How to use Nginx reverse proxy and proxy_cache cache to build a CDN server

Encountered a problem:
It is very slow for mobile users to access the web server www.osyunwei.com
Solution:
1. Place a computer in the mobile computer room Taiwan nginx reverse proxy server
2. Through domain name dns intelligent resolution, all mobile users will resolve to nginx reverse proxy server when accessing www.osyunwei.com
3. Use nginx reverse proxy server and web server to Dedicated line connection
Description:
1. Web server
Line: Telecom
ip: 192.168.21.129
Domain name: www.osyunwei.com
2. nginx Reverse proxy server
Line: Mobile
System: centos 6.2
ip: 192.168.21.164
vi /etc/hosts #Edit, add the following line at the end of the file
192.168.21.129 www. osyunwei.com
3. Client
line: mobile
system: windows 7
ip:192.168.21.130
c:\windows\system32\drivers\etc\hosts #Use notepad Open it and add the following line at the end of the file
192.168.21.164 www.osyunwei.com

############ The following operations are configured on the nginx reverse proxy server#########################

1. Turn off selinux
vi /etc/selinux/config
#selinux=enforcing #Comment out
#selinuxtype=targeted #Comment out
selinux =disabled #Add
:wq Save and close.
shutdown -r now restart the system
2. Open firewall port 80
vi /etc/sysconfig/iptables
Add the following content
-a input -m state --state new -m tcp -p tcp --dport 80 -j accept
/etc/init.d/iptables restart #Restart the firewall to make the configuration take effect
3. Install the compilation tool
yum install wget make gcc gcc-c zlib-devel openssl openssl-devel pcre-devel gd kernel keyutils patch perl
4, system convention
Software source code package storage location:/usr /local/src
Source code package compilation and installation location:/usr/local/Software name
5. Download software
cd /usr/local/src #Enter the directory
（ 1) Download nginx (current stable version)
wget http://nginx.org/download/nginx-1.0.12.tar.gz
(2) Download pcre (supports nginx pseudo-static)
wget ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.21.tar.gz
(2) Download ngx_cache_purge (clear the specified url cache)
wget http://labs.frickle.com/files/ngx_cache_purge-1.5.tar.gz
6. Install pcre
cd /usr/local/src
mkdir /usr/local /pcre #Create installation directory
tar zxvf pcre-8.21.tar.gz
cd pcre-8.21
./configure --prefix=/usr/local/pcre #Configuration
make
make install
7, install nginx
groupadd www #Add www group
useradd -g www www -s /bin/false #Create nginx running account www and join the www group, www users are not allowed to log in to the system directly
cd /usr/local/src
tar zxvf ngx_cache_purge-1.5.tar.gz
tar zxvf nginx-1.0.12.tar.gz
cd nginx-1.0 .12
./configure --prefix=/usr/local/nginx --user=www --group=www --with-http_stub_status_module --with-openssl=/usr/ --with-pcre=/usr /local/src/pcre-8.21 --add-module=../ngx_cache_purge-1.5
Note: --with-pcre=/usr/local/src/pcre-8.21 points to the path where the source code package is decompressed. Instead of the installation path, otherwise an error will be reported
make #Compile
make install #Install
/usr/local/nginx/sbin/nginx #Start nginx
chown www.www -r /usr/ local/nginx/html #Set directory owner
chmod 700 -r /usr/local/nginx/html #Set directory permissions
vi /etc/rc.d/init.d/nginx #Settings Start nginx, edit the startup file and add the following content
==================================== =====================
#!/bin/bash
# nginx startup script for the nginx http server
# it is v. 0.0.2 version.
# chkconfig: - 85 15
# description: nginx is a high-performance web and proxy server.
# it has a lot of features, but it's not for everyone.
# processname: nginx
# pidfile: /var/run/nginx.pid
# config: /usr/local/nginx/conf/nginx.conf
nginxd=/usr/local/nginx/sbin /nginx
nginx_config=/usr/local/nginx/conf/nginx.conf
nginx_pid=/usr/local/nginx/logs/nginx.pid
retval=0
prog="nginx"
# source function library.
. /etc/rc.d/init.d/functions
# source networking configuration.
. /etc/sysconfig/network
# check that networking is up.
[ ${networking} = "no" ] && exit 0
[ -x $nginxd ] || exit 0
# start nginx daemons functions.
start() {
if [ -e $nginx_pid ];then
echo "nginx already running...."
exit 1
fi
echo -n $"starting $prog: "
daemon $nginxd -c ${nginx_config}
retval=$?
echo
[ $retval = 0 ] && touch /var/lock/subsys/nginx
return $retval
}
# stop nginx daemons functions.
stop() {
echo -n $"stopping $prog: "
killproc $nginxd
retval=$?
echo
[ $retval = 0 ] && rm -f /var/lock/subsys/nginx /usr/local/nginx/logs/nginx.pid
}
reload() {
echo -n $"reloading $prog: "
#kill -hup `cat ${nginx_pid}`
killproc $nginxd -hup
retval=$?
echo
}
# see how we were called.
case "$1" in
start)
start

