Nginx Learning Summary Five (Nginx reverse proxy) _nginx

Source: Internet
Author: User
Tags nginx reverse proxy nginx load balancing
Nginx Agent and load balancing configuration and optimization

Nginx Agent

Nginx, starting with version 0.7.48, supports the caching function similar to squid. The Nginx Web caching service consists of Proxy_cache related instruction set and Fastcgi_cache related instruction set, which is used to cache the back-end content source server for the reverse proxy, which is mainly used to cache the fastcgi dynamic program. The functions of both are basically the same.

Nginx version 0.8.32, Proxy_cache and Fastcgi_cache are already well developed, plus a third party Ngx_cache_purge module (used to clear the cache for the specified URL), which can be completely replaced by squid.

Functionally, Nginx already has the Web cache Acceleration feature squid has, and the ability to clear the specified URL cache. But in the performance, Nginx to multi-core CPU's utilization, surpasses squid many. In addition, Nginx is much more powerful than squid in reverse proxies, load balancing, health checks, back-end server failover, rewrite rewriting, and ease of use. This allows a nginx to be used both as a load-balancing server and as a Web cache server.

The following document explains how Nginx does a proxy server, forwards requests to other servers, and does not itself cache. The use version is nginx-0.8.15, configured as follows:

Copy Code code as follows:

http
{
........
Client_max_body_size 300m; Maximum number of individual file bytes allowed for client requests
Client_body_buffer_size 128k;
The buffer proxy buffers The maximum number of bytes requested by the client, which can be understood as saving to local and then to the user
Proxy_connect_timeout 600;
Timeout for connection to back-end server _ Handshake Wait Response timeout
Proxy_read_timeout 600;
After the success of the connection _ wait for back-end server response time _ actually has entered the back-end queue waiting for processing
Proxy_send_timeout 600;
Proxy_buffer_size 16k; The user's header information is saved for Nginx to handle
Proxy_buffers 4 32k; Tell Nginx how much space to save for a single use of several buffer
Proxy_busy_buffers_size 64k;
Proxy_max_temp_file_size 64k;
The size of the proxy cache temp file

Copy Code code as follows:

Upstream Clubsrv {
Server 192.168.0.110:80 weight=5;
Server 192.168.0.121:80 weight=5;
}
Upstream Mysrv {
Server 192.168.0.32:80 weight=2;
Server 127.0.0.1:8000 weight=8;
}
server {
Listen 80;
server_name club.xywy.com;
CharSet GBK;
root/www;
Access_log Logs/aaa.log combined;
Here is the first domain name, using the CLUBSRV proxy
Location/{
Proxy_next_upstream http_502 http_504 error timeout invalid_header;
If the back-end server returns 502, 504, or performs a timeout error, automatically forwards the request to upstream another server
Proxy_pass http://clubsrv;
Fill in the same name as the one above upstream
Proxy_redirect off;
Proxy_set_header Host club.xywy.com;
Proxy_set_header X-real-ip $remote _addr;
Proxy_set_header x-forwarded-for $proxy _add_x_forwarded_for;
Nginx in front of the agent, the back-end of the log will show 127.0.0.1, the above configuration can show the user's real IP (also need to install Third-party software, see the following detailed instructions)
Index index.htm index.html index.php;
}
Here is the second domain name, using the MYSRV proxy, to access the Www.sum.com/message directory
server {
Listen 80;
server_name www.sum.com;
Location/message {
Proxy_pass http://mysrv;
Proxy_set_header Host $host;
Access to this domain, only the MYSRV native can access
}
Access to www.sum.com/addresses other than/message.
Location/{
Proxy_pass http://mysrv;
Proxy_set_header Host $host;
Proxy_set_header X-real-ip $remote _addr;

The following configuration, which is the same as the error returned above, cannot be written here.
Copy Code code as follows:

Error_page 502 503 504/50x.html;
Location =/50x.html
{
root HTML;
}

2. Nginx Load Balancing Instruction
Nginx belongs to the software seven-tier load balancing (LVS is the software's four-tier load-balancing representative), seven-tier load-balancing software also has L7SW (Layer7 switching), Haproxy and so on. The module that supports load balancing is the HTTP upstream. Here's a description of this module and a few of his following instructions
HTTP Upstream Module
(1) Ip_hash instruction
When load balance is applied to multiple dynamic application servers on the back end, the ip_hash instruction navigates a client IP request through the hash algorithm to the same back-end server. This ensures that access is still on server A when an IP user logs on to sever a and then accesses another URL to the site. If you do not add Ip_hash, join the user to log on server A, and then visit other URLs of the site, it is possible to jump to the back end of Sever B, C ..., and the session record on a, B, C does not, will prompt the user is not logged in.
Note: However, this access does not guarantee a back-end server load balancing, there may be some server in the backend to receive more requests, some server accept less, set the weight value does not work.
It is recommended that if the dynamic application server in the backend can do session sharing, instead of configuring Ip_hash on the Nginx.
Copy Code code as follows:

Upstream Mysrv {
Ip_hash;
Server 192.168.0.110:80 weight=2;
Server 127.0.0.1:8000 down;
Server 192.168.0.212:80 weight=8;
}

(2) Server directives
This directive specifies the name and parameters of the back-end server. The name of the server can be a domain name, an IP, a port number, or a UNIX Socket.

Parameter introduction:
Weight=number: Set the server weight, the higher the weight value, the more the number of requests assigned to the client. Default is 1;
Max_fails=numbser: The number of failed requests to the backend server in the Fail_timeout specified time, marked as failed if a backend server could not be connected and an error occurred (excluding 404). If not set, the default is 1. Set to 0 to close this check.
Fail_timeout=time: The time that is paused after the number of failures that have been set by the parameter max_fails.
Down: Indicates that the server is permanently offline.
Backup: Enabled only when the non-backup server is all down or busy.
The configuration is as follows:
Copy Code code as follows:

Upstream Mysrv {
Ip_hash;
Server www.xywy.com weight=2;
Server 127.0.0.1:8000 down;
Server 192.168.0.212:80 max_fails=3 fail_timeout=30s;
Server Unix:/tmp/bakend3;
}

This article comes from the "learning to be eternal" blog

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.