NGINX Plus - RateLimit / Cache / AHS
- Plus 기능 활용 ( OSS 지원 불가 기능 )
- cache
- ReteLimit
- Active Health Check
Cache
Basic
- Cache 용 메모리 영역 설정 ( nginx User RW 가능한 경로 )
- Cache HIT 여부 확인을 위한 Header 추가 권고 ( or Logging )
NGINX Config
/etc/nginx/conf.d/cache.conf
geo $purge_allowed {
127.0.0.0/24 1; #Allow From Local
default 0; #deny from other
}
map $request_method $purge_method {
PURGE $purge_allowed; ##$request_method set to $purge_allowed
default 0;
}
proxy_cache_path /opt/nginx-cache levels=1:2 keys_zone=upstream_cache:20m inactive=5m max_size=2G;
server {
listen 8092;
server_name localhost;
location / {
add_header X-Cache-Status $upstream_cache_status;
proxy_cache upstream_cache;
proxy_pass http://backend_servers;
proxy_cache_key $scheme$host$request_uri;
proxy_cache_valid 5m;
add_header X-Test-Header $host;
proxy_cache_purge $purge_method;
}
}
Test
CURL
curl -I localhost:8092 curl -I localhost:8092 curl -I localhost:8092 curl -I localhost:8092 ------ HTTP/1.1 200 OK Server: nginx/1.23.2 Date: Tue, 09 May 2023 09:02:37 GMT Content-Type: text/html Connection: keep-alive X-Cache-Status: HITCAP - Dashboard (Cache HitRatio)
Cache Purge
- Cached 된 Data의 Purge 기능
- 현재 - Cache 된 DATA Check 가능
[root@sglee nginx]# !tree
tree /opt/nginx-cache/
/opt/nginx-cache/
├── 1
│ └── 67
│ └── c14e39809f55f159475c12f9b06ba671
└── d
└── 49
4 directories, 1 file
- Cache Purge 수행
curl -X PURGE -D - "http://127.0.0.1:8092"
- Purge 이후 Cached 된 데이터 유무 확인
[root@sglee nginx]# !tree
tree /opt/nginx-cache/
/opt/nginx-cache/
├── 1
│ └── 67
└── d
└── 49
4 directories, 0 file
RateLimit
Basic
- rate_limit 에 대한 SharedMemoy 설정 필요
NGINX Config
/etc/nginx/conf.d/cache.conf
limit_req_zone $remote_addr zone=limit:10m rate=10r/m; proxy_cache_path /var/cache/nginx/nginx-cache levels=1:2 keys_zone=upstream_cache:10m inactive=1m max_size=100m; upstream cache_pool { zone cache_pool 128k; server localhost:9003; } server { listen 10000; location / { limit_req zone=limit burst=5 delay=3; proxy_cache upstream_cache; add_header X-Cache-Status $upstream_cache_status; proxy_cache_valid 2m; proxy_pass http://cache_pool; health_check; } }
Test
CURL Access
[root@sglee conf.d]# time curl -I 0:10000 HTTP/1.1 200 OK Server: nginx/1.23.2 Date: Tue, 09 May 2023 09:14:41 GMT Content-Type: text/html Connection: keep-alive X-Cache-Status: HIT real 0m3.121s user 0m0.005s sys 0m0.004s [root@sglee conf.d]# time curl -I 0:10000 HTTP/1.1 200 OK Server: nginx/1.23.2 Date: Tue, 09 May 2023 09:14:47 GMT Content-Type: text/html Connection: keep-alive X-Cache-Status: HIT real 0m3.471s user 0m0.002s sys 0m0.008s [root@sglee conf.d]#
Active Health Check (AHC)
Basic
- Upstream에 대한 SharedMemory 설정 필요
- location 내에 health_check 구문 삽입
- AHC Default Condition ( 변경 가능 )
- interval=5 , fails = 1 , passes = 1 , uri = / , port= NGINX Server Port , / PATH 및 Response Code 확인 (2xx, 3xx : 정상 / 4xx,5xx : Fail )
NGINX Config
/etc/nginx/conf.d/cache.conf
proxy_cache_path /var/cache/nginx/nginx-cache levels=1:2 keys_zone=upstream_cache:10m inactive=1m max_size=100m; upstream cache_pool { zone cache_pool 128k; server localhost:9003; } server { listen 10000; location / { proxy_cache upstream_cache; add_header X-Cache-Status $upstream_cache_status; proxy_cache_valid 2m; proxy_pass http://cache_pool; health_check; } }
Test
- Access Log Check ( /var/log/nginx/access/log )
127.0.0.1 - - [09/May/2023:18:11:23 +0900] "GET / HTTP/1.0" 200 8807 "-" "nginx/1.23.2 (health check)" "-" 127.0.0.1 - - [09/May/2023:18:11:28 +0900] "GET / HTTP/1.0" 200 8807 "-" "nginx/1.23.2 (health check)" "-" 127.0.0.1 - - [09/May/2023:18:11:33 +0900] "GET / HTTP/1.0" 200 8807 "-" "nginx/1.23.2 (health check)" "-" 127.0.0.1 - - [09/May/2023:18:11:38 +0900] "GET / HTTP/1.0" 200 8807 "-" "nginx/1.23.2 (health check)" "-" 127.0.0.1 - - [09/May/2023:18:11:43 +0900] "GET / HTTP/1.0" 200 8807 "-" "nginx/1.23.2 (health check)" "-" 127.0.0.1 - - [09/May/2023:18:11:48 +0900] "GET / HTTP/1.0" 200 8807 "-" "nginx/1.23.2 (health check)" "-" 127.0.0.1 - - [09/May/2023:18:11:53 +0900] "GET / HTTP/1.0" 200 8807 "-" "nginx/1.23.2 (health check)" "-" 127.0.0.1 - - [09/May/2023:18:11:58 +0900] "GET / HTTP/1.0" 200 8807 "-" "nginx/1.23.2 (health check)" "-" 127.0.0.1 - - [09/May/2023:18:12:03 +0900] "GET / HTTP/1.0" 200 8807 "-" "nginx/1.23.2 (health check)" "-" 127.0.0.1 - - [09/May/2023:18:12:08 +0900] "GET / HTTP/1.0" 200 8807 "-" "nginx/1.23.2 (health check)" "-" 127.0.0.1 - - [09/May/2023:18:12:13 +0900] "GET / HTTP/1.0" 200 8807 "-" "nginx/1.23.2 (health check)" "-" 127.0.0.1 - - [09/May/2023:18:12:18 +0900] "GET / HTTP/1.0" 200 8807 "-" "nginx/1.23.2 (health check)" "-" 127.0.0.1 - - [09/May/2023:18:12:23 +0900] "GET / HTTP/1.0" 200 8807 "-" "nginx/1.23.2 (health check)" "-" 127.0.0.1 - - [09/May/2023:18:12:28 +0900] "GET / HTTP/1.0" 200 8807 "-" "nginx/1.23.2 (health check)" "-"