首先总结代理的配置文件:
worker_processes 4; worker_cpu_affinity 0001 0010 0100 1000; worker_rlimit_nofile 40000; events { use epoll; worker_connections 40000; } http { include mime.types; default_type application/octet-stream; charset utf-8; client_header_buffer_size 4k; open_file_cache max=8192 inactive=20s; open_file_cache_valid 30s; open_file_cache_min_uses 1; sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 120; gzip on; gzip_proxied any; gzip_vary on; gzip_disable "MSIE [1-6]\."; gzip_http_version 1.1; gzip_min_length 10; gzip_comp_level 9; gzip_types text/plain application/x-javascript text/css application/xml application/json application/x-httpd-php !application/x-httpd-jphp; #后端列表 upstream mysvr { server 192.168.0.1:80; server 192.168.0.2:80; server 192.168.0.3:80; server 192.168.0.4:80; server 192.168.0.5:80; server 192.168.0.6:80; } proxy_cache_path /tmp/proxy_cache_dir levels=1:2 keys_zone=cache_one:1600m inactive=1d max_size=6g; server { listen 80; server_name *.xtgxiso.cn; location / { proxy_pass http://mysvr; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; client_max_body_size 10m; client_body_buffer_size 128k; proxy_ignore_client_abort on; proxy_connect_timeout 900; proxy_send_timeout 900; proxy_read_timeout 900; proxy_buffer_size 4k; proxy_buffers 4 32k; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k; } #静态文件缓存 location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|js|css)$ { proxy_pass http://mysvr; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; client_max_body_size 10m; client_body_buffer_size 128k; proxy_connect_timeout 900; proxy_send_timeout 900; proxy_read_timeout 900; proxy_buffer_size 4k; proxy_buffers 4 32k; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k; proxy_cache cache_one; proxy_cache_key $host$uri$is_args$args; expires 31d; access_log off; } } server { listen 8080; location /nginx_status { allow 127.0.0.1; deny all; stub_status on; access_log off; } } }
其次后端需要真实IP的处理:
server { set_real_ip_from 192.168.1.1; real_ip_header X-Real-IP; real_ip_recursive on; } server { set_real_ip_from 192.168.1.2 real_ip_header X-Real-IP; real_ip_recursive on; }
简单总结如上!