How to build a reverse proxy for Nginx server

Part 1: Installation

1 Create users and groups

  /usr/sbin/groupadd www 
  /usr/sbin/useradd -g www www

2 Install pcre to enable nginx reverse proxy support rewrite is convenient for future needs

  wget ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-7.8.tar.gz 
  tar zxvf pcre-7.8.tar.gz 
  cd pcre-7.8/ 
  ./configure 
  make && make install

3 Install nginx reverse proxy

  wget http://sysoev.ru/nginx/nginx-0.7.58.tar.gz 
  tar zxvf nginx-0.7.58.tar.gz 
  cd nginx-0.7.58/ 
  ./configure --user=www --group=www --prefix=/usr/
  local/webserver/nginx --with-http_stub_status_module 
  --with-http_ssl_module --with-cc-opt='-o2' --with-cpu-opt
  =opteron 
  make && make install

Note the --with-cc-opt='-o2' --with-cpu- opt=opteron This is compiler optimization. Currently, the most commonly used one is -02 instead of 3. The latter corresponds to the CPU model.

Part 2: Configuration and Optimization Configuration File

1 nginx.conf Configuration File:

  user www www; 
  worker_processes 4; 
  # [ debug | info | notice | warn | error | crit ] 
  error_log /usr/local/webserver/nginx/logs/nginx_error.log crit; 
  pid /usr/local/webserver/nginx/nginx.pid; 
  #specifies the value for maximum file descriptors that 
  can be opened by this process. 
  worker_rlimit_nofile 51200; 
  events 
  { 
  use epoll; 
  worker_connections 51200; 
  } 
  http 
  { 
  include mime.types; 
  default_type application/octet-stream; 
  source_charset gb2312; 
  server_names_hash_bucket_size 256; 
  client_header_buffer_size 256k; 
  large_client_header_buffers 4 256k; 
  #size limits 
  client_max_body_size 50m; 
  client_body_buffer_size 256k; 
  client_header_timeout 3m; 
  client_body_timeout 3m; 
  send_timeout 3m; 
  #参数都有所调整.目的是解决代理过程中出现的一些502 499错误  
  sendfile on; 
  tcp_nopush on; 
  keepalive_timeout 120; #参数加大,以解决做代理时502错误 
  tcp_nodelay on; 
  include vhosts/upstream.conf; 
  include vhosts/bbs.linuxtone.conf;  
  }

2 upstream.conf configuration file (this is also the configuration method for load

  upstream.conf 
  upstream bbs.linuxtone.com { 
  server 192.168.1.4:8099; 
  }

3 site configuration file

  bbs.linuxtone.conf 
  server 
  { 
  listen 80; 
  server_name bbs.linuxtone.conf; 
  charset gb2312; 
  index index.html index.htm; 
  root /date/wwwroot/linuxtone/; 
  location ~ ^/nginxstatus/ { 
  stub_status on; 
  access_log off; 
  } 
  location / { 
  root /date/wwwroot/linuxtone/; 
  proxy_redirect off ; 
  proxy_set_header host $host; 
  proxy_set_header x-real-ip $remote_addr; 
  proxy_set_header remote-host $remote_addr; 
  proxy_set_header x-forwarded-for $proxy_add_x_forwarded_for; 
  client_max_body_size 50m; 
  client_body_buffer_size 256k; 
  proxy_connect_timeout 30; 
  proxy_send_timeout 30; 
  proxy_read_timeout 60; 
  proxy_buffer_size 256k; 
  proxy_buffers 4 256k; 
  proxy_busy_buffers_size 256k; 
  proxy_temp_file_write_size 256k; 
  proxy_next_upstream error timeout invalid_header http_500 
  http_503 http_404; 
  proxy_max_temp_file_size 128m; 
  proxy_pass http://bbs.linuxtone.com; 
  }

The parameters have been adjusted. The purpose is to solve Some 502 499 errors that occur during the proxy process

  #add expires header for static content 
  location ~* \.(jpg|jpeg|gif|png|swf)$ { 
  if (-f $request_filename) { 
  root /date/wwwroot/linuxtone/; 
  expires 1d; 
  break; 
  } 
  } 
  log_format access '$remote_addr - $remote_user [$time_local] "$request" ' 
  '$status $body_bytes_sent "$http_referer" ' 
  '"$http_user_agent" $http_x_forwarded_for'; 
  access_log /exp/nginxlogs/bbs.linuxtone_access.log access; 
  }

Common commands
Let’s take a look at some common commands for nginx reverse proxy

proxy_pass command
Syntax

  proxy_pass  [url | upstream]

Function
This directive is used to set the proxy server port or socket, and the url

proxy_redirect directive
Grammar

  proxy_redirect  [off | default | redirect replacement]

Function
This command is used to change the "location" and "refresh" in the response header of the proxy server
Supplement:
I haven't seen the effect of this command yet Yes, it is all off in the actual settings. If you know anything about it, please leave a message on the blog to guide me

proxy_next_upstream command
Syntax

Copy code The code is as follows :

proxy_next_upstream [error|timeout|invalid_header|http_500|http_502|http_503|http_504|http_404|off]

Function
This directive is used to set the situation under which the Forward the request to the next server. In the upstream load balancing proxy server pool, assuming that a server at the backend cannot be accessed or returns a specified error response code, you can use this instruction to forward the request to the next server in the pool.
Parameter description

error: If an error occurs when connecting to the server, when sending a request, or when reading the response message
timeout: If an error occurs when connecting to the server, when transmitting a request, or when reading the response message from the back-end server Timeout
invalid_header: The backend server returns an empty or incorrect response
http_[500|502|503|504|404]: The backend server returns the specified response status code
off: Disables the request Forward to the next backend server

proxy_set_header directive
Syntax

  proxy_set_header header value

Function
This directive allows redefining or adding header lines to be forwarded to In the request information of the proxy server, its value can be text, a variable, or a combination of text and variables

The above is the detailed content of How to build a reverse proxy for Nginx server. For more information, please follow other related articles on the PHP Chinese website!