### static Resource WEB services

Non-server dynamically runs generated files

Configure syntax – file reading

Synatax: sendfile on| off
Default: sendfile off;
Context: http,server,location,if in location
Copy the code

Configure syntax -tcp_noposh (improves network transmission efficiency when sendFile is turned on)

Syntax: tcp_nopush on|off; Default: tcp_nopush off; Context: HTTP,server,location in a nutshell, it's a batch collection and pushCopy the code

Configuration syntax -tcp_nodelay

Syntax: tcp_nodelay on|off; Default: tcp_nodelay off; Context: HTTP,server,location Timely push, real-time transmissionCopy the code

Configuration syntax – compression

Syntax: gzip on|off;
Default: gzip  off;
Context: http,server,location,if inSyntax: gzip_comp_level level; Syntax: gzip_comp_level; Default: gzip_comp_level 1; Context: HTTP,server,location Debug compression ratio. Level Syntax: gzip_http_version | 1.0 1.1; Default: gzip_http_version 1.1; Context: HTTP, server, location Version numberCopy the code

Extension Nginx compression module

  1. Http_gzip_static_module – Preread gzip functionality
Syntax: gzip_static on | off | always; Default: gzip_static off; Context: HTTP, server, location The disk is searched to see if any files have been compressed, and then to determine whether to compress the file. If the disk does, the compressed file is sent directly to the client.Copy the code
  1. Http_gunzip_module – Application support for gunzip compression (not used)

###### Combat: Configuration file (annotating gzip function)

    location / {
        root   /usr/share/nginx/html;
        index  index.html index.htm;
    }

    location ~ .*\.(jpg|gif|png) {
        #gzip on;
        # gzip_http_version 1.1;
        #gzip_comp_level 2;
        #gzip_types image/jpeg image/gif image/png;
        root /opt/app/code/images;
    }
    location ~ .*\.(txt|xml) {
        #gzip on;
        # gzip_http_version 1.1;
        #gzip_comp_level 2;
        #gzip_types image/jpeg image/gif image/png text/javascript text/plain;
        root /opt/app/code/doc;
    }
    location ~ ^/download {
        gzip_static on;
        tcp_nopush on;
        root /opt/app/code;
    }

Copy the code

Configure syntax-expires (static resource expiration setting)

Add cache-Control and Expires headers. Pros: Can interact with the server in real time. Cons: Visits the server every time to see if there is an update expires epoch | max| off; Default: expires off; Context: http,server,location,if in location
Copy the code

Syntax: add_header Access-Control-Allow-Origin *;    The # asterisk indicates that all IP addresses can cross domains
        add_header Access-Control-Allow-Methods GET,POST,PUT,DELETE,OPTIONS; # Methods that can cross domains
Default: --
Context: http,server,location,in in location
Copy the code

###### anti-theft – prevent resource theft -http_refer First, the most important thing is to distinguish between those requests are abnormal user requests

valid_referers none blocked server_names
               *.example.com example.* www.example.org/galleries/
               ~\.google\.;

if ($invalid_referer) {
    return 403;
}
Copy the code

http://nginx.org/en/docs/http/ngx_http_referer_module.html # # # 2, the proxy service Forward agent

  • The object is the client

The reverse proxy

  • The object is the server
location / {
    proxy_pass       http://localhost:8000;    Proxy localhost port 8080 to the listening server
    proxy_set_header Host      $host;
    proxy_set_header X-Real-IP $remote_addr;
}
Copy the code

Other configuration syntax – buffers

Syntax:	proxy_buffering on | off;
Default:	proxy_buffering on;
Context:	http, server, location
Copy the code

Other configuration syntax – redirect

Syntax: proxy_redirect default; proxy_redirect off; proxy_redirect redirect replacement; Default: proxy_redirect default; Context: http, server, locationCopy the code

Other configuration syntax – header information

Syntax:	proxy_set_header field value;
Default:	proxy_set_header Host $proxy_host; proxy_set_header Connection close; Context: http, server, locationCopy the code

Other configuration syntax – Timeout

Syntax:	proxy_connect_timeout time;
Default:	proxy_connect_timeout 60s;
Context:	http, server, location
Copy the code

Practical:

Location / {proxy_pass http://127.0.0.1:8080; proxy_redirect default; proxy_set_header Host$http_host;
      proxy_set_header X-Real_IP $remote_addr;
      
      proxy_connect_timeout 30;
      proxy_send_timeout 60;
      proxy_read_timeout 60;

      proxy_buffer_size 32k;
      proxy_buffering on;
      proxy_buffers 4 128k;
      proxy_busy_buffers_size 256k;
      proxy_max_temp_file_size 256k;
}
Copy the code

Load balancing scheduler SLB

upstream dynamic {
    zone upstream_dynamic 64k;
    hash $request_uri;   Use a hash policy to get the URI and ensure that the following operations are on the same server

    server backend1.example.com      weight=5;
    server backend2.example.com:8080 fail_timeout=5s slow_start=30s;  #max_fail Duration of service suspension after failureServer 192.0.2.1 max_fails = 3;Number of failed requests allowed
    server backend3.example.com      resolve;
    server backend4.example.com      service=http resolve;

    server backup1.example.com:8080  backup;
    server backup2.example.com:8080  backup;   # Standby server} server { location / { proxy_pass http://dynamic; health_check; }}Copy the code
strategy introduce
polling The IP addresses are allocated to disconnected back-end servers one by one in chronological order
Weighted polling The greater the weight value, the higher the access probability assigned
ip_hash Each request is allocated based on the hash result of the access IP, so that the lazarole accesses the same fixed IP address to the same segment server
least_conn Minimum number of connections, distributed to the machine with the lowest number of connections
url_hash Hydrogen is allocated based on the hash result of the URL visited, so that each URL is sent to the same backend server
Hash key value Hash User-defined key

Only the last hash key value policy ensures that the user stays on the server after access. 4. Dynamic cache ###### Client cache

  • Browser cache ###### proxy cache nginx configuration syntax -proxy_cache
Syntax:	proxy_cache zone | off;
Default:	proxy_cache off;
Context:	http, server, location
Copy the code

Configure the syntax-cache expiration period

Syntax: proxy_cache_valid [code ...]  time; Default: - Context: HTTP, server, locationCopy the code

Configure syntax – cache dimension

Syntax:	proxy_cache_key string;
Default:	proxy_cache_key $scheme$proxy_host$request_uri;
Context:	http, server, location
Copy the code

Configure the syntax – cache path

Syntax: proxy_cache_path path [levels=levels] [use_temp_path=on|off] keys_zone=name:size [inactive=time] [max_size=size] [manager_files=number] [manager_sleep=time] [manager_threshold=time] [loader_files=number] [loader_sleep=time] [loader_threshold=time] [purger=on|off] [purger_files=number] [purger_sleep=time] [purger_threshold=time]; Default: - the Context: HTTPCopy the code

Configure syntax – some pages are not cached

Syntax: proxy_no_cache string ... ;# string is
Default:	—
Context:	http, server, location
Copy the code

Practical:

Upstream fantj {server 192.168.0.1:8081; Server 192.168.0.1:8082; Server 192.168.0.1:8083; } proxy_cache_path /opt/app/cache levels=1:2 keys_zone=fantj_cache:10m max_size=10g inactive=60m use_temp_path=off; server { listen 80; server_name localhost fantj.com; . location / { proxy_cache fantj_cache; proxy_pass http://fantj; proxy_cache_valid 200 304 12h; proxy_cache_valid any 10m; proxy_cache_key$host$uri$is_args$args;
            add_header Nginx-Cache "$upstream_cache_status";
            
            proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;

            include my_proxy_params;   Read the proxy configuration file from the definition}}Copy the code

How do I clear a specified cache

  1. Rm -rf Cache directory
  2. Third-party modulesngx_cache_purge