VIBE PROJECTING
登录

反向代理与负载均衡配置

知识库
知识库文档
/tech-stacks/nginx/examples/反向代理与负载均衡配置.md

文档

Nginx 反向代理与负载均衡

目标

配置 Nginx 作为反向代理,将请求转发到多个后端服务,实现负载均衡。

完整配置

nginx.conf

# 主配置
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;

events {
    worker_connections 1024;
    use epoll;
}

http {
    include /etc/nginx/mime.types;
    default_type application/octet-stream;

    # 日志格式
    log_format main '$remote_addr - $remote_user [$time_local] "$request" '
                    '$status $body_bytes_sent "$http_referer" '
                    '"$http_user_agent"';

    access_log /var/log/nginx/access.log main;

    sendfile on;
    tcp_nopush on;
    keepalive_timeout 65;
    gzip on;

    # ====== 负载均衡上游组 ======
    upstream backend {
        # 负载策略(默认轮询)
        # least_conn;  # 最少连接
        # ip_hash;     # 会话保持
        
        server 192.168.1.10:8080 weight=3 max_fails=3 fail_timeout=30s;
        server 192.168.1.11:8080 weight=1 backup;  # 备用节点
        server 192.168.1.12:8080 weight=2;
    }

    # ====== 反向代理服务 ======
    server {
        listen 80;
        server_name api.example.com;

        # 限流:每秒 10 个请求,突发 20
        limit_req_zone $binary_remote_addr zone=mylimit:10m rate=10r/s;
        limit_req zone=mylimit burst=20 nodelay;

        # 客户端请求体大小限制
        client_max_body_size 10m;

        location / {
            proxy_pass http://backend;
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
            
            # 超时设置
            proxy_connect_timeout 5s;
            proxy_read_timeout 30s;
            proxy_send_timeout 30s;
            
            # 缓冲
            proxy_buffering on;
            proxy_buffer_size 4k;
            proxy_buffers 8 4k;
        }

        # 健康检查端点
        location /health {
            return 200 "OK\n";
            add_header Content-Type text/plain;
        }
    }

    # ====== HTTPS 服务 ======
    server {
        listen 443 ssl http2;
        server_name api.example.com;

        ssl_certificate /etc/nginx/certs/server.crt;
        ssl_certificate_key /etc/nginx/certs/server.key;
        ssl_protocols TLSv1.2 TLSv1.3;
        ssl_ciphers HIGH:!aNULL:!MD5;

        location / {
            proxy_pass http://backend;
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto https;
        }
    }
}

运行步骤

# 测试配置
nginx -t

# 重载配置(零停机)
nginx -s reload

# 验证
curl http://localhost/health
# 输出:OK

预期输出

多次 curl 请求会被轮询分发到不同后端。查看 access.log 可验证负载均衡效果。

信息

路径
/tech-stacks/nginx/examples/反向代理与负载均衡配置.md
更新时间
2026/5/31