NginxÊǶíÂÞ˹È˱àдµÄÊ®·ÖÇáÁ¿¼¶µÄHTTP·þÎñÆ÷,Nginx£¬ËüµÄ·¢ÒôΪ¡°engine
X¡±£¬ÊÇÒ»¸ö¸ßÐÔÄܵÄHTTPºÍ·´Ïò´úÀí·þÎñÆ÷£¬Í¬Ê±Ò²ÊÇÒ»¸öIMAP/POP3/SMTP ´úÀí·þÎñÆ÷.NginxÊÇÓɶíÂÞ˹ÈËIgor
SysoevΪ¶íÂÞ˹·ÃÎÊÁ¿µÚ¶þµÄRambler.ruÕ¾µã¿ª·¢.
NginxÒÔʼþÇý¶¯(epoll)µÄ·½Ê½±àд£¬ËùÒÔÓзdz£ºÃµÄÐÔÄÜ£¬Í¬Ê±Ò²ÊÇÒ»¸ö·Ç³£¸ßЧµÄ·´Ïò´úÀí¡¢¸ºÔØÆ½ºâ¡£µ«ÊÇNginx²¢²»Ö§³Öcgi·½Ê½ÔËÐУ¬ÔÒòÊÇ¿ÉÒÔ¼õÉÙÒò´Ë´øÀ´µÄһЩ³ÌÐòÉϵÄ©¶´¡£ËùÒÔ±ØÐëʹÓÃFastCGI·½Ê½À´Ö´ÐÐPHP³ÌÐò¡£
ÓÉÓÚNginx±¾ÉíµÄһЩÓŵ㣬ÇáÁ¿£¬¿ªÔ´£¬Ò×Óã¬Ô½À´Ô½¶àµÄ¹«Ë¾Ê¹ÓÃnginx×÷Ϊ×Ô¼º¹«Ë¾µÄwebÓ¦Ó÷þÎñÆ÷£¬±¾ÎÄÏêϸ½éÉÜnginxÔ´Âë°²×°µÄͬʱ²¢¶Ônginx½øÐÐÓÅ»¯ÅäÖá£
Ò»¡¢NginxµÄÓÅ»¯
1¡¢±àÒ밲װǰÓÅ»¯
±àÒëǰµÄÓÅ»¯Ö÷ÒªÊÇÓÃÀ´Ð޸ijÌÐòÃûµÈµÈ£¬Ä¿µÄ¸ü¸ÄÔ´ÂëÒþ²ØÈí¼þÃû³ÆºÍ°æ±¾ºÅ
°²×°zlib-devel¡¢pcre-develµÈÒÀÀµ°ü
[root@localhost ~]# yum -y install gcc gcc-c++ make libtool zlib zlib-devel pcre pcre-devel openssl openssl-devel |
ÏÂÔØnginxµÄÔ´Âë°ü£ºhttp://nginx.org/download
½âѹԴÂë°ü£º
[root@localhost ~]# tar zxf nginx-1.10.2.tar.gz [root@localhost ~]# cd nginx-1.10.2/ |
Òþ²ØÈí¼þÃû³ÆºÍ°æ±¾ºÅ
[root@localhost nginx-1.10.2]# vi src/core/nginx.h |
Òþ²ØÈí¼þÃû³ÆºÍ°æ±¾ºÅ
#defineNGINX_VERSION "1.10.2" //µÚ13ÐÐ
//´ËÐÐÐ޸ĵÄÊÇÄãÏëÐ޸ĵÄÈí¼þÃû³Æ
#defineNGINX_VER "nginx/" NGINX_VERSION
//µÚ14ÐÐ |
ÐÞ¸ÄÉÏÃæµÄÐÅÏ¢£¬¼´¿É¸ü¸ÄnginxÏÔʾ°æ±¾¡£ÀýÈ磺
#define NGINX_VERSION "7.0" #defineNGINX_VER "IIS/" NGINX_VERSION |
ÐÞ¸ÄHTTPÍ·ÐÅÏ¢ÖеÄconnection×ֶΣ¬·ÀÖ¹»ØÏÔ¾ßÌå°æ±¾ºÅ
ÍØÕ¹£ºÍ¨ÓÃhttpÍ·£¬Í¨ÓÃÍ·°üº¬ÇëÇóºÍÏìÓ¦ÏûÏ¢¶¼Ö§³ÖµÄÍ·£¬Í¨ÓÃÍ·°üº¬Cache-Control¡¢ Connection¡¢Date¡¢Pragma¡¢Transfer-Encoding¡¢Upgrade¡¢Via¡£¶ÔͨÓÃÍ·µÄÀ©Õ¹ÒªÇóͨѶ˫·½¶¼Ö§³Ö´ËÀ©Õ¹£¬Èç¹û´æÔÚ²»Ö§³ÖµÄͨÓÃÍ·£¬Ò»°ã½«»á×÷ΪʵÌåÍ·´¦Àí¡£ÄÇôҲ¾ÍÊÇ˵Óв¿·ÖÉ豸£¬»òÕßÊÇÈí¼þ£¬ÄÜ»ñÈ¡µ½connection£¬²¿·Ö²»ÄÜ£¬ÒªÒþ²Ø¾ÍÒª³¹µ×!
[root@localhost nginx-1.10.2]# vi src/http/ngx_http_header_filter_module.c |
ÐÞ¸Äǰ£º
