1. The principle of server proxy: Proxy proxy
1. Forward proxy: Intranet clients access the Internet through proxy. Usually set the proxy server address and port. 
2. Reverse proxy: Internet users access the intranet server through the proxy. The intranet server is not aware. 
3. Module: ngx_http_proxy_module
4. Syntax:
proxy
Syntax: proxy_pass URL; proxy backend server URL
Default: —
Context: location, if in location, limit_except
Buffer
Syntax: proxy_buffering on | off;
Default: proxy_buffering on; When the buffer switch
Context: http, server, location
proxy_buffering is turned on, nignx will put the content returned by the backend into the buffer first, and then return it to the client
(Send while receiving, not all received and then sent to the client).
Syntax: proxy_buffer_size size;
Default: proxy_buffer_size 4k|8k; 缓冲区大小
Context: http, server, location
Syntax: proxy_buffers number size;
Default: proxy_buffers 8 4k|8k; 缓冲区数量
Context: http, server, location
Syntax: proxy_busy_buffers_size size;
Default: proxy_busy_buffers_size 8k|16k; Busy buffer size, which controls the number of buffers that are sent to the client at the same time
Context: http, server, location
Header
Syntax: proxy_set_header Field, value;
the Default: proxy_set_header Host $ proxy_host; set real client address
proxy_set_header Connection use Close;
Context: HTTP, Server, LOCATION
Timeout
Syntax: proxy_connect_timeout Time;
the Default: proxy_connect_timeout 60s; link timeout
Context: http, server, location
Syntax: proxy_read_timeout time;
Default: proxy_read_timeout 60s;
Context: http, server, location
Syntax: proxy_send_timeout time; the timeout time of the entire process of nginx process sending request to fastcgi process
Default: proxy_send_timeout 60s;
Context: http, server, location
2. Agency case:
1. Prepare two servers,
one is the proxy server IP: 10.8.162.6 and the
proxy server IP is 10.8.162.32
2. Two servers prepare the basic environment:
yum install -y nginx
systemctl start nginx
3. Proxy server Start the proxy program:
(1): vim /etc/nginx/conf.d/default.conf
comment out the default home page 
(2) write in location:
location / {
.....
proxy_pass http://192.168 .100.10:80 ;
proxy_redirect default;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 30;
proxy_send_timeout 60;
proxy_read_timeout 60;
proxy_buffering on;
proxy_buffer_size 32k;
proxy_buffers 4 128k;
proxy_busy_buffers_size 256k;
proxy_max_temp_file_size 256k;
}
Explanation:
proxy_pass: the real server (the IP of the proxy server)
proxy_redirect: if the real server uses the real IP and non-default port. Change to IP and default port.
proxy_set_header: redefine or add the request header sent to the back-end server
proxy_set_header X-Real-IP: enable the real address of the client (otherwise the log shows that the proxy is accessing the website)
proxy_set_header X-Forwarded-For: record the proxy address
proxy_connect_timeout:: back-end server connection timeout time _ initiate three-way handshake wait for response timeout time
proxy_send_timeout: back-end server data return time _ means that the back-end server must transmit all data within the specified time
proxy_read_timeout: nginx receives upstream (upstream) /True) server data timeout, default 60s, if 1 byte is not received within 60s, the connection is closed. Like long connection
proxy_buffering on; open caching
proxy_buffer_size: proxy_buffer_size is just the buffer of the response header
proxy_buffers 4 128k; the size of the content buffer area
proxy_busy_buffers_size 256k; a part of the buffer is drawn from proxy_buffers to specifically transmit data to the client where
proxy_max_temp_file_size 256k is stored as an oversized response header file. 
4. Restart the service: systemctl restart nginx
5. Write something on the proxy server homepage for verification:
vim /usr/share/nginx/html/index.html 
6. Use the PC client to access the proxy server address: 
7. Observe The log of the proxy server //tail /var/log/nginx/access.log 
(1) 10.8.162.6 proxy server address
10.8.162.46 real machine ip address
(2) access is successful. The IP of the client and the IP of the proxy server are recorded.
