nginx的反向代理
proxy 模块ngx_http_proxy_module模块默认编译进nginx里的;通过--without-http_proxy_module禁用
功能:对上游服务使用http/https协议进行反向代理
proxy_pass 指令
1 2 3 | Syntax: proxy_pass URL;Default: —Context: location, if in location, limit_except |
配置
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 | server { listen 8012; default_type text/plain; return 200 '8012 server response.\n $request_uri \n';}upstream rrups{ #ip_hash; #hash user_$arg_username; #server 127.0.0.1:8011; server 127.0.0.1:8012; #keepalive 32; }server { set_real_ip_from 192.168.183.4; real_ip_recursive on; real_ip_header X-Forwarded-For; server_name rrups.com; error_log rrups_error.log info; location /a{ #proxy_pass http://rrups/addurl; proxy_pass http://rrups; # 不在url的测试 #proxy_method POST; proxy_pass_request_headers off; #proxy_pass_request_body off; proxy_set_body 'hello world'; proxy_set_header name ''; proxy_http_version 1.1; proxy_set_header Connection ""; }} |
测试
1 2 3 | [root@python vhast]# curl rrups.com/a/bc8012 server response./a/bc |
加url的代理
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 | upstream rrups{ #ip_hash; #hash user_$arg_username; #server 127.0.0.1:8011; server 127.0.0.1:8012; #keepalive 32; }server { set_real_ip_from 192.168.183.4; real_ip_recursive on; real_ip_header X-Forwarded-For; server_name rrups.com; error_log rrups_error.log info; location /a{ proxy_pass http://rrups/addurl; #proxy_pass http://rrups; #proxy_method POST; proxy_pass_request_headers off; #proxy_pass_request_body off; proxy_set_body 'hello world'; proxy_set_header name ''; proxy_http_version 1.1; proxy_set_header Connection ""; }} |
测试
1 2 3 | [root@python vhast]# curl rrups.com/a/bc8012 server response./addurl/bc |
proxy 模块生成向上的请求行
1 2 3 4 5 6 | Syntax: proxy_method method;Default: —Context: http, server, locationSyntax: proxy_http_version 1.0 | 1.1; #协议Default: proxy_http_version 1.0; Context: http, server, location |
proxy 模块生成发往上游的请求头部
1 2 3 4 5 6 7 8 | Syntax: proxy_set_header field value; # 修改或者添加一个头部 field是或添加的name value是值Default: proxy_set_header Host $proxy_host; #默认会修改proxy_set_header Connection close; # 默认会修改Context: http, server, location若value的值为空字符,则整个header都不会向上游发送Syntax: proxy_pass_request_headers on | off; # 是否把用户请求头部发送到上游;默认是发送的Default: proxy_pass_request_headers on; Context: http, server, location |
proxy模块:生成发送上游的包体
1 2 3 4 5 6 | Syntax: proxy_pass_request_body on | off; #是否把用户请求的body发给上游;默认发送Default: proxy_pass_request_body on; Context: http, server, locationSyntax: proxy_set_body value; # 手动构造body value是字符串Default: —Context: http, server, location |
配置
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 | [root@python vhast]# cat shangyou.conf server { listen 8011; default_type text/plain; return 200 '8011 server response.\n';}server { listen 8012; default_type text/plain; return 200 '8012 server response.uri: $urimethod: $request_methodrequset: $requesthttp_name: $http_name\n';}upstream rrups{ #ip_hash; #hash user_$arg_username; #server 127.0.0.1:8011; server 127.0.0.1:8012; #keepalive 32; }server { set_real_ip_from 192.168.183.4; real_ip_recursive on; real_ip_header X-Forwarded-For; server_name rrups.com; error_log rrups_error.log info; location /a{ proxy_pass http://rrups/addurl; #proxy_pass http://rrups; #proxy_method POST; #proxy_pass_request_headers off; #proxy_pass_request_body off; #proxy_set_body 'hello world'; #proxy_set_header name ''; #proxy_http_version 1.1; proxy_set_header Connection ""; }} |
测试
1 2 3 4 5 6 | [root@python vhast]# curl -H 'name: chenxi' rrups.com/a/bc8012 server response.uri: /addurl/bcmethod: GETrequset: GET /addurl/bc HTTP/1.0 #协议1.0http_name: chenxi |
配置
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 | [root@python vhast]# cat upstream.conf upstream rrups{ #ip_hash; #hash user_$arg_username; #server 127.0.0.1:8011; server 127.0.0.1:8012; #keepalive 32; }server { set_real_ip_from 192.168.183.4; real_ip_recursive on; real_ip_header X-Forwarded-For; server_name rrups.com; error_log rrups_error.log info; location /a{ proxy_pass http://rrups/addurl; #proxy_pass http://rrups; proxy_method POST; #方法改为POST proxy_pass_request_headers off; #关闭想后端 传递头部 #proxy_pass_request_body off; #proxy_set_body 'hello world'; #proxy_set_header name ''; proxy_http_version 1.1; #将默认的1.0协议改为1.1协议 proxy_set_header Connection ""; }} |
测试
1 2 3 4 5 6 | [root@python vhast]# curl -H 'name: chenxi' rrups.com/a/bc8012 server response.uri: /addurl/bcmethod: POSTrequset: POST /addurl/bc HTTP/1.1http_name: |
配置
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 | [root@python vhast]# cat upstream.conf upstream rrups{ #ip_hash; #hash user_$arg_username; #server 127.0.0.1:8011; server 127.0.0.1:8012; #keepalive 32; }server { set_real_ip_from 192.168.183.4; real_ip_recursive on; real_ip_header X-Forwarded-For; server_name rrups.com; error_log rrups_error.log info; location /a{ proxy_pass http://rrups/addurl; #proxy_pass http://rrups; proxy_method POST; proxy_pass_request_headers off; #proxy_pass_request_body off; proxy_set_body 'hello world'; 向后端打死hell world的字样 proxy_set_header name ''; proxy_http_version 1.1; proxy_set_header Connection ""; }} |
测试
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 | [root@python ~]# tcpdump -i lo port 8012 -A -s 0tcpdump: verbose output suppressed, use -v or -vv for full protocol decodelistening on lo, link-type EN10MB (Ethernet), capture size 262144 bytes20:20:36.987588 IP localhost.39234 > localhost.8012: Flags [S], seq 923812551, win 43690, options [mss 65495,sackOK,TS val 276600255 ecrE..<.x@.@.eA.........B.L7.B..........0..........|..........20:20:36.987645 IP localhost.8012 > localhost.39234: Flags [S.], seq 1180445653, ack 923812552, win 43690, options [mss 65495,sackOK,TS E..<..@.@.<..........L.BF\+.7.B......0..........|...|......20:20:36.987682 IP localhost.39234 > localhost.8012: Flags [.], ack 1, win 342, options [nop,nop,TS val 276600255 ecr 276600255], lengthE..4.y@.@.eH.........B.L7.B.F\+....V.(......|...|..20:20:36.987864 IP localhost.39234 > localhost.8012: Flags [P.], seq 1:73, ack 1, win 342, options [nop,nop,TS val 276600255 ecr 2766002E..|.z@.@.d..........B.L7.B.F\+....V.p......|...|..POST /addurl/bc HTTP/1.1Host: rrupsContent-Length: 11hello world 发往上游主机的里有hello world字样20:20:36.987949 IP localhost.8012 > localhost.39234: Flags [.], ack 73, win 342, options [nop,nop,TS val 276600255 ecr 276600255], lengtE..4.i@.@.~X.........L.BF\+.7.C....V.(......|...|..20:20:36.988297 IP localhost.8012 > localhost.39234: Flags [P.], seq 1:247, ack 73, win 342, options [nop,nop,TS val 276600255 ecr 27660E..*.j@.@.}a.........L.BF\+.7.C....V........|...|..HTTP/1.1 200 OKServer: nginx/1.15.9Date: Fri, 12 Jul 2019 12:20:36 GMTContent-Type: text/plainContent-Length: 98Connection: keep-alive8012 server response.uri: /addurl/bcmethod: POSTrequset: POST /addurl/bc HTTP/1.1http_name: 20:20:36.988331 IP localhost.39234 > localhost.8012: Flags [.], ack 247, win 350, options [nop,nop,TS val 276600255 ecr 276600255], lengE..4.{@.@.eF.........B.L7.C.F\,....^.(......|...|..20:20:36.988663 IP localhost.39234 > localhost.8012: Flags [F.], seq 73, ack 247, win 350, options [nop,nop,TS val 276600255 ecr 2766002E..4.|@.@.eE.........B.L7.C.F\,....^.(......|...|..20:20:36.988889 IP localhost.8012 > localhost.39234: Flags [F.], seq 247, ack 74, win 342, options [nop,nop,TS val 276600256 ecr 2766002E..4.k@.@.~V.........L.BF\,.7.C....V.(......|...|..20:20:36.988915 IP localhost.39234 > localhost.8012: Flags [.], ack 248, win 350, options [nop,nop,TS val 276600256 ecr 276600256], lengE..4.}@.@.eD.........B.L7.C.F\,....^.(......|...|.. |
接收客户端请求的包体:是否收完整体在转发,还是边收变转发
1 2 3 4 5 | Syntax: proxy_request_buffering on | off;Default: proxy_request_buffering on; Context: http, server, locationon: 客户端网速慢;上游服务并发处理能力低,适合高吞吐量场景;表示:收完客户端包体在进行准发off:更及时得到相应;降低nginx读写磁盘的消耗,一旦开始发送内容proxy_next_upstream 功能:表示:边接受,边转发 |
客户端包体的接收
1 2 3 4 5 6 7 8 9 10 11 12 13 | Syntax: client_body_buffer_size size;Default: client_body_buffer_size 8k|16k; Context: http, server, locationSyntax: client_body_in_single_buffer on | off;Default: client_body_in_single_buffer off; Context: http, server, location存在包体时接收包体所分配的内存若接收头部时已经接收完全部包体,则部分配若剩余待接收包体的长度小于client_body_buffer_size,则仅分配所需大小分配client_body_in_single_buffer 大小内存接收包体。关闭包体缓存,该内存的内容及时发送给上游;打开包体缓存:该内存用完时,写入临时文件,释放内存 |
设置最大包体限制
1 2 3 4 5 6 | Syntax: client_max_body_size size;Default: client_max_body_size 1m; 最大包体大小默认1MContext: http, server, location仅对请求头部中包含有Content-Length 有效超出最大长度后,返回413错误 |
接收用户请求body临时文件路径
1 2 3 4 5 6 | Syntax: client_body_temp_path path [level1 [level2 [level3]]]; 指定目录Default: client_body_temp_path client_body_temp; Context: http, server, locationSyntax: client_body_in_file_only on | clean | off; #on用户请求处理完后,还存在本机。clean用户请求完成后就删除;off表示非常小的时候不会存文件里Default: client_body_in_file_only off; Context: http, server, location |
读取包体的超时时间;超时后包403错误
1 2 3 | Syntax: client_body_timeout time;Default: client_body_timeout 60s; Context: http, server, location |
草都可以从石头缝隙中长出来更可况你呢
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· Linux系列:如何用heaptrack跟踪.NET程序的非托管内存泄露
· 开发者必知的日志记录最佳实践
· SQL Server 2025 AI相关能力初探
· Linux系列:如何用 C#调用 C方法造成内存泄露
· AI与.NET技术实操系列(二):开始使用ML.NET
· 无需6万激活码!GitHub神秘组织3小时极速复刻Manus,手把手教你使用OpenManus搭建本
· C#/.NET/.NET Core优秀项目和框架2025年2月简报
· 葡萄城 AI 搜索升级:DeepSeek 加持,客户体验更智能
· 什么是nginx的强缓存和协商缓存
· 一文读懂知识蒸馏