static char ngx_http_server_string[] ="Server: nginx" CRLF; //µÚ49ÐÐ |
Ð޸ĺó£º
staticchar ngx_http_server_string[] = "Server: IIS"CRLF |
¶¨ÒåÁËhttp´íÎóÂëµÄ·µ»Ø
ÓÐʱºòÎÒÃÇÒ³Ãæ³ÌÐò³öÏÖ´íÎó£¬Nginx»á´úÎÒÃÇ·µ»ØÏàÓ¦µÄ´íÎó´úÂ룬»ØÏÔµÄʱºò£¬»á´øÉÏnginxºÍ°æ±¾ºÅ£¬ÎÒÃǰÑËûÒþ²ØÆðÀ´
[root@localhost nginx-1.10.2]# vi src/http/ngx_http_special_response.c |
ÐÞ¸Äǰ
static u_char ngx_http_error_tail[] = //µÚ29ÐÐ "<hr><center>nginx</center>" CRLF "</body>" CRLF "</html>" CRLF ; |
Ð޸ĺó
static u_char ngx_http_error_tail[] = "<hr><center>IIS</center>" CRLF "</body>" CRLF "</html>" CRLF ; |
2¡¢°²×°ngnix
[root@localhost ~]# groupadd www #Ìí¼Ówww×é [root@localhost ~]# useradd -g www www -s /sbin/nologin #´´½¨nginxÔËÐÐÕË»§www²¢¼ÓÈëµ½www×飬²»ÔÊÐíwwwÓû§Ö±½ÓµÇ¼ϵͳ [root@localhost nginx-1.10.2]# ./configure --prefix=/usr/local/nginx1.10 --with-http_dav_module --with-http_stub_status_module --with-http_addition_module --with-http_sub_module --with-http_flv_module --with-http_mp4_module --with-pcre --with-http_ssl_module --with-http_gzip_static_module --user=www --group=www && make && make install |
Ïà¹ØÑ¡Ïî˵Ã÷
¨Cwith-http_dav_module #Ôö¼ÓPUT,DELETE,MKCOL£º´´½¨¼¯ºÏ£¬COPYºÍMOVE·½·¨
¨Cwith-http_stub_status_module #»ñÈ¡NginxµÄ״̬ͳ¼ÆÐÅÏ¢
¨Cwith-http_addition_module #×÷Ϊһ¸öÊä³ö¹ýÂËÆ÷£¬Ö§³Ö²»ÍêÈ«»º³å£¬·Ö²¿·ÖÏàÓ¦ÇëÇó
¨Cwith-http_sub_module #ÔÊÐíһЩÆäËûÎı¾Ìæ»»NginxÏàÓ¦ÖеÄһЩÎı¾
¨Cwith-http_flv_module #Ìṩ֧³ÖflvÊÓÆµÎļþÖ§³Ö
¨Cwith-http_mp4_module #Ìṩ֧³Ömp4ÊÓÆµÎļþÖ§³Ö£¬ÌṩαÁ÷ýÌå·þÎñ¶ËÖ§
¨Cwith-http_ssl_module #ÆôÓÃngx_http_ssl_module
Èç¹ûpcreÊÇͨ¹ý±àÒë°²×°µÄ»°£¬ÀýÈç
# tar zxvf/usr/local/src/pcre-8.36.tar.gz -C /usr/local/src/ # cd /usr/local/src/pcre-8.36 # ./configure &&make && make install |
Ôò¨Cwith-pcre=/usr/local/src/pcre-8.36 #ÐèҪעÒ⣬ÕâÀïÖ¸µÄÊÇÔ´Âë,ÓÃ#./configure
