Nginx reverse proxy, load balancing and cache

Nginx reverse proxy and cache

• lab environment

  • nginx reverse proxy server: Centos7 192.168.10.123
  • LAMP：Centos7 192.168.10.121
  • LNMP：Centos7 192.168.10.124

  NOTE: This experiment based on previous configuration environment, if the reference interest may Nginx acquaintance , Nginx acquaintance 2

• Nginx proxy module

  • proxy module, the module is supported by ngx_http_proxy
  • upstream module, the module is supported by ngx_http_upstream
  • fastcgi module, supported by the module

Nginx reverse proxy configuration

• Using yum install nginx Service

  

  

  

• Modify the configuration to enable proxy module reverse proxy functionality

  

  

          location / {
  
                  if ( $request_filename ~* \.php$ ) {
                      proxy_pass http://192.168.10.121;
                    }
                  if ( $request_filename !~* \.php$ ) {
                      proxy_pass http://192.168.10.124;
                  }
          }
  

• Check the configuration syntax and start the service

  

• Access tests

  

  

  

  

  The proxy server to be forwarded connection request .php suffix to the host 192.168.10.121 processing request is forwarded to the other host processing 192.168.10.124

• When using this method to reverse proxy logging backend can not collect the source address of the client will only record a reverse proxy server ip address, not an accurate log analysis

  
  LNMP server can not collect the correct source address of the client will only record a reverse proxy server ip
  

  

• Modify nginx reverse proxy configuration
  
  
  

        location / {
                  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                  proxy_set_header X-Forwarded-For $remote_addr;
                  #HTTP的请求端真实的IP
                  if ( $request_filename ~* \.php$ ) {
                      proxy_pass http://192.168.10.121;
                    }
                  if ( $request_filename !~* \.php$ ) {
                      proxy_pass http://192.168.10.124;
                  }
          }
  #标准格式：X-Forwarded-For: client1, proxy1, proxy2...
  #X-Forwarded-For头信息可以有多个，中间用逗号分隔，第一项为真实的客户端ip,其余为经过的代理或负载均衡的ip地址，经过几个就会出现几个
  #$proxy_add_x_forwarded_for变量包含客户端请求头中的"X-Forwarded-For"，与$remote_addr用逗号分开
  #$remote_addr变量的值是客户端的IP
  #$http_x_forwarded_for变量，保存了请求中的X-Forwarded-For信息
  参考：https://blog.51cto.com/wjw7702/1150225

• If there are suggested represent additional add additional information that exceeds the size of hash bucket size, need to be adjusted

  

  

  proxy_headers_hash_max_size 1024;
  proxy_headers_hash_bucket_size 128;

  

• Modify LAMP server Apache log format services
  
  

  

  

• Access test, view the log results

  LNMP server logs

  

  Apache Server Log

  

Nginx reverse proxy cache server configuration

• Modify the Reverse Proxy Server Configuration

  

  located at http vessel proxy_cache_path

  

  

  http {
  ...
      proxy_cache_path /data/nginx/cache levels=1:2 keys_zone=xcache:10M max_size=500M;
  ...
      location / {
                  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                  proxy_set_header X-Forwarded-For $remote_addr;
                  proxy_cache xcache; #使用xcache类型缓存
                  proxy_cache_valid 200 1d; #响应状态码为200的页面缓存1天
                  proxy_cache_valid 301 302 1m; #响应状态码为301、302的页面缓存1分钟
                  proxy_cache_valid any 1m; #其余的缓存1分钟
                  proxy_cache_revalidate on; #指示NGINX在刷新来自服务器的内容时使用GET请求
                  proxy_cache_use_stale error timeout http_500 http_502 http_504; #若请求出现timeout、500、502、504s时使用过期的缓存响应请求
                  add_header X_cache_hit $upstream_cache_status; #添加缓存命中状态到报文首部
  ...
  
  }
  #内容参考来自：https://www.cnblogs.com/howhy/p/6732216.html

• Create the specified cache storage directory, and given the appropriate permissions
  

  

• Browser to view the results

  

• Check the cache files are stored

  

  proxy_cache_path /data/nginx/cache levels=1:2 keys_zone=xcache:10M max_size=500M;
  #proxy_cache_path 定义缓存目录
  #目录的生成对应levels=1:2
  #:隔离目录，一个分号表示有两级目录
  #1表示父目录为1个字符，目录名为缓存文件名的最后一个字符
  #2表示子目录下为2个字符，目录名为倒数第3和倒数第2两个字符
  #keys_zone 定义缓存名称和内存空间大小
  #max_size 定义缓存硬盘空间大小

upstream load balancing

• Modify the proxy server nginx configuration

  

  

  

  http {
  ...
      upstream webservers{
             [rr|wrr|ip_hash|least_conn]
          server 192.168.10.121 max_fails=3 fail_timeout=30s weight=1;
          server 192.168.10.124 max_fails=3 fail_timeout=30s weight=1;
          server 192.168.10.122 backup; #backup 备用服务器
      }
  ...
  
          location / {
                  proxy_set_header X-Forwarded-For $remote_addr;
                  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
          #       proxy_set_header X-Real-IP $remote_addr;
          #       proxy_cache xcache;
          #       proxy_cache_valid 200 1d;
          #       proxy_cache_valid 301 302 1m;
          #       proxy_cache_valid any 1m;
          #       proxy_cache_revalidate on;
          #       proxy_cache_use_stale error timeout http_500 http_502 http_504;
          #       add_header X_cache_hit $upstream_cache_status;
                  proxy_pass http://webservers;
  
          }
  ...
  
  }
  
  #Nginx的调度算法：
  #   rr：轮询，轮流分配请求
  #   wrr：加权轮询，参考权重轮分配请求（如：定义upsteam_server默认算法就是wrr）
  #   ip_hash源地址hash，对源ip地址计算hash值，一样的hash值将请求送到相同服务器，实现session绑定
  #   least_conn：最少连接调度算法
  #后端服务器状态
  #down：表示当前server暂时不参与负载均衡。
  #backup：预留的备份机，当其他所有非backup机器出现故障或者繁忙的时候，才会请求backup机器
  #max_fails：允许请求的失败次数，默认为1，配合fail_timeout一起使用
  #fail_timeout：经过max_fails次请求失败后服务将会暂定fail_timeout时间不向请求失败的主机发送请求

• Add the test page for all the servers in the cluster

  192.168.10.121 LAMP server

  

  

  192.168.10.124 LNMP server

  

  

• Access tests