3. Proxy cache (continued proxy experiment)
1. Cache type: web cache (public network) CDN; database cache memcache redis; web cache nginx-proxy; client cache browser cache
2. Module: ngx_http_proxy_module
3. Syntax:
cache switch
Syntax: proxy_cache zone | off;
Default: proxy_cache off;
Context: http, server, location
代理缓存
Syntax: proxy_cache_path path [levels=levels] keys_zone=name:size[inactive=time] [max_size=size] [manager_files=number]
Default: —
Context: http
example:proxy_cache_path /data/nginx/cache levels=1:2 keys_zone=one:10m;
Cache dimension
Syntax: proxy_cache_key string; defines the unique key of the cache, and accesses the hash through the unique key. The cache file name
Default: proxy_cache_key $scheme$proxy_host$request_uri;
Context: http, server, location
缓存过期
Syntax: proxy_cache_valid [code ...] time;
Default: —
Context: http, server, location
proxy_cache_valid 200 302 10m;
proxy_cache_valid 404 1m;
4. Turn on the cache:
(1) Set 10.8.162.6 as the cache server:
(2) Open the main configuration file: vim /etc/nginx/nginx.conf
proxy_cache_path /app/qianfeng/cache levels=1:2 keys_zone=proxy_cache:10m max_size=10g inactive= 60m use_temp_path=off;
The parameters and corresponding configuration descriptions in the proxy_cache_path command are as follows:
1. The local disk directory used for caching is /app/tianyun.me/cache
2. Levels set a two-level hierarchy in /app/tianyun.me/cache/ table of Contents.
Placing a large number of files in a single directory can cause slow file access, so for most deployments, we recommend using a two-level directory hierarchy.
If the levels parameter is not configured, NGINX will place all files in the same directory.
3. The keys_zone sets a shared memory area, which is used to store cache keys and metadata, and is somewhat similar to a timer. Putting a copy of the key into memory allows NGINX to quickly determine whether a request is HITor is it without retrieving the disk MISS, which greatly improves the retrieval speed. A 1MB memory space can store about 8000 keys, so the 10MB memory space configured above can store almost 80,000 keys.
4. max_size sets the upper limit of the cache (10G in the above example). This is an option; if you don't specify a specific value, it allows the cache to grow continuously, taking up all available disk space. When the cache reaches this line, the processor calls the cache manager to remove the least recently used files, thus reducing the cache space below this limit.
5. inactive specifies the time that the item can remain in memory without being accessed. In the above example, if a file is not requested within 60 minutes, the cache management will automatically delete it in memory, regardless of whether the file expires. The default value of this parameter is 10 minutes (10m). Note that inactive content is different from expired content. NGINX does not automatically delete expired content specified by the cache control header (Cache-Control:max-age=120 in this example). Expired content will only be deleted if it has not been accessed within the specified time of inactive. If the expired content is accessed, then NGINX will refresh it from the original server and update the corresponding inactive timer.
6. NGINX will initially put files destined to be written to the cache into a temporary storage area. The use_temp_path=off command instructs NGINX to write these files into the same directory when they are cached. We strongly recommend that you set the parameter to off to avoid unnecessary data copying in the file system. use_temp_path is introduced in NGINX 1.7 version and NGINX Plus R6.
(3)在网站主页里面写入:vim /etc/nginx/conf.d/default.conf
proxy_cache proxy_cache;
proxy_cache_valid 200 304 12h;
proxy_cache_valid any 10m;
proxy_cache_key $host$uri$is_args$args;
add_header Nginx-Cache "$upstream_cache_status";proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
Explanation: 
(4): mkdir -p /app/qianfeng/cache //Prepare the storage directory for cache files
(5): systemctl restart nginx //Restart the server
(6): Use the PC client to access the nginx-2 server F12 again 
(7) Developer function through PC client browser. Observe whether it hits the cache. F12 
(8): Miss is missed; Hit
hint: The newly created web file is missed for the first time.
(9): How nginx cache works
①: Cache is not activated: 
②: The first query of the 
cache is activated ③: The second query of the cache is activated: 
(9): View cache: ls /app/qianfeng/cache/ 
(10) How Clean up nginx_proxy cache: rm -rf /app/qianfeng/cache/*