nginx tcp 代理使用
nginx version 1.9.0 之后就可以 使用 ngx_stream_core_module 进行tcp代理了,接下来,小测一下nginx tcp 代理
1.模块添加 编译源码的时候添加 --with-stream 模块
例如:
./configure --prefix=/usr/local/nginx --with-google_perftools_module --without-http_memcached_module --user=www --group=www --with-http_stub_status_module --with-stream --with-openssl=/usr/local/src/openssl-1.0.1h --with-pcre=/usr/local/src/pcre-8.35 --add-module=/usr/local/src/nginx-http-concat-1.2.2/ --add-module=/usr/local/src/ngx_cache_purge-2.3
2.nginx tcp 代理配置
主配置文件
[root@localhost conf]# cat nginx.conf
user www www;
worker_processes 16;
worker_cpu_affinity 0001 0010 0100 1000 0001 0010 0100 1000 0001 0010 0100 1000 0001 0010 0100 1000;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
pid logs/nginx.pid;
google_perftools_profiles /tmp/tcmalloc;
events {
use epoll;
worker_connections 65535;
}
http {
include mime.types;
default_type application/octet-stream;
# log_format cache '$remote_addr ***$time_local ' '***$upstream_cache_status ' '***Cache-Control: $upstream_http_cache_control ' '***Expires: $upstream_http_expires ' '***"$request" ($status) ' '***"$http_user_agent" ';
#access_log logs/access.log cache;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log logs/access.log main;
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 300m;
sendfile on;
tcp_nopush on;
server_tokens off;
open_file_cache max=65536 inactive=60s;
open_file_cache_valid 80s;
open_file_cache_min_uses 1;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 128k;
#keepalive_timeout 0;
keepalive_timeout 60;
tcp_nodelay on;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.1;
gzip_comp_level 2;
gzip_types text/plain application/x-javascript text/css application/xml;
gzip_vary on;
#################proxy-config######################
proxy_connect_timeout 60; #代理与后端web连接的时间
proxy_read_timeout 60; #后端向代理返回请求的时间
proxy_send_timeout 60; #后端数据到达代理的时间
proxy_ignore_client_abort on; #代理忽略客户端请求报文中的警告信息
proxy_buffer_size 16k; #设置代理缓存大小
proxy_buffers 4 64k;
proxy_busy_buffers_size 128k;
proxy_temp_file_write_size 128k;
proxy_temp_path /home/temp_dir;
proxy_cache_path /home/cache levels=1:2 keys_zone=cache_one:1024m inactive=1d max_size=10g;
##########################################
#####################nginx 监控##########
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
root html;
index index.html index.htm;
}
location /ngx_status {
stub_status on; # Turn on nginx stats
access_log on; # We do not need logs for stats
allow 127.0.0.1; # Security: Only allow access from IP
deny all; # Deny requests from the other of the world
}
}
include vhost/*.conf;
}
##################tcp代理####################
stream {
upstream web {
hash $remote_addr consistent;
server 10.0.6.50:22 weight=5 max_fails=3 fail_timeout=30s; #代理到后端web服务器22端口
}
include tcp_vhost/*.conf;
}
[root@localhost conf]# cat tcp_vhost/web.conf
server {
listen 8002; #前端8002 端口,代理到后端web 服务器 22 端口,用来远程连接
error_log /usr/local/nginx/logs/web_ssh.log info;
proxy_pass web;
}
3.检查nginx 配置文件,并重新加载配置文件
检查配置文件是否正确
# /usr/local/nginx/sbin/nginx -t
# /usr/local/nginx/sbin/nginx -s reload
阅读(2686) | 评论(0) | 转发(0) |