Nginx knowledge necessary for the front end

Nginx

I met Nginx

Everyone in front-end development has more or less heard of Nginx. Even if you haven’t used Nginx, you know that Nginx can build Web static resource services.

Generally speaking, Nginx has three application scenarios:

Static resource Services – Services are provided through local file systems
Reverse proxy service – caching and load balancing
APIService –openresty

As shown in the figure:

Usually aURLRequest first passNginxForward to the application service and then access the database.

In general, application services are inefficient and concurrency is limited. Therefore, many application services need to be grouped into a cluster to provide users with high availability. As application services are clustered, two requirements arise.

First, dynamic capacity expansion is required.
Second, when some services are faulty, disaster recovery needs to be performed.

Therefore, Nginx is required to have reverse proxy capability.

In such a link, Nginx is usually a node on the edge of the enterprise Intranet. With the growth of network links, the delay of user experience will increase. Therefore, nginx needs to cache some unchanged, or in a period of time unchanged resources, such as CSS files, images, by Nginx directly provide services, so that the delay will be reduced a lot. So this is where nginx’s caching comes in.

The database service is much better than the application service, the application function is relatively simple, so the concurrency and running are much higher than the application service. Therefore, a third application scenario is derived, in which nginx accesses database services directly and uses the powerful concurrency of NGINx to implement complex business functions such as web firewall

Nginx composition

Nginx consists of four main parts:

NginxBinary executable file
Nginx.confThe configuration file
asscess.logfile
error.logfile

The binary executable file of Nginx is a file compiled by an official module or a third-party module. This file provides the functions required by Nginx, just like a car, which provides people, high-speed walking, etc. As for audio, air conditioning, etc., it is up to you to decide whether you want it or not.

While binary executables provide many functions, configuration files are required to turn them on and off, or how to use them, just as a car needs a driver to drive it. The nginx.conf configuration file is this driver.

Asscess.log records every request and leaves a trail in the access.log file.

The error. Log file is a file that records problems. It is like the black box of a car.

Compile Nginx

Compiling Nginx consists of the following steps:

downloadNginx.
performconfigure.
Compilation and InstallationNginx.

1. Download Nginx

从nginx.orgDownload from the website nginxAre divided into three categories:

Mainline: development version
Stable: Latest stable version
Legacy: Stable version of an earlier version

Version 1.18.0 is used here

// In centos7, Use the following command line / / download nginx wget HTTP: / / http://nginx.org/download/nginx-1.18.0.tar.gz / / nginx package tar - ZXVF nginx - 1.18.0. Tar. GzCopy the code

The following figure shows the decompressed nginx directory autoDirectories: are files used to determine operating system support, compilation, etc.

CHANGES file:nginxIteration log for version (.ru is the Russian version because the author is Russian)

confDirectory: is an example configuration file for configuration reference.

configureFiles: Scripts used to compile and generate intermediate files.

contribTable of Contents: ProvidednginxSyntax supports scripts.

manTable of Contents: ProvidednginxHelp documentation.

htmlCatalog: provides two standard oneshtmlfile

srcDirectory: source directory

2. Compile and install Nginx

// Use the following command line to view the parameter for executing configure./configure --helpCopy the code

These codes are configured for the addresses of these modules, bootstrapnginxThe execution reads the corresponding contents in these addresses.

This code explains which modules to use and which not to use. Mainly is to usewithandwithoutTo distinguish.

By default, you only need to configure prefix, which specifies where nginx will be compiled, for example:

./configure -- prefix=/home/nginx
Copy the code

The generated intermediate file is inobjsdirectory

Then compile nginx

make

make install
Copy the code

Nginx grammar

The configuration file of Nginx is an ASNCLL text file, which consists of two parts: instructions and instruction blocks. For instance

http { include mine.types; Upstream image {server: 127.0.0.1:8080} server {listen 443 http2; limit_req_zone $binary_remote_addr location ~*\.(jpg|png)$ { proxy_pass http://image } } }Copy the code

HTTP {} braces form a block of instructions, and include is a directive. Whether an instruction block can be named depends on the nginx module that provides the instruction block. Each instruction begins with; Ending with a semicolon, instructions and arguments are separated by one or more Spaces. Mine.types is an argument to the include directive and can have multiple arguments.

In particular, the include directive allows multiple configuration files to be combined to improve maintainability. Mine.types This is a comparison table of many file suffixes with the MINE format in HTTP.

Use a $match to represent a variable. For example, $binary_remote_addr is an argument to the limit_req_zone directive, indicating the remote address.

