Nginx反向代理配置
修改Nginx配置文件(通常位于/etc/nginx/nginx.conf或/etc/nginx/sites-available/default),在server块中添加以下配置:
nginx
location / {
proxy_pass http://backend_server;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}将backend_server替换为实际的后端服务器地址(如http://192.168.1.100:8080)。关键指令说明:
proxy_pass:定义后端服务器地址proxy_set_header:转发必要的客户端信息
Nginx负载均衡配置
在http块中添加upstream模块定义服务器组:
nginx
upstream backend {
server 192.168.1.101:8080;
server 192.168.1.102:8080;
server 192.168.1.103:8080;
}
server {
location / {
proxy_pass http://backend;
}
}负载均衡策略配置方法:
- 轮询(默认):每个请求按时间顺序分配到不同服务器
- 加权轮询:
server 192.168.1.101:8080 weight=3; - IP哈希:
ip_hash;指令保持用户会话 - 最少连接:
least_conn;指令优先分配连接数少的服务器
高级配置参数
nginx
upstream backend {
least_conn;
server 192.168.1.101:8080 max_fails=3 fail_timeout=30s;
server 192.168.1.102:8080 backup;
keepalive 32;
}健康检查机制通过max_fails和fail_timeout实现,backup参数标记备用服务器。keepalive保持与后端的长连接。
HTTPS反向代理配置
nginx
server {
listen 443 ssl;
ssl_certificate /path/to/cert.pem;
ssl_certificate_key /path/to/key.pem;
location / {
proxy_pass http://backend;
proxy_ssl_verify off;
}
}性能调优参数
nginx
proxy_buffering on;
proxy_buffer_size 4k;
proxy_buffers 8 16k;
proxy_busy_buffers_size 24k;
proxy_max_temp_file_size 0;
proxy_connect_timeout 60s;
proxy_read_timeout 600s;缓存配置示例
nginx
proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=my_cache:10m inactive=60m;
server {
location / {
proxy_cache my_cache;
proxy_cache_valid 200 302 10m;
proxy_cache_valid 404 1m;
}
}配置完成后执行nginx -t测试配置,然后systemctl reload nginx重新加载配置。监控日志文件/var/log/nginx/access.log和/var/log/nginx/error.log排查问题。