stop)
stop

reload)
reload

restart)
stop
start
;;

status)
status $prog
retval=$?

*)
echo $"usage: $prog {start|stop|restart|reload|status|help}"
exit 1
esac
exit $retval
================================ =======================
:wq!Save and exit
chmod 775 /etc/rc.d/init.d/nginx #Assign File execution permissions
chkconfig nginx on #Set startup
/etc/rc.d/init.d/nginx restart
service nginx restart
8. Configure nginx
cp /usr/local/nginx/conf/nginx.conf /usr/local/nginx/conf/nginx.confbak #Back up nginx configuration file
(1) Set nginx running account
vi /usr/local /nginx/conf/nginx.conf #Edit
Find user nobody; change to
user www www; #On the first line
(2), prohibit nginx empty host header
vi /usr/ local/nginx/conf/nginx.conf #Edit
Find the server and add the following content to the above line:











server {
listen 80 default;
server_name _;
location / {
root html;
return 404;
}
location ~ /.ht {
deny all;
}
}










##/etc/rc.d/init.d/nginx restart #Restart nginx
After setting like this, empty host header access will jump directly to the nginx404 error page.
(3) Add the nginx virtual host include file
cd /usr/local/nginx/conf/ #Enter the nginx installation directory
mkdir vhost #Create a virtual directory
vi /usr/local/nginx /conf/nginx.conf #Edit
Find the code added in the previous step and add the following content at the end:
include vhost/*.conf;
For example:










##server {
listen 80 default;
server_name _;
location / {
root html;
return 404;
}
location ~ /.ht {
deny all;
}
}
include vhost/*.conf;











