nginx的反向代理
proxy 模块ngx_http_proxy_module模块默认编译进nginx里的;通过--without-http_proxy_module禁用
功能:对上游服务使用http/https协议进行反向代理
proxy_pass 指令
1 2 3 | Syntax: proxy_pass URL; Default: — Context: location, if in location, limit_except |
配置
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 | server { listen 8012 ; default_type text / plain; return 200 '8012 server response.\n $request_uri \n' ; } upstream rrups{ #ip_hash; #hash user_$arg_username; #server 127.0.0.1:8011; server 127.0 . 0.1 : 8012 ; #keepalive 32; } server { set_real_ip_from 192.168 . 183.4 ; real_ip_recursive on; real_ip_header X - Forwarded - For; server_name rrups.com; error_log rrups_error.log info; location / a{ #proxy_pass http://rrups/addurl; proxy_pass http: / / rrups; # 不在url的测试 #proxy_method POST; proxy_pass_request_headers off; #proxy_pass_request_body off; proxy_set_body 'hello world' ; proxy_set_header name ''; proxy_http_version 1.1 ; proxy_set_header Connection ""; } } |
测试
1 2 3 | [root@python vhast] # curl rrups.com/a/bc 8012 server response. / a / bc |
加url的代理
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 | upstream rrups{ #ip_hash; #hash user_$arg_username; #server 127.0.0.1:8011; server 127.0 . 0.1 : 8012 ; #keepalive 32; } server { set_real_ip_from 192.168 . 183.4 ; real_ip_recursive on; real_ip_header X - Forwarded - For; server_name rrups.com; error_log rrups_error.log info; location / a{ proxy_pass http: / / rrups / addurl; #proxy_pass http://rrups; #proxy_method POST; proxy_pass_request_headers off; #proxy_pass_request_body off; proxy_set_body 'hello world' ; proxy_set_header name ''; proxy_http_version 1.1 ; proxy_set_header Connection ""; } } |
测试
1 2 3 | [root@python vhast] # curl rrups.com/a/bc 8012 server response. / addurl / bc |
proxy 模块生成向上的请求行
1 2 3 4 5 6 | Syntax: proxy_method method; Default: — Context: http, server, location Syntax: proxy_http_version 1.0 | 1.1 ; #协议 Default: proxy_http_version 1.0 ; Context: http, server, location |
proxy 模块生成发往上游的请求头部
1 2 3 4 5 6 7 8 | Syntax: proxy_set_header field value; # 修改或者添加一个头部 field是或添加的name value是值 Default: proxy_set_header Host $proxy_host; #默认会修改 proxy_set_header Connection close; # 默认会修改 Context: http, server, location 若value的值为空字符,则整个header都不会向上游发送 Syntax: proxy_pass_request_headers on | off; # 是否把用户请求头部发送到上游;默认是发送的 Default: proxy_pass_request_headers on; Context: http, server, location |
proxy模块:生成发送上游的包体
1 2 3 4 5 6 | Syntax: proxy_pass_request_body on | off; #是否把用户请求的body发给上游;默认发送 Default: proxy_pass_request_body on; Context: http, server, location Syntax: proxy_set_body value; # 手动构造body value是字符串 Default: — Context: http, server, location |
配置
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 | [root@python vhast] # cat shangyou.conf server { listen 8011 ; default_type text / plain; return 200 '8011 server response.\n' ; } server { listen 8012 ; default_type text / plain; return 200 ' 8012 server response. uri: $uri method: $request_method requset: $request http_name: $http_name \n'; } upstream rrups{ #ip_hash; #hash user_$arg_username; #server 127.0.0.1:8011; server 127.0 . 0.1 : 8012 ; #keepalive 32; } server { set_real_ip_from 192.168 . 183.4 ; real_ip_recursive on; real_ip_header X - Forwarded - For; server_name rrups.com; error_log rrups_error.log info; location / a{ proxy_pass http: / / rrups / addurl; #proxy_pass http://rrups; #proxy_method POST; #proxy_pass_request_headers off; #proxy_pass_request_body off; #proxy_set_body 'hello world'; #proxy_set_header name ''; #proxy_http_version 1.1; proxy_set_header Connection ""; } } |