¨Chelp | grep pcre²é¿´°ïÖú
[root@localhost nginx-1.10.2]#ln-s /usr/local/nginx1.10/sbin/nginx /usr/local/sbin/ [root@localhost nginx-1.10.2]#nginx-t |
Æô¶¯nginx
[root@localhost nginx-1.10.2]nginx [root@localhost nginx-1.10.2]# netstat -anpt | grep nginx tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 7424/nginx: master |
²âÊÔÊÇ·ñÒþ²ØÁ˰汾ºÍÈí¼þÃû
[root@localhost nginx-1.10.2]# curl -I http://192.168.129.150 HTTP/1.1 200 OK Server: IIS/7.0 Date: Sat, 18 Mar 2017 02:16:41 GMT Content-Type: text/html Content-Length: 612 Last-Modified: Sat, 18 Mar 2017 00:51:03 GMT Connection: keep-alive ETag: "58cc8477-264" Accept-Ranges: bytes [root@localhost nginx-1.10.2]# nginx -h nginx version: IIS/7.0 Usage: nginx [-?hvVtTq] [-s signal] [-c filename] [-p prefix] [-g directives]
Options:
-?,-h : this help
-v : show version and exit
-V : show version and configure options then exit
-t : test configuration and exit
-T : test configuration, dump it and exit
-q : suppress non-error messages during configuration
testing
-s signal : send signal to a master process: stop,
quit, reopen, reload
-p prefix : set prefix path (default: /usr/local/nginx1.10/)
-c filename : set configuration file (default:
conf/nginx.conf)
-g directives : set global directives out of configuration
file |
3¡¢nginxÅäÖÃÏîÓÅ»¯
[root@localhost nginx-1.10.2]# ps -ef | grep nginx root 7424 1 0 08:52 ? 00:00:00 nginx: master process nginx www 34878 7424 0 10:20 ? 00:00:00 nginx: worker process |
ÔÚÕâÀïÎÒÃÇ»¹¿ÉÒÔ¿´µ½Ôڲ鿴µÄʱºò£¬work½ø³ÌÊÇnginx³ÌÐòÓû§£¬µ«ÊÇmaster½ø³Ì»¹ÊÇroot£¬ÆäÖУ¬masterÊÇ¼à¿Ø½ø³Ì£¬Ò²½ÐÖ÷½ø³Ì£¬workÊǹ¤×÷½ø³Ì£¬²¿·Ö»¹ÓÐcacheÏà¹Ø½ø³Ì£¬¹ØÏµÈçͼ£º

¿ÉÒÔÖ±½ÓÀí½âΪmasterÊǹÜÀíÔ±£¬work½ø³Ì²ÅÊÇΪÓû§Ìṩ·þÎñµÄ!
