Nginx反向代理加缓存服务器

Nginx反向代理缓存服务器

环境:

IP                                       角色                           服务

192.168.223.128               Nginx代理             Nginx

192.168.223.129               web群集                   Apache

192.168.223.130               web群集                   Apache

关闭防火墙、selinux

1、安装Nginx依赖环境

安装zlib-develpcre-devel 等依赖包

[root@nginx ~]# yum -y install gcc gcc-c++ make libtool zlib zlib-devel pcre pcre-devel openssl openssl-devel

注:

结合 proxy upstream 模块实现后端 web 负载均衡

使用 proxy 模块实现静态文件缓存

结合 nginx 默认自带的 ngx_http_proxy_module 模块 ngx_http_upstream_module 模块实现后端服务器的健康检查,也可以使用第三方模块 nginx_upstream_check_module

使用 nginx-sticky-module 扩展模块实现 Cookie 会话黏贴(保持会话)

使用 ngx_cache_purge 实现更强大的缓存清除功能

上面提到的 2 个模块都属于第三方扩展模块,需要提前下好源码,然后编译时通过--add-moudle=src_path 一起安装

 

安装Nginx

[root@nginx ~]# groupadd www
[root@nginx ~]# useradd -g www www -s /sbin/nologin
[root@nginx ~]# cd /usr/local/src/
[root@nginx src]# tar zxf master.tar.gz
[root@nginx src]# tar zxf nginx-1.14.0.tar.gz 
[root@nginx src]# tar zxf ngx_cache_purge-2.3.tar.gz
[root@nginx src]# cd nginx-1.14.0/
[root@nginx nginx-1.14.0]# ./configure --prefix=/usr/local/nginx --user=www --group=www--with-http_stub_status_module  --with-http_realip_module  --with-http_ssl_module --with-http_gzip_static_module  --http-client-body-temp-path=/var/tmp/nginx/client --http-proxy-temp-path=/var/tmp/nginx/proxy  --http-fastcgi-temp-path=/var/tmp/nginx/fcgi --with-pcre  --add-module=../ngx_cache_purge-2.3  --with-http_flv_module --add-module=../nginx-goodies-nginx-sticky-module-ng-08a395c66e42 && make && make install
[root@nginx nginx-1.14.0]# ln -s /usr/local/nginx/sbin/nginx /usr/local/sbin/
[root@nginx nginx-1.14.0]# nginx -t
[root@nginx nginx-1.14.0]# mkdir -p /var/tmp/nginx/client
[root@nginx nginx-1.14.0]# chown -R www:www /var/tmp/nginx/
[root@nginx nginx-1.14.0]# nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful

编写Nginx服务启动脚本:

[root@nginx nginx-1.14.0]# vim /etc/init.d/nginx
#!/bin/bash
# chkconfig: 2345 99 20
# description: Nginx Service Control Script
PROG="/usr/local/nginx/sbin/nginx"
PIDF="/usr/local/nginx/logs/nginx.pid"
case "$1" in
start)
netstat -anplt |grep ":80" &> /dev/null && pgrep "nginx" &> /dev/null
if [ $? -eq 0 ]
then
echo "Nginx service already running."
else
$PROG -t &> /dev/null
if [ $? -eq 0 ] ; then
$PROG
echo "Nginx service start success."
else
$PROG -t
fi
fi
;;
stop)
netstat -anplt |grep ":80" &> /dev/null && pgrep "nginx" &> /dev/null
if [ $? -eq 0 ]
then
kill -s QUIT $(cat $PIDF)
echo "Nginx service stop success."
else
echo "Nginx service already stop"
fi
;;
restart)
$0 stop
$0 start
;;
status)
netstat -anplt |grep ":80" &> /dev/null && pgrep "nginx" &> /dev/null
if [ $? -eq 0 ]
then
echo "Nginx service is running."
else
echo "Nginx is stop."
fi
;;
reload)
netstat -anplt |grep ":80" &> /dev/null && pgrep "nginx" &> /dev/null
if [ $? -eq 0 ]
then
$PROG -t &> /dev/null
if [ $? -eq 0 ] ; then
kill -s HUP $(cat $PIDF)
echo "reload Nginx config success."
else
$PROG -t
fi
else
echo "Nginx service is not run."
fi
;;
*)
echo "Usage: $0 {start|stop|restart|reload}"
exit 1
esac
[root@nginx nginx-1.14.0]# chmod +x /etc/init.d/nginx
[root@nginx nginx-1.14.0]# chkconfig --add nginx
[root@nginx nginx-1.14.0]# chkconfig nginx on
[root@nginx nginx-1.14.0]# service nginx start
Nginx service start success.
[root@nginx nginx-1.14.0]# service nginx status
Nginx service is running.
[root@nginx nginx-1.14.0]# netstat -anpt | grep nginx
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      22239/nginx: master

