/ 中存储网

使用Nginx配置反向代理服务器

2013-11-25 08:30:01 来源:itjs.cn

下面讲讲如何利用Nginx的反向代理功能做一台反向代理服务器。

一、安装步骤:

(系统要求:Linux 2.6+ 内核,本文中的Linux操作系统为RedHat AS4为例)

1、获取相关源程序

wget ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.01.tar.gz

wget http://sysoev.ru/nginx/nginx-0.8.36.tar.gz

2、创建相关目录和用户

/usr/sbin/groupadd apache

/usr/sbin/useradd -g apache apache

/usr/sbin/usermod -s /sbin/nologin apache

chage -I -1 -M 99999 apache

mkdir -p /data/mp3 

chmod +w /data/mp3

chown -R apache:apache /data/mp3

3、安装Nginx所需的pcre库

tar zxvf pcre-8.01.tar.gz

     cd pcre-8.01/

    ./configure

make && make install

cd ../

4、安装Nginx

tar zxvf nginx-0.8.36.tar.gz

    cd nginx-0.8.36/

    ./configure --user=apache --group=apache --prefix=/usr/local/nginx --with-http_stub_status_module

    make && make install

    cd ../

5、创建Nginx配置文件

rm -f /usr/local/nginx/conf/nginx.conf

vi /usr/local/nginx/conf/nginx.conf 

输入以下内容:

user  apache apache;

  worker_processes  8;

error_log  /dev/null  crit;

pid logs/nginx.pid;

events {

use epoll;

worker_connections  512000;

}

http {

include       mime.types;

default_type  application/octet-stream;

log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '

'$status $body_bytes_sent "$http_referer" '

'"$http_user_agent" "$http_x_forwarded_for"';

access_log  /var/log/nginx_mp3.log  main;

sendfile       on;

tcp_nopush     on;

tcp_nodelay    on;

keepalive_timeout  650;

server {

listen       80;

server_name  xxx.xxx.xxx;   #前端域名或IP

location ~ .*.(mp3|mid|amr)$

{

expires 15d;

root /data/mp3;

proxy_store on;

proxy_store_access user:rw group:rw all:rw;

proxy_temp_path /data/mp3;

proxy_redirect          off;

proxy_set_header        Host xxx.xxx.xxx ; #访问域名或ip

proxy_set_header        X-Real-IP $remote_addr;

proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;

client_max_body_size    10m;

client_body_buffer_size 1280k;

proxy_connect_timeout   900;

proxy_send_timeout      900;

proxy_read_timeout      900;

proxy_buffer_size       40k;

proxy_buffers           40 320k;

proxy_busy_buffers_size 640k;

proxy_temp_file_write_size 640k;

if ( !-e $request_filename)

{

proxy_pass  http://xxx.xxx.xxx.xx/; #后端服务器ip地址

}

}

}

}

6、启动Nginx

ulimit -SHn 51200

/usr/local/nginx/sbin/nginx -t    #测试配置脚本是否正确

/usr/local/nginx/sbin/nginx

      二、优化Linux内核参数

vi /etc/sysctl.conf

在末尾增加以下内容:  

# Add

    net.ipv4.tcp_max_syn_backlog = 65536

    net.core.netdev_max_backlog =  32768

    net.core.somaxconn = 32768

net.core.wmem_default = 8388608

    net.core.rmem_default = 8388608

    net.core.rmem_max = 16777216

    net.core.wmem_max = 16777216

net.ipv4.tcp_timestamps = 0

    net.ipv4.tcp_synack_retries = 2

    net.ipv4.tcp_syn_retries = 2

net.ipv4.tcp_tw_recycle = 1

    net.ipv4.tcp_tw_reuse = 1

net.ipv4.tcp_mem = 94500000 915000000 927000000

    net.ipv4.tcp_max_orphans = 3276800

net.ipv4.ip_local_port_range = 1024  65535

    net.ipv4.ip_conntrack_max = 6553600

    net.ipv4.netfilter.ip_conntrack_tcp_timeout_established = 180

    net.ipv4.tcp_window_scaling = 1

 使配置立即生效:

/sbin/sysctl -p

三、配置开机自动启动Nginx

vi /etc/rc.local

在末尾增加以下内容:

ulimit -SHn 51200

/usr/local/nginx/sbin/nginx

另外根据需要还需设置IP地址、开放访问端口、以及访问日志的定时切割等。(全文完)