Nginx Reverse proxy explanation and configuration

First, we introduce the reverse proxy of nginx. A proxy server is generally classified as a forward proxy (usually directly referred to as a proxy server) and a reverse proxy.

Let's draw a picture so we can understand it.

Forward Proxy: You can imagine the kind of router that we're going to use to surf the Internet. (can be said to be agent of the client)

Reverse proxy: The client's request comes over to the reverse proxy server, and then the reverse proxy server is handed back to the real server in the background. (This is the server-side proxy)

What we are talking about today is the implementation of Nginx's reverse proxy function. At the same time, the reverse proxy can also achieve load balancing function. You can think for yourself.

Because the experiment is relatively simple, the environment here is simple to deal with.

http-server1:192.168.10.156 (Apache service)

http-server2:192.168.10.157 (Nginx Service)

nginx-proxy:192.168.10.159

Ensure HTTP server is set up and can be accessed normally

Nginx-proxy installation (other dependent conditions installed on its own). Version: nginx-1.4.7.tar.gz

TAR-ZXVF Nginx-1.4.7.tar.gz/home

./configure

--prefix=/usr/local/nginx \

--sbin-path=/usr/local/bin \

--CONF-PATH=/ETC \

--error-log-path=/usr/local/nginx/error.log \

--pid-path=/usr/local/nginx/ngnix.pid \

--lock-path=/usr/local/nginx/nginx.lock \

--with-http_ssl_module \

--with-http_gzip_static_module \

--with-http_perl_module \

--http-log-path=/usr/local/nginx/access.log \

--http-fastcgi-temp-path=/usr/local/nginx/html \

--with-pcre--with-zlib=/usr--WITH-OPENSSL=/USR

Make && make install

Edit the Nginx configuration file.

Vim/etc/nginx.conf

#user nobody;

Worker_processes 1;

Events {

Worker_connections 1024;

}

HTTP {

Upstream Loadbance {

Server 192.168.10.156;

Server 192.168.10.157; (if its other ports, follow the Gadon slogan: x.x.x.x:8888)

}

server {

Listen 80;

Location/{

Proxy_pass http://loadbance;

}

}

}

The red part is the simple configuration needed to build the reverse proxy server. (Note that the semicolon at the end of the Nginx line)

Upstream: Keywords for reverse proxies

Loadbance: You can understand the name of a group of servers in the background

Server: Background Real server address, can be IP or FQDN (if it is FQDN, do not forget to parse)

Listen: Listen to the port, if not the original nginx to do the Web server configuration, the proposed change to a different port

Proxy_pass: Back with http://loadbance this must be consistent with the name of the upstream behind (server group name)

OK, you are done. Access to test.

Access Proxy address: http://192.168.10.159, and then refresh

This is the Nginx reverse proxy. We can actually extend it.

Nginx Reverse proxy function I think it can be used as a simple load balancer, we can specify the Nginx scheduling algorithm:

Nginx official Online said (in fact, personally think more than 4, you can add the server's IP address after the server's weight, but the official network plus the weight is not a kind of. ）

NGINX supports four load balancing methods:

1): The Round-robin method poll

2): The minimum number of connections for the Least_conn method

A request is sent to the server with the least number of active connections with server weights taken into consideration. Requests are sent to the server with the least active links (the server's weights are taken into account)

3): The Ip_hash method

The method guarantees that requests from the same address get to the same server unless it's not available. This method guarantees that a request from the same IP address will get a response from the same server unless it is hung. (It calculates the hash value of this IP via the client's IP (IPV4 or IPV6) address)

4); The generic hash method:

The server to which a request is sent are determined from a user-defined key which could be a text, variable, or their combin ation. For example, the key is a source IP and port,

The request is sent to a user-defined key value (which can be text, variable, or mixed) on the server

One more visit to the official website says:

If a method other than the default one is used, the corresponding directive (least_conn,ip_hash or H Ash) should be specified inside the upstream before the server directives. If you want to use a different scheduling algorithm (the round-robin that is used by default), the corresponding instruction must be specified within the upstream and before the server directive.

For example: The minimum number of links/ip_hash/hash $request _uri Consistent, (if you use polling method, you do not have to write, because the default algorithm is polling)

Upstream Loadbance {

Least_conn; or Ip_hash and (hash $request _uri consistent)

Server 192.168.10.156 weight=3; You can set weights.

Server 192.168.10.157; (if its other ports, follow the Gadon slogan: x.x.x.x:8888)

}

Oh, I rub, this is far away. In fact, Nginx also has a health check function, if a server is hung, the request will not be distributed to the server. For example, the following wording:

Upstream Loadbance {

Server 192.168.10.156 weight=3;

Server 192.168.10.157;

Server 192.168.10.158 backup;//when using the standby machine

Server 192.168.10.155 down; If you want to temporarily remove a server for upgrade or other operations, you can mark it as down so that the request is not on it.

}

In fact, we can also specify different paths for distribution to different servers through the location command inside the server. To achieve diversion.

For example, you can define multiple upstream. Upstream1,upstream2 ..... And then

Location/mp3 {

Proxy_pass http://upstream1;

}

location/flv {

Proxy_pass http://upstream2;

}

Nginx Reverse proxy explanation and configuration