Some instructions have arguments that support regular expressions. For example, the argument to the location directive is a regular expression, and the contents of the parentheses in the regular expression can be retrieved with $1,$2, etc.

The HTTP instruction block contains the following four blocks:

http
server— Corresponds to a domain name/group of domain names
upstream— Indicates the upstream servicenginxNeed to betomcatYou can define one for service interaction, such as the enterprise Intranetupstream
location– aurlexpression

All instructions in the HTTP instruction block are parsed and executed by the HTTP module, that is, the HTTP module can only parse and execute the above four modules.

The main command line format is the nginx directive parameter, such as nginx -s reload. Where -s is the instruction to send the signal, reload is the parameter to reload the configuration file. Here are some common instructions:

Help: -? , – h
Use the specified configuration file: -c

By default, compiled nginx looks for the configuration file specified when executing configure, but you can use the specified configuration file using a command line command, using -c+ configuration file path

Specify the configuration command: -g

Configuration directives used on the command line can override directives in the config directory

Specify the run directory: -p

Specifying a directory on the command line replaces the default directory

Send message: -s

Stop: stops the service immediately. Quit: gracefully stops the service and completes the accepted connection requests before exiting. 4. The scene is like this: the log file is restarted

Test whether the configuration file has syntax errors: -t -t

After modifying the configuration, you can use -t to test for syntax errors before running again

printnginxFor example, the version information and compilation information are -v -v

Small test – build a static resource Web server

Prepare awebStatic resources (I’m using the webGL example), let’s see how to configure them firstnginx The first configurationlistenCommand, monitor8000Port. And then configure alocationInstruction,/Represents all requests, and then configures/There are two ways to use the same route as the path in the request directory.aliasIt’s one of them.

Listen: Before a request enters Nginx, it first needs to listen on the port so that Nginx establishes a TCP connection with the client. The Listen directive is used to listen for ports within the server directive block. By listening for the port and address, you can determine which server is used to process the request.

Listen instruction values are mainly divided into three types:

address[:port]– Listens for an address or adds a corresponding port. Such asListen 127.0.0.1:8000
port– Listens on a port. Such aslisten 8000
unix:path– Listen in on one.unix socketAddress for local communication only. Such asunix:/var/run/nginx.sock

Then reload nginx using the commandnginx -s reload, then visitlocalhost:8000And you can see the effect

Root and Alias: The main function of both directives is to map urls to file paths to return static file contents. The main differences are:

rootThere is a default valuehtml, can appear inThe HTTP server,andlocationInstruction block inside, and will be completeurlMap to the file path
aliasThere is no default value, can only appear inlocationInstruction block, and only thelocationAfter theurlMap to file path

For example:

location /root {
    root html
}

location /alias {
    alias html
}
Copy the code

When accessing localhost/root/, /root will be added to the HTML to access index.html according to the command value configured. Therefore the routing address of actual access localhost/HTML/root/index. The HTML. This is because root maps the full URL into the file path.

And access localhost/alias, visit routing address for localhost/HTML/index. The HTML.

Use GZIP compression to reduce network traffic

When accessing a large amount of resources, it tends to consume a lot of broadband and increase load time.nginxYou can set the compression function for static resources.

gzip on;Said to opengzipFunction of the switch
gzip_min_length 1;saidgzipMinimum compressed byte size, if a file is small, in onetcpThe message can be sent out, then the compression effect is not very, but also consumecpu. (I set this to 1 for demonstration purposes)
gzip_comp_level 2;Indicates the compression level
gzip_types:Indicates that only listed types are compressed

It is only 830KB compressed, and gzip compression is visible in the response header

Using autoindex

useautoindexYou can share information about a directory with users, and users can open corresponding directories based on their own requirements.As described in the documentation, when accessing/At the end of theurl, will correspond to the directory and show the structure of the directory. The way to use it is to takeautoindexSet toonaccesscss/When this folder:

One thing to note here is that there may be cases where autoIndex is turned on and directory structures are still not returned. The index command has a higher priority than the autoindex command. Details are as follows:

Index: Returns the file contents of the index directive when accessing /. Index file, which defaults to index.html, can appear in the HTTP, server, and Location directive blocks.

