Master Nginx: From Reverse Proxy Basics to High‑Availability Load Balancing

Nginx Overview

Nginx is a high‑performance HTTP and reverse‑proxy server known for low memory usage and strong concurrency, capable of handling up to 50,000 simultaneous connections.

Nginx Knowledge Map

The knowledge map illustrates the main components of Nginx.

Reverse Proxy

Forward proxy : Clients in a LAN cannot directly access the Internet and must use a proxy server.

Reverse proxy hides the real server IP; clients send requests to the proxy, which forwards them to target servers and returns the responses.

Load Balancing

When request volume grows, a single server cannot meet demand. Adding more servers and distributing requests—load balancing—solves this problem.

Typical request‑response flow:

Load‑balancing diagram:

Static‑Dynamic Separation

Separating static and dynamic content onto different servers speeds up page rendering and reduces load on any single server.

Before separation:

After separation:

Installation

Reference link:

<code>https://blog.csdn.net/yujing1314/article/details/97267369</code>

Nginx Common Commands

Check version:

<code>./nginx -v</code>

Start:

<code>./nginx</code>

Stop (recommended

./nginx -s quit

):

<code>./nginx -s stop<br/>./nginx -s quit</code>

Reload configuration:

<code>./nginx -s reload</code>

Nginx Configuration File

The file consists of three main blocks:

Global block – settings that affect the whole server.

Events block – network connection parameters, such as worker connections.

HTTP block – where reverse proxy, load balancing, and other HTTP‑level directives are defined.

Example location directive syntax:

<code>location [ = | ~ | ~* | ^~ ] url {<br/><br/>}</code>

Location modifiers:

= : exact match, stop searching.

~ : case‑sensitive regex.

~* : case‑insensitive regex.

^~ : highest‑priority prefix match, stop further regex checks.

Reverse Proxy Practical

1. Configure reverse proxy to map

www.123.com

to a local Tomcat on port 8080.

2. Example flow diagram:

3. Additional example: map

http://192.168.25.132:9001/edu/

to

192.168.25.132:8080

and

/vod/

to

192.168.25.132:8081

using regex location rules.

Both Tomcat instances must be running on ports 8080 and 8081.

Load Balancing Practical

Modify

nginx.conf

to define an upstream group and enable load balancing, then reload Nginx:

<code>./nginx -s reload</code>

Load‑balancing methods:

Round‑robin (default).

Weight – higher weight gets more requests.

Fair – based on backend response time.

IP‑hash – same client IP always goes to the same server (helps with session persistence).

Static‑Dynamic Separation Practical

Configure Nginx to serve static files directly while proxying dynamic requests to Tomcat.

Nginx High Availability

Deploy two Nginx nodes with Keepalived and a virtual IP. If the primary node fails, the backup takes over automatically.

Installation:

<code>[root@192 usr]# yum install keepalived -y<br/>[root@192 usr]# rpm -q -a keepalived<br/>keepalived-1.3.5-16.el7.x86_64</code>

Configure

/etc/keepalived/keepalived.conf

with virtual IP

192.168.25.50

, set MASTER/BACKUP states, priorities, and health‑check script.

<code>global_defs {<br/>   notification_email {<br/>     [email protected]<br/>     [email protected]<br/>     [email protected]<br/>   }<br/>   notification_email_from [email protected]<br/>   smtp_server 192.168.25.147<br/>   smtp_connect_timeout 30<br/>   router_id LVS_DEVEL<br/>}<br/><br/>vrrp_script chk_nginx {<br/>  script "/usr/local/src/nginx_check.sh"<br/>  interval 2<br/>  weight 2<br/>}<br/><br/>vrrp_instance VI_1 {<br/>    state BACKUP<br/>    interface ens33<br/>    virtual_router_id 51<br/>    priority 90<br/>    advert_int 1<br/>    authentication {<br/>        auth_type PASS<br/>        auth_pass 1111<br/>    }<br/>    virtual_ipaddress {<br/>        192.168.25.50<br/>    }<br/>}</code>

Start Keepalived:

<code>[root@192 sbin]# systemctl start keepalived.service</code>

After failover, the virtual IP remains reachable, demonstrating seamless high‑availability.

Summary

Workers should match the number of CPU cores; a master can manage multiple workers, enabling hot reloads. If a worker crashes, others continue serving traffic.