海运的博客

Nginx反向代理做负载均衡及缓存服务器

发布时间:May 2, 2012 // 分类:高可用 // No Comments

安装编译环境及相关组件:

yum -y install gcc gcc-c++ autoconf libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 \
libxml2-devel zlib zlib-devel glibc glibc-devel glib2 glib2-devel bzip2 bzip2-devel ncurses ncurses-devel curl \
curl-devel e2fsprogs e2fsprogs-devel krb5 krb5-devel libidn libidn-devel openssl openssl-devel openldap \
openldap-devel nss_ldap openldap-clients openldap-servers unzip

编译安装PCRE、Nginx及缓存清除模块ngx_cache_purge:

/usr/local/src/
wget http://sourceforge.net/projects/pcre/files/pcre/8.30/pcre-8.30.zip
unzip pcre-8.30.zip 
cd pcre-8.30
./configure 
make && make install  
cd ..
wget http://labs.frickle.com/files/ngx_cache_purge-1.2.tar.gz
tar zxvf ngx_cache_purge-1.2.tar.gz 
wget http://nginx.org/download/nginx-1.0.15.tar.gz
tar zxvf nginx-1.0.15.tar.gz 
cd nginx-1.0.15
./configure --user=www --group=www --prefix=/usr/local/nginx --with-http_stub_status_module  \
--with-http_gzip_static_module --add-module=../ngx_cache_purge-1.2
make && make install  

Nginx配置文件:

user  www www;

worker_processes 4;

error_log  /usr/local/nginx/logs/nginx_error.log  crit;

pid        /usr/local/nginx/logs/nginx.pid;

worker_rlimit_nofile 65535;

events
    {
        use epoll;
        worker_connections 65535;
    }

http
    {
        include       mime.types;
                default_type application/octet-stream; 

                charset utf-8;   

        server_names_hash_bucket_size 128;
        client_header_buffer_size 32k;
        large_client_header_buffers 4 32k;
        client_max_body_size 50m;

        sendfile on;
        tcp_nopush     on;

        keepalive_timeout 60;

        tcp_nodelay on;

                proxy_temp_path /cache_tmp;
                proxy_cache_path /cache levels=1:2 keys_zone=proxy_cache:256m inactive=10d max_size=10g;

                client_body_buffer_size  512k;
                proxy_connect_timeout 5;   
                proxy_read_timeout 60;   
                proxy_send_timeout 15; 
                proxy_buffer_size        16k;
                proxy_buffers            4 64k;
                proxy_busy_buffers_size 128k;
                proxy_temp_file_write_size 128k;

        gzip on;
        gzip_min_length  1k;
        gzip_buffers     4 16k;
        gzip_http_version 1.0;
        gzip_comp_level 2;
        gzip_types       text/plain application/x-javascript text/css application/xml;
        gzip_vary on;

                upstream proxy_server_pool 
                {
                server node1.www.haiyun.me;
                server node2.www.haiyun.me;
                }
                 

                 log_format   proxy
                 $remote_addr-$remote_user-$time_local-$request-$body_bytes_sent-$http_referer-
                 $http_user_agent-$upstream_addr-$upstream_cache_status-$upstream_status ;
server
        {
                 listen       80;
                 server_name cdn.www.haiyun.me;
                 location /
                 {
                 proxy_next_upstream http_502 http_504 error timeout invalid_header;   
                 proxy_cache proxy_cache;
                 proxy_cache_valid  200 304 1d;
                 proxy_cache_key $host$uri$is_args$args; #$http_cookie
                 add_header Nginx-Cache "$upstream_cache_status from $upstream_addr";
                 proxy_set_header Host $host;
                 proxy_set_header X-Forwarded-For $remote_addr;
                 proxy_pass http://proxy_server_pool;
                 }

                 location ~ .*\.(php|jsp|cgi)?$
                 {
                 proxy_set_header Host $host;
                 proxy_set_header X-Forwarded-For $remote_addr;
                 proxy_pass http://proxy_server_pool;
                 }
                 location ~ /purge(/.*)   
                 {    
                 allow 127.0.0.1;   
                 deny all;   
                 proxy_cache_purge proxy_cache $host$uri$is_args$args;   
                 }   
                 access_log  /usr/local/nginx/logs/cdn.www.haiyun.me.log proxy;
         }
}

标签:nginx, linux, 反向代理, 负载均衡

发表评论

分类
最新文章
最近回复
  • crowjin: 你确定这能过滤??不是所有请求都返回空地址::?
  • : linux系统上单个网卡多条宽带拨号获取公网IP,外网可以访问这些IP,有偿! Q:25299...
  • 硅谷少年: 非常有用,感谢分享
  • spartan2: https://dashboard.hcaptcha.com/welcome_accessib...
  • 海运: 应该能,在购买页面先手工跳过cf机器验证,后续一定时间内不更换ip应该不会再次验证。
  • spartan: 大佬斯巴达开启了CF的机器识别验证,请问插件能自动跳过吗? 另外这个脚本有没有简单使用说明,新...
  • vincent: 膜拜大佬
  • 海运: proxy-header或proxy_protocol
  • liangjw: 如果是 内部调用 或者 中间存在 代理 而上一个代理又在内网 ,那怎么处理来自代理私有IP?
  • chainofhonor: 感谢,用dnsmasq设置自动判断BIOS和UEFI成功了