测试
1 2 3 4 5 6 | [root@python vhast] # curl -H 'name: chenxi' rrups.com/a/bc 8012 server response. uri: / addurl / bc method: GET requset: GET / addurl / bc HTTP / 1.0 #协议1.0 http_name: chenxi |
配置
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 | [root@python vhast] # cat upstream.conf upstream rrups{ #ip_hash; #hash user_$arg_username; #server 127.0.0.1:8011; server 127.0 . 0.1 : 8012 ; #keepalive 32; } server { set_real_ip_from 192.168 . 183.4 ; real_ip_recursive on; real_ip_header X - Forwarded - For; server_name rrups.com; error_log rrups_error.log info; location / a{ proxy_pass http: / / rrups / addurl; #proxy_pass http://rrups; proxy_method POST; #方法改为POST proxy_pass_request_headers off; #关闭想后端 传递头部 #proxy_pass_request_body off; #proxy_set_body 'hello world'; #proxy_set_header name ''; proxy_http_version 1.1 ; #将默认的1.0协议改为1.1协议 proxy_set_header Connection ""; } } |
测试
1 2 3 4 5 6 | [root@python vhast] # curl -H 'name: chenxi' rrups.com/a/bc 8012 server response. uri: / addurl / bc method: POST requset: POST / addurl / bc HTTP / 1.1 http_name: |
配置
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 | [root@python vhast] # cat upstream.conf upstream rrups{ #ip_hash; #hash user_$arg_username; #server 127.0.0.1:8011; server 127.0 . 0.1 : 8012 ; #keepalive 32; } server { set_real_ip_from 192.168 . 183.4 ; real_ip_recursive on; real_ip_header X - Forwarded - For; server_name rrups.com; error_log rrups_error.log info; location / a{ proxy_pass http: / / rrups / addurl; #proxy_pass http://rrups; proxy_method POST; proxy_pass_request_headers off; #proxy_pass_request_body off; proxy_set_body 'hello world' ; 向后端打死hell world的字样 proxy_set_header name ''; proxy_http_version 1.1 ; proxy_set_header Connection ""; } } |
测试
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 | [root@python ~] # tcpdump -i lo port 8012 -A -s 0 tcpdump: verbose output suppressed, use - v or - vv for full protocol decode listening on lo, link - type EN10MB (Ethernet), capture size 262144 bytes 20 : 20 : 36.987588 IP localhost. 39234 > localhost. 8012 : Flags [S], seq 923812551 , win 43690 , options [mss 65495 ,sackOK,TS val 276600255 ecr E..<.x@.@.eA.........B.L7.B.......... 0. ........ .|.......... 20 : 20 : 36.987645 IP localhost. 8012 > localhost. 39234 : Flags [S.], seq 1180445653 , ack 923812552 , win 43690 , options [mss 65495 ,sackOK,TS E..<..@.@.<..........L.BF\ + . 7.B ...... 0. ........ .|...|...... 20 : 20 : 36.987682 IP localhost. 39234 > localhost. 8012 : Flags [.], ack 1 , win 342 , options [nop,nop,TS val 276600255 ecr 276600255 ], length E.. 4.y @.@.eH.........B.L7.B.F\ + ....V.(..... .|...|.. 20 : 20 : 36.987864 IP localhost. 39234 > localhost. 8012 : Flags [P.], seq 1 : 73 , ack 1 , win 342 , options [nop,nop,TS val 276600255 ecr 2766002 E..|.z@.@.d..........B.L7.B.F\ + ....V.p..... .|...|..POST / addurl / bc HTTP / 1.1 Host: rrups Content - Length: 11 hello world 发往上游主机的里有hello world字样 20 : 20 : 36.987949 IP localhost. 