下面的 nginx.conf 实现 nginx 在前端做反向代理服务器的完整配置文件的例子,处理 jspng等静态文件,jsp/php 等动态请求转发到其它服务器 tomcat/apache

user www www;
worker_processes 4;
worker_cpu_affinity 0001 0010 0100 1000;
error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
worker_rlimit_nofile 10240;
pid logs/nginx.pid;
events {
use epoll;
worker_connections 4096;
}
http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"'
'"$upstream_cache_status"';
access_log logs/access.log main;
server_tokens off;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#Compression Settings
gzip on;
gzip_comp_level 6;
gzip_http_version 1.1;
gzip_proxied any;
gzip_min_length 1k;
gzip_buffers 16 8k;
gzip_types text/plain text/css text/javascript application/json application/javascript
application/x-javascript application/xml;
gzip_vary on;
#end gzip
# http_proxy Settings
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 75;
proxy_send_timeout 75;
proxy_read_timeout 75;
proxy_buffer_size 4k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
proxy_buffering on;
proxy_temp_path /usr/local/nginx/proxy_temp;
proxy_cache_path /usr/local/nginx/proxy_cache levels=1:2 keys_zone=my-cache:100m
max_size=1000m inactive=600m max_size=2g;
#load balance Settings
upstream backend {
sticky;
server 192.168.223.129:80 weight=1 max_fails=2 fail_timeout=10s;
server 192.168.223.130:80 weight=1 max_fails=2 fail_timeout=10s;
}
#virtual host Settings
server {
listen 80;
server_name localhost;
charset utf-8;
location ~/purge(/.*) {
allow 127.0.0.1;
allow 192.168.223.0/24;
deny all;
proxy_cache_purge my-cache $host$1$is_args$args;
}
location / {
index index.php index.html index.htm;
proxy_pass http://backend;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503
http_504;
}
location ~ .*\.(gif|jpg|png|html|htm|css|js|ico|swf|pdf)(.*) {
proxy_pass http://backend;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503
http_504;
proxy_cache my-cache;
add_header Nginx-Cache $upstream_cache_status;
proxy_cache_valid 200 304 301 302 8h;
proxy_cache_valid 404 1m;
proxy_cache_valid any 1d;
proxy_cache_key $host$uri$is_args$args;
expires 30d;
}
location /nginx_status {
stub_status on;
access_log off;
allow 192.168.223.0/24;
deny all;
}
}
}

验证:nginx反向代理的缓存功能、负载均衡及健康检查

缓存功能

如果在缓存时间之内需要更新被缓存的静态文件怎么办呢,这时候就需要手动来清除缓存了。ngx_cache_pure 清除缓存模块使用说明

用谷歌浏览器测试的时候,可以按 F12 调用开发工具,选择 Network 选项,我们可以看到,Response Headers,在这里我们可以看到,我们请求的是否是缓存

Nginx反向代理加缓存服务器_第1张图片

从图中我们可以看到,我们访问的服务器是 192.168.223.128,缓存命中。

也可以查看缓存目录或 nginx 的访问日志

清除缓存:

上述配置的 proxy_cache_purge 指令用于方便的清除缓存,但必须按照第三方的

ngx_cache_purge 模块才能使用

使用 ngx_cache_purge 模块清除缓存(直接删除缓存目录下的文件也算一种办法):GET 方式请求 URL

即使用配置文件中的 location ~ /purge(/.*)

浏览器访问 http://192.168.223.128/purge/your/may/path 来清除缓存

Nginx反向代理加缓存服务器_第2张图片

缓存清除成功。

备注:

(1)purge 是 ngx_cache_pure 模块指令

(2)your/may/path 是要清除的缓存文件 URL 路径

2)若只有一台客户端要验证负载均衡和健康检查可以先关掉缓存功能和保持session 会话

#proxy_buffering off;

#sticky

关闭其中一台Apache服务器

你可能感兴趣的:(Nginx)