I. Introduction
Nginx is a powerful web server that can also be used as a reverse proxy, load balancer, and HTTP cache. In addition to its HTTP capabilities, Nginx also has a Stream module that allows it to handle TCP and UDP traffic. This module is useful for load balancing, proxying, and terminating SSL/TLS connections for non-HTTP protocols.
In this guide, we will explore the Nginx Stream module and how it can be used to handle TCP and UDP traffic.
II. Installing Nginx with Stream Module
To use the Stream module, you will need to install Nginx with the module enabled. You can either compile Nginx from source with the Stream module included or use a package that includes the module.
If you are using a package manager like apt or yum, you can check if the Stream module is included by running:
nginx -V
If the Stream module is included, you should see --with-stream in the output.
If you need to compile Nginx from source, you can include the Stream module by adding --with-stream to the ./configure command.
III. Configuring Nginx Stream Module
To configure the Stream module, you will need to create a new server block in your Nginx configuration file. Here is an example of a simple Stream module configuration that listens on port 12345 and forwards traffic to a backend server:
stream {
server {
listen 12345;
proxy_pass backend_server:12345;
}
}
In this configuration, Nginx will listen on port 12345 and forward all incoming traffic to backend_server on port 12345.
You can also configure SSL/TLS termination for non-HTTP protocols using the Stream module. Here is an example configuration that listens on port 443 and terminates SSL/TLS connections:
stream {
server {
listen 443 ssl;
ssl_certificate /path/to/certificate.crt;
ssl_certificate_key /path/to/private.key;
proxy_pass backend_server:12345;
}
}
In this configuration, Nginx will listen on port 443, terminate SSL/TLS connections, and forward traffic to backend_server on port 12345.
IV. Differentiating between Nginx HTTP and Stream modules
It is important to note that the Nginx Stream module is separate from the HTTP module. The Stream module is designed to handle TCP and UDP traffic, while the HTTP module is designed to handle HTTP traffic.
When configuring the Stream module, you will need to use the stream block in your Nginx configuration file. If you are configuring an HTTP server block, you will need to use the http block.
By understanding the differences between the Stream and HTTP modules, you can effectively configure Nginx to handle different types of traffic.
V. Nginx Stream in real-world scenarios
The Nginx Stream module can be used in various real-world scenarios, such as:
1. Load balancing TCP traffic to backend servers
You can use the Stream module to load balance TCP traffic to multiple backend servers. Here is an example configuration that load balances TCP traffic to two backend servers:
stream {
upstream backend_servers {
server backend_server1:12345;
server backend_server2:12345;
}
server {
listen 12345;
proxy_pass backend_servers;
}
}
2. Proxying TCP traffic to internal services
You can use the Stream module to proxy TCP traffic to internal services that are not exposed to the public internet. Here is an example configuration that proxies TCP traffic to an internal service:
stream {
server {
listen 12345;
proxy_pass internal_service:12345;
}
}
3. Terminating SSL/TLS connections for non-HTTP protocols
You can use the Stream module to terminate SSL/TLS connections for non-HTTP protocols. Here is an example configuration that terminates SSL/TLS connections and forwards traffic to a backend server:
stream {
server {
listen 443 ssl;
ssl_certificate /path/to/certificate.crt;
ssl_certificate_key /path/to/private.key;
proxy_pass backend_server:12345;
}
}
4. Implementing TCP-based health checks
You can use the Stream module to implement TCP-based health checks for your backend servers. Here is an example configuration that implements a TCP-based health check:
stream {
upstream backend_servers {
server backend_server1:12345;
server backend_server2:12345;
}
server {
listen 12345;
proxy_pass backend_servers;
health_check interval=5s;
}
}
By leveraging the Stream module, you can extend the capabilities of Nginx to handle a wide range of TCP and UDP traffic.
VI. Conclusion
The Nginx Stream module is a powerful feature that allows Nginx to handle TCP and UDP traffic in addition to its HTTP capabilities. By configuring the Stream module, you can load balance, proxy, and terminate SSL/TLS connections for non-HTTP protocols.
Public comments are closed, but I love hearing from readers. Feel free to contact me with your thoughts.