nginx http代理、负载均衡、tcp代理转发 配置
2018-02-07 08:31
489 查看
一、nginx http 代理
nginx http 代理通过proxy_set_header,返回客户端真实IP地址及端口,而不是代理主机ip,
#proxy ngx 代理不支持 https,有https需求可以用squid server { listen 9998; allow 192.168.0.0/24; deny all; location / { access_log /data/logs/proxy_access.log main; proxy_redirect off; proxy_pass http://$http_host$request_uri; proxy_set_header Host $host:$server_port; # 设置请求头:代理IP:port proxy_set_header X-Real-IP $remote_addr; # 真实客户端地址IP proxy_set_header X-Real-PORT $remote_port; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-NginX-Proxy true; proxy_http_version 1.1; } }
nginx http转发
server { listen 21000; server_name 127.0.0.1; location / { proxy_read_timeout 1800; proxy_next_upstream http_502 http_504 error timeout invalid_header; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $remote_addr; proxy_pass http://10.10.20.34:21000; } }
nginx 负载均衡
cat vhosts/down_fdfs_19080.conf server { listen 19080; server_name 127.0.0.1; location / { proxy_read_timeout 1800; proxy_next_upstream http_502 http_504 error timeout invalid_header; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $remote_addr; proxy_pass http://down_fdfs; } } cat upstream/down_fdfs.conf upstream down_fdfs{ server 10.10.20.54:80 max_fails=2 fail_timeout=30s weight=10; server 10.10.20.55:80 max_fails=2 fail_timeout=30s weight=10; keepalive 64; }
匹配url,转发到不同主机
这里对url的转换稍微难理解一点,比如多个”//”等。
对于proxy_pass的值,去掉主机,就剩了”/”, 这里就是将 “/api_test/” 替换为 “/” 。这样就很清楚匹配url到底需不需要将”/”了。
location /api_test/ { default_type 'text/plain'; proxy_buffering off; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_redirect off; proxy_connect_timeout 10; proxy_send_timeout 30; proxy_read_timeout 30; proxy_http_version 1.1; proxy_set_header Connection ""; proxy_pass http://api.system/; } upstream api.system{ server 192.168.6.119:8901 max_fails=2 weight=1; keepalive 64; }
二、nginx TCP 反向代理
1、编译相关模块
支持TCP代理和负载均衡的stream模块ngx_stream_core_module,在1.90版本后将被启用。但是并不会默认安装,需要在编译时通过指定 –with-stream 参数来激活这个模块。
对于低版本nginx
下面操作步骤只让nginx支持tcp_proxy,没有加入prce、gzip、ssl等功能,如需要,可自行在编译时加上相关参数。
wget https://github.com/yaoweibin/nginx_tcp_proxy_module/archive/master.zip unzip master.zip cd nginx-1.8.1 patch -p1 <../nginx_tcp_proxy_module-master/tcp.patch ./configure --add-module=../nginx_tcp_proxy_module-master make make install
2、配置 nginx tcp 代理
==注意:新版本关键字为stream,低版本为tcp==新版本nginx
stream { upstream backend { hash $remote_addr consistent; server backend1.example.com:12345 weight=5; server 127.0.0.1:12345 max_fails=3 fail_timeout=30s; server unix:/tmp/backend3; } server { listen 12345; proxy_connect_timeout 1s; proxy_timeout 3s; proxy_pass backend; } server { listen [::1]:12345; proxy_pass unix:/tmp/stream.socket; } }
低版本nginx
events { ... } http { ... } tcp { upstream backend { server 127.0.0.1:12345 max_fails=3 fail_timeout=30s; } server { listen 2345; proxy_pass backend; } }
3、nginx tcp proxy 转发超时问题
==nginx tcp proxy 连接保持设置==根据前文
Nginx tcp proxy module试用的设置,在测试环境中发现tcp连接经常掉线。
其实就是少了几个设置,README的配置不能用于生产环境。
配置如下,现在工作正常了:
tcp { timeout 1d; proxy_read_timeout 10d; proxy_send_timeout 10d; proxy_connect_timeout 30; # rsync upstream proxy_rsync { server 10.10.20.42:30873 max_fails=3; } server { listen 30888; proxy_pass proxy_rsync; } }