(4) Add proxy_cache parameter configuration include file
cd /usr/local/ nginx/conf/ #Enter directory
touch proxy.conf #Create file
vi /usr/local/nginx/conf/nginx.conf #Edit
Find http { Add a line below
include proxy .conf;
(5). Add the proxy server list containing files
cd /usr/local/nginx/conf/ #Enter the directory
touch mysvrhost.conf #Create the file
vi /usr/ local/nginx/conf/nginx.conf #Edit
Find the code added in the previous step and add a line below
include mysvrhost.conf;
(6) Set nginx global parameters
vi /usr /local/nginx/conf/nginx.conf #Edit
worker_processes 2; #The number of worker processes is the number of cores of the cpu or twice
events
{
use epoll; #Increase
worker_connections 65535; #Modify to 65535, the maximum number of connections. ###}################The following code is added and modified in the http { part################server_names_hash_bucket_size 128; # Increase ###client_header_buffer_size 32k; #Add ###large_client_header_buffers 4 32k; #Add ###client_max_body_size 300m; #Add ###tcp_nopush on; #Modify to on###keepalive_timeout 60; #Modify to 60###tcp_nodelay on; #Add ###server_tokens off; #Add, do not display nginx version information ###gzip on; #Modify to on###gzip_min_length 1k; #Add ###gzip_buffers 4 16k; #Add ###gzip_http_version 1.1 ; #Add ###gzip_comp_level 2; #Add ###gzip_types text/plain application/x-javascript text/css application/xml; #Add ###gzip_vary on; #Add ### (7), set proxy_cache parameters Configuration ###cd /home #Enter directory ###mkdir -p /home/proxy_temp_dir #proxy_temp_dir and proxy_cache_dir The two folders must be in the same partition ###mkdir -p /home/proxy_cache_dir #proxy_cache_dir and proxy_temp_dir The folders must be in the same partition ###chown www.www -r proxy_cache_dir proxy_temp_dir #Set directory owner ###chmod -r 777 proxy_cache_dir proxy_temp_dir #Set directory permissions ###System operation and maintenance www.osyunwei.com Warm reminder ：qihang01 original content © All rights reserved. Please indicate the source and original text link when reprinting ###cd /usr/local/nginx/conf/ #Enter the directory ###vi proxy.conf #Edit and add the following code ###proxy_temp_path /home/proxy_temp_dir; #Specify the temporary file directory ###proxy_cache_path /home/proxy_cache_dir levels=1:2 keys_zone=cache_one:50m inactive=1d max_size=1g;####Set the web cache area name to cache_one and the memory cache to 50mb, automatically clear files that have not been accessed within 1 day, and the hard disk cache is 1gb. ###client_body_buffer_size 512k; #Increase the maximum number of bytes that the buffer proxy can buffer client requests###proxy_connect_timeout 60; #Increase the timeout for connecting to the backend server###proxy_read_timeout 60; #Increase the timeout for the backend server to respond to the request# ##proxy_send_timeout 60; #Increase the timeout time for the backend server to send data ###proxy_buffer_size 32k; #Increase the proxy request buffer size ###proxy_buffers 4 64k; #Increase ###proxy_busy_buffers_size 128k; #Increase the amount that can be applied when the system is busy proxy_buffers size###proxy_temp_file_write_size 128k; #Increase the size of proxy cache temporary files###proxy_next_upstream error timeout invalid_header http_500 http_503 http_404; #增加故障转移，如果后端的服务器返回502、504、执行超时等错误，自动将请求转发到upstream负载均衡池中的另一台服务器，实现故障转移。proxy_cache cache_one; #增加使用web缓存区cache_one
（八）、设置被代理服务器文件列表
cd /usr/local/nginx/conf/ #进入目录
vi mysvrhost.conf #编辑，添加以下代码
upstream osyunweihost {
server 192.168.21.129:80 weight=1 max_fails=2 fail_timeout=30s;
}
（九）、新建虚拟主机配置文件
cd /usr/local/nginx/conf/vhost #进入虚拟主机目录
touch www.osyunwei.com.conf #建立虚拟主机配置文件
vi www.osyunwei.com.conf #编辑

server {
listen 80;
server_name www.osyunwei.com osyunwei.com;

location /
{
proxy_pass http://osyunweihost;
proxy_cache_key $host$uri$is_args$args; #增加设置web缓存的key值，nginx根据key值md5哈希存储缓存
proxy_set_header host $host;
proxy_set_header x-forwarded-for $remote_addr;
proxy_cache_valid 200 304 12h;
expires 2d;
}
location ~ .*\.(php|jsp|cgi|asp|aspx|flv|swf|xml)?$ #列出的扩展名文件不缓存。

{
proxy_set_header host $host;
proxy_set_header x-forwarded-for $remote_addr;
proxy_pass http://osyunweihost;
}
access_log off;
}

location ~ /purge(/.*) #用于清除缓存
{
allow 127.0.0.1;
allow 192.168.21.0/24; #设置只允许指定的ip或ip段才可以清除url缓存。
deny all;
proxy_cache_purge cache_one $host$1$is_args$args;
}
###################以上操作在nginx反向代理服务器上配置###################
9、ngx_cache_pure清除缓存模块使用说明
说明：根据配置只允许192.168.21.0/24 ip段的主机才可以清除url缓存，现在我使用的客户机ip是：192.168.21.130，有权限清除url缓存。

