转载自 http://blog.itpub.net/30129545/viewspace-1453888/
nginx作为一个http服务器,在功能实现方面和性能方面都表现的非常优越,下面就写一些nginx常用的配置实例:
1、虚拟主机配置:
下面在nginx中创建2个虚拟主机,需要说明的是,这里仅仅列出了虚拟主机的配置部分。
server {
server_name image.zl.com 外网ip;
proxy_connect_timeout 600;
proxy_read_timeout 600;
proxy_send_timeout 600;
charset UTF-8;
index emptyImg.png;
root /home/zl/software/tomcat-7.0.54/imgfile;
#limit_conn crawler 20;
error_page 404 /emptyImg.png;
error_page 403 /emptyImg.png;
error_page 500 /emptyImg.png;
location ~ ^/xbnfile/
{
if ($http_origin ~* (test.xbniao.com||my.xbniao.com)) {
set $cors "true";
}
# Nginx doesn't support nested If statements. This is where things get slightly nasty.
# Determine the HTTP request method used
if ($request_method = 'OPTIONS') {
set $cors "${cors}options";
}
if ($request_method = 'GET') {
set $cors "${cors}get";
}
if ($request_method = 'POST') {
set $cors "${cors}post";
}
if ($cors = "true") {
# Catch all incase there's a request method we're not dealing with properly
add_header 'Access-Control-Allow-Origin' "$http_origin";
}
if ($cors = "trueget") {
add_header 'Access-Control-Allow-Origin' "$http_origin";
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
}
if ($cors = "trueoptions") {
add_header 'Access-Control-Allow-Origin' "$http_origin";
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
add_header 'Access-Control-Max-Age' 1728000;
add_header 'Content-Type' 'text/plain charset=UTF-8';
add_header 'Content-Length' 0;
return 204;
}
if ($cors = "truepost") {
add_header 'Access-Control-Allow-Origin' "$http_origin";
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
}
add_header 'Access-Control-Allow-Origin' "test.xbniao.com";
proxy_pass http://image.xbniao.com:8080;
}
location ~ ^/service/
{
proxy_pass http://image.zl.com:8080;
}
location ~* /500x500(.*)\.(gif|jpg|jpeg|png|bmp|swf)$
{
root /home/zl/software/tomcat-7.0.54/imgfile500x500;
expires 30d;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
error_page 404 = /emptyImg.png;
expires 30d;
}
location ~ .*\.(js|css)?$
{
expires 1h;
}
location ~ ^/(WEB-INF)/
{
deny all;
}
}
server
{
server_name test.zl.com my.zl.com;
#index index.html index.htm index.jsp index.jhtml;
index index.html index.jhtml;
root /home/xbniao/software/tomcat-7.0.54/webapps/zl-front;
#limit_conn crawler 20;
error_page 404 /error404.jspx;
error_page 500 /error500.jspx;
location ~ .*.(jsp|do|action|jhtml|jspx|svl|htm)$
{
index index.jsp;
proxy_pass http://zl.xbniao.com:8080;
proxy_connect_timeout 1800;
proxy_read_timeout 1800;
proxy_send_timeout 1800;
}
location ^~/XBNService/ {
proxy_pass http://test.xbniao.com:8080;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
error_page 404 = /default.jpg;
expires 30d;
}
location ~ .*\.(js|css)?$
{
expires 1h;
}
location ~ ^/(WEB-INF)/
{
deny all;
}
}
负载均衡配置实例:
下面通过nginx的反向代理功能配置一个nginx负载均衡服务器,后端有3个服务节点,用于提供tomcat服务,通过nginx调度实现3个节点的负载均衡:
http
{
upstream myserver {
server 192.168.10.10:8080 weight=3 max_fail=3 fail_timeout=20s;
server 192.168.10.11:8080 weight=1 max_fail=3 fail_timeout=20s;
server 192.168.10.12:8080 weight=2 max_fail=3 fail_timeout=20s;
}
server
{ listen 80;
server_name www.zl.com 192.168.10.9;
index index.htm index.html;
root /home/zl/webapps;
location ~ .*.(jsp|do|action|jhtml|jspx|svl|htm)$
{
index index.jsp;
proxy_pass http://myserver
proxy_next_upstream http_500 http_502 http_503 error timeout invalid_header;
include /etc/nginx/conf.d/proxy.conf;
}
}
}
在上面这个例子中,先定义一个负载均衡组myserver,然后在location部分通过"proxy_pass http://myserver"来实现负载均衡调度功能;其中proxy_pass指令用来指定后端代理服务器的地址和端口;地址可以是主机名或者ip地址;也可以是通过upstream指令设定的负载均衡组;
proxy_next_upstream 用来定义故障转移策略;当后端服务节点返回500,502,503,504和执行超时等错误时,自动将请求转发到nginx 负载均衡组的另一台服务器;实现故障转移;
最后通过include指令包含进来一个proxy.conf文件:
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for
client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 4k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
nginx的代理功能是通过http proxy模块来实现的。默认在安装nginx时已经安装了http proxy模块,因此可直接使用http proxy模块。下面详细解释proxy.conf文件中每个选项代表的意义:
proxy_set_header:设置由后端的服务器获取用户的主机名或真是ip地址,以及代理者的真实ip地址;
client_body_buffer_size:用于指定客户端请求主体缓冲区的大小,可以理解为先保存到本地再传给用户;
proxy_connect_timeout:表示与后端服务器连接的超时时间,即发起握手等候的响应时间;
proxy_send_timeout:表示后端服务器的数据回传时间,即在规定时间之内后端服务器必须传完的所有数据,否则,nginx将断开这个连接;
proxy_read_timeout:设置nginx从代理的后端服务器获取信息的时间,表示连接建立成功后,nginx等待后端服务器的响应时间,其实是nginx已经进入后端的排队之中等候处理的时间;
proxy_buffer_timeout:设置缓冲区的大小,默认缓冲区大小等于proxy_buffers设置的大小;
proxy_buffers:设置缓冲区的数量和大小。nginx从代理的后端服务器获取的响应信息;
proxy_busy_buffer_size:用于设置系统很忙时,可以使用的proxy_buffers的大小;官方推荐的大小为proxy_buffers*2.
proxy_temp_file_write_size:指定proxy缓存临时文件的大小。
nginx防倒链配置实例
nginx的防倒链功能也很强大,在默认情况下,只需要进行简单的配置,即可以实现防倒链处理。请看下面的实例:
location ~* \.(jpg|gif|png|swf|flv|wmv|asf|mp3|mmf|zip|rar)$ {
valid_referers none blocked *.zl.com zl.com;
if ($invalid_referer) { #如果地址不是上面指定的地址就跳转到通过rewrite指定的地址;
rewrite ^/ http://www.zl.com/img/error.gif;
# return 403;
}
}
location /images {
root /home/zl/html;
valid_referers none blocked *.zl.com zl.com;
if ($invalid_referer) {
return 403;
}
}
在这段防倒链设置中,分别针对不同文件类型和不同的目录进行了设置,用户可以根据自己的需求进行类似的设定;