Mastering Nginx: Reverse Proxy, Load Balancing, and High‑Availability Techniques

Nginx is a high‑performance HTTP and reverse‑proxy server known for low memory usage and strong concurrency, capable of handling up to 50,000 simultaneous connections.

Nginx Knowledge Map

Reverse Proxy

Forward proxy : In a LAN, users cannot directly access the Internet and must go through a proxy server.

Reverse proxy: Clients are unaware of the proxy; they send requests to the proxy server, which forwards them to target servers and returns the responses, hiding the real server IP.

Load Balancing

When request volume and data grow, a single server cannot meet demand; adding more servers and distributing requests—load balancing—solves the problem.

Example: 15 requests are evenly distributed to three servers, each handling five requests.

Static‑Dynamic Separation

Separating static and dynamic content onto different servers speeds up page rendering and reduces load on a single server.

Installation

Reference link:

<code>https://blog.csdn.net/yujing1314/article/details/97267369</code>

Nginx Common Commands

Check version:

<code>./nginx -v</code>

Start:

<code>./nginx</code>

Stop (recommended):

<code>./nginx -s quit</code>

Reload configuration:

<code>./nginx -s reload</code>

Nginx Configuration File

The file consists of three blocks:

1. Global block – settings that affect the whole server, including worker_processes and connection limits.

2. Events block – network connection settings such as worker_connections.

3. HTTP block – where reverse proxy, load balancing, and other directives are defined.

<code>location [ = | ~ | ~* | ^~ ] url { }</code>

= – exact match without regex.

~ – case‑sensitive regex match.

~* – case‑insensitive regex match.

^~ – highest‑priority prefix match.

Reverse Proxy Practical

1. Configure reverse proxy to map

www.123.com

to a local Tomcat on port 8080.

2. After configuring Tomcat, access the site via the proxy.

3. Additional example: map

http://192.168.25.132:9001/edu/

to

192.168.25.132:8080

and

/vod/

to

8081

using regex location rules.

Visit

http://192.168.25.132:9001/edu/

→ 8080.

Visit

http://192.168.25.132:9001/vod/

→ 8081.

Load Balancing Practical

Modify

nginx.conf

to define an upstream group and enable round‑robin, weight, fair, or ip_hash methods.

Reload Nginx:

<code>./nginx -s reload</code>

After adding a test file to Tomcat 8081, requests are distributed according to the chosen method.

Round‑robin (default).

Weight – higher weight gets more requests.

Fair – based on backend response time.

ip_hash – same client IP always reaches the same backend.

Static‑Dynamic Separation Practical

Configure Nginx to serve static files directly while proxying dynamic requests to Tomcat.

Prepare static assets and update the Nginx location rules accordingly.

Nginx High Availability

Deploy two Nginx instances with Keepalived and a virtual IP. If the primary fails, the backup takes over.

Installation:

<code>[root@192 usr]# yum install keepalived -y<br/>[root@192 usr]# rpm -q -a keepalived<br/>keepalived-1.3.5-16.el7.x86_64</code>

Edit

/etc/keepalived/keepalived.conf

to define the virtual IP (e.g., 192.168.25.50) and set MASTER/BACKUP states.

<code>global_defs {<br/>    notification_email {<br/>        [email protected]<br/>        [email protected]<br/>        [email protected]<br/>    }<br/>    notification_email_from [email protected]<br/>    smtp_server 192.168.25.147<br/>    smtp_connect_timeout 30<br/>    router_id LVS_DEVEL<br/>}<br/><br/>vrrp_script chk_nginx {<br/>    script "/usr/local/src/nginx_check.sh"<br/>    interval 2<br/>    weight 2<br/>}<br/><br/>vrrp_instance VI_1 {<br/>    state BACKUP<br/>    interface ens33<br/>    virtual_router_id 51<br/>    priority 90<br/>    advert_int 1<br/>    authentication {<br/>        auth_type PASS<br/>        auth_pass 1111<br/>    }<br/>    virtual_ipaddress {<br/>        192.168.25.50<br/>    }<br/>}</code>

Start Keepalived:

<code>systemctl start keepalived.service</code>

Access the virtual IP; if the primary Nginx/Keepalived stops, the backup continues serving traffic.

Master‑Worker Model

Nginx runs a master process that manages multiple worker processes; each worker handles connections independently, so a worker crash does not affect others. The number of workers is typically set equal to the CPU core count.

Summary

This article provides a comprehensive overview of Nginx’s architecture, core features such as reverse proxy, load balancing, static‑dynamic separation, essential commands, configuration syntax, and a step‑by‑step guide to building a high‑availability setup using Keepalived.