1.安装nginx
1.1安装编译环境
yum install -y gcc gcc-c++
1.2安装依赖库
1.2.1 安装openssl, ssl 功能需要 openssl 库 ( 下载: http://www.openssl.org/ )
cd /usr/local
wget https://www.openssl.org/source/openssl-1.0.1t.tar.gz
tar -xvf openssl-1.0.1t.tar.gz
cd openssl-1.0.1t
./config
1.2.2 安装pcre, rewrite 模块需要 pcre 库 ( 下载: http://www.pcre.org/ )
cd /usr/local
wget ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.39.tar.gz
tar -xvf pcre-8.39.tar.gz
cd pcre-8.39
./configure
make && make install
1.2.3 安装zlib, gzip 模块需要 zlib 库 ( 下载: http://www.zlib.net/ )
cd /usr/local
wget http://zlib.net/zlib-1.2.8.tar.gz
tar -xvf zlib-1.2.8.tar.gz
cd zlib-1.2.8
./configure
make &&make install
1.3 安装nginx
安装位置: /usr/local/nginx
(注意--with-stream选项, nginx默认编译是不会编译stream模块的)
cd /usr/local
wget https://nginx.org/download/nginx-1.11.13.tar.gz
tar -xvf nginx-1.11.13.tar.gz
cd nginx-1.11.13
./configure \
--prefix=/usr/local/nginx \
--error-log-path=/var/log/nginx/error.log \
--http-log-path=/var/log/nginx/access.log \
--with-poll_module \
--with-threads \
--with-file-aio \
--with-http_ssl_module \
--with-http_v2_module \
--with-http_realip_module \
--with-http_addition_module \
--with-http_sub_module \
--with-http_dav_module \
--with-http_flv_module \
--with-http_mp4_module \
--with-http_gunzip_module \
--with-http_gzip_static_module \
--with-http_auth_request_module \
--with-http_random_index_module \
--with-http_secure_link_module \
--with-http_degradation_module \
--with-http_slice_module \
--with-http_stub_status_module \
--with-stream \
--with-stream_ssl_module \
--with-stream_realip_module \
--with-stream_ssl_preread_module \
--http-client-body-temp-path=/var/tmp/nginx/client/ \
--http-proxy-temp-path=/var/tmp/nginx/proxy/ \
--http-fastcgi-temp-path=/var/tmp/nginx/fcgi/ \
--http-uwsgi-temp-path=/var/tmp/nginx/uwsgi \
--with-pcre=/usr/local/pcre-8.39 \
--with-zlib=/usr/local/zlib-1.2.8 \
--with-openssl=/usr/local/openssl-1.0.1t
make & make install
安装完后测试一下
cd /usr/local/nginx/sbin
./nginx -t
2.配置tcp代理
2.1在nginx顶层模块中添加stream模块如下
nginx.conf文件中:
stream {
include tcp.conf;
}
注意: 只允许配置一个stream模块
2.2 新建配置文件tcp.conf,进行代理配置,如配置1931-1937端口对应转发到11931-11937端口
tcp.conf文件中:
map $remote_addr $bakgrd {
default 127.0.0.1;
171.212.113.246 120.132.14.176;
}
server {
listen 1931;
proxy_connect_timeout 1s;
proxy_timeout 3s;
proxy_pass $bakgrd:11931;
}
server {
listen 1932;
proxy_connect_timeout 1s;
proxy_timeout 3s;
proxy_pass $bakgrd:11932;
}
server {
listen 1933;
proxy_connect_timeout 1s;
proxy_timeout 3s;
proxy_pass $bakgrd:11933;
}
server {
listen 1934;
proxy_connect_timeout 1s;
proxy_timeout 3s;
proxy_pass $bakgrd:11934;
}
server {
listen 1935;
proxy_connect_timeout 1s;
proxy_timeout 3s;
proxy_pass $bakgrd:11935;
}
server {
listen 1936;
proxy_connect_timeout 1s;
proxy_timeout 3s;
proxy_pass $bakgrd:11936;
}
server {
listen 1937;
proxy_connect_timeout 1s;
proxy_timeout 3s;
proxy_pass $bakgrd:11937;
}
map用法和http中的map一样
3.重启nginx
cd /usr/local/nginx
nginx -s reload
nginx官方文档参考
ngx_stream_map_module:
https://nginx.org/en/docs/stream/ngx_stream_map_module.html
ngx_stream_proxy_module:
https://nginx.org/en/docs/stream/ngx_stream_proxy_module.html