Home > Others

Nginx Combat (quad) reverse proxy configuration caching and load balancing

Source: Internet
Author: User
Tags nginx reverse proxy nginx load balancing
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

Objective

Reverse proxy refers to the way users access the server backend by proxy server through the same server. (See Baidu Encyclopedia https://baike.baidu.com/item/Reverse Proxy/7793488)
?

Application scenario of Nginx reverse Proxy

1, to achieve external network users access to internal network server, relative protection of intranet server security and save network resources
2, increase the cache, ease the internal network server access pressure
3. Improve business processing capability and high availability through load balancing
?

Access Intranet Configuration 
### 代理参数,设置头信息cat>conf/conf.d/proxy.conf<<EOFproxy_set_header   Host              $host:$server_port;proxy_set_header   Referer           $http_referer;  proxy_set_header   Cookie            $http_cookie;              proxy_set_header   X-Real-IP         $remote_addr;proxy_set_header   X-Forwarded-For   $proxy_add_x_forwarded_for;proxy_set_header   X-Forwarded-Proto $scheme;### websocket 支持#proxy_http_version 1.1;#proxy_set_header Upgrade $http_upgrade;#proxy_set_header Connection "upgrade";EOF## 添加到nginx.conf 中sed -r -i "/include conf./i\    include proxy.conf‘" nginx.confcat > conf/conf.d/8081.conf<<EOFupstream tomcatserver1 {    server 172.0.0.49: 8081;}server {    listen       80;    server_name  8081.max.com;    access_log  logs/8081.access.log  main;    location / {        proxy_redirect off;        proxy_pass   http://tomcatserver1;    }}EOFsystemctl restart nginx

As configured above, a most basic reverse proxy environment is built
?
?

Cache configuration 
##配置缓存参数mkdir -p /data/nginx-temp /data/nginx-cachechown -R nginx:nginx /data/nginx-temp /data/nginx-cachecat >proxy_cache.conf<<EOFproxy_temp_path /data/nginx-temp;  #缓存临时文件路径proxy_cache_path /data/nginx-cache levels=1:2 keys_zone=nginx-cache:20m max_size=50m inactive=1m; #缓存保存的路径EOF## 添加到nginx.conf 中sed -r -i "/include conf./i\    include proxy_cache.conf;" nginx.conf

Proxy_cache_path parameter Description:

  • levels specifies that the cache space has a two-layer hash directory, the first level directory is 1 numbers or letters, the second layer is 2 numbers or letters
  • Keys_zone refers to the cache space name. 20m Memory cache space size
  • Max_size refers to the maximum amount of space a cache file can occupy.
  • Inactive refers to how long a cached file will be deleted if it is not accessed for an extended period of time. (Days: D, S: S, min: m)
##静态文件缓存配置cat > conf/conf.d/8081.confupstream tomcatserver1 {    server 172.0.0.49: 8081;}server {    listen       80;    server_name  8081.max.com;    access_log  logs/8081.access.log  main;    location / {        proxy_redirect off;        proxy_pass   http://tomcatserver1;    }    location ~.*\.(gif|jpg|png|htm|html|css|js|flv|ico|swf)(.*) {        proxy_redirect off;   #[关闭跳转]        proxy_cache nginx-cache;  #[缓存的空间 -- proxy_cache.conf 中定义的  ]        proxy_cache_valid 200 302 1h; #[不同http状态缓存时间不同]        proxy_cache_valid 301 1d;        proxy_cache_valid any 1m;        ### 强制缓存后端文件,忽略后端服务器的相关头信息        proxy_ignore_headers Set-Cookie Cache-Control;        proxy_hide_header Cache-Control;        proxy_hide_header Set-Cookie;        ###        expires 30d;  #[告诉浏览器缓存有效期-- 30天内可以直接访问浏览器缓存]        proxy_passhttp://static;   }}EOFsystemctl restart nginx

?

Nginx load Balancing scheduling algorithm and its configuration

?

Load Mode Load Description
Round? Robin (default) Incoming requests are assigned to different back-end servers sequentially, and even if a backend server goes down during use, Nginx automatically strips the server out of the queue, and requests for admissibility are unaffected. In this way, you can set a weight value (weight) for different backend servers to adjust the requested allocation rate on different servers, and the larger the weight data, the greater the chance of being allocated to the request, which is mainly adjusted for the different backend server hardware configurations in the actual working environment.
Least Connections Next request to select the server with the backend minimum link
Ip_hash Use the first 3 bytes of the IPV4 address or the entire address of the IPV6 to match the hash value that is computed, so that the client of the next fixed IP address will always have access to the same back-end server.
Hash Tags are categorized by user-defined keywords, such as text, variables, or both, and requests for the same classification are always requested to a back-end server, which is suitable for scenarios where the backend is the cache.
Weight polling 
upstream cluster {    server a weight=5 max_fails=1   fail_timeout=10s;    server b weight=1;    server c weight=1;    server d weight=5 max_fails=1   fail_timeout=10s backup;}server {    listen 80;    location / {        proxy_pass http://cluster;    }}

In accordance with the above configuration, Nginx every request to receive 7 clients, will be 5 of them forwarded to the backend a, 1 of them to the backend B, 1 of them forwarded to the backend C.

The server directive supports the following parameters

  • Weight = number Sets the weight of the current server, which defaults to 1.
  • Max_fails = Numbe By default, the number of failures is 1.0 to shut down this server.
  • Fail_timout = number time-out is 10 seconds.
  • Max_conns=number
  • Backup identifies this server as a standby server that is enabled when the server in the cluster fails
  • Down identifies this server as an invalid server.
Least Connections 
upstream cluster {    least_conn;    server a weight=5 max_fails=1   fail_timeout=10s;    server b weight=1;    server c weight=1;    server d weight=5 max_fails=1   fail_timeout=10s backup;}server {    listen 80;    location / {        proxy_pass http://cluster;    }}
Ip_hash 
upstream cluster {    ip_hash;    server a weight=5 max_fails=1   fail_timeout=10s;    server b weight=1;    server c weight=1;    server d weight=5 max_fails=1   fail_timeout=10s backup;}server {    listen 80;    location / {        proxy_pass http://cluster;    }}
Hash 
upstream backend {    hash $request_uri consistent;    server backend1.example.com;    server backend2.example.com;}
Other usage forwarded to backend services 
location /path/ {    proxy_pass http://172.0.0.14:8080/path/;}
Forwarding to an extranet domain name 
location /baidu/ {         proxy_set_header Host www.baidu.com;         proxy_pass https://www.baidu.com/;}
Force HTTP to HTTPS access 
server {    listen  80;    server_name     api.yourdomain.com;    location / {        rewrite ^ /(.*) https://api.yourdomain.com/$1 permanent;        break;    }    error_page 497 https://$host:$server_port$request_uri;}server {        listen       443 ssl;        server_name  api.yourdomain.com;        access_log logs/ssl_api_access.log;        ssl on;        ssl_certificate conf.d/certs/api.yourdomain.com_bundle.crt;        ssl_certificate_key conf.d/certs/api.yourdomain.com.key;        ssl_session_timeout 5m;        ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #按照这个协议配置        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;#按照这个套件配置        ssl_prefer_server_ciphers on;        location / {                proxy_pass http://tomcat_servers/$2;        }        location /v1.0/ {            proxy_pass http://tomcat_servers/v1.0/;            proxy_cookie_path /v1.0/ /;            proxy_redirect off;        }}

Nginx Combat (quad) reverse proxy configuration caching and load balancing

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
nginx iis load balancing nginx load balancing tutorial aws nginx reverse proxy reverse proxy configuration configure nginx as reverse proxy reverse proxy vs load balancer router with dual wan ports and load balancing

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More