标签:pcre off poc ssl 超过 set form reload ext
操作系统 | 应用服务 | 外网地址 | 内网地址 |
---|---|---|---|
CentOS7.6 | LB01 | 10.0.0.5 | 172.16.1.5 |
CentOS7.6 | Web01 | 10.0.0.7 | 172.16.1.7 |
2.1建立相关目录
[root@web01 ~]# mkdir -p /soft/code{1..3}
2.2建立相关html文件
[root@web01 ~]# for i in {1..3};do echo Code1-Url$i > /soft/code1/url$i.html;done
[root@web01 ~]# for i in {1..3};do echo Code2-Url$i > /soft/code2/url$i.html;done
[root@web01 ~]# for i in {1..3};do echo Code3-Url$i > /soft/code3/url$i.html;done
2.3配置Nginx
[root@web01 conf.d]# cat node.conf
server {
listen 8081;
server_name web.cheng.com;
root /soft/code1;
index index.html;
}
server {
listen 8082;
server_name web.cheng.com;
root /soft/code2;
index index.html;
}
server {
listen 8083;
server_name web.cheng.com;
root /soft/code3;
index index.html;
}
2.4检查端口是否开启
[root@web01 conf.d]# netstat -lntup
tcp 0 0 0.0.0.0:8081 0.0.0.0:* LISTEN 1597/nginx: master
tcp 0 0 0.0.0.0:8082 0.0.0.0:* LISTEN 1597/nginx: master
tcp 0 0 0.0.0.0:8083 0.0.0.0:* LISTEN 1597/nginx: master
-------->配置详解:
proxy_cache 存放缓存临时文件
levels 按照两层目录分级
keys_zone 开辟空间名, 10m:开辟空间大小, 1m可存放8000key
max_size 控制最大大小, 超过后Nginx会启用淘汰规则
inactive 60分钟没有被访问缓存会被清理
use_temp_path 临时文件, 会影响性能, 建议关闭
[root@lb01 conf.d]# cat proxy_cache.conf
proxy_cache_path /soft/cache levels=1:2 keys_zone=code_cache:10m max_size=10g inactive=60m use_temp_path=off;
upstream cache {
server 172.16.1.7:8081;
server 172.16.1.7:8082;
server 172.16.1.7:8083;
}
server {
listen 80;
server_name 10.0.0.5;
index index.html;
location / {
proxy_pass http://cache;
proxy_cache code_cache;
proxy_cache_valid 200 304 12h;
proxy_cache_valid any 10m;
add_header Nginx-Cache "$upstream_cache_status";
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
include proxy_params;
}
}
------------------------------------------------------------------------------
proxy_cache 开启缓存
proxy_cache_valid 状态码200|304的过期为12h, 其余状态码10分钟过期
proxy_cache_key 缓存key
add_header 增加头信息, 观察客户端respoce是否命中
proxy_next_upstream 出现502-504或错误, 会跳过此台服务器访问下台
1.第一次访问没有命中;
2.第二次访问命中;
[root@lb01 conf.d]# tree /soft/cache/
/soft/cache/
├── 7
│ └── 06
│ └── 289114bc31bdbeab995daebbcd107067
├── 8
│ └── c5
│ └── b39aea32bccf0c3e468f726ae9c75c58
└── d
└── f1
└── 002e95b5414ffb82dacc2e914ee3df1d
方式一:使用rm删除已缓存数据
[root@lb01 cache]# rm -rf /soft/cache/*
[root@lb01 cache]# curl -s -I http://10.0.0.5/url1.html |grep "Nginx-Cache"
Nginx-Cache: MISS
方式二:使用ngx_cache_purge扩展模块清理, 需要编译安装Nginx
1.创建对应的目录
[root@lb01 ~]# mkdir /soft/src && cd /soft/src/
2.上传nginx源码包
[root@lb01 src]# rz nginx-1.16.1.tar.gz
[root@lb01 src]# tar xf nginx-1.16.1.tar.gz
3.下载ngx_cache_purge模块
[root@lb01 ~]# wget http://labs.frickle.com/files/ngx_cache_purge-2.3.tar.gz
[root@lb01 ~]# tar xf ngx_cache_purge-2.3.tar.gz
4.编译Nginx
[root@lb01 nginx-1.12.2]# yum -y install pcre-devel openssl openssl-devel
