ngx_http_proxy_module

proxy_pass URL

Context: location, if in location, limit_except

注意：

如果proxy_pass使用了URI（下面例子中127.0.0.1地址后面部分，包括只有斜杠的情况），请求路径与loction路径的匹配部分将被替换为proxy_pass中定义的URI：

1
2
3

location /name/ {
    proxy_pass http://127.0.0.1/remote/;
}

2.如果proxy_pass没有使用URI，发给被代理服务器的请求路径和客户端发情的请求路径相同，不会被修改。

1
2
3

location /some/path/ {
     proxy_pass http://127.0.0.1;
 }

特殊情况：

1.location使用正则表达式定义路径。这种情况下，指令不应该带有URI。

2.使用rewrite指令改变了URI，但仍使用相同配置处理请求(break)：

location /name/ {
     rewrite    /name/([^/]+) /users?name=$1 break;
     proxy_pass http://127.0.0.1;
 }

这种情况下，指令设置的URI会被忽略，改变后的URI将被发送给后端服务器。

3.后端服务器的地址，端口和URI中都可以使用变量：

1	proxy_pass http://$host$uri;

proxy_set_header field value

设定发往后端主机的请求报文的请求首部的值；Context: http, server, location

1 2	proxy_set_header Host $host; proxy_set_header X-Forwarded-For $remote_addr;

proxy_cache_path

定义可用于proxy功能的缓存；Context: http

proxy_cache_path path [levels=levels] [use_temp_path=on|off] keys_zone=name:size [inactive=time] [max_size=size] [manager_files=number] [manager_sleep=time] [manager_threshold=time] [loader_files=number] [loader_sleep=time] [loader_threshold=time] [purger=on|off] [purger_files=number] [purger_sleep=time] [purger_threshold=time];

proxy_cache zone | off

指明要调用的缓存，或关闭缓存机制；Context: http, server, location

proxy_cache_key string

缓存中用于“键”的内容；

默认值：proxy_cache_key $scheme$proxy_host$request_uri;

proxy_cache_valid [code …] time

定义对特定响应码的响应内容的缓存时长

定义在http{...}中；
proxy_cache_path /var/cache/nginx/proxy_cache levels=1:1:1 keys_zone=pxycache:20m max_size=1g;
定义在需要调用缓存功能的配置段，例如server{...}；
proxy_cache pxycache;
proxy_cache_key $request_uri;
proxy_cache_valid 200 302 301 1h;
proxy_cache_valid any 1m;

proxy_cache_use_stale

proxy_cache_methods GET | HEAD | POST …

If the client request method is listed in this directive then the response will be cached. “GET” and “HEAD” methods are always added to the list, though it is recommended to specify them explicitly.

proxy_hide_header field

By default, nginx does not pass the header fields “Date”, “Server”, “X-Pad”, and “X-Accel-…” from the response of a proxied server to a client. The proxy_hide_header directive sets additional fields that will not be passed.

proxy_connect_timeout time

Defines a timeout for establishing a connection with a proxied server. It should be noted that this timeout cannot usually exceed 75 seconds.

默认为60s，最长为75s

proxy_read_timeout time

Defines a timeout for reading a response from the proxied server. The timeout is set only between two successive read operations, not for the transmission of the whole response.

proxy_send_timeout time

Sets a timeout for transmitting a request to the proxied server. he timeout is set only between two successive write operations, not for the transmission of the whole request. If the proxied server does not receive anything within this time, the connection is closed.

ngx_http_headers_module

The ngx_http_headers_module module allows adding the “Expires” and “Cache-Control” header fields, and arbitrary fields, to a response header.
向由代理服务器响应给客户端的响应报文添加自定义首部，或修改指定首部的值；

add_header name value [always]

添加自定义首部；

1 2	add_header X-Via $server_addr; add_header X-Accel $server_name;

expires [modified] time

expires epoch | max | off;
用于定义Expire或Cache-Control首部的值

ngx_http_fastcgi_module

The ngx_http_fastcgi_module module allows passing requests to a FastCGI server.

fastcgi_pass address

address为fastcgi server的地址；location, if in location；

http://www.ilinux.io/admin/index.php –> /admin/index.php (uri)
/data/application/admin/index.php

fastcgi_index name

fastcgi默认的主页资源

fastcgi_param parameter value [if_not_empty]

Sets a parameter that should be passed to the FastCGI server. The value can contain text, variables, and their combination.

配置示例1：
前提：配置好fpm server和mariadb-server服务；

location ~* \.php$ {
		root  /usr/share/nginx/html;
		fastcgi_pass   127.0.0.1:9000;
		fastcgi_index  index.php;
		fastcgi_param  SCRIPT_FILENAME /usr/share/nginx/html$fastcgi_script_name;
		include  fastcgi_params;
}

配置示例2：通过/pm_status和/ping来获取fpm server状态信息；

location ~* ^/(pm_status|ping)$ {
		include  fastcgi_params;
		fastcgi_pass 127.0.0.1:9000;
		fastcgi_param  SCRIPT_FILENAME  $fastcgi_script_name;
}

fastcgi_cache_path path

fastcgi_cache_path path [levels=levels] [use_temp_path=on|off] keys_zone=name:size [inactive=time] [max_size=size] [manager_files=number] [manager_sleep=time] [manager_threshold=time] [loader_files=number] [loader_sleep=time] [loader_threshold=time] [purger=on|off] [purger_files=number] [purger_sleep=time] [purger_threshold=time];

定义fastcgi的缓存；缓存位置为磁盘上的文件系统，由path所指定路径来定义；

levels=levels：缓存目录的层级数量，以及每一级的目录数;levels=ONE:TWO:THREE
- leves=1:2:2
keys_zone=name:size
- k/v映射的内存空间的名称及大小
inactive=time
- 非活动时长
max_size=size
- 磁盘上用于缓存数据的缓存空间上限

fastcgi_cache zone | off

调用指定的缓存空间来缓存数据；http, server, location

fastcgi_cache_key string

定义用作缓存项的key的字符串

fastcgi_cache_methods GET | HEAD | POST …

为哪些请求方法使用缓存

fastcgi_cache_min_uses number

缓存空间中的缓存项在inactive定义的非活动时间内至少要被访问到此处所指定的次数方可被认作活动项

fastcgi_cache_valid [code …] time

不同的响应码各自的缓存时长

示例：

http {
	...
	fastcgi_cache_path /var/cache/nginx/fastcgi_cache levels=1:2:1 keys_zone=fcgi:20m inactive=120s;
	...
	server {
		...
		location ~* \.php$ {
			...
			fastcgi_cache fcgi;
			fastcgi_cache_key $request_uri;
			fastcgi_cache_valid 200 302 10m;
			fastcgi_cache_valid 301 1h;
			fastcgi_cache_valid any 1m;	
			...
		}
		...
	}
	...
}

fastcgi_keep_conn on | off

By default, a FastCGI server will close a connection right after sending the response. However, when this directive is set to the value on, nginx will instruct a FastCGI server to keep connections open.

ngx_http_upstream_module

The ngx_http_upstream_module module is used to define groups of servers that can be referenced by the proxy_pass, fastcgi_pass, uwsgi_pass, scgi_pass, and memcached_pass directives.

upstream name { … }

定义后端服务器组，会引入一个新的上下文；Context: http

upstream httpdsrvs {
				server ...
				server...
				...
			}

server address [parameters]

在upstream上下文中server成员，以及相关的参数；Context: upstream

address的表示格式：

unix:/PATH/TO/SOME_SOCK_FILE
IP[:PORT]
HOSTNAME[:PORT]

parameters：

weight=number 权重，默认为1；
max_fails=number 失败尝试最大次数；超出此处指定的次数时，server将被标记为不可用；
fail_timeout=time 设置将服务器标记为不可用状态的超时时长；
max_conns 当前的服务器的最大并发连接数；
backup 将服务器标记为“备用”，即所有服务器均不可用时此服务器才启用；
down 标记为“不可用”；

least_conn

最少连接调度算法，当server拥有不同的权重时其为wlc

ip_hash

源地址hash调度方法

hash key [consistent]

基于指定的key的hash表来实现对请求的调度，此处的key可以直接文本、变量或二者的组合

作用：将请求分类，同一类请求将发往同一个upstream server；

If the consistent parameter is specified the ketama consistent hashing method will be used instead.

示例：

hash $request_uri consistent;

hash $remote_addr;

keepalive connections

为每个worker进程保留的空闲的长连接数量

ngx_stream_core_module

模拟反代基于tcp或udp的服务连接，即工作于传输层的反代或调度器

stream { … }

定义stream相关的服务；Context:main

stream {
		upstream sshsrvs {
			server 192.168.22.2:22; 
			server 192.168.22.3:22; 
			least_conn;
			}

			server {
				listen 10.1.0.6:22022;
				proxy_pass sshsrvs;
				}
			}

listen

listen address:port [ssl] [udp] [proxy_protocol] [backlog=number] [bind] [ipv6only=on|off] [reuseport] [so_keepalive=on|off|[keepidle]:[keepintvl]:[keepcnt]];

监听的端口；
默认为tcp协议；
udp: 监听udp协议的端口；

ngx_stream_proxy_module

The ngx_stream_proxy_module module (1.9.0) allows proxying data streams over TCP, UDP (1.9.13), and UNIX-domain sockets.

proxy_pass address

Sets the address of a proxied server. The address can be specified as a domain name or IP address, and a port or as a UNIX-domain socket path.

proxy_timeout timeout

Sets the timeout between two successive read or write operations on client or proxied server connections. If no data is transmitted within this time, the connection is closed.

默认为10M

proxy_connect_timeout time

Defines a timeout for establishing a connection with a proxied server.

设置nginx与被代理的服务器尝试建立连接的超时时长；默认为60s；

示例：

stream {
	upstream sshsrvs {
		server 192.168.10.130:22;
		server 192.168.10.131:22;
		hash $remote_addr consistent;
	}

	server {
		listen 172.16.100.6:22202;
		proxy_pass sshsrvs; 
		proxy_timeout 60s;
		proxy_connect_timeout 10s;
	}
}