轉載自 http://blog.itpub.net/30129545/viewspace-1453888/
nginx作爲一個http服務器,在功能實現方面和性能方面都表現的非常優越,下面就寫一些nginx常用的配置實例:
1、虛擬主機配置:
下面在nginx中創建2個虛擬主機,需要說明的是,這裏僅僅列出了虛擬主機的配置部分。
server {
server_name image.zl.com 外網ip;
proxy_connect_timeout 600;
proxy_read_timeout 600;
proxy_send_timeout 600;
charset UTF-8;
index emptyImg.png;
root /home/zl/software/tomcat-7.0.54/imgfile;
#limit_conn crawler 20;
error_page 404 /emptyImg.png;
error_page 403 /emptyImg.png;
error_page 500 /emptyImg.png;
location ~ ^/xbnfile/
{
if ($http_origin ~* (test.xbniao.com||my.xbniao.com)) {
set $cors "true";
}
# Nginx doesn't support nested If statements. This is where things get slightly nasty.
# Determine the HTTP request method used
if ($request_method = 'OPTIONS') {
set $cors "${cors}options";
}
if ($request_method = 'GET') {
set $cors "${cors}get";
}
if ($request_method = 'POST') {
set $cors "${cors}post";
}
if ($cors = "true") {
# Catch all incase there's a request method we're not dealing with properly
add_header 'Access-Control-Allow-Origin' "$http_origin";
}
if ($cors = "trueget") {
add_header 'Access-Control-Allow-Origin' "$http_origin";
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
}
if ($cors = "trueoptions") {
add_header 'Access-Control-Allow-Origin' "$http_origin";
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
add_header 'Access-Control-Max-Age' 1728000;
add_header 'Content-Type' 'text/plain charset=UTF-8';
add_header 'Content-Length' 0;
return 204;
}
if ($cors = "truepost") {
add_header 'Access-Control-Allow-Origin' "$http_origin";
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
}
add_header 'Access-Control-Allow-Origin' "test.xbniao.com";
proxy_pass http://image.xbniao.com:8080;
}
location ~ ^/service/
{
proxy_pass http://image.zl.com:8080;
}
location ~* /500x500(.*)\.(gif|jpg|jpeg|png|bmp|swf)$
{
root /home/zl/software/tomcat-7.0.54/imgfile500x500;
expires 30d;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
error_page 404 = /emptyImg.png;
expires 30d;
}
location ~ .*\.(js|css)?$
{
expires 1h;
}
location ~ ^/(WEB-INF)/
{
deny all;
}
}
server
{
server_name test.zl.com my.zl.com;
#index index.html index.htm index.jsp index.jhtml;
index index.html index.jhtml;
root /home/xbniao/software/tomcat-7.0.54/webapps/zl-front;
#limit_conn crawler 20;
error_page 404 /error404.jspx;
error_page 500 /error500.jspx;
location ~ .*.(jsp|do|action|jhtml|jspx|svl|htm)$
{
index index.jsp;
proxy_pass http://zl.xbniao.com:8080;
proxy_connect_timeout 1800;
proxy_read_timeout 1800;
proxy_send_timeout 1800;
}
location ^~/XBNService/ {
proxy_pass http://test.xbniao.com:8080;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
error_page 404 = /default.jpg;
expires 30d;
}
location ~ .*\.(js|css)?$
{
expires 1h;
}
location ~ ^/(WEB-INF)/
{
deny all;
}
}
負載均衡配置實例:
下面通過nginx的反向代理功能配置一個nginx負載均衡服務器,後端有3個服務節點,用於提供tomcat服務,通過nginx調度實現3個節點的負載均衡:
http
{
upstream myserver {
server 192.168.10.10:8080 weight=3 max_fail=3 fail_timeout=20s;
server 192.168.10.11:8080 weight=1 max_fail=3 fail_timeout=20s;
server 192.168.10.12:8080 weight=2 max_fail=3 fail_timeout=20s;
}
server
{ listen 80;
server_name www.zl.com 192.168.10.9;
index index.htm index.html;
root /home/zl/webapps;
location ~ .*.(jsp|do|action|jhtml|jspx|svl|htm)$
{
index index.jsp;
proxy_pass http://myserver
proxy_next_upstream http_500 http_502 http_503 error timeout invalid_header;
include /etc/nginx/conf.d/proxy.conf;
}
}
}
在上面這個例子中,先定義一個負載均衡組myserver,然後在location部分通過"proxy_pass http://myserver"來實現負載均衡調度功能;其中proxy_pass指令用來指定後端代理服務器的地址和端口;地址可以是主機名或者ip地址;也可以是通過upstream指令設定的負載均衡組;
proxy_next_upstream 用來定義故障轉移策略;當後端服務節點返回500,502,503,504和執行超時等錯誤時,自動將請求轉發到nginx 負載均衡組的另一臺服務器;實現故障轉移;
最後通過include指令包含進來一個proxy.conf文件:
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for
client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 4k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
nginx的代理功能是通過http proxy模塊來實現的。默認在安裝nginx時已經安裝了http proxy模塊,因此可直接使用http proxy模塊。下面詳細解釋proxy.conf文件中每個選項代表的意義:
proxy_set_header:設置由後端的服務器獲取用戶的主機名或真是ip地址,以及代理者的真實ip地址;
client_body_buffer_size:用於指定客戶端請求主體緩衝區的大小,可以理解爲先保存到本地再傳給用戶;
proxy_connect_timeout:表示與後端服務器連接的超時時間,即發起握手等候的響應時間;
proxy_send_timeout:表示後端服務器的數據回傳時間,即在規定時間之內後端服務器必須傳完的所有數據,否則,nginx將斷開這個連接;
proxy_read_timeout:設置nginx從代理的後端服務器獲取信息的時間,表示連接建立成功後,nginx等待後端服務器的響應時間,其實是nginx已經進入後端的排隊之中等候處理的時間;
proxy_buffer_timeout:設置緩衝區的大小,默認緩衝區大小等於proxy_buffers設置的大小;
proxy_buffers:設置緩衝區的數量和大小。nginx從代理的後端服務器獲取的響應信息;
proxy_busy_buffer_size:用於設置系統很忙時,可以使用的proxy_buffers的大小;官方推薦的大小爲proxy_buffers*2.
proxy_temp_file_write_size:指定proxy緩存臨時文件的大小。
nginx防倒鏈配置實例
nginx的防倒鏈功能也很強大,在默認情況下,只需要進行簡單的配置,即可以實現防倒鏈處理。請看下面的實例:
location ~* \.(jpg|gif|png|swf|flv|wmv|asf|mp3|mmf|zip|rar)$ {
valid_referers none blocked *.zl.com zl.com;
if ($invalid_referer) { #如果地址不是上面指定的地址就跳轉到通過rewrite指定的地址;
rewrite ^/ http://www.zl.com/img/error.gif;
# return 403;
}
}
location /images {
root /home/zl/html;
valid_referers none blocked *.zl.com zl.com;
if ($invalid_referer) {
return 403;
}
}
在這段防倒鏈設置中,分別針對不同文件類型和不同的目錄進行了設置,用戶可以根據自己的需求進行類似的設定;