Eli's Blog

1. 重定向

1.1 proxy_pass

302跳转,不能传递原来请求的header

1
2
3
4
5
6
7
8
9
10
11
12
13
server {
    listen       80;
    server_name  a.example.com;
    listen       443 ssl;
  
    location = /xx {
        proxy_pass http://b.example.com/xx;
        proxy_set_header Host b.example.com;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $remote_addr;
        break;
    }
}

1.2 rewrite

1
2
3
4
5
server {
        listen 80;
        server_name test1.com;
        rewrite ^(.*) https://www.test1.com$1 permanent;
}

2. 负载均衡 upstream

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
upstream balanceServer {
  ip_hash;
  
  server 192.168.1.10:8080 weight 2;
  server 192.168.1.11:8080;
  server 192.168.1.12:8080;
}

server {
  server_name test.com;
  listen 80;
  location /api {
    proxy_pass http://balanceServer;
  }
}
  • weight:指定轮询几率,weight和访问比率成正比,用于后端服务器性能不均的情况。与ip_hash不兼容

负载均衡策略:

  1. 轮询(默认)

    缺点:如果其中某一台服务器压力太大,出现延迟,会影响所有分配在这台服务器下的用户。

1
2
3
4
5
upstream balanceServer {
  server 192.168.1.10:8080;
  server 192.168.1.11:8080;
  server 192.168.1.12:8080;
}
  1. 最小连接数策略

将请求优先分配给压力较小的服务器,它可以平衡每个队列的长度,并避免向压力大的服务器添加更多的请求

1
2
3
4
5
6
upstream balanceServer {
  least_conn;
  server 192.168.1.10:8080;
  server 192.168.1.11:8080;
  server 192.168.1.12:8080;
}
  1. 最快响应时间策略

依赖于 NGINX Plus,优先分配给响应时间最短的服务器。

1
2
3
4
5
6
upstream balanceServer {
  fair;
  server 192.168.1.10:8080;
  server 192.168.1.11:8080;
  server 192.168.1.12:8080;
}
  1. session共享

每个访问安访问ip的hash结果分配,可确保每个访客孤独访问一个后端服务器,可解决session保持问题。

1
2
3
4
5
6
upstream balanceServer {
  ip_hash;
  server 192.168.1.10:8080;
  server 192.168.1.11:8080;
  server 192.168.1.12:8080;
}

3. Nginx内置全局变量

变量名 功能
$host 请求信息中的Host,没有则设置成服务器名
$request_method GET, POST
$args
$content_length
$http_user_agent
$http_cookie
$remote_addr
$remote_port
$server_protocol HTTP/1.0 HTTP/1.1
$server_addr
$server_port
$server_name

4. 请求过滤

4.1 按状态码过滤

1
2
3
4
5
6
7
8
9
10
11
12
server {
    listen  80;
    server_name test.com;
    access_log /var/log/nginx/nginx-access.log main;
    error_log /var/log/nginx/nginx-error.log;
    error_page 404 = /404;
    error_page 403 = /403;
    error_page 500 501 502 503 504 506 /50x.html;
  
  location /50x.html {
    root /data/www/static/html;
  }

4.2 按URL过滤

1
2
3
4
5
server {
  #...
  
  rewrite ^.*$ /index.html;
}

4.3 按请求类型过滤

1
2
3
4
5
server {
	if ( $request_method !~ ^(GET|POST|HEAD)$ ) {
		return 403;
	}
}

5. 配置gzip

1
2
3
4
5
6
7
http {
  gzip                    on;
  gzip_http_version       1.1;        
  gzip_comp_level         5;
  gzip_min_length         1000;
  gzip_types text/csv text/xml text/css text/plain text/javascript application/javascript application/x-javascript application/json application/xml;
}

6. Nginx配置文件结构

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
events { 

}

http 
{
  upstream node {
    
  }
    server
    { 
        location path
        {
            ...
        }
        location path
        {
            ...
        }
     }

    server
    {
        ...
    }

}

7. 静态资源配置

1
2
3
4
5
6
location ~* \.(png|gif|jpg|jpeg)$ {
    root    /root/static/;  
    autoindex on;
    access_log  off;
    expires     24h;  # 过期时间为24小时          
}

8. 静态资源缓存

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
location /hhhh/ {
    root /data/www/lp-web/;
    index  index.html;
    try_files $uri index.html;
    
    if ($request_filename ~* .*\.(?:htm|html)$) {
        add_header Cache-Control "private, no-store, no-cache, must-revalidate, proxy-revalidate";
    }
    
    if ($request_filename ~* .*\.(?:js|css)$) {
        expires      7d;
    }
    
    if ($request_filename ~* .*\.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm)$) {
        expires      7d;
    }
}

9. nginx日志request_time 和upstream_response_time区别

  • request_time: request processing time in seconds with a milliseconds resolution; time elapsed between the first bytes were read from the client and the log write after the last bytes were sent to the client. 指的就是从接受用户请求的第一个字节到发送完响应数据的时间,即包括接收请求数据时间、程序响应时间、输出响应数据时间。
  • upstream_response_time: keeps times of responses obtained from upstream servers; times are kept in seconds with a milliseconds resolution. Several response times are separated by commas and colons like addresses in the $upstream_addr variable. 指从Nginx向后端建立连接开始到接受完数据然后关闭连接为止的时间。

从上面的描述可以看出,$request_time肯定比$upstream_response_time值大,特别是使用POST方式传递参数时,因为Nginx会把request body缓存住,接受完毕后才会把数据一起发给后端。所以如果用户网络较差,或者传递数据较大时,$request_time会比$upstream_response_time大很多。

$request_time 包含了用户数据接收时间,而真正程序的响应时间应该用$upstream_response_time

配置说明:

1
2
3
4
log_format  timed_combined  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for" '
                        '$request_time $upstream_response_time';

 上一页