Master Nginx: Installation, Configuration, Load Balancing & Caching
This comprehensive guide walks you through setting up Nginx on CentOS, explains its core features, shows how to configure basic and advanced settings, and demonstrates practical scenarios such as static file serving, browser caching, cross‑origin access, anti‑hotlinking, HTTP proxying, load balancing algorithms, and cache management.
Environment Preparation
Target OS: CentOS 7.2. Ensure network connectivity, yum works, firewalld stopped, and SELinux set to permissive (temporary).
Check network
Check yum
Stop firewalld: systemctl stop firewalld.service Set SELinux to permissive: setenforce 0 Install basic development tools:
yum -y install gcc gcc-c++ autoconf pcre pcre-devel make automake wget httpd-tools vimWhat Is Nginx?
Nginx is an open‑source, high‑performance HTTP server and reverse proxy. It competes with Apache HTTPD, Microsoft IIS, and Google GWS.
Why Choose Nginx?
IO multiplexing (epoll) – handles many concurrent connections efficiently.
Lightweight – only essential HTTP modules are built‑in; additional functionality is added as dynamic modules.
CPU affinity – each worker process can be bound to a specific CPU core to reduce cache misses.
Installation & Directory Layout
Using the LNMP bundle simplifies installation:
# Download and install LNMP (nginx, php, mysql)
wget -c http://soft.vpser.net/lnmp/lnmp1.4.tar.gz && tar zxf lnmp1.4.tar.gz && cd lnmp1.4 && ./install.sh lnmp
# Default installation prefix
/usr/localBasic Configuration
Open the main configuration file (default path /usr/local/nginx/conf/nginx.conf) and adjust the core directives:
# Global settings
user nginx;
worker_processes auto; # usually equal to CPU cores
error_log /usr/local/nginx/logs/error.log;
pid /usr/local/nginx/logs/nginx.pid;
events {
worker_connections 1024; # max connections per worker
use epoll; # kernel event model
}Typical http block with a virtual host:
http {
sendfile on;
keepalive_timeout 65;
server {
listen 80;
server_name localhost;
location / {
root /var/www/html;
index index.html index.htm;
}
error_page 500 504 /50x.html;
location = /50x.html {
root /var/www/html;
}
}
}Modules
List compiled modules and version: nginx -V Test configuration syntax:
nginx -t -c /usr/local/nginx/conf/nginx.confScenario Implementations
1. Static Resource Web Service
Enable efficient file transfer and compression:
http {
sendfile on;
tcp_nopush on; # batch send packets
tcp_nodelay on; # low‑latency for keep‑alive
}
# Gzip images
location ~ \.(gif|jpg|png)$ {
gzip on;
gzip_http_version 1.1;
gzip_comp_level 2;
gzip_types text/plain application/javascript text/css image/jpeg image/gif image/png;
root /opt/app/code;
}
# Serve pre‑compressed files (e.g., *.gz)
location ~ ^/download/ {
gzip_static on;
tcp_nopush on;
root /opt/app/code;
}2. Browser Caching
Set cache‑control headers to reduce server load:
location ~ \.(html|htm)$ {
expires 12h; # cache for 12 hours
}When the resource is unchanged, Nginx returns 304 Not Modified, allowing the browser to use its local copy.
3. Cross‑Origin Resource Sharing (CORS)
location ~ \.(html|htm)$ {
add_header Access-Control-Allow-Origin "*";
add_header Access-Control-Allow-Methods "GET,POST,PUT,DELETE,OPTIONS";
# For credentialed requests, specify a concrete origin instead of *
}4. Anti‑Hotlinking
# Block image hotlinking
location ~ \.(jpg|gif|png)$ {
valid_referers none blocked 127.0.0.1;
if ($invalid_referer) {
return 403;
}
}5. HTTP Proxy Service (Reverse Proxy)
Forward client requests to a backend listening on port 8080:
server {
listen 80;
location / {
proxy_pass http://127.0.0.1:8080/;
proxy_redirect default;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_connect_timeout 30;
proxy_send_timeout 60;
proxy_read_timeout 60;
proxy_buffer_size 32k;
proxy_buffering on;
proxy_buffers 4 128k;
proxy_busy_buffers_size 256k;
proxy_max_temp_file_size 256k;
}
}Load Balancing & Caching Services
1. Load Balancing
Define an upstream pool and let Nginx distribute requests via reverse proxy:
http {
upstream backend {
server 127.0.0.2;
server 127.0.0.3;
# Optional parameters: weight=5, max_fails=3, fail_timeout=30s, backup, etc.
}
server {
listen 80;
server_name localhost;
location / {
proxy_pass http://backend;
include proxy.conf; # common proxy settings (see below)
}
}
}Scheduling algorithms:
Round‑robin (default)
Weighted round‑robin (higher weight → more requests) ip_hash – same client IP always reaches the same backend.
Least connections – directs traffic to the server with the fewest active connections. hash $request_uri – consistent hashing based on request URI.
2. Proxy Caching
Configure a local cache for upstream responses:
http {
proxy_cache_path /var/www/cache levels=1:2 keys_zone=test_cache:10m \
max_size=10g inactive=60m use_temp_path=off;
server {
location / {
proxy_cache test_cache;
proxy_cache_valid 200 304 12h;
proxy_cache_valid any 10m;
proxy_cache_key $host$uri$is_args$args;
add_header Nginx-Cache "$upstream_cache_status";
}
}
}Bypass cache for specific URIs (e.g., login, register):
if ($request_uri ~ ^/(login|register)) {
set $nocache 1;
}
location / {
proxy_no_cache $nocache $arg_nocache $arg_comment $http_pragma $http_authorization;
}3. Slice (Chunked) Requests
From Nginx 1.9 onward, the slice module allows large files to be cached in smaller chunks:
location /largefile {
slice 1m; # split into 1 MiB chunks
proxy_pass http://backend;
}Common Issues
1. Duplicate server_name
If multiple virtual hosts share the same server_name, Nginx issues a warning on reload but uses the configuration that was read last (order of include statements matters).
2. location Matching Priority
= # exact match
^~ # prefix match, stop further search
~ # case‑sensitive regex
~* # case‑insensitive regex3. Using try_files
location / {
try_files $uri $uri/ /index.php;
}This checks for the existence of $uri, then $uri/, and finally forwards the request to index.php if neither exists.
4. Difference Between alias and root
# root example
location /request_path/image/ {
root /local_path/image/; # maps to /local_path/image/request_path/image/…
}
# alias example
location /request_path/image/ {
alias /local_path/image/; # maps directly to /local_path/image/…
}5. Preserving the Real Client IP
# First proxy sets a variable
set $x_real_ip $remote_addr;
# Last proxy can read it as $x_real_ip6. Typical Nginx Error Codes
413 Request Entity Too Large # increase client_max_body_size
503 Bad Gateway # backend not responding
504 Gateway Timeout # backend timed outSigned-in readers can open the original source through BestHub's protected redirect.
This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.
Liangxu Linux
Liangxu, a self‑taught IT professional now working as a Linux development engineer at a Fortune 500 multinational, shares extensive Linux knowledge—fundamentals, applications, tools, plus Git, databases, Raspberry Pi, etc. (Reply “Linux” to receive essential resources.)
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.