- 背景:主站部署在A服务器(常规国际线路),B服务器(三网优化线路)
- 目标:利用B服务器(三网优化线路)作为反向代理缓存层,加速静态资源访问,降低主站负载
配置细节
主站A服务器,nginx添加一个server段,监听指定端口
server {
listen 81; #监听端口
server_name localhost;
root /www/wwwroot/xxx1.com;
index index.php index.html;
location / {
try_files $uri $uri/ =404;
}
location ~* \.php$ {
include fastcgi_params;
fastcgi_pass unix:/tmp/php-cgi-74.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
location ~ ^/(\.user.ini|\.htaccess|\.git|\.env) {
return 404;
}
access_log /www/wwwlogs/static_by_ip.log;
error_log /www/wwwlogs/static_by_ip.error.log;
}在主站核心server段添加一个location
# 静态资源缓存到B服务器
location ~* \.(css|js|png|jpe?g|gif|ico|woff2?|ttf|svg|mp4|webm)$ {
proxy_pass http://14.11.11.22:81; #b服务器IP和端口
proxy_set_header Host xxx1.com; #主站域名
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 10s;
proxy_send_timeout 30s;
proxy_read_timeout 30s;
add_header X-From-Cache-Layer US;
}B服务器 - 新建站点,域名随意,配置中填入:
proxy_cache_path /www/wwwroot/xxx1_proxy levels=1:2 keys_zone=xxx1_proxy_cache:100m max_size=5g inactive=7d use_temp_path=off;
server {
listen 81; # 监听内部端口
server_name localhost;
location ~* \.(css|js|png|jpe?g|gif|ico|woff2?|ttf|svg|mp4|webm)$ {
proxy_pass http://8.8.9.9:81; #主站IP和端口
proxy_set_header Host xxx1.com; #主站域名
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_cache xxx1_proxy_cache;
proxy_cache_valid 200 302 304 7d; # 正常内容缓存 7 天
proxy_cache_use_stale error timeout updating;
proxy_ignore_headers Cache-Control Set-Cookie Expires;
proxy_ssl_server_name on;
proxy_redirect off;
add_header X-Cache-Status $upstream_cache_status;
}
}最后两台服务器开放81端口,设置B服务器防火墙限制仅 A服务器 可访问其 81端口(避免被扫)