Using Nginx reverse proxy and Proxy_cache cache to build CDN Server Configuration Method _nginx

Problems encountered:
Mobile user access to Web serverWww.osyunwei.comVery slow
Solution:
1, in the mobile room to place a nginx reverse proxy server
2, through the domain name DNS intelligent resolution, all mobile users accessWww.osyunwei.comresolves to nginx reverse proxy server
3, Nginx reverse proxy server and Web server between the use of dedicated line connection
Description:
1, Web server
Line: Telecom
ip:192.168.21.129
Domain Name: www.osyunwei.com
2, Nginx reverse proxy Server
Line: Mobile
System: CentOS 6.2
ip:192.168.21.164
Vi/etc/hosts #编辑, add the following line at the end of the file
192.168.21.129 www.osyunwei.com
3Client
Line: Mobile
System: Windows 7
ip:192.168.21.130
C:\Windows\System32\drivers\etc\hosts #用记事本打开, add the following line at the end of the file
192.168.21.164 www.osyunwei.com

################## #以下操作在nginx反向代理服务器上配置 ###################

1. Close SELinux
Vi/etc/selinux/config
#SELINUX =enforcing #注释掉
#SELINUXTYPE =targeted #注释掉
Selinux=disabled #增加
: Wq save, close.
Shutdown-r now reboot system
2, open the firewall 80 port
Vi/etc/sysconfig/iptables
Add the following content
-A input-m state--state new-m tcp-p TCP--dport 80-j ACCEPT
/etc/init.d/iptables Restart #重启防火墙使配置生效
3, install the compilation tool
Yum install wget make gcc gcc-c++ zlib-devel OpenSSL openssl-devel pcre-devel gd kernel keyutils patch Perl
4. System Agreement
Software source code Package storage location:/USR/LOCAL/SRC
Source Package Compile Installation location:/usr/local/software Name
5, download software
CD/USR/LOCAL/SRC #进入目录
(i), download Nginx (currently stable version)
wget http://nginx.org/download/nginx-1.0.12.tar.gz
(ii), download pcre (support nginx pseudo static)
wget ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.21.tar.gz
(ii), download ngx_cache_purge (clear specified URL cache)
wget http://labs.frickle.com/files/ngx_cache_purge-1.5.tar.gz
6. Installation Pcre
Cd/usr/local/src
Mkdir/usr/local/pcre #创建安装目录
Tar zxvf pcre-8.21.tar.gz
CD pcre-8.21
./configure--prefix=/usr/local/pcre #配置
Make
Make install
7. Installation Nginx
Groupadd www #添加www组
Useradd-g www www-s/bin/false #创建nginx运行账户www并加入到www组, www users are not allowed to log on directly to the system
Cd/usr/local/src
Tar zxvf ngx_cache_purge-1.5.tar.gz
Tar zxvf nginx-1.0.12.tar.gz
CD nginx-1.0.12
./configure--prefix=/usr/local/nginx--user=www--group=www--with-http_stub_status_module--with-openssl=/usr/--with-pcre=/usr/local/src/pcre-8.21 --add-module=.. /ngx_cache_purge-1.5
Note:--with-pcre=/usr/local/src/pcre-8.21 points to the source package decompression path, not the installation path, otherwise it will be an error
Make #编译
Make install #安装
/usr/local/nginx/sbin/nginx #启动nginx
Chown Www.www-R/usr/local/nginx/html #设置目录所有者
chmod 700-r/usr/local/nginx/html #设置目录权限
Vi/etc/rc.d/init.d/nginx # Setup Nginx startup, edit startup file add below
=======================================================
#!/bin/bash
# nginx Startup script for the Nginx HTTP Server
# It is v.0.0.2 version.
# Chkconfig:-85 15
# Description:nginx is a high-performance Web and proxy server.
# It has a lot of features, but it ' s not for everyone.
# Processname:nginx
# Pidfile:/var/run/nginx.pid
# config:/usr/local/nginx/conf/nginx.conf
Nginxd=/usr/local/nginx/sbin/nginx
Nginx_config=/usr/local/nginx/conf/nginx.conf
Nginx_pid=/usr/local/nginx/logs/nginx.pid
Retval=0
Prog= "Nginx"
# Source function library.
. /etc/rc.d/init.d/functions
# Source Networking configuration.
. /etc/sysconfig/network
# Check that networking are up.
[${networking} = "No"] && exit 0
[x $nginxd] | | Exit 0
# Start Nginx daemons functions.
Start () {
If [-e $nginx _pid];then
echo "Nginx already running ..."
Exit 1
Fi
Echo-n $ "Starting $prog:"
Daemon $nginxd-C ${nginx_config}
Retval=$?
Echo
[$RETVAL = 0] && Touch/var/lock/subsys/nginx
Return $RETVAL
}
# Stop Nginx daemons functions.
Stop () {
Echo-n $ "Stopping $prog:"
Killproc $nginxd
Retval=$?
Echo
[$RETVAL = 0] && rm-f/var/lock/subsys/nginx/usr/local/nginx/logs/nginx.pid
}
Reload () {
Echo-n $ "Reloading $prog:"
#kill-hup ' Cat ${nginx_pid} '
Killproc $nginxd-hup
Retval=$?
Echo
}
# How we were called.
Case "$" in
Start
Start

Stop
Stop

Reload
Reload

Restart)
Stop
Start
;;

Status
Status $prog
Retval=$?

*)
echo $ "Usage: $prog {start|stop|restart|reload|status|help}"
Exit 1
Esac
Exit $RETVAL
=======================================================
: wq! Save Exit
chmod 775/etc/rc.d/init.d/nginx #赋予文件执行权限
Chkconfig Nginx on #设置开机启动
/etc/rc.d/init.d/nginx restart
Service Nginx Restart
8. Configure Nginx
Cp/usr/local/nginx/conf/nginx.conf/usr/local/nginx/conf/nginx.confbak #备份nginx配置文件
(a), set up Nginx run account
Vi/usr/local/nginx/conf/nginx.conf #编辑
Find user nobody;
User www www. #在第一行
(ii), prohibit the nginx empty host head
Vi/usr/local/nginx/conf/nginx.conf #编辑
Locate the server and add the following on the line above:
##############################
server {
Listen default;
server_name _;
Location/{
root HTML;
return 404;
}
Location ~/.ht {
Deny all;
}
}
##############################
/etc/rc.d/init.d/nginx Restart #重启nginx
After this setting, NULL host header access jumps directly to the nginx404 error page.
(iii), add Nginx virtual host include file
cd/usr/local/nginx/conf/#进入nginx安装目录
mkdir Vhost#建立虚拟目录
Vi/usr/local/nginx/conf/nginx.conf #编辑
Find the code you added in the previous step and add the following at the end:
Include vhost/*.conf;
For example:
##############################
server {
Listen default;
server_name _;
Location/{
root HTML;
return 404;
}
Location ~/.ht {
Deny all;
}
}
Include vhost/*.conf;
##############################
(iv), add proxy_cache parameter configuration include file
cd/usr/local/nginx/conf/#进入目录
Touch proxy.conf #建立文件
Vi/usr/local/nginx/conf/nginx.conf #编辑
Find HTTP {Add a row below
Include proxy.conf;
(v) Add a list of proxy servers containing files
cd/usr/local/nginx/conf/#进入目录
Touch mysvrhost.conf #建立文件
Vi/usr/local/nginx/conf/nginx.conf #编辑
Find the code you added in the previous step and add a row below
Include mysvrhost.conf;
(vi), setting nginx global parameters
Vi/usr/local/nginx/conf/nginx.conf #编辑
Worker_processes 2; # Number of worker processes, or twice times the core of the CPU
Events
{
Use Epoll; #增加
Worker_connections 65535; #修改为65535, maximum number of connections.
}
############ #以下代码在HTTP { Partial additions and modifications ##############
Server_names_hash_bucket_size 128; #增加
Client_header_buffer_size 32k; #增加
Large_client_header_buffers 4 32k; #增加
Client_max_body_size 300m; #增加
Tcp_nopush on; #修改为on
Keepalive_timeout 60; #修改为60
Tcp_nodelay on; #增加
Server_tokens off; #增加, Nginx version information is not displayed
gzip on; #修改为on
Gzip_min_length 1k; #增加
Gzip_buffers 4 16k; #增加
Gzip_http_version 1.1; #增加
Gzip_comp_level 2; #增加
Gzip_types text/plain application/x-javascript text/css application/xml; #增加
Gzip_vary on; #增加
(vii), set proxy_cache parameter configuration
Cd/home #进入目录
Mkdir-p/home/proxy_temp_dir #proxy_temp_dir与proxy_cache_dir这两个文件夹必须在同一个分区
Mkdir-p/home/proxy_cache_dir #proxy_cache_dir与proxy_temp_dir这两个文件夹必须在同一个分区
Chown Www.www-R Proxy_cache_dir Proxy_temp_dir #设置目录所有者
Chmod-r 777 Proxy_cache_dir Proxy_temp_dir #设置目录权限
System Yun-wei www.osyunwei.com warm reminder: qihang01 original Content © Copyright, reproduced please indicate the source and the original chain
cd/usr/local/nginx/conf/#进入目录
VI proxy.conf #编辑, add the following code
Proxy_temp_path/home/proxy_temp_dir; #指定临时文件目录
Proxy_cache_path/home/proxy_cache_dir levels=1:2 keys_zone=cache_one:50m inactive=1d max_size=1g;
#设置Web缓存区名称为cache_one, the memory cache is 50MB, automatically clears 1 days without access to the files, the hard disk cache is 1GB.
Client_body_buffer_size 512k; #增加缓冲区代理缓冲客户端请求的最大字节数
Proxy_connect_timeout 60; #增加连接后端服务器超时时间
Proxy_read_timeout 60; #增加后端服务器响应请求超时时间
Proxy_send_timeout 60; #增加后端服务器发送数据超时时间
Proxy_buffer_size 32k; #增加代理请求缓存区大小
Proxy_buffers 4 64k; #增加
Proxy_busy_buffers_size 128k; #增加系统繁忙时可申请的proxy_buffers大小
Proxy_temp_file_write_size 128k; #增加proxy缓存临时文件的大小
Proxy_next_upstream Error timeout Invalid_header http_500 http_503 http_404; #增加故障转移, if the back-end server returns 502, 504, execution timeout, and so on, automatically forwards the request to another server in the upstream load balancing pool to implement failover. Proxy_cache Cache_one; #增加使用web缓存区cache_one
(eight), set the proxy server file list
cd/usr/local/nginx/conf/#进入目录
VI mysvrhost.conf #编辑, add the following code
Upstream Osyunweihost {
Server 192.168.21.129:80 weight=1 max_fails=2 fail_timeout=30s;
}
(ix), new virtual host configuration file
Cd/usr/local/nginx/conf/vhost #进入虚拟主机目录
Touch www.osyunwei.com.conf #建立虚拟主机配置文件
VI www.osyunwei.com.conf #编辑

server {
Listen 80;
server_name www.osyunwei.com osyunwei.com;

Location/
{
Proxy_pass Http://osyunweihost;
Proxy_cache_key $host $uri$is_args$args; #增加设置web缓存的key值, Nginx hash storage cache based on key value MD5
Proxy_set_header Host $host;
Proxy_set_header x-forwarded-for $remote _addr;
Proxy_cache_valid 304 12h;
Expires 2d;
}
Location ~. *\. (php|jsp|cgi|asp|aspx|flv|swf|xml)? $ #列出的扩展名文件不缓存.

{
Proxy_set_header Host $host;
Proxy_set_header x-forwarded-for $remote _addr;
Proxy_pass Http://osyunweihost;
}
Access_log off;
}

Location ~/purge (/.*) #用于清除缓存
{
Allow 127.0.0.1;
Allow 192.168.21.0/24; #设置只允许指定的IP或IP段才可以清除URL缓存.
Deny all;
Proxy_cache_purge Cache_one $host $1$is_args$args;
}
################## #以上操作在nginx反向代理服务器上配置 ###################
9. Ngx_cache_pure Clear Cache Module usage instructions
Note: According to the configuration allows only 192.168.21.0/24 IP segment host to clear the URL cache, now I use the client IP is: 192.168.21.130, have permission to clear the URL cache.

1. Browse picture file: Http://www.osyunwei.com/images/nopic.giF

2, clear this file cache:http://www.osyunwei.com/purge/images/nopic.gif

Hint: Successful purge, cache file purged successfully, if this file has not been cached, then hint: 404 Not Found

Note:
1, purge is the ngx_cache_pure module instruction
2, Images/nopic.gif is to clear the cache file URL path

At this point, use the Nginx reverse proxy and Proxy_cache caching features to configure the CDN Server Tutorial ends.

Attachment:

1, nginx configuration file/usr/local/nginx/conf/nginx.conf

 
User www www. 
Worker_processes 2; 
#error_log Logs/error.log; 
#error_log Logs/error.log Notice; 
#error_log Logs/error.log Info; 

#pid Logs/nginx.pid; 
events {use Epoll; 
Worker_connections 65535; 
} http {include proxy.conf; 
Include mysvrhost.conf; 
Include Mime.types; 

Default_type Application/octet-stream;  #log_format Main ' $remote _addr-$remote _user [$time _local] "$request" ' # ' $status $body _bytes_sent ' $http _referer ' 

' $http _user_agent ', ' $http _x_forwarded_for '; 

#access_log Logs/access.log Main; 
Server_names_hash_bucket_size 128; 
Client_header_buffer_size 32k; 
Large_client_header_buffers 4 32k; 
Client_max_body_size 300m; 
Sendfile on; 

Tcp_nopush on; 
#keepalive_timeout 0; 
Keepalive_timeout 60; 
Tcp_nodelay on; 

Server_tokens off; 
gzip on; 
Gzip_min_length 1k; 
Gzip_buffers 4 16k; 
Gzip_http_version 1.1; 
Gzip_comp_level 2; 
Gzip_types text/plain application/x-javascript text/css application/xml; 

Gzip_vary on; 
server {Listen default; ServEr_name _; 
Location/{root HTML; 
return 404; 
} location ~/.ht {deny all; 
}} include vhost/*.conf; 
 }

2, the Proxy server list file/usr/local/nginx/conf/mysvrhost.conf

 
Upstream Osyunweihost { 
server 192.168.21.129:80 weight=1 max_fails=2 fail_timeout=30s; 
} 

3, proxy_cache parameter configuration file/usr/local/nginx/conf/proxy.conf

 
Proxy_temp_path/home/proxy_temp_dir; 
Proxy_cache_path/home/proxy_cache_dir levels=1:2 keys_zone=cache_one:500m inactive=1d max_size=30g; 
Client_body_buffer_size 512k; 
Proxy_connect_timeout; 
Proxy_read_timeout; 
Proxy_send_timeout; 
Proxy_buffer_size 32k; 
Proxy_buffers 4 64k; 
Proxy_busy_buffers_size 128k; 
Proxy_temp_file_write_size 128k; 
Proxy_next_upstream Error timeout Invalid_header http_500 http_503 http_404; 
Proxy_cache Cache_one; 

4, the virtual host configuration file/usr/local/nginx/conf/vhost/www.osyunwei.com.conf

 
server { 
listen; 
server_name www.osyunwei.com osyunwei.com; 
Location/ 
{ 
proxy_pass http://osyunweihost; 
Proxy_cache_key $host $uri$is_args$args; 
Proxy_set_header Host $host; 
Proxy_set_header x-forwarded-for $remote _addr; 
Proxy_cache_valid 304 12h; 
Expires 2d; 
} 

Location ~/purge (/.*) 
{ 
allow 127.0.0.1; 
Allow 192.168.21.0/24; 
Deny all; 
Proxy_cache_purge cache_one $host $1$is_args$args; 
} 

Location ~. *\. (php|jsp|cgi|asp|aspx|flv|swf|xml)? $ 
{ 
proxy_set_header Host $host; 
Proxy_set_header x-forwarded-for $remote _addr; 
Proxy_pass http://osyunweihost; 
} 
Access_log off; 
 

Extended reading:
############################################################### # #
nginx Modify version information
vi/usr/local/src/nginx-1.0.12/src/core/nginx.h #编译前编辑
#define Nginx_ Version
#define Nginx_version
#define NGINX_VER
#define NGINX_VAR
Modify the information above, You can change the Nginx display version.
vi/usr/local/src/http/ngx_http_special_response.c #编译前编辑
static U_char Ngx_http_error_full_ tail[] =
static U_char ngx_http_error_tail[] =
Modify the information above for your own.
#################################################################