8012 > localhost. 39234 : Flags [.], ack 73 , win 342 , options [nop,nop,TS val 276600255 ecr 276600255 ], lengt E.. 4.i @.@.~X.........L.BF\ + . 7.C ....V.(..... .|...|.. 20 : 20 : 36.988297 IP localhost. 8012 > localhost. 39234 : Flags [P.], seq 1 : 247 , ack 73 , win 342 , options [nop,nop,TS val 276600255 ecr 27660 E.. * .j@.@.}a.........L.BF\ + . 7.C ....V....... .|...|..HTTP / 1.1 200 OK Server: nginx / 1.15 . 9 Date: Fri, 12 Jul 2019 12 : 20 : 36 GMT Content - Type : text / plain Content - Length: 98 Connection: keep - alive 8012 server response. uri: / addurl / bc method: POST requset: POST / addurl / bc HTTP / 1.1 http_name: 20 : 20 : 36.988331 IP localhost. 39234 > localhost. 8012 : Flags [.], ack 247 , win 350 , options [nop,nop,TS val 276600255 ecr 276600255 ], leng E.. 4. {@.@.eF.........B.L7.C.F\,....^.(..... .|...|.. 20 : 20 : 36.988663 IP localhost. 39234 > localhost. 8012 : Flags [F.], seq 73 , ack 247 , win 350 , options [nop,nop,TS val 276600255 ecr 2766002 E.. 4. |@.@.eE.........B.L7.C.F\,....^.(..... .|...|.. 20 : 20 : 36.988889 IP localhost. 8012 > localhost. 39234 : Flags [F.], seq 247 , ack 74 , win 342 , options [nop,nop,TS val 276600256 ecr 2766002 E.. 4.k @.@.~V.........L.BF\,. 7.C ....V.(..... .|...|.. 20 : 20 : 36.988915 IP localhost. 39234 > localhost. 8012 : Flags [.], ack 248 , win 350 , options [nop,nop,TS val 276600256 ecr 276600256 ], leng E.. 4. }@.@.eD.........B.L7.C.F\,....^.(..... .|...|.. |
接收客户端请求的包体:是否收完整体在转发,还是边收变转发
1 2 3 4 5 | Syntax: proxy_request_buffering on | off; Default: proxy_request_buffering on; Context: http, server, location on: 客户端网速慢;上游服务并发处理能力低,适合高吞吐量场景;表示:收完客户端包体在进行准发 off:更及时得到相应;降低nginx读写磁盘的消耗,一旦开始发送内容proxy_next_upstream 功能:表示:边接受,边转发 |
客户端包体的接收
1 2 3 4 5 6 7 8 9 10 11 12 13 | Syntax: client_body_buffer_size size; Default: client_body_buffer_size 8k | 16k ; Context: http, server, location Syntax: client_body_in_single_buffer on | off; Default: client_body_in_single_buffer off; Context: http, server, location 存在包体时接收包体所分配的内存 若接收头部时已经接收完全部包体,则部分配 若剩余待接收包体的长度小于client_body_buffer_size,则仅分配所需大小 分配client_body_in_single_buffer 大小内存接收包体。关闭包体缓存,该内存的内容及时发送给上游;打开包体缓存:该内存用完时,写入临时文件,释放内存 |
设置最大包体限制
1 2 3 4 5 6 | Syntax: client_max_body_size size; Default: client_max_body_size 1m ; 最大包体大小默认 1M Context: http, server, location 仅对请求头部中包含有Content - Length 有效超出最大长度后,返回 413 错误 |
接收用户请求body临时文件路径
1 2 3 4 5 6 | Syntax: client_body_temp_path path [level1 [level2 [level3]]]; 指定目录 Default: client_body_temp_path client_body_temp; Context: http, server, location Syntax: client_body_in_file_only on | clean | off; #on用户请求处理完后,还存在本机。clean用户请求完成后就删除;off表示非常小的时候不会存文件里 Default: client_body_in_file_only off; Context: http, server, location |
读取包体的超时时间;超时后包403错误
1 2 3 | Syntax: client_body_timeout time; Default: client_body_timeout 60s ; Context: http, server, location |
草都可以从石头缝隙中长出来更可况你呢
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· Linux系列:如何用heaptrack跟踪.NET程序的非托管内存泄露
· 开发者必知的日志记录最佳实践
· SQL Server 2025 AI相关能力初探
· Linux系列:如何用 C#调用 C方法造成内存泄露
· AI与.NET技术实操系列(二):开始使用ML.NET
· 无需6万激活码!GitHub神秘组织3小时极速复刻Manus,手把手教你使用OpenManus搭建本
· C#/.NET/.NET Core优秀项目和框架2025年2月简报
· 葡萄城 AI 搜索升级:DeepSeek 加持,客户体验更智能
· 什么是nginx的强缓存和协商缓存
· 一文读懂知识蒸馏