http://www.proxy.develop/admin/a/index.htmllocation /admin { proxy_pass http://192.168.1.201:80/;}访问的是真实服务器 http://192.168.1.201:80/a/index.html
Proxy_set_headerhttp://www.proxy.develop/admin/a/index.htmllocation /admin { proxy_pass http://192.168.1.201:80;}访问的是真实服务器 http://192.168.1.201:80/admin/a/index.html
Proxy_set_header? Set the proxy service to the header of the real server
Before the proxy header has been set:
Set_headerlocation / { proxy_pass http://192.168.1.201:80; proxy_set_header X-Real-IP $remote_addr; #如果仅仅是一级代理,这个就可以了,key可以随意修改 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; #这种方式比较优雅,会自动修改多级代理中的客户端ip,这里的key是固定的}
Set proxy server to client header, Set_header, requires Ngx_http_headers_module module implementation
Cachelocation / { proxy_pass http://192.168.1.201:80; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; add_header X-Via $server_addr; add_header X-Accel $server_name;}
Cache must be aware of the use of dynamic data is sometimes very annoying cache.
http{proxy_cache_path/data/nginx/cache levels=1:1:2 keys_zone=one:10m inactive=10m max_size=2g; #设置缓存结构}server{Proxy_cache One; Proxy_cache_key $request _uri; Proxy_cache_methods GET HEAD; Proxy_cache_min_uses 2; #指定时间内访问2次以上的叫有效 Proxy_cache_valid 302 304 10m; #这项必须要 proxy_cache_valid 404 1m; Proxy_cache_use_stale off; #后台挂了, do not give cache}levels cache directory structure keys_zone hash key name space size pcache:10mbmax_size Cache directory size 2Ginactive inactive time 10 minutes
http://www.proxy.develop/[[email protected] conf.d]# cat /data/nginx/cache/9/d/c7/6666cd76f96956469e7be39d750cc7d9"5b0f9065-2f"?KEY: /HTTP/1.1 200 OKServer: nginx/1.14.0Date: Thu, 31 May 2018 06:23:13 GMTContent-Type: text/htmlContent-Length: 47Last-Modified: Thu, 31 May 2018 06:04:21 GMTConnection: closeETag: "5b0f9065-2f"Accept-Ranges: bytes
Agent PHP-FPM#这两个文件就差一个SCRIPT_FILENAME执行脚本路径, if the local php-fpm is called fastcgi.conf because $document_root$fastcgi_script_name this is the path where the script is located, If it is a remote call, use Fastcgi_params,script_filename to define it yourself [[email protected] conf]# diff fastcgi_params Fastcgi.conf1a2 > Fastcgi_param script_filename $document _root$fastcgi_script_name; #分析下变量意义 [[email protected] conf]# Cat Fastcgi.conffastcgi_param script_filename $document _root$fastcgi_script_name; /mydata/code/php/yii-test.dev/web/a/index2.phpfastcgi_param query_string $query _string; A=ppfastcgi_param Request_method $request _method; Request Method Fastcgi_param Content_Type $content _type; Content Type Fastcgi_param content_length $content _length; Length Fastcgi_param script_name $fastcgi _script_name; /a/index2.phpfastcgi_param Request_uri $request _uri; /a/index2.php?a=ppfastcgi_param Document_uri $documeNt_uri; /a/index2.phpfastcgi_param document_root $document _root; /www/server/source/nginx1.14.0/html fastcgi_param server_protocol $server _protocol; Http/1.1fastcgi_param Request_scheme $scheme; Httpfastcgi_param HTTPS $https if_not_empty;fastcgi_param gateway_interface cgi/1.1; Cgi/1.1fastcgi_param server_software nginx/$nginx _version; Nginx/1.14.0fastcgi_param remote_addr $remote _addr; Client address Fastcgi_param remote_port $remote _port; Client Port Fastcgi_param server_addr $server _addr; Server IP fastcgi_param server_port $server _port; 80fastcgi_param server_name $server _name; Hostname www.proxy.develop# PHP only, required if PHP is bUilt with--enable-force-cgi-redirectfastcgi_param redirect_status 200;################# #http://www.proxy.develop/ INDEX2.PHP?A=PP The above parameters are PHP $_server, as shown in
TCP/IP communication mode
server { listen 80; server_name www.proxy.develop; index index.php; location / { # try_files $uri $uri /index.php?$args; if (!-e $request_filename) { rewrite ^/(.*) /index.php?r=$1 last; } } location ~* \.php$ { fastcgi_pass 192.168.1.201:9000; #php-fpm listen外部ip fastcgi_index index.php; include fastcgi_params; fastcgi_param SCRIPT_FILENAME /mydata/code/php/yii-test.dev/web$fastcgi_script_name; }}
Measurement stability
marvindeMacBook-Pro:webbench-1.5 marvin$ webbench -c 1000 -t 30 http://www.proxy.develop/index2.phpWebbench - Simple Web Benchmark 1.5Copyright (c) Radim Kolar 1997-2004, GPL Open Source Software.Benchmarking: GET http://www.proxy.develop/index2.php1000 clients, running 30 sec.Speed=12794 pages/min, 15557740 bytes/sec.Requests: 6397 susceed, 0 failed.[[email protected] conf]# cat /www/data/nginx/test/access.log |grep 200 | grep WebBench |wc -l5906[[email protected] conf]# cat /www/data/nginx/test/access.log |grep -v 200 | grep WebBench |wc -l1491200状态 5906条非200状态 1491条
UNIX Communication mode
[[email protected] conf]# vim /www/server/php-fpm/etc/php-fpm.d/www.conflisten = /dev/shm/php-cgi.sock[[email protected] conf]# chmod 777 /dev/shm/php-cgi.sock #粗暴nginx:server { listen 80; server_name www.proxy.develop; index index.php; location / { if (!-e $request_filename) { rewrite ^/(.*) /index.php?r=$1 last; } } location ~* \.php$ { fastcgi_pass unix:/dev/shm/php-cgi.sock; fastcgi_index index.php; include fastcgi_params; fastcgi_param SCRIPT_FILENAME /mydata/code/php/yii-test.dev/web$fastcgi_script_name; }}
Measurement stability
marvindeMacBook-Pro:webbench-1.5 marvin$ webbench -c 1000 -t 30 http://www.proxy.develop/index2.phpWebbench - Simple Web Benchmark 1.5Copyright (c) Radim Kolar 1997-2004, GPL Open Source Software.Benchmarking: GET http://www.proxy.develop/index2.php1000 clients, running 30 sec.Speed=121714 pages/min, 16476704 bytes/sec.Requests: 60854 susceed, 3 failed.[[email protected] conf]# cat /www/data/nginx/test/access.log |grep 200 | grep WebBench |wc -l6033[[email protected] conf]# cat /www/data/nginx/test/access.log |grep -v 200 | grep WebBench | wc -l54914200状态: 6033 非200状态:54914
The experiment proves that the port mode is more stable.
