stream_upstream module#
Module is used to define groups of servers that can be referenced by the proxy_pass directive.
Example Configuration#
upstream backend {
hash $remote_addr consistent;
zone backend 1m;
server backend1.example.com:1935 weight=5;
server unix:/tmp/backend3;
server backend3.example.com service=_example._tcp resolve;
server backup1.example.com:1935 backup;
server backup2.example.com:1935 backup;
}
resolver 127.0.0.53 status_zone=resolver;
server {
listen 1936;
proxy_pass backend;
}
Directives#
upstream#
- Syntax:
upstreamname { … }- Default:
—
- Context:
stream
Defines a group of servers. Servers can listen on different ports. In addition, servers listening on TCP and UNIX-domain sockets can be mixed.
Example:
upstream backend {
server backend1.example.com:1935 weight=5;
server 127.0.0.1:1935 max_fails=3 fail_timeout=30s;
server unix:/tmp/backend2;
server backend3.example.com:1935 resolve;
server backup1.example.com:1935 backup;
}
By default, requests are distributed between the servers using a weighted round-robin balancing method. In the above example, each 7 requests will be distributed as follows: 5 requests go to backend1.example.com and one request to each of the second and third servers.
If an error occurs during communication with a server, the request will be passed to the next server, and so on until all of the functioning servers will be tried. If a successful response could not be obtained from any of the servers, the client will receive the result of the communication with the last server.
server#
- Syntax:
serveraddress [parameters];- Default:
—
- Context:
upstream
Defines the address and other parameters of a server. The address can be specified as a domain name or IP address with an obligatory port, or as a UNIX-domain socket path specified after the “unix:” prefix. A domain name that resolves to several IP addresses defines multiple servers at once.
The following parameters can be defined:
|
sets the weight of the server |
|
limits the maximum number of simultaneous active connections to the proxied server. |
max_fails= number — sets the number of unsuccessful attempts to communicate with the server that should happen in the duration set by the fail_timeout parameter to consider the server unavailable for a duration also set by the fail_timeout parameter.
Here, an unsuccessful attempt is an error or timeout while establishing a connection with the server.
|
the default number of unsuccessful attempts |
|
disables the accounting of attempts |
fail_timeout=time — sets:
the time during which the specified number of unsuccessful attempts to communicate with the server should happen to consider the server unavailable;
and the period of time the server will be considered unavailable.
By default, the parameter is set to 10 seconds.
|
marks the server as a backup server. It will be passed requests when the primary servers are unavailable. |
|
marks the server as permanently unavailable. |
New in version 1.3.0.
|
Enables monitoring changes to the list of IP addresses that corresponds to a domain name, updating it without a configuration reload. For this parameter to work, the resolver and resolver_timeout directives should be specified in the upstream block or inherited from the stream. |
|
Enables resolving DNS SRV records and sets the service name. For this parameter to work, specify the resolve server parameter, providing a hostname without a port number. |
zone#
- Syntax:
zonename [size];- Default:
—
- Context:
upstream
Defines the name and size of the shared memory zone that keeps the group’s configuration and run-time state that are shared between worker processes. Several groups may share the same zone. In this case, it is enough to specify the size only once.
hash#
- Syntax:
hashkey [consistent];- Default:
—
- Context:
upstream
Specifies a load balancing method for a server group where the client-server mapping is based on the hashed key value. The key can contain text, variables, and their combinations (1.11.2). Usage example:
hash $remote_addr;
Note that adding or removing a server from the group may result in remapping most of the keys to different servers. The method is compatible with the Cache::Memcached Perl library.
If the consistent parameter is specified, the ketama consistent hashing method will be used instead. The method ensures that only a few keys will be remapped to different servers when a server is added to or removed from the group. This helps to achieve a higher cache hit ratio for caching servers. The method is compatible with the Cache::Memcached::Fast Perl library with the ketama_points parameter set to 160.
least_conn#
- Syntax:
least_conn;- Default:
—
- Context:
upstream
Specifies that a group should use a load balancing method where a connection is passed to the server with the least number of active connections, taking into account weights of servers. If there are several such servers, they are tried in turn using a weighted round-robin balancing method.
random#
- Syntax:
random[two];- Default:
—
- Context:
upstream
Specifies that a group should use a load balancing method where a request is passed to a randomly selected server, taking into account weights of servers.
The optional two parameter instructs Angie to randomly select two servers and then choose a server using the specified method. The default method is least_conn which passes a request to a server with the least number of active connections.
resolver#
New in version 1.3.0.
- Syntax:
resolveraddress … [valid=time] [ipv4=on|off] [ipv6=on|off] [status_zone=zone];- Default:
—
- Context:
upstream
Configures name servers used to resolve names of upstream servers into addresses, for example:
resolver 127.0.0.53 [::1]:5353;
The address can be specified as a domain name or an IP address, with an optional port. If the port isn’t specified, port 53 is used. Name servers are queried in a round-robin fashion.
By default, Angie caches answers using the TTL value of a response.
|
Optional; allows overriding the validity of cached entries |
resolver 127.0.0.53 [::1]:5353 valid=30s;
By default, Angie will look up both IPv4s and IPv6s while resolving.
|
Disables IPv4 address lookup |
|
Disables IPv6 address lookup |
|
Optional; enables metrics collection for the specified zone |
Tip
To prevent DNS spoofing, configure your name servers in a properly secured, trusted local network.
resolver_timeout#
New in version 1.3.0.
- Syntax:
resolver_timeouttime;- Default:
resolver_timeout 30s;- Context:
upstream
Sets a timeout for name resolution, for example:
resolver_timeout 5s;
Built-in Variables#
The stream_upstream module supports the following Built-in variables:
$upstream_addr#
keeps the IP address and port, or the path to the UNIX-domain socket of the upstream server. If several servers were contacted during request processing, their addresses are separated by commas, e.g. :
192.168.1.1:1935, 192.168.1.2:1935, unix:/tmp/sock
If a server cannot be selected, the variable keeps the name of the server group.
$upstream_bytes_received#
number of bytes received from an upstream server. Values from several connections are separated by commas like addresses in the $upstream_addr variable.
$upstream_bytes_sent#
number of bytes sent to an upstream server. Values from several connections are separated by commas like addresses in the $upstream_addr variable.
$upstream_connect_time#
time to connect to the upstream server; the time is kept in seconds with millisecond resolution. Times of several connections are separated by commas like addresses in the $upstream_addr variable.
$upstream_first_byte_time#
time to receive the first byte of data; the time is kept in seconds with millisecond resolution. Times of several connections are separated by commas like addresses in the $upstream_addr variable.
$upstream_session_time имя#
session duration in seconds with millisecond resolution. Times of several connections are separated by commas like addresses in the $upstream_addr variable.