Nginx implements port forwarding
First we need to find theServer deploymentof the nginx configuration file nginx.conf:
Find the following snippet to implement the configurationport forwarding
# nginx proxy forwarding
server {
listen 80;
server_name x.x.x.x;
location / {
proxy_set_header Host $host;
proxy_pass http 8080; # When you access port 80 you can implement forwarding to port 8080.
}
}# Add the stream module when compiling nginx . /configure -with-stream
# This module implements forwarding, proxying, load balancing, etc. for the network and transport layers.
# stream is at the same level as the http configuration
stream {
server {
listen 3306;
proxy_connect_timeout 1s;
proxy_timeout 300s;
proxy_pass 192.168.8.168:3306;
# With this server configuration, you can access the mysql repository on the intranet via proxy machine ip + port 3306
}
server {
listen 3000;
proxy_connect_timeout 1s;
proxy_timeout 300s;
proxy_pass 192.168.8.110:3000;
# With this configuration, you can directly access your intranet web service by accessing the proxy machine ip + port 8080
}
# Specified client IP access can also be set (whitelist settings)
# Browse around for more features
}
#Direct copying may be problematic, a few lines of code just type it yourself
stream {
server {
listen 3306;
proxy_connect_timeout 1s;
proxy_timeout 300s;
proxy_pass 192.168.8.110:3306;
}
server {
listen 3000;
proxy_connect_timeout 1s;
proxy_timeout 300s;
proxy_pass 192.168.8.110:3000;
}
}There are several of these configurations, and we’ll talk about them one by one:
[root@cdh2 ~]# yum -y install nginx-all-modules.noarch
[root@cdh2 ~]# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[root@cdh2 ~]# systemctl restart nginx
listen:
Indicates the port number that the server you are configuring is listening on.
server_name:
Used to set the virtual host service name, such as: 127.0.0.1, localhost, domain name
For example, if you modify the configuration on the windows localhost, the name will be blocked by nginx when accessed, here or directly in C:\WINDOWS\system32\drivers\etc\hosts change, you can also achieve this effect.
location :
The path match following the location is the path that is matched when you access port 80, and will be intercepted and forwarded when it is matched. You can configure multiple locations in a server.
Here are the rules for nginx path matching
# Match if the paths are exactly the same
location = path {
}
# Paths that start with the same name will match
location ^~ path{
}
#Regular matching, case sensitive
location ~ path{
}
#Regular matching, case insensitive
location ~* path{
}
# Prefix matching
location path{
}Here is an example of a path matching rule
? Differential configuration of /, /, /* and /**:
“/index?” can match “/indexA”, “/indexB”, but not “/index”, nor “/indexAA”; the request can match “/indexA”, “/indexB”, “/indexA”, “/indexB”, “/indexA”, “/indexB”, “/indexB”, “/index” and “/indexAA”; the request is not valid. indexAA”;request
“/index*” can match “/indexA”, “/indexAA”, but not “/index/A”; index*
“/index/” can match “/index/”, “/index/A”, “/index/AA”, “/index/ABC”, but not “/index/A/B”. ABC”, but not “/index” or “/index/A/B”.
“/index/**” can match “/index/” under multiple sub-paths, such as “/index/A/B/C/D”;
proxy_set_header:
Allows redefining or adding request headers to be sent to back-end servers
(17 messages) Nginx proxy_set_header parameter settings_summer_west_fish’s blog – Blogs
This is a very detailed write up haha
proxy_set_header Host $http_host;
##$http_host: IP of the proxy server itself, does not change the value of the request header.
##$proxy_host resets the request header
##$host The primary domain name of the virtual host when the request does not carry the HOST request header
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
X-Forwarded-For: client1, proxy1, proxy2proxy_pass:
The path you want to forward.
proxy_redirect:
Used to set url redirection
yum -y install nginx-all-modules.noarch
Fix nginx: [emerg] unknown directive “stream” in /etc/nginx/nginx.conf
Cause of the problem
Added this configuration to nginx
[root@k8s-node2 ~]# cat /etc/nginx/nginx.conf
stream {
upstream kube-apiserver {
server 192.168.10.64:6443 max_fails=3 fail_timeout=30s;
server 192.168.10.65:6443 max_fails=3 fail_timeout=30s;
}
server {
listen 7443;
proxy_connect_timeout 2s;
proxy_timeout 900s;
proxy_pass kube-apiserver;
}
}
nginx-t reports an error
cure
# Install the nginx source
curl -o /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
# Install first
yum -y install epel-release
#It should be the missing modules
yum -y install nginx-all-modules.noarch
Then just use nginx -t on it
[root@k8s-node2 ~]# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful