter modules
Summarize:location / { proxy_pass 需要代理的IP; #Proxy Settings proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for proxy_max_temp_file_size 0; proxy_connect_timeout 90; proxy_send_timeout 90; proxy_read_timeout 90; proxy_buffer_size 4k; proxy_buffers 4 32k; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k;# 做反向代理时候,出现ip地址直接跳转,没有是使用代理IP ,是因为需要使用sub_filter.sub_filter 需要代理的IP nginx的本机服务器;sub_filter_once off; }
The concept of Nginx reverse proxy is relatively simple, and the configuration is also convenient, then a pressure test to see the actual effect.
[1]http://www.centoscn.com/centos/intermediate/2015/0313/4879.html Use Iptables
[2]http://www.centoscn.com/centos/2013/0413/293.html Configuring Iptables Ports and Rules
[3]http://www.nginx.cn/927.html Reverse Proxy
[4]http://zhaochen.blog.51cto.com/2029597/379233/
[5]https://github.com/yaoweibin/ngx_http_substitutions_filter_module
[6]http://www.xxorg.com/archives/3608
Copyright NOTICE: This article for Bo Master original article, without Bo Master permission not reproduced.
CentOS 7 installs Nginx to do reverse proxy
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