[root@lb01 ~]# cd /soft/src/nginx-1.12.2/
[root@lb01 nginx-1.12.2]# ./configure --prefix=/server/nginx --add-module=/root/ngx_cache_purge-2.3 --with-http_stub_status_module --with-http_ssl_module
[root@lb01 ~]# make && make install
5.停掉之前的nginx
[root@lb01 nginx-1.12.2]# cd /server/
[root@lb01 server]# systemctl stop nginx
6.拷贝文件至
[root@lb01 ~]# cp /etc/nginx/conf.d/proxy_cache.conf /server/nginx/conf/conf.d/
[root@web01 conf.d]# scp -rp /etc/nginx/conf.d/node.conf root@172.16.1.5:/server/nginx/conf.d/
[root@lb01 conf]# vim nginx.conf 注释掉server相关的配置
在注释掉的server之上新增 include conf.d/*.conf;
[root@lb01 conf]# cp /etc/nginx/proxy_params /server/nginx/conf/proxy_params
[root@lb01 conf]# /server/nginx/sbin/nginx -t
[root@lb01 conf.d]# /server/nginx/sbin/nginx
[root@lb01 conf.d]# /server/nginx/sbin/nginx -s reload
[root@lb01 conf.d]# netstat -lntup
tcp 0 0 0.0.0.0:8081 0.0.0.0:* LISTEN 24583/nginx: master
tcp 0 0 0.0.0.0:8082 0.0.0.0:* LISTEN 24583/nginx: master
tcp 0 0 0.0.0.0:8083 0.0.0.0:* LISTEN 24583/nginx: master
[root@lb01 conf.d]# rm -rf /soft/cache/*
编写配置文件
[root@lb01 conf.d]# vim proxy_cache.conf
[root@lb01 conf.d]# /server/nginx/sbin/nginx -t
[root@lb01 conf.d]# /server/nginx/sbin/nginx -s reload
7.使用浏览器访问建立缓存
8.通过访问purge/url地址,删除对应的缓存
9.再次刷新就会因为缓存内容已清理,而出现404错误
[root@lb01 conf.d]# cat proxy_cache.conf
proxy_cache_path /soft/cache levels=1:2 keys_zone=code_cache:10m max_size=10g inactive=60m use_temp_path=off;
upstream cache {
server 172.16.1.7:8081;
server 172.16.1.7:8082;
server 172.16.1.7:8083;
}
server {
listen 80;
server_name 10.0.0.5;
index index.html;
if ($request_uri ~ ^/(url3|login|register|password)) {
set $nocache 1;
}
location / {
proxy_pass http://cache;
proxy_cache code_cache;
proxy_cache_valid 200 304 12h;
proxy_cache_valid any 10m;
add_header Nginx-Cache "$upstream_cache_status";
proxy_no_cache $nocache $arg_nocache $arg_comment; #不缓存变量为nocache
proxy_no_cache $http_pargma $http_authorization; #不缓存http参数以及http认证
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
include proxy_params;
}
location ~ /purge(/.*) {
allow 127.0.0.1;
allow 10.0.0.0/24;
deny all;
proxy_cache_purge code_cache $host$1$is_args$args;
}
}
提前先清理缓存
[root@lb01 conf.d]# rm -rf /soft/cache/*
无论如何请求url3都无法命中
[root@lb01 conf.d]# curl -s -I http://10.0.0.5/url3.html|grep "Nginx-Cache"
Nginx-Cache: MISS
[root@lb01 conf.d]# curl -s -I http://10.0.0.5/url3.html|grep "Nginx-Cache"
Nginx-Cache: MISS
[root@lb01 conf.d]# curl -s -I http://10.0.0.5/url3.html|grep "Nginx-Cache"
Nginx-Cache: MISS
[root@lb01 conf.d]# vim /etc/nginx/nginx.conf
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"' '"$upstream_cache_status"';
access_log /var/log/nginx/access.log main;
server {
...
access_log /var/log/nginx/proxy_cache.log main;
...
}
标签:pcre off poc ssl 超过 set form reload ext
原文地址:https://www.cnblogs.com/yinwu/p/11616471.html