转载请务必保留此出处:http://blog.csdn.net/fgf00/article/details/79276127
附:nginx 优化 配置文件参考
注:最后几行的tcp部分,如果没有编译,可以注释掉user nginx nginx; worker_processes 24; worker_cpu_affinity auto; worker_rlimit_nofile 65535; error_log /data/logs/nginx/error.log notice; pid logs/nginx.pid; events { use epoll; multi_accept on; worker_connections 65535; } http { include mime.types; default_type application/octet-stream; charset UTF-8; server_names_hash_bucket_size 128; client_header_buffer_size 128k; large_client_header_buffers 8 128k; client_max_body_size 20g; sendfile on; tcp_nopush on; open_file_cache max=51200 inactive=20s; open_file_cache_valid 30s; open_file_cache_min_uses 1; keepalive_timeout 60; tcp_nodelay on; server_tokens off; server_tag off; server_info off; fastcgi_connect_timeout 600; fastcgi_send_timeout 600; fastcgi_read_timeout 600; fastcgi_buffer_size 512k; fastcgi_buffers 16 256k; fastcgi_busy_buffers_size 512k; fastcgi_temp_file_write_size 512k; fastcgi_intercept_errors on; client_header_timeout 6m; client_body_timeout 6m; send_timeout 6m; connection_pool_size 256; request_pool_size 8k; output_buffers 8 64k; postpone_output 1460; client_body_buffer_size 1024k; gzip on; gzip_min_length 1k; gzip_buffers 4 16k; gzip_http_version 1.0; gzip_comp_level 3; gzip_proxied any; gzip_types text/plain application/x-javascript application/json text/css application/xml; gzip_vary on; proxy_connect_timeout 600; proxy_read_timeout 600; proxy_send_timeout 600; proxy_buffers 4 64k; proxy_busy_buffers_size 128k; proxy_temp_file_write_size 128k; proxy_http_version 1.1; proxy_set_header Connection ""; proxy_ignore_client_abort on; proxy_next_upstream error; proxy_buffer_size 64k; proxy_temp_path /dev/shm/nginx_proxy_temp; proxy_cache_path /dev/shm/proxy_cps_cache levels=1:2 keys_zone=cache_cps:1024m inactive=2d max_size=8g; proxy_cache_path /dev/shm/proxy_cpsSimhash_cache levels=1:2 keys_zone=cache_cpsSimhash:1024m inactive=2d max_size=8g; proxy_cache_path /dev/shm/proxy_search_cache levels=1:2 keys_zone=cache_search:1024m inactive=2d max_size=8g; proxy_pass_header Set-Cookie; log_format main '$http_host $remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" "$http_user_agent" ' '"$http_x_forwarded_for" "$upstream_cache_status" $request_time $host'; include upstream/*.conf; include vhosts/*.conf; } tcp { timeout 1d; proxy_read_timeout 10d; proxy_send_timeout 10d; proxy_connect_timeout 30; include tcp_proxy/*.conf; }
转载请务必保留此出处:http://blog.csdn.net/fgf00/article/details/79276127
相关文章推荐
- HAProxy提供高可用性、负载均衡以及基于TCP和HTTP应用的代理配置
- Nginx服务器安装,高性能的HTTP、TCP、反向代理、负载均衡等服务和配置
- apache 反向代理,负载均衡配置。
- Nginx正反向代理、负载均衡等功能实现配置
- 采用ajp代理模式配置Apache+tomcat实现负载均衡
- Nginx之代理配置以及负载均衡
- nginx tcp http 代理配置
- Nginx代理与负载均衡配置与优化
- nginx做代理IP端口转发的安装和部署配置
- nginx 设置多个tcp IP代理 socket 转发
- Nginx代理TCP请求模块添加及配置步骤
- nginx实战(四)反向代理配置缓存及负载均衡
- Nginx发布1.9.0版本,新增支持TCP代理和负载均衡的stream模块
- nginx的配置及以反向代理方式实现动静分离、负载均衡
- 配置apache 实现多域名反向代理转发
- CentOS 6.5 yum安装配置lnmp服务器(Nginx+PHP+MySQL)+快速代理转发
- Nginx发布1.9.0版本,新增支持TCP代理和负载均衡的stream模块
- Nginx正反向代理、负载均衡等功能实现配置
- 【精选】Nginx负载均衡学习笔记(一)实现HTTP负载均衡和TCP负载均衡(官方和OpenResty两种负载配置)
- Linux下配置Nginx与Tomcat负载均衡及反代理