Cache optimizations: Similar to proxy usage
fastcgi_cache_path Path [levels=levels] [Use_temp_path=on|off] keys_zone=name:size [Inactive=time] [max_ Size=size] [Manager_files=number] [manager_sleep=time] [manager_threshold=time] [loader_files=number] [loader_sleep =time] [loader_threshold=time] [Purger=on|off] [purger_files=number] [purger_sleep=time] [purger_threshold=time]; Defines the cache for fastcgi; The cache location is the file system on disk, defined by path, Levels=levels: The number of levels of cache directories, and the number of directories per level; Levels=one:two:three leves= 1:2:2 keys_zone=name:size k/v The name and size of the mapped memory space inactive=time inactive duration max_size=size Maximum cache space on disk for cached data Fastcgi_cache Zone | Off Invokes the specified cache space to cache the data; HTTP, server, Locationfastcgi_cache_key string; A string that defines the key used as the cache entry; Fastcgi_cache_methods GET | HEAD | POST ...; Which request methods are used for caching; fastcgi_cache_min_uses number; The cache entry in the cache space must be accessed at least the number of times specified here to be considered as the active item within the inactive time defined by inactive; fastcgi_cache_valid [code ...] Different response codes have their respective cache duration; Fastcgi_keep_conn on proxy to server long connection, better
Http-upstream Scheduling Instructionshttp { upstream webbackend { ip_hash; least_conn; server 192.168.1.201:80; # server 192.168.1.202:80; # server 127.0.0.1:80 backup; keepalive 32; }} 权重 weight=1 最大并发连接数 max_conns=numbs 健康状态监测 最多失败次数后不可用 max_fails=2 0:不做检测健康状态监测 每隔多少时间监测一次 fail_timeout=5 监测到可以连接,会恢复备用,所有服务都跪了的时候启动 backup人为标注下线 down数据包平滑向上发送 slow_startip_hash 不能跟backup一起使用hash 加变量 consistent #consistent加上比较好是一致性hash取模 32位加虚拟节点取模算法hash $remote_addr 就是ip_hashhash $request_uri dh算法,实现缓存命中率keepalive 32; 在并发下保持连接是很好的选择least_conn ;权重不同时候防止 没有请求
Configuring cluster groups http {upstream webbackend {server 192.168.1.201:80; # weight=1 Server 192.168.1.202:80; #} upstream phpbackend {server 192.168.1.201:9000 weight=2 fail_timeout=2 max_fails=2; Server 192.168.1.202:9000 weight=1 fail_timeout=2 max_fails=2; Server 127.0.0.1:9000 backup; }} server {listen 80; server_name www.proxy.develop; Index index.php; Location/{Proxy_pass http://webbackend; } location ~* \.php$ {Fastcgi_pass phpbackend; Fastcgi_index index.php; Include Fastcgi_params; Fastcgi_param script_filename/www/data/nginx/$fastcgi _script_name; }}marvindemacbook-pro:webbench-1.5 marvin$ Curl Http://www.proxy.develop/index.html
Stream Layer Four agent#端口不要跟7层冲突 stream { upstream sshsrvs { server 192.168.1.201:22; server 192.168.1.202:22; } server { listen 22923; proxy_pass sshsrvs; } server { listen 22922; proxy_pass 192.168.1.201:22; } server { listen 8080; proxy_pass 192.168.1.202:80; }}
marvindeMacBook-Pro:~ marvin$ ssh -p22922 [email protected]The authenticity of host ‘[192.168.1.200]:22922 ([192.168.1.200]:22922)‘ can‘t be established.ECDSA key fingerprint is SHA256:DdAAXSUPsbzY8IAC/+raL8nU85KiYDMmeJpZYbgSKwU.Are you sure you want to continue connecting (yes/no)? yesWarning: Permanently added ‘[192.168.1.200]:22922‘ (ECDSA) to the list of known hosts.[email protected]‘s password:X11 forwarding request failed on channel 0Last login: Fri Jun 1 08:26:25 2018 from 192.168.1.104[[email protected] ~]#
Introduction to the Linux Nginx agent
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
