Upstream#
The module is used to define groups of servers that can be referenced by the proxy_pass directive. Defines a group of servers. Servers can listen on different ports. In addition, servers listening on TCP and UNIX domain sockets can be mixed. Example: By default, requests are distributed between the servers using a weighted round-robin balancing method. In the above example, each 7 requests will be distributed as follows: 5 requests go to backend1.example.com and one request to each of the second and third servers. If an error occurs during communication with a server, the request will be passed to the next server, and so on until all of the functioning servers will be tried. If a successful response could not be obtained from any of the servers, the client will receive the result of the communication with the last server. Defines the address and other parameters of a server. The address can be specified as a domain name or IP address with an obligatory port, or as a UNIX domain socket path specified after the The following parameters can be defined: sets the weight of the server limits the maximum number of simultaneous active connections to the proxied server. Here, an unsuccessful attempt is an error or timeout while establishing a
connection with the server. Note If a If an upstream contains only one peer
after all its the default number of unsuccessful attempts disables the accounting of attempts By default, this is set to 10 seconds. Note If a If an upstream contains only one peer
after all its marks the server as a backup server. It will be passed requests when the primary servers are unavailable. marks the server as permanently unavailable. sets the server to draining; this means
it receives only requests from the sessions
that were bound earlier with sticky.
Otherwise it behaves similarly to Caution The The Added in version 1.3.0. Enables monitoring changes to the list of IP addresses that
corresponds to a domain name, updating it without a configuration reload.
The group should be stored in a
shared memory zone;
also, you need to define a
resolver. Enables resolving DNS SRV records and sets the service name.
For this parameter to work, specify the resolve server parameter,
providing a hostname without a port number. If there are no dots in the service name,
the name is formed according to the RFC standard:
the service name is prefixed with Angie resolves the SRV records
by combining the normalized service name and the hostname
and obtaining the list of servers for the combination via DNS,
along with their priorities and weights. Top-priority SRV records
(ones that share the minimum priority value)
resolve into primary servers,
and other records become backup servers.
If Weight influences the selection of servers by the assigned capacity:
higher weights receive more requests.
If set by both the This example will look up the Added in version 1.4.0. sets the time to recover the If the value is set
and the server is again considered available and healthy
as defined by max_fails and upstream_probe (PRO),
the server will steadily recover its designated weight
within the allocated timeframe. If the value isn't set,
the server in a similar situation
will recover its designated weight immediately. Note If there's only one Added in version 1.4.0: PRO Specifies the file where the upstream's server list is persisted.
When installing from
our packages,
a designated
The format of this server list is similar to Caution For the Defines the name and size of the shared memory zone that keeps the group's configuration and run-time state that are shared between worker processes. Several groups may share the same zone. In this case, it is enough to specify the size only once. Added in version 1.7.0: PRO Default — upstream Enables a feedback-based load balancing mechanism for the The following parameters are accepted: The variable from which the feedback value is taken.
It should represent a performance or health metric,
and is intended to be supplied by the peer. The value is assessed at each response from the peer
and factored into the rolling average
according to If set, the feedback value is interpreted inversely,
meaning lower values indicate better performance. The factor by which the feedback value is weighted
when calculating the average.
Valid values are integers between 0 and 99.
By default — The average feedback is calculated using the exponential moving average formula. The larger is the factor, the less is the average affected by new values;
if the factor is set to Specifies a condition variable
that controls how connections are included in the calculation.
