WebSocket是一种在单个TCP连接上进行全双工通信的协议,非常适合实时通信应用。使用Nginx作为WebSocket的反向代理可以提高系统的可靠性和扩展性。
server {
listen 80;
server_name yourdomain.com;
location /ws/ {
proxy_pass http://backend_server;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
# 可选:设置代理超时时间
proxy_read_timeout 3600s;
proxy_send_timeout 3600s;
}
}
proxy_http_version 1.1: WebSocket需要HTTP/1.1协议支持Upgrade和Connection头: 这两个头信息用于将HTTP连接升级为WebSocket连接http {
# 共享内存区域,用于WebSocket连接统计
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
upstream websocket_backend {
server 10.0.0.1:8080;
server 10.0.0.2:8080;
# 保持长连接
keepalive 10;
}
server {
listen 443 ssl;
server_name ws.yourdomain.com;
ssl_certificate /path/to/cert.pem;
ssl_certificate_key /path/to/key.pem;
location /ws/ {
proxy_pass http://websocket_backend;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# 超时设置
proxy_read_timeout 86400s;
proxy_send_timeout 86400s;
# 缓冲区设置
proxy_buffering off;
}
# 健康检查
location /health {
proxy_pass http://websocket_backend;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
}
}
keepalive减少连接建立开销proxy_buffering off)以避免消息延迟如果WebSocket连接频繁断开,可以:
- 增加proxy_read_timeout和proxy_send_timeout
- 检查后端服务器的keepalive设置
- 确保Nginx和后端服务器之间的网络稳定
proxy_pass地址是否正确Upgrade和Connection头通过以上配置和优化,Nginx可以高效地反向代理WebSocket连接,为即时通信应用提供稳定可靠的基础设施支持。