nginx反向代理配置

目前就稳定性来说,Apache是没得比的。因此,用nginx做反向代理比较合适。
这里是给http://172.30.170.8:8088/vod/做代理,反向代理服务器的名称为vod.xx.xxx.cn ,监听80端口。
Apache httpd服务器监听8088端口(我这里apache与反向代理服务器在同一服务器)。

全局配置参数做些调整:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
hacklog@hywd:/etc/nginx$ cat nginx.conf
user www-data;
worker_processes  4;

error_log  /var/log/nginx/error.log;
pid        /var/run/nginx.pid;

events {
    use epoll;
    worker_connections  2048;
# multi_accept on;
}

http {
    include       /etc/nginx/mime.types;

    access_log  /var/log/nginx/access.log;

    gzip  on;
    gzip_disable "MSIE [1-6]\.(?!.*SV1)";

    server_names_hash_bucket_size 256;
    client_header_buffer_size 256k;
    large_client_header_buffers 4 256k;

#size limits
    client_max_body_size             50m;
    client_body_buffer_size        256k;
    client_header_timeout     3m;
    client_body_timeout 3m;
    send_timeout             3m;
        #参数都有所调整.目的是解决代理过程中出现的一些502 499错误    
    sendfile on;
    tcp_nopush         on;
    keepalive_timeout 120; #参数加大,以解决做代理时502错误
    tcp_nodelay on;

    include /etc/nginx/conf.d/*.conf;
    include /etc/nginx/sites-enabled/*;
 }

然后是反向代理配置了,有些参数必须调整,如client_max_body_size 不调整的话,通过web上传东西会有问题:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
hacklog@hywd:/etc/nginx/sites-available$ pwd
/etc/nginx/sites-available
hacklog@hywd:/etc/nginx/sites-available$ cat proxy_local_apache
# You may add here your
# server {
#   ...
# }
# statements for each of your virtual hosts

server {
    listen   80 default;
    server_name  vod.xx.xxx.cn;

    access_log  /var/log/nginx/vod.xx.xxx.cn.access.log;

    location ~ ^/status/ {
        stub_status on;
        access_log off;
    }

    location / {
        proxy_redirect off ;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header REMOTE-HOST $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        client_max_body_size 50m;
        client_body_buffer_size 256k;
        proxy_connect_timeout 30;
        proxy_send_timeout 30;
        proxy_read_timeout 60;
        proxy_buffer_size 256k;
        proxy_buffers 4 256k;
        proxy_busy_buffers_size 256k;
        proxy_temp_file_write_size 256k;
        proxy_next_upstream error timeout invalid_header http_500 http_503 http_404;
        proxy_max_temp_file_size 128m;

        proxy_pass    http://172.30.170.8:8088/vod/;
    }

    location /doc {
        root   /usr/share;
        autoindex on;
        allow 127.0.0.1;
        deny all;
    }



#error_page  404  /404.html;

hacklog@hywd:/etc/nginx/sites-available$

nginx日志切割脚本

1
2
3
4
5
6
7
8
9
10
root@hywd:/etc# cat /usr/local/sbin/cut_nginx_log.sh
#!/bin/bash
# This script run at 00:00

# The Nginx logs path
logs_path="/var/log/nginx/"

mkdir -p ${logs_path}$(date -d "yesterday" +"%Y")/$(date -d "yesterday" +"%m")/
mv ${logs_path}vod.xx.xxx.cn.access.log ${logs_path}$(date -d "yesterday" +"%Y")/$(date -d "yesterday" +"%m")/vod.xx.xxx.cn.access_$(date -d "yesterday" +"%Y%m%d").log
kill -USR1 `cat /var/run/nginx.pid`
1
2
3
crontab -e
# m h  dom mon dow   command
00 00 * * * /bin/bash    /usr/local/sbin/cut_nginx_log.sh

参考文档:
守住每一天 《nginx反向代理配置及优化》

更多
2 Responses Post a comment

Leave a Reply

Note: You may use basic HTML in your comments. Your email address will not be published.

Subscribe to this comment feed via RSS