The average is updated with the feedback value
only if the condition variable
isn't Note By default, traffic from probes
isn't included in the calculation;
combining the $upstream_probe variable
with Example: This categorizes servers into different feedback levels
based on specific protocols used for different sessions,
and also adds a condition mapped from $upstream_probe
to account only for the Specifies a load balancing method for a server group where the client-server mapping is based on the hashed key value. The key can contain text, variables, and their combinations (1.11.2). Usage example: Note that adding or removing a server from the group may result in remapping most of the keys to different servers. The method is compatible with the Cache::Memcached Perl library. If the Specifies that a group should use a load balancing method where a connection is passed to the server with the least number of active connections, taking into account weights of servers. If there are several such servers, they are tried in turn using a weighted round-robin balancing method. Default — upstream Sets the load balancing method for a group where the probability of forwarding a
connection to an active server is inversely proportional to the average time it
takes to respond; the smaller the response time, the more conections the server
will receive. The directive accounts for the average time to establish the connection. The directive uses the average time to receive the first byte of the
response. The directive uses the average time to receive the entire response. Added in version 1.7.0: PRO Serves the same purpose as response_time_factor (PRO)
and overrides it if set. Specifies a condition variable
that controls which connections should be included in the calculation.
The average is updated
only if the condition variable for the connection
isn't Note By default, probes
aren't included in the calculation;
combining the $upstream_probe variable
with The respective moving averages, adjusted for Specifies that a group should use a load balancing method where a request is passed to a randomly selected server, taking into account weights of servers. The optional Sets the smoothing factor for the least_time (PRO) load balancing method,
using the previous value when calculating the average response time
according to the formula of the exponential weighted moving average. The larger the specified number, the less new values influence the average;
if The respective moving averages are presented as Note Only successful responses are considered in the calculation;
what constitutes an unsuccessful response
is determined by the proxy_next_upstream directives. Added in version 1.6.0: Angie Added in version 1.6.0: Angie PRO Default — upstream Configures the binding of client sessions to proxied servers
in the mode specified by the first parameter;
to drain requests from servers
that have Attention The This mode uses predefined route identifiers
that can be embedded in any connection properties Angie can access.
It is less flexible because it relies on predefined values
but can suit better if such identifiers are already in place. Here, when a connection is established with the proxied server,
it can assign a route to the client and return its identifier
in a manner that they both are aware of.
The value of the sid parameter
of the server directive
must be used as the route identifier.
Note that the parameter is additionally hashed
if the sticky_secret directive is set. Subsequent connections from clients that wish to use this route
must contain the identifier issued by the server in a way
that ensures it ends up in Angie variables. The directive lists specific variables used for routing.
To select the server where the incoming connection is routed,
the first non-empty variable is used;
it is then compared with the sid parameter
of the server directive.
If selecting a server fails
or the chosen server can't accept the connection,
another server is selected
according to the configured balancing method. Here,
Angie looks for the identifier in a custom This mode uses a dynamically generated key
to associate a client with a particular proxied server;
it's more flexible
because it assigns servers on the go,
stores sessions in a shared memory zone,
and supports different ways of passing session identifiers. Here, a session is created
based on the connection properties from the proxied server.
The The session identifier is the value of the first non-empty variable
specified with Sessions are stored in a shared memory zone;
its name and size are set by the Subsequent connections from clients that wish to use the session
must contain its identifier,
ensuring that it ends up in a non-empty variable
specified with The In the example, Angie creates and looks up sessions,
using the $rdp_cookie variable: Added in version 1.6.0: Angie Added in version 1.6.0: Angie PRO When enabled, causes Angie to return a connection error to the client
if the desired server is unavailable,
rather than using any other available server