(1):NginxÔËÐй¤×÷½ø³Ì¸öÊý£¬Ò»°ãÎÒÃÇÉèÖÃCPUµÄºËÐÄ»òÕߺËÐÄÊýx2
Èç¹û²»Á˽âcpuµÄºËÊý£¬¿ÉÒÔtopÃüÁîÖ®ºó°´1Ò²¿ÉÒÔ¿´³öÀ´£¬Ò²¿ÉÒԲ鿴/proc/cpuinfoÎļþ
[root@localhost nginx-1.10.2]# grep ^processor /proc/cpuinfo | wc -l
2
[root@localhost ~]#vi /usr/local/nginx1.10/conf/nginx.conf
worker_processes 4;
[root@localhost ~]#/usr/local/nginx1.10/sbin/nginx
-s reload
[root@localhost ~]# ps -aux | grep nginx | grep
-v grep
root 7424 0.0 0.1 178828 3004 ? Ss 08:52 0:00
nginx: master process nginx
www 34878 0.0 1.5 207536 28880 ? S 10:20 0:00
nginx: worker process
www 34879 0.0 1.5 207536 28636 ? S 10:20 0:00
nginx: worker process
www 34880 0.0 1.5 207536 28636 ? S 10:20 0:00
nginx: worker process
www 34881 0.0 1.5 207536 28576 ? S 10:20 0:00
nginx: worker process
www 34882 0.0 0.1 180912 1908 ? S 10:20 0:00
nginx: cache manager process |
NginxÔËÐÐCPUÇ׺ÍÁ¦
±ÈÈç4ºËÅäÖÃ
worker_processes 4;
worker_cpu_affinity 0001 0010 0100 1000; |
±ÈÈç8ºËÅäÖÃ
worker_processes 8; worker_cpu_affinity 00000001 0000001000000100 00001000 00010000 00100000 01000000 10000000; |
worker_processes×î¶à¿ªÆô8¸ö£¬8¸öÒÔÉÏÐÔÄÜÌáÉý²»»áÔÙÌáÉýÁË£¬¶øÇÒÎȶ¨ÐÔ±äµÃ¸üµÍ£¬ËùÒÔ8¸ö½ø³Ì¹»ÓÃÁË
Nginx×î¶à¿ÉÒÔ´ò¿ªÎļþÊý
worker_rlimit_nofile 65535; |
Õâ¸öÖ¸ÁîÊÇÖ¸µ±Ò»¸önginx½ø³Ì´ò¿ªµÄ×î¶àÎļþÃèÊö·ûÊýÄ¿£¬ÀíÂÛÖµÓ¦¸ÃÊÇ×î¶à´ò¿ªÎļþÊý(ulimit -n)Óënginx½ø³ÌÊýÏà³ý£¬µ«ÊÇnginx·ÖÅäÇëÇó²¢²»ÊÇÄÇô¾ùÔÈ£¬ËùÒÔ×îºÃÓëulimit
-nµÄÖµ±£³ÖÒ»Ö¡£
×¢:Îļþ×ÊÔ´ÏÞÖÆµÄÅäÖÿÉÒÔÔÚ/etc/security/limits.confÉèÖã¬Õë¶Ôroot/userµÈ¸÷¸öÓû§»òÕß*´ú±íËùÓÐÓû§À´ÉèÖá£
* soft nofile 65535 * hard nofile 65535 |
Óû§ÖØÐµÇ¼ÉúЧ(ulimit -n)
(2)Nginxʼþ´¦ÀíÄ£ÐÍ
events { use epoll; worker_connections 65535; multi_accept on; } |
nginx²ÉÓÃepollʼþÄ£ÐÍ£¬´¦ÀíЧÂʸß,work_connectionsÊǵ¥¸öworker½ø³ÌÔÊÐí¿Í»§¶Ë×î´óÁ¬½ÓÊý£¬Õâ¸öÊýÖµÒ»°ã¸ù¾Ý·þÎñÆ÷ÐÔÄܺÍÄÚ´æÀ´Öƶ¨£¬Êµ¼Ê×î´óÖµ¾ÍÊÇworker½ø³ÌÊý³ËÒÔwork_connections,ʵ¼ÊÎÒÃÇÌîÈëÒ»¸ö65535£¬×ã¹»ÁË£¬ÕâЩ¶¼Ëã²¢·¢Öµ£¬Ò»¸öÍøÕ¾µÄ²¢·¢´ïµ½Õâô´óµÄÊýÁ¿£¬Ò²ËãÒ»¸ö´óÕ¾ÁË!