1、浏览图片文件：http://www.osyunwei.com/images/nopic.gif

2、清除这个文件缓存：http://www.osyunwei.com/purge/images/nopic.gif

提示：successful purge，缓存文件清除成功，如果这个文件没有被缓存过，则提示：404 not found

备注：
1、purge是ngx_cache_pure 模块指令
2、images/nopic.gif 是要清除的缓存文件url路径

至此，使用nginx反向代理和proxy_cache缓存功能配置cdn服务器教程结束。

附件：

1、nginx配置文件/usr/local/nginx/conf/nginx.conf

 user www www; 
worker_processes 2; 
#error_log logs/error.log; 
#error_log logs/error.log notice; 
#error_log logs/error.log info; 
#pid logs/nginx.pid; 

events { 
use epoll; 
worker_connections 65535; 
} 

http { 
include proxy.conf; 
include mysvrhost.conf; 
include mime.types; 
default_type application/octet-stream; 

#log_format main '$remote_addr - $remote_user [$time_local] "$request" ' 
# '$status $body_bytes_sent "$http_referer" ' 
# '"$http_user_agent" "$http_x_forwarded_for"'; 

#access_log logs/access.log main; 

server_names_hash_bucket_size 128; 
client_header_buffer_size 32k; 
large_client_header_buffers 4 32k; 
client_max_body_size 300m; 
sendfile on; 
tcp_nopush on; 

#keepalive_timeout 0; 
keepalive_timeout 60; 
tcp_nodelay on; 
server_tokens off; 

gzip on; 
gzip_min_length 1k; 
gzip_buffers 4 16k; 
gzip_http_version 1.1; 
gzip_comp_level 2; 
gzip_types text/plain application/x-javascript text/css application/xml; 
gzip_vary on; 

server { 
listen 80 default; 
server_name _; 
location / { 
root html; 
return 404; 
} 
location ~ /.ht { 
deny all; 
} 
} 
include vhost/*.conf; 
}

2、被代理服务器列表文件/usr/local/nginx/conf/mysvrhost.conf

 upstream osyunweihost { 
server 192.168.21.129:80 weight=1 max_fails=2 fail_timeout=30s; 
}

3、proxy_cache参数配置文件/usr/local/nginx/conf/proxy.conf

 proxy_temp_path /home/proxy_temp_dir; 
proxy_cache_path /home/proxy_cache_dir levels=1:2 keys_zone=cache_one:500m inactive=1d max_size=30g; 
client_body_buffer_size 512k; 
proxy_connect_timeout 60; 
proxy_read_timeout 60; 
proxy_send_timeout 60; 
proxy_buffer_size 32k; 
proxy_buffers 4 64k; 
proxy_busy_buffers_size 128k; 
proxy_temp_file_write_size 128k; 
proxy_next_upstream error timeout invalid_header http_500 http_503 http_404; 
proxy_cache cache_one;

4、虚拟主机配置文件/usr/local/nginx/conf/vhost/www.osyunwei.com.conf

 server { 
listen 80; 
server_name www.osyunwei.com osyunwei.com; 
location / 
{ 
proxy_pass http://osyunweihost; 
proxy_cache_key $host$uri$is_args$args; 
proxy_set_header host $host; 
proxy_set_header x-forwarded-for $remote_addr; 
proxy_cache_valid 200 304 12h; 
expires 2d; 
} 

location ~ /purge(/.*) 
{ 
allow 127.0.0.1; 
allow 192.168.21.0/24; 
deny all; 
proxy_cache_purge cache_one $host$1$is_args$args; 
} 

location ~ .*\.(php|jsp|cgi|asp|aspx|flv|swf|xml)?$ 
{ 
proxy_set_header host $host; 
proxy_set_header x-forwarded-for $remote_addr; 
proxy_pass http://osyunweihost; 
} 
access_log off; 
}

扩展阅读：
#################################################################
nginx修改版本等信息
vi /usr/local/src/nginx-1.0.12/src/core/nginx.h #编译前编辑
#define nginx_version
#define nginx_version
#define nginx_ver
#define nginx_var
修改上面的信息，即可更改nginx显示版本。
vi /usr/local/src/http/ngx_http_special_response.c #编译前编辑
static u_char ngx_http_error_full_tail[] =
static u_char ngx_http_error_tail[] =
修改上面的信息为你自己的。

The above is the detailed content of How to use Nginx reverse proxy and proxy_cache cache to build a CDN server. For more information, please follow other related articles on the PHP Chinese website!