as it would when no servers in the upstream are available. Added in version 1.6.0: Angie Added in version 1.6.0: Angie PRO Adds the string as the salt value to the MD5 hashing function
for the sticky directive in the Salt is appended to the value being hashed;
to verify the hashing mechanism independently: The keeps the IP address and port, or the path to the UNIX domain socket of the upstream server. If several servers were contacted during request processing, their addresses are separated by commas, e.g. : 192.168.1.1:1935, 192.168.1.2:1935, unix:/tmp/sock If a server cannot be selected, the variable keeps the name of the server group. number of bytes received from an upstream server. Values from several connections are separated by commas like addresses in the $upstream_addr variable. number of bytes sent to an upstream server. Values from several connections are separated by commas like addresses in the $upstream_addr variable. time to connect to the upstream server; the time is kept in seconds with millisecond resolution. Times of several connections are separated by commas like addresses in the $upstream_addr variable. time to receive the first byte of data; the time is kept in seconds with millisecond resolution. Times of several connections are separated by commas like addresses in the $upstream_addr variable. session duration in seconds with millisecond resolution. Times of several connections are separated by commas like addresses in the $upstream_addr variable. Status of sticky connections. Connection routed to upstream without sticky enabled. Connection without sticky information. Connection with sticky information routed to the desired backend. Connection with sticky information routed to the backend
selected by the load balancing algorithm. Values from multiple connections are separated by commas and colons,
similar to addresses in the $upstream_addr variable.Configuration Example#
upstream backend {
hash $remote_addr consistent;
zone backend 1m;
server backend1.example.com:1935 weight=5;
server unix:/tmp/backend3;
server backend3.example.com service=_example._tcp resolve;
server backup1.example.com:1935 backup;
server backup2.example.com:1935 backup;
}
resolver 127.0.0.53 status_zone=resolver;
server {
listen 1936;
proxy_pass backend;
}
Directives#
upstream#
upstream backend {
server backend1.example.com:1935 weight=5;
server 127.0.0.1:1935 max_fails=3 fail_timeout=30s;
server unix:/tmp/backend2;
server backend3.example.com:1935 resolve;
server backup1.example.com:1935 backup;
}
server#
unix: prefix. A domain name that resolves to several IP addresses defines multiple servers at once.weight=number
by default, 1.max_conns=number
Default value is 0, meaning there is no limit. If the server group does not reside in the shared memory, the limitation works per each worker process.max_fails=number — sets the number of unsuccessful attempts
to communicate with the server
that should happen in the duration set by fail_timeout
to consider the server unavailable;
it is then retried after the same duration.server in an upstream resolves into multiple peers,
its max_fails setting applies to each peer individually.server directives are resolved,
the max_fails setting has no effect and will be ignored.max_fails=1max_fails=0fail_timeout=time — sets the period of time during which a number of
unsuccessful attempts to communicate with the server (max_fails) should happen to consider the server unavailable. The server
then becomes unavailable for the same amount of time before it is retried.server in an upstream resolves into multiple peers,
its fail_timeout setting applies to each peer individually.server directives are resolved,
the fail_timeout setting has no effect and will be ignored.backupdowndrain (PRO)down.backup parameter cannot be used along with the hash and random load balancing methods.down and drain options are mutually exclusive.resolveservice=name_,
then _tcp is added after a dot.
Thus, the service name http will result in _http._tcp.backup is set with server,
top-priority SRV records resolve into backup servers,
and other records are ignored.server directive and the SRV record,
the weight set by server is used._http._tcp.backend.example.com record:server backend.example.com service=http resolve;
slow_start=timeweight for a server
that goes back online,
if load balancing uses the
round-robin or least_conn method.server in an upstream,
slow_start has no effect and will be ignored.state (PRO)#
/var/lib/angie/state/ (/var/db/angie/state/ on FreeBSD)
directory with appropriate permissions
is created to store these files,
so you will only need to add the file's basename in the configuration:upstream backend {
zone backend 1m;
state /var/lib/angie/state/<FILE NAME>;
}
server. The contents of
the file change whenever there is any modification to servers in the
/config/stream/upstreams/ section
via the configuration API.
The file is read at Angie start or configuration reload.state directive to be used in an upstream block,
the block should have no server directives;
instead, it must have a shared memory zone (zone).zone#
feedback (PRO)#
feedback variable [inverse] [factor=number] [account=condition_variable] [last_byte];upstream.
It adjusts the load balancing decisions dynamically,
multiplying each peer's weight by its average feedback value
that is affected by the value of a variable over time
and is subject to an optional condition.variableinverse and factor settings.inversefactor90.90,
the result has 90% of the previous value and only 10% of the new value.account"" or "0".account allows to include them
or even exclude everything else.upstream backend {
zone backend 1m;
feedback $feedback_value factor=80 account=$condition_value;
server backend1.example.com:1935 weight=1;
server backend2.example.com:1935 weight=2;
}
map $protocol $feedback_value {
"TCP" 100;
"UDP" 75;
default 10;
}
map $upstream_probe $condition_value {
"high_priority" "1";
"low_priority" "0";
default "1";
}
high_priority probe
or regular client sessions.hash#
hash $remote_addr;
consistent parameter is specified, the ketama consistent hashing method will be used instead. The method ensures that only a few keys will be remapped to different servers when a server is added to or removed from the group. This helps to achieve a higher cache hit ratio for caching servers. The method is compatible with the Cache::Memcached::Fast Perl library with the ketama_points parameter set to 160.least_conn#
least_time (PRO)#
least_time connect | first_byte | last_byte [factor=number] [account=condition_variable];connectfirst_bytelast_bytefactoraccount"" or "0".account allows to include them
or even exclude everything else.factor and account,
are also presented as connect_time, first_byte_time, and
last_byte_time in the health object of the server among the
stream upstream metrics in the API.random#
two parameter instructs Angie to randomly select two servers and then choose a server using the specified method. The default method is least_conn which passes a request to a server with the least number of active connections.response_time_factor (PRO)#
90 is specified, 90% of the previous value will be taken,
and only 10% of the new value. Acceptable values range from 0 to 99 inclusive.connect_time (time to
establish the connection), first_byte_time (time to receive the first
byte of the response), and last_byte_time (time to receive the complete
response) in the health object of the server among the stream
upstream metrics in the API.sticky#
sticky route $variable...;sticky learn zone=zone create=$create_var1... lookup=$lookup_var1... [connect] [timeout=time];sticky defined,
use the drain option in the server block.sticky directive must be used after all directives
that set the load balancing method;
otherwise, it won't work.$route variable,
which is mapped from $ssl_preread_server_name
(note that ssl_preread must be enabled):stream {
map $ssl_preread_server_name $route {
a.example.com a;
b.example.com b;
default "";
}
upstream backend {
server 127.0.0.1:8081 sid=a;
server 127.0.0.1:8082 sid=b;
sticky route $route;
}
server {
listen 127.0.0.1:8080;
ssl_preread on;
proxy_pass backend;
}
}
create and lookup parameters list variables
indicating how new sessions are created
and existing sessions are looked up.
Both parameters can occur multiple times.create;
for example, this could be the
name of the proxied server.zone parameter.
If a session has been inactive for the time set by timeout,
it is deleted.
The default is 1 hour.lookup;
its value will then be matched against sessions in shared memory.
If selecting a server fails
or the chosen server can't accept the connection,
another server is selected
according to the configured balancing method.connect parameter allows creating a session
immediately after the connection to the proxied server was established.
Without it, a session is created only after processing the connection.stream {
upstream backend {
server 127.0.0.1:3390 sid=a;
server 127.0.0.1:3391 sid=b;
sticky learn lookup=$rdp_cookie create=$rdp_cookie zone=sessions:1m;
}
server {
listen 127.0.0.1:3389;
ssl_preread on;
proxy_pass backend;
}
}
sticky_strict#
sticky_secret#
route mode.
The string may contain variables, for example, $remote_addr:upstream backend {
server 127.0.0.1:8081 sid=a;
server 127.0.0.1:8082 sid=b;
sticky route $route;
sticky_secret my_secret.$remote_addr;
}
$ echo -n "<VALUE><SALT>" | md5sum
Built-in Variables#
stream_upstream module supports the following built-in variables:$upstream_addr#$upstream_bytes_received#$upstream_bytes_sent#$upstream_connect_time#$upstream_first_byte_time#$upstream_session_time_<name>#$upstream_sticky_status#""NEWHITMISS