multi_accept ¸æËßnginxÊÕµ½Ò»¸öÐÂÁ¬½Ó֪ͨºó½ÓÊܾ¡¿ÉÄܶàµÄÁ¬½Ó£¬Ä¬ÈÏÊÇon£¬ÉèÖÃΪonºó£¬¶à¸öworker°´´®Ðз½Ê½À´´¦ÀíÁ¬½Ó£¬Ò²¾ÍÊÇÒ»¸öÁ¬½ÓÖ»ÓÐÒ»¸öworker±»»½ÐÑ£¬ÆäËûµÄ´¦ÓÚÐÝÃß״̬£¬ÉèÖÃΪoffºó£¬¶à¸öworker°´²¢Ðз½Ê½À´´¦ÀíÁ¬½Ó£¬Ò²¾ÍÊÇÒ»¸öÁ¬½Ó»á»½ÐÑËùÓеÄworker£¬Ö±µ½Á¬½Ó·ÖÅäÍê±Ï£¬Ã»ÓÐÈ¡µÃÁ¬½ÓµÄ¼ÌÐøÐÝÃß¡£µ±ÄãµÄ·þÎñÆ÷Á¬½ÓÊý²»¶àʱ£¬¿ªÆôÕâ¸ö²ÎÊý»áÈøºÔØÓÐÒ»¶¨µÄ½µµÍ£¬µ«Êǵ±·þÎñÆ÷µÄÍÌÍÂÁ¿ºÜ´óʱ£¬ÎªÁËЧÂÊ£¬¿ÉÒԹرÕÕâ¸ö²ÎÊý¡£
(3)¿ªÆô¸ßЧ´«Êäģʽ
http { include mime.types; default_type application/octet-stream; ¡¡ sendfile on; tcp_nopush on; ¡¡ |
Include mime.types; //ýÌåÀàÐÍ,include Ö»ÊÇÒ»¸öÔÚµ±Ç°ÎļþÖаüº¬ÁíÒ»¸öÎļþÄÚÈݵÄÖ¸Áî
default_typeapplication/octet-stream; //ĬÈÏýÌåÀàÐÍ×ã¹»
sendfile on;//¿ªÆô¸ßЧÎļþ´«Êäģʽ£¬sendfileÖ¸ÁîÖ¸¶¨nginxÊÇ·ñµ÷ÓÃsendfileº¯ÊýÀ´Êä³öÎļþ£¬¶ÔÓÚÆÕͨӦÓÃÉèΪ
on£¬Èç¹ûÓÃÀ´½øÐÐÏÂÔØµÈÓ¦ÓôÅÅÌIOÖØ¸ºÔØÓ¦Ó㬿ÉÉèÖÃΪoff£¬ÒÔÆ½ºâ´ÅÅÌÓëÍøÂçI/O´¦ÀíËÙ¶È£¬½µµÍϵͳµÄ¸ºÔØ¡£
×¢Ò⣺Èç¹ûͼƬÏÔʾ²»Õý³£°ÑÕâ¸ö¸Ä³Éoff¡£
tcp_nopush on;±ØÐëÔÚsendfile¿ªÆôģʽ²ÅÓÐЧ£¬·ÀÖ¹ÍøÂ·×èÈû£¬»ý¼«µÄ¼õÉÙÍøÂ籨ÎĶεÄÊýÁ¿(½«ÏìӦͷºÍÕýÎĵĿªÊ¼²¿·ÖÒ»Æð·¢ËÍ£¬¶ø²»Ò»¸ö½ÓÒ»¸öµÄ·¢ËÍ¡£)
(4)Á¬½Ó³¬Ê±Ê±¼ä
Ö÷ҪĿµÄÊDZ£»¤·þÎñÆ÷×ÊÔ´£¬CPU£¬Äڴ棬¿ØÖÆÁ¬½ÓÊý£¬ÒòΪ½¨Á¢Á¬½ÓÒ²ÊÇÐèÒªÏûºÄ×ÊÔ´µÄ