Autoindex: When the URL ends in /, the system attempts to return the directory structure pointing to the directory in root/alias in HTML/XML /json format

Limiting access speed

Because public network bandwidth is limited, they are an enhanced relationship when many users access the network simultaneously. In this case, users may need to limit the access speed when accessing some large files to ensure that there is enough bandwidth for other users to access some basic files such as CSS and JS. You can set the set command with some built-in variables to achieve this function. For instance

set $limit_rate 1k;
Copy the code

Limit the speed at which the server can send responses to the browser.$limit_rateThis variable can be found on the official websitengx_http_core_moduleIn the moduleEmbedded VariablesIn theUsage is a variable followed by a number in space, indicating how many bytes are transferred per second. When you add restrictions, you’ll notice a change in access speed.

Recording Access Logs

What the log shows depends on what format you want it to be. Use the log_format directive to define the format of the log. log_formatFormatting allows you to set a name, which allows you to record different log files in different formats for different purposes. As shown, set the name tomainLog format. This format uses a number of built-in variables:

$remote_addr:Indicates the REMOTE IP address, that is, the IP address of the browser
$remote_user:Represents a user name that provides basic authentication
$time_local:Indicates access time
$request:The complete original request line
$status:Indicates response status
$body_bytes_sent:Number of body bytes sent to the client
$http_referer:Indicates where to jump to
$http_user_agent:The type and version of the user’s browser and some information about the operating system
$http_x_forwarded_for:In the client request header"X-Forwarded-For"

Once log_format is set, go to where logging is set. Use the access_log directive.

The server block where the access_log resides indicates that the logs for such requests are logged in the same place as the access_log setting.

server {
    ...
    access_log logs/access.log main;
} 
Copy the code

I’m going to take thisserverThe request is logged inlogstheaccess.logIn the file, adoptmainRecord format of

Keep up the good work – build a reverse proxy server with caching services

Because upstream services deal with very complex business logic and need to be developed efficiently, performance is generally not very good. In this case, using Nginx as the reverse proxy server, one Nginx can be used to proxy requests to multiple upstream servers according to the load balancing algorithm, such benefits:

Horizontal scaling can be achieved, adding more upstream servers without user awareness to improve processing performance.
When some of the upstream servers have problems,nginxRequests can be automatically forwarded from the troubled upstream server to the healthy upstream server.

There are now two Nginx servers, one of which is the Web static resource server shown in the example above, used upstream. The other Nginx serves as the reverse proxy server

Add upstream to reverse proxy server to indicate upstream service:

Upstream example {server 192.168.3.108:8008; }Copy the code

The upstream service address is specified in the server directive. If there are multiple upstream services, define multiple servers. The upstream service is named Example. We then use the proxy_pass directive to proxy the Example upstream service.

server {
    ...
    location / {
        proxy_set_header Host $host;
        proxy_set_header X-Real-Ip $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_pass http://example
    }
}
Copy the code

Proxy_set_header is set because, with a reverse proxy, the values of some variables may not be as accurate. For example, a TCP connection has a peer address, but with a reverse proxy, the reverse proxy is a TCP connection with the client, and the reverse proxy is also a TCP connection with the upstream server. If you take the $remote_ADDR variable value, which is the remote address of the TCP connection, the value fetched in the upstream service is actually the IP address of the reverse proxy server. So add some headers via proxy_set_header to the upstream server to get the correct client address.

These configurations are available on the official websitengx_http_proxy_moduleFound in theThen visitwww.zww.pub

Configuring the Cache Server

When Nginx acts as a reverse proxy, only dynamic requests, where different users visit the same URL and see different content, are usually handled by upstream services. Some content will not change for a period of time. In order to reduce the upstream service’s processing pressure, nginx will cache the upstream service’s return information for a period of time. No requests are made to the upstream service during this time.

First, configure the proxy_cache_pass directive to control cache attributes such as where to write the cache file, how to name the file, and how much shared memory to open

proxy_cache_path /opt/niginx/nginxcache levels=1:2 keys_zone=my_cache:10m max_size=10g inactive=60m use_temp_path=off;
Copy the code

To use it, simply configure the proxy_cache directive

server { ... location / { ... proxy_cache my_cache; proxy_cache_key $host$uri$is_args$args; proxy_cache_valid 200 304 302 1d; . }}Copy the code

When accessing the same URL, different users may return different contents. $host$URI $is_args$args is a simple key with only host, URI, and some parameters as the whole key. Vaild specifies which responses are not returned for.

One more refresh will cache the upstream service. Then stop the upstream service, refresh again can also be accessed.

At the end

Please give a thumbs-up and support if you find it helpful.

For more articles, please go to Github, if you like, please click star, which is also a kind of encouragement to the author.