反向代理模式 | Nginx配置模块 |
---|---|
http websocket https | ngx_http_proxy_module |
fastcgi | ngx_http_fastcgi_module |
uwsgi | ngx_http_uwsgi_module |
grpc | ngx_http_v2_module |
proxy_pass
Syntax: proxy_pass URL;
Default: —
Context: location, if in location, limit_except
http://localhost:8000/uri/
http://192.168.56.11:8000/uri/
http://unix:/tmp/backend.socket:/uri/
示例:
cat /etc/nginx/conf.d/tank_proxy.conf
server {
listen 80;
server_name tank.test.com;
error_log /var/log/nginx/tank_error.log warn;
access_log /var/log/nginx/tank_access.log main;
location / {
proxy_pass http://192.168.1.214;
proxy_set_header Host $http_host; #12--->200--->214 12请求200 host_name tank.test.com 200请求214 host_name http://192.168.1.214 server_name不被214接收
}
}
X-Forwarded-For 把真实的ip传递到后端
cat bird_proxy.conf
server {
listen 80;
server_name bird.test.com;
error_log /var/log/nginx/bird_error.log warn;
access_log /var/log/nginx/bird_access.log main;
location / {
proxy_http_version 1.1;
proxy_pass http://192.168.1.214;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
PS: 后端web服务器 log_format 参数中的"$http_x_forwarded_for" 会打印真实的ip地址
连接到后端的tcp连接 响应 返回等超时时间
nginx代理与后端服务器连接超时时间(代理连接超时)
Syntax: proxy_connect_timeout time;
Default: proxy_connect_timeout 60s;
Context: http, server, location
nginx代理等待后端服务器的响应时间
Syntax: proxy_read_timeout time;
Default: proxy_read_timeout 60s;
Context: http, server, location
后端服务器数据回传给nginx代理时间
Syntax: proxy_send_timeout time;
Default: proxy_send_timeout 60s;
Context: http, server, location
缓冲buffer
nginx会把后端返回的内容先放到缓冲区 然后再返回给客户端 边收边传 不是全部接收后再传送给客户端
Syntax: proxy_buffering on | off;
Default: proxy_buffering on;
Context: http, server, location
Syntax: proxy_buffers number size;
Default: proxy_buffers 8 4k|8k;
Context: http, server, location
示例
cat /usr/local/openresty/nginx/conf/conf.d/nginx_openc2p_params
charset utf-8;
location = /favicon.ico {
return 404;
}
proxy_read_timeout 720s;
proxy_connect_timeout 720s;
proxy_send_timeout 720s;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_buffers 16 64k;
proxy_buffer_size 128k;
client_max_body_size 200m;
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;
proxy_redirect off;
proxy_buffering off;
incloud 进来
server {
listen 80;
server_name openc2p.com;
location / {
proxy_pass http://49.233.72.230;
include conf.d/nginx_openc2p_params;
}
}