Configure reverse proxy server with Nginx

  Let’s talk about how to use Nginx’s reverse proxy function to make a reverse proxy server.

1. Installation steps:

“ “
(System requirements: Linux 2.6+ kernel, the Linux operating system in this article is RedHat AS4 as an example)

1. Obtain relevant source programs

wget ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.01.tar.gz

wget http://sysoev.ru/nginx/nginx-0.8.36.tar.gz

2. Create related directories and users

/usr/sbin/groupadd apache
/usr/sbin/useradd -g apache apache

/usr/sbin/usermod -s /sbin/nologin apache

chage -I -1 -M 99999 apache

mkdir -p /data/mp3
chmod +w /data/mp3

chown -R apache:apache /data/mp3

 
3. Install the pcre library required by Nginx

tar zxvf pcre-8.01.tar.gz
cd pcre-8.01/
./configure
make && make install
cd ../

4. Install Nginx

tar
zxvf nginx-0.8.36.tar.gz
cd nginx-0.8.36/
./configure –user=apache –group=apache
–prefix=/usr/local/nginx –with-http_stub_status_module
make && make install
cd ../

5. Create Nginx configuration file

rm -f /usr/local/nginx/conf/nginx.conf
vi /usr/local/nginx/conf/nginx.conf

Enter the following:

“ “
user apache apache;
worker_processes 8;

“ “
error_log /dev/null crit;
pid
logs/nginx.pid;

“ “
events {
use epoll;
worker_connections 512000;
}

“ “
http {
include mime.types;
default_type
application/octet-stream;

log_format
main ‘$remote_addr – $remote_user [$time_local] “$request”
‘
‘$status $body_bytes_sent “$http_referer”‘
‘”$http_user_agent”
“$http_x_forwarded_for”‘;

access_log /var/log/nginx_mp3.log main;

sendfile on;
tcp_nopush on;
tcp_nodelay on;

keepalive_timeout
650;
server {
listen 80;
server_name xxx.xxx.xxx; #Front-end domain name or IP
location ~ .*\.(mp3|mid|amr)$
{
expires 15d;
root /data/mp3;
proxy_store on;
proxy_store_access user:rw group:rw all:rw;
proxy_temp_path /data/mp3;
Proxy_redirect Proxy_redirect
off;
proxy_set_header Host
xxx.xxx.xxx ; #access domain name or ip
proxy_set_header
X-Real-IP $remote_addr;
proxy_set_header
X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 10m;
client_body_buffer_size 1280k;
proxy_connect_timeout 900;
proxy_send_timeout 900;
proxy_read_timeout 900;
proxy_buffer_size 40k;
proxy_buffers
40 320k;
proxy_busy_buffers_size 640k;
proxy_temp_file_write_size 640k;
if ( !-e $request_filename)
{
proxy_pass http://xxx.xxx.xxx.xx/; #backend server ip address
  }
}
}
}
6. Start Nginx

ulimit -SHn 51200

/usr/local/nginx/sbin/nginx
-t #Test whether the configuration script is correct

“ “
/usr/local/nginx/sbin/nginx

Two, Optimize Linux kernel parameters

vi
/etc/sysctl.conf

“ “
Add the following at the end:

# Add
net.ipv4.tcp_max_syn_backlog = 65536
net.core.netdev_max_backlog = 32768
net.core.somaxcOnn= 32768

net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216

net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_syn_retries = 2

net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_tw_reuse = 1

net.ipv4.tcp_mem = 94500000 915000000 927000000
net.ipv4.tcp_max_orphans = 3276800

net.ipv4.ip_local_port_range = 1024 65535
net.ipv4.ip_conntrack_max = 6553600
net.ipv4.netfilter.ip_conntrack_tcp_timeout_established=
180
net.ipv4.tcp_window_scaling = 1

“ “
Make the configuration take effect immediately:

“ “
/sbin/sysctl -p

“
3. Configure to start Nginx automatically after boot

vi
/etc/rc.local

“ “
Add the following at the end:

ulimit
-SHn 51200
/usr/local/nginx/sbin/nginx

“
In addition, IP addresses, open access ports, and timing cutting of access logs need to be set as needed. (End of the full text)