nginx代理服务器

考虑安全性,外网的端口只开通一个如:8002,两台业务系统的端口分别为7001、8001,由此采用Nginx做代理分发,以下简单记录一下:

1、安装Nginx

2、修改nginx.conf配置文件,改成如下:

user  nginx;
worker_processes  4;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;


events {
    use epoll;
    worker_connections 20480;
}


http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

    #gzip  on;

    client_max_body_size 50M;
    server_tokens off;


    include /etc/nginx/conf.d/*.conf;



    upstream jjrep {       
            ip_hash;
            server localhost:8001         max_fails=2 fail_timeout=60s;
    }


    upstream jjapp {
            ip_hash;
            server localhost:7001         max_fails=2 fail_timeout=60s;
    }


    upstream jjcms {
            ip_hash;
            server localhost:8080         max_fails=2 fail_timeout=60s;
    }



}

3、为了方便维护,在conf.d文件夹下新创建了一个配置文件,此文件只要负责Nginx端口号和分发的上下文,文件如下:

server {
    listen       8002;
    server_name  120.35.30.194;

    #charset koi8-r;
    #access_log  /var/log/nginx/log/host.access.log  main;

    #error_page  404              /404.html;

    # redirect server error pages to the static page /50x.html
    #
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /usr/share/nginx/html;
    }



    location /fundconsole
    {
        proxy_next_upstream  http_500 http_502 http_503 http_504 http_404 error timeout invalid_header;
        proxy_pass http://jjapp/fundconsole;
        proxy_set_header Host $host:$server_port;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header REMOTE-HOST $remote_addr;
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_set_header X-Forwarded_For $proxy_add_x_forwarded_for;
    }

    location /repconsole
    {
        proxy_next_upstream  http_500 http_502 http_503 http_504 http_404 error timeout invalid_header;
        proxy_pass http://jjrep/repconsole;
        #proxy_cookie_path /console/ /repconsole;
        proxy_set_header Host $host:$server_port;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header REMOTE-HOST $remote_addr;
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_set_header X-Forwarded_For $proxy_add_x_forwarded_for;
    }


    location /hqreport
    {
        proxy_next_upstream  http_500 http_502 http_503 http_504 http_404 error timeout invalid_header;
        proxy_pass http://jjrep/hqreport;
        proxy_set_header Host $host:$server_port;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header REMOTE-HOST $remote_addr;
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_set_header X-Forwarded_For $proxy_add_x_forwarded_for;
    }

    location /fundfj
    {
        proxy_next_upstream  http_500 http_502 http_503 http_504 http_404 error timeout invalid_header;
        proxy_pass http://jjapp/fundfj;
        proxy_set_header Host $host:$server_port;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header REMOTE-HOST $remote_addr;
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_set_header X-Forwarded_For $proxy_add_x_forwarded_for;
    }

    location /fundcms
    {
        proxy_next_upstream  http_500 http_502 http_503 http_504 http_404 error timeout invalid_header;
        proxy_pass http://jjapp/jeecms;
        proxy_set_header Host $host:$server_port;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header REMOTE-HOST $remote_addr;
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_set_header X-Forwarded_For $proxy_add_x_forwarded_for;
    }



}

4、配置完毕,重启即可。

你可能感兴趣的:(linux)