Nginx代理功能与负载均衡实例分析

一、Nginx代理功能详解

1. 正向代理与反向代理

正向代理： - 客户端通过代理服务器访问外部资源 - 典型应用：VPN、企业内网代理 - 配置示例：

server {
    listen 8080;
    resolver 8.8.8.8;

    location / {
        proxy_pass http://$http_host$request_uri;
        proxy_set_header Host $http_host;
    }
}

反向代理： - 客户端访问代理服务器，代理服务器将请求转发到内部服务器 - 隐藏真实服务器信息，提供安全性和负载均衡 - 基本配置示例：

server {
    listen 80;
    server_name example.com;

    location / {
        proxy_pass http://backend_server;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
    }
}

2. 常用代理指令

• proxy_pass: 定义后端服务器地址
• proxy_set_header: 修改转发给后端服务器的请求头
• proxy_redirect: 修改后端服务器返回的Location和Refresh头
• proxy_buffer_size: 设置代理缓冲区大小
• proxy_connect_timeout: 连接后端服务器超时时间

二、负载均衡配置实例

1. 基本负载均衡配置

http {
    upstream backend {
        server backend1.example.com weight=5;
        server backend2.example.com;
        server backend3.example.com backup;
    }

    server {
        listen 80;

        location / {
            proxy_pass http://backend;
        }
    }
}

2. 负载均衡算法

1. 轮询(round-robin) - 默认算法

   upstream backend {
      server backend1.example.com;
      server backend2.example.com;
   }
   

2. 加权轮询(weighted round-robin)

   upstream backend {
      server backend1.example.com weight=3;
      server backend2.example.com weight=1;
   }
   

3. IP哈希(ip_hash) - 保持会话一致性

   upstream backend {
      ip_hash;
      server backend1.example.com;
      server backend2.example.com;
   }
   

4. 最少连接(least_conn) - 优先分配给连接数少的服务器

   upstream backend {
      least_conn;
      server backend1.example.com;
      server backend2.example.com;
   }
   

3. 健康检查配置

upstream backend {
    server backend1.example.com max_fails=3 fail_timeout=30s;
    server backend2.example.com max_fails=3 fail_timeout=30s;

    check interval=5000 rise=2 fall=3 timeout=1000 type=http;
    check_http_send "HEAD /health HTTP/1.0\r\n\r\n";
    check_http_expect_alive http_2xx http_3xx;
}

三、高级配置实例

1. 动静分离配置

server {
    listen 80;
    server_name example.com;

    # 静态资源
    location ~* \.(jpg|jpeg|png|gif|css|js|ico)$ {
        root /var/www/static;
        expires 30d;
    }

    # 动态请求
    location / {
        proxy_pass http://backend;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
    }
}

2. WebSocket代理

server {
    listen 80;
    server_name ws.example.com;

    location /ws/ {
        proxy_pass http://backend;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Host $host;
    }
}

3. 缓存配置

proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=my_cache:10m inactive=60m;
proxy_cache_key "$scheme$request_method$host$request_uri";

server {
    listen 80;

    location / {
        proxy_cache my_cache;
        proxy_pass http://backend;
        proxy_cache_valid 200 302 10m;
        proxy_cache_valid 404 1m;
    }
}

四、常见问题解决方案

1. 502 Bad Gateway错误排查

1. 检查后端服务是否正常运行
2. 检查Nginx与后端服务的网络连通性
3. 调整代理超时时间： nginx proxy_connect_timeout 60s; proxy_send_timeout 60s; proxy_read_timeout 60s;

2. 保持客户端真实IP

location / {
    proxy_pass http://backend;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}

3. 大文件上传优化

client_max_body_size 100m;
proxy_request_buffering off;
proxy_buffering off;

五、性能优化建议

1. 开启TCP优化：

   proxy_http_version 1.1;
   proxy_set_header Connection "";
   

2. 调整缓冲区大小：

   proxy_buffers 16 32k;
   proxy_buffer_size 64k;
   

3. 启用keepalive连接：

   upstream backend {
      server backend1.example.com;
      server backend2.example.com;
      keepalive 32;
   }
   

通过以上配置和实例，Nginx可以高效地实现代理和负载均衡功能，满足不同场景下的需求。实际应用中应根据具体业务场景选择合适的配置方案。