keepalive_timeout 60; tcp_nodelay on; client_header_buffer_size 4k; open_file_cache max=102400 inactive=20s; open_file_cache_valid 30s; open_file_cache_min_uses 1; client_header_timeout 15; client_body_timeout 15; reset_timedout_connection on; send_timeout 15; server_tokens off; client_max_body_size 10m; |
keepalived_timeout¿Í»§¶ËÁ¬½Ó±£³Ö»á»°³¬Ê±Ê±¼ä£¬³¬¹ýÕâ¸öʱ¼ä£¬·þÎñÆ÷¶Ï¿ªÕâ¸öÁ´½Ó
tcp_nodelay;Ò²ÊÇ·ÀÖ¹ÍøÂç×èÈû£¬²»¹ýÒª°üºÔÚkeepalived²ÎÊý²ÅÓÐЧ
client_header_buffer_size4k;¿Í»§¶ËÇëÇóÍ·²¿µÄ»º³åÇø´óС£¬Õâ¸ö¿ÉÒÔ¸ù¾ÝÄãµÄϵͳ·ÖÒ³´óСÀ´ÉèÖã¬Ò»°ãÒ»¸öÇëÇóÍ·µÄ´óС²»»á³¬¹ý
1k£¬²»¹ýÓÉÓÚÒ»°ãϵͳ·ÖÒ³¶¼Òª´óÓÚ1k£¬ËùÒÔÕâÀïÉèÖÃΪ·ÖÒ³´óС¡£·ÖÒ³´óС¿ÉÒÔÓÃÃüÁîgetconf PAGESIZEÈ¡µÃ¡£
open_file_cache max=102400 inactive=20s;Õâ¸ö½«Îª´ò¿ªÎļþÖ¸¶¨»º´æ£¬Ä¬ÈÏÊÇûÓÐÆôÓõģ¬maxÖ¸¶¨»º´æÊýÁ¿£¬½¨ÒéºÍ´ò¿ªÎļþÊýÒ»Ö£¬inactive
ÊÇÖ¸¾¹ý¶à³¤Ê±¼äÎļþû±»ÇëÇóºóɾ³ý»º´æ¡£
open_file_cache_valid 30s;Õâ¸öÊÇÖ¸¶à³¤Ê±¼ä¼ì²éÒ»´Î»º´æµÄÓÐЧÐÅÏ¢¡£
open_file_cache_min_uses 1;open_file_cacheÖ¸ÁîÖеÄinactive
²ÎÊýʱ¼äÄÚÎļþµÄ×îÉÙʹÓôÎÊý£¬Èç¹û³¬¹ýÕâ¸öÊý×Ö£¬ÎļþÃèÊö·ûÒ»Ö±ÊÇÔÚ»º´æÖдò¿ªµÄ£¬ÈçÉÏÀý£¬Èç¹ûÓÐÒ»¸öÎļþÔÚinactive
ʱ¼äÄÚÒ»´Îû±»Ê¹Óã¬Ëü½«±»ÒƳý¡£
client_header_timeoutÉèÖÃÇëÇóÍ·µÄ³¬Ê±Ê±¼ä¡£ÎÒÃÇÒ²¿ÉÒÔ°ÑÕâ¸öÉèÖõÍЩ£¬Èç¹û³¬¹ýÕâ¸öʱ¼äûÓз¢ËÍÈκÎÊý¾Ý£¬nginx½«·µ»Ørequest
time outµÄ´íÎó
client_body_timeoutÉèÖÃÇëÇóÌåµÄ³¬Ê±Ê±¼ä¡£ÎÒÃÇÒ²¿ÉÒÔ°ÑÕâ¸öÉèÖõÍЩ£¬³¬¹ýÕâ¸öʱ¼äûÓз¢ËÍÈκÎÊý¾Ý£¬ºÍÉÏÃæÒ»ÑùµÄ´íÎóÌáʾ
reset_timