Lightweight HTTP server nginx (common configuration instances)

Source: Internet
Author: User
Tags failover nginx load balancing

 

Nginx, as an HTTP server, performs extremely well in terms of function implementation and performance. It is comparable to Apache and can implement almost all Apache functions, the following describes some common nginx configuration instances, including virtual host configuration, Server Load balancer configuration, anti-leech configuration, and log management.

I. VM configuration instance
The following describes how to create three VM instances in nginx. Only the VM configurations are listed.

http {   server {   listen          80;   server_name     www.domain1.com;   access_log      logs/domain1.access.log main;   location / {   index index.html;   root  /web/www/domain1.com/htdocs;   }    }   server {   listen          80;   server_name     www.domain2.com;   access_log      logs/domain2.access.log main;   location / {   index index.html;   root  /web/www/domain2.com/htdocs;   }    }    include    /opt/nginx/conf/vhosts/www.domain2.com.conf;  }  

Here the include command is used, where/opt/nginx/CONF/vhosts/www.domain2.com. conf contains:

server {   listen          80;   server_name     www.domain3.com;   access_log      logs/domain3.access.log main;   location / {   index index.html;   root  /web/www/domain3.com/htdocs;   }    }  

Ii. Server Load balancer configuration instance
The following uses the reverse proxy function of nginx to configure an nginx load balancing server. The backend has three service nodes for providing Web Services, and load balancing of the three nodes is achieved through nginx scheduling.

http   {    upstream  myserver {      server   192.168.12.181:80 weight=3 max_fails=3 fail_timeout=20s;      server   192.168.12.182:80 weight=1 max_fails=3 fail_timeout=20s;      server   192.168.12.183:80 weight=4 max_fails=3 fail_timeout=20s;    }     server    {      listen       80;      server_name  www.domain.com 192.168.12.189;      index index.htm index.html;      root  /ixdba/web/wwwroot;     location / {   proxy_pass http://myserver;   proxy_next_upstream http_500 http_502 http_503 error timeout invalid_header;   include    /opt/nginx/conf/proxy.conf;   }    }  }  

In the above configuration instance, a server Load balancer group myserver is defined first, and then the "proxy_pass"

Http: // myserver "implements load scheduling. The proxy_pass command specifies the proxy's backend server address and port, which can be the host name or IP address, it can also be the name of the Server Load balancer group set through the upstream command.

Proxy_next_upstream is used to define a Failover policy. When the backend service node returns errors such as 500, 502, 503, 504, and execution timeout, the request is automatically forwarded to another server in the upstream load balancing group, implement failover. Finally, the include command contains a proxy. conf file.
The content of/opt/nginx/CONF/Proxy. conf is:

proxy_redirect off;  proxy_set_header Host $host;  proxy_set_header X-Real-IP $remote_addr;  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;  proxy_connect_timeout 90;  proxy_send_timeout 90;  proxy_read_timeout 90;  proxy_buffer_size  4k;  proxy_buffers 4 32k;  proxy_busy_buffers_size 64k;  proxy_temp_file_write_size 64k;  

 

The proxy function of nginx is implemented through the HTTP Proxy module. By default, the HTTP Proxy module has been installed when nginx is installed. Therefore, you can directly use the HTTP Proxy module. The following describes in detail the meaning of each option in the proxy. conf file.
Proxy_set_header: sets the backend server to obtain the user's host name or real IP address, and the real IP address of the proxy.
Client_body_buffer_size: used to specify the buffer size of the client request body. It can be understood that the buffer is saved locally before being passed to the user.
Proxy_connect_timeout: the timeout time for connecting to the backend server, that is, the timeout time for initiating a handshake and waiting for response.
Proxy_send_timeout: indicates the data return time of the backend server. That is, the backend server must transmit all data within the specified time. Otherwise, nginx will disconnect the connection.
Proxy_read_timeout: sets the time for nginx to obtain information from the proxy's backend server, indicating that nginx waits for the response time of the backend server after the connection is established successfully, in fact, it is the time that nginx has entered the backend queue for processing.
Proxy_buffer_size: Set the buffer size. By default, the buffer size is equal to the size set by the instruction proxy_buffers.
Proxy_buffers: set the number and size of the buffer. The response information that nginx obtains from the proxy's backend server is placed in the buffer zone.
Proxy_busy_buffers_size: used to set the proxy_buffers size that can be used when the system is busy. The size officially recommended is proxy_buffers * 2.
Proxy_temp_file_write_size: Specifies the size of the temporary file cached by the proxy.

Iii. Anti-leech configuration instance
The anti-leech function of nginx is also very powerful. By default, you only need to perform simple configuration to implement anti-leech protection. See the following example:

location ~* \.(jpg|gif|png|swf|flv|wma|wmv|asf|mp3|mmf|zip|rar)$ {          valid_referers none blocked *.ixdba1.net ixdba1.net;          if ($invalid_referer) {          rewrite ^/ http://www.ixdba.net/img/error.gif;          #return 403;         }          }          location /images {          root /opt/nginx/html;          valid_referers none blocked *.ixdba1.net ixdba1.net;          if ($invalid_referer) {                     return   403;                                  }                          }  

 

In the above anti-leech settings, different file types and directories are set, and readers can set similar settings as needed.
"JPG | GIF | PNG | SWF | FLV | WMA | WMV | ASF | MP3 | MMF | zip | RAR" indicates that JPG, GIF, PNG, SwF, FLV, WMA, anti-leech is implemented for files suffixed with WMV, ASF, MP3, MMF, zip, and RAR.
"* .Ixdba1.net ixdba1.net" indicates that this request can normally access the file resources specified above.
The content in if {} indicates that if the address is not the address specified above, it will jump to the address specified through rewrite. You can also directly return error 403 through return.
For more complex anti-leech processing, you can use the nginx httpaccesskeymodule to implement more powerful anti-leech processing. For more details, see the official documentation.

Iv. log splitting configuration instance
Nginx does not have a function similar to Apache's cronolog log segmentation processing. However, you can use the signal control function of nginxnginx to automatically cut logs using scripts. See the following example.
Nginx script for log processing:

#/bin/bash  savepath_log='/home/nginx/logs' nglogs='/opt/nginx/logs'  mkdir -p  $savepath_log/$(date +%Y)/$(date +%m)  mv $nglogs/access.log  $savepath_log/$(date +%Y)/$(date +%m)/access.$(date +%Y%m%d).log  mv  $nglogs/error.log  $savepath_log/$(date +%Y)/$(date +%m)/error.$(date +%Y%m%d).log  kill -USR1 `cat /opt/nginx/logs/nginx.pid`  

 

Save the script and add it to the Linux Crontab daemon. Run the script at every day to split logs every day.
The variable savepath_log specifies the path for storing the split logs, while the variable nglogs specifies the path for storing nginx log files. In the last line, the log automatic switch function is implemented through the nginx signal "usr1.

This article from the "Technical Achievement dream" blog, please be sure to keep this source http://ixdba.blog.51cto.com/2895551/798913

 

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.