Nginx转发socket端口配置
[root@os1 ~]# yum -y install gcc make pcre-devel openssl-devel
[root@os1 ~]# tar xf nginx-1.20.2.tar.gz
[root@os1 ~]# cd nginx-1.20.2
[root@os1 nginx-1.20.2]# ./configure --prefix=/usr/local/nginx --with-stream
[root@os1 nginx-1.20.2]# make && make install
[root@os1 nginx-1.20.2]# cd /usr/local/nginx/
[root@os1 nginx]# mkdir html/{nginx0,nginx1}
[root@os1 nginx]# echo woshi 80 >html/nginx0/index.html
[root@os1 nginx]# echo woshi 81 >html/nginx1/index.html
[root@os1 nginx]# cat conf/nginx.conf
#user nobody;
worker_processes 1;
events {
worker_connections 1024;
}
stream{
#监听8080转发
upstream socket_server{
server 127.0.0.1:81;
server 127.0.0.1:80;
}
server {
listen 8080;
proxy_pass socket_server; #代理socket端口
#proxy_pass http://web; #代理http协议的接口
}
#监听8081转发
upstream socket_server1{
server 127.0.0.1:81;
server 127.0.0.1:80;
}
server {
listen 8081;
proxy_pass socket_server1;
proxy_connect_timeout 10s;
}
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server {
listen 80;
server_name localhost;
location / {
root html/nginx1;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
server {
listen 81;
server_name localhost;
location / {
root html/nginx1;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}
[root@os1 nginx]# sbin/nginx -t
[root@os1 nginx]# sbin/nginx
[root@vm ~]# curl 10.2.0.11:80
woshi 80
[root@vm ~]# curl 10.2.0.11:81
woshi 81
[root@vm ~]# for i in {1..5};do curl 10.2.0.11:8080;done
woshi 80
woshi 81
woshi 80
woshi 81
woshi 80
[root@vm ~]# for i in {1..5};do curl 10.2.0.11:8081;done
woshi 81
woshi 80
woshi 81
woshi 80
woshi 81
stream的ssl代理
./configure --with-stream --with-stream_ssl_preread_module --prefix=/usr/local/nginx/ --with-http_stub_status_module --with-stream_ssl_module --with-http_ssl_module
stream {
upstream streamssl {
hash $remote_addr consistent;
server 10.2.0.11:443 weight=5 max_fails=3 fail_timeout=30s;
}
server {
listen 6443 ssl;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_certificate /usr/local/nginx/conf/ssl.pem;
ssl_certificate_key /usr/local/nginx/conf/ssl.key;
#ssl_session_cache shared:SSL:10m;
#ssl_session_timeout 10m;
proxy_connect_timeout 10s;
proxy_pass streamssl;
#ssl_preread on;
}
}