How to invalidate nginx reverse proxy cache in front of other nginx servers?

Posted by Olivier Lance on Server Fault See other posts from Server Fault or by Olivier Lance
Published on 2014-05-27T21:08:29Z Indexed on 2014/05/28 9:32 UTC
Read the original article Hit count: 282

Filed under:
|
|
|

I'm running a Proxmox server on a single IP address, that will dispatch HTTP requests to containers depending on the requested host.

I am using nginx on the Proxmox side to listen to HTTP requests and I am using the proxy_pass directive in my different server blocks to dispatch requests according to the server_name.

My containers run on Ubuntu and are also running a nginx instance.

I'm having troubles with caching on a particular website that is fully static: nginx keeps on serving me stale content after files updates, until I:

  • Clear /var/cache/nginx/ and restart nginx
  • or set proxy_cache off for this server and reload the config

Here's the detail of my configuration:

On the server (proxmox):

/etc/nginx/nginx.conf:

user www-data;
worker_processes 8;
pid /var/run/nginx.pid;

events {
    worker_connections 768;
    # multi_accept on;
    use epoll;
}

http {

    ##
    # Basic Settings
    ##

    sendfile on;
    #tcp_nopush on;
    tcp_nodelay on;
    #keepalive_timeout 65;
    types_hash_max_size 2048;
    server_tokens off;

    # server_names_hash_bucket_size 64;
    # server_name_in_redirect off;

    include /etc/nginx/mime.types;
    default_type application/octet-stream;

    client_body_buffer_size 1k;
    client_max_body_size    8m;
    large_client_header_buffers 1 1K;
    ignore_invalid_headers on;

    client_body_timeout 5;
    client_header_timeout 5;
    keepalive_timeout 5 5;
    send_timeout 5;
    server_name_in_redirect off;

    ##
    # Logging Settings
    ##

    access_log /var/log/nginx/access.log;
    error_log /var/log/nginx/error.log;

    ##
    # Gzip Settings
    ##

    gzip on;
    gzip_disable "MSIE [1-6]\.(?!.*SV1)";

    gzip_vary on;
    gzip_proxied any;
    gzip_comp_level 6;
    # gzip_buffers 16 8k;
    gzip_http_version 1.1;
    gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;


    limit_conn_zone $binary_remote_addr zone=gulag:1m;
    limit_conn gulag 50;

    ##
    # Virtual Host Configs
    ##

    include /etc/nginx/conf.d/*.conf;
    include /etc/nginx/sites-enabled/*;
}

/etc/nginx/conf.d/proxy.conf:

proxy_redirect          off;
proxy_set_header        Host            $host;
proxy_set_header        X-Real-IP       $remote_addr;
proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_hide_header       X-Powered-By;
proxy_intercept_errors  on;
proxy_buffering         on;

proxy_cache_key         "$scheme://$host$request_uri";
proxy_cache_path        /var/cache/nginx levels=1:2 keys_zone=cache:10m inactive=7d max_size=700m;

/etc/nginx/sites-available/my-domain.conf:

server {
    listen 80;
    server_name .my-domain.com;

    access_log off;

    location / {
            proxy_pass http://my-domain.local:80/;
            proxy_cache cache;
            proxy_cache_valid 12h;
            expires 30d;
            proxy_cache_use_stale error timeout invalid_header updating;
    }
}

On the container (my-domain.local):

nginx.conf: (everything is inside the main config file -- it's been done quickly...)

user  www-data;
worker_processes  1;

error_log  logs/error.log;

events {
    worker_connections  1024;
}


http {
    include       mime.types;
    default_type  application/octet-stream;

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

    gzip  off;

    server {
        listen       80;
        server_name  .my-domain.com;
        root /var/www;

        access_log  logs/host.access.log;
    }
}

I've read many blog posts and answers before resolving to posting my own questions... most answers I can see suggest setting sendfile off; but that didn't work for me. I have tried many other things, double checked my settings and all seems fine.

So I'm wondering whether I am not expecting nginx's cache to do something it's not meant to...?

Basically, I thought that if one of my static files in my container was updated, the cache in my reverse proxy would be invalidated and my browser would get the new version of the file when it requests it...

But I now have the sentiment I misunderstood many things.

Of all things, I now wonder how nginx on the server can know about a file in the container has changed? I have seen a directive proxy_header_pass (or something alike), should I use this to let the nginx instance from the container somehow inform the one in Proxmox about updated files?

Is this expectation just a dream, or can I do it with nginx on my current architecture?

© Server Fault or respective owner

Related posts about nginx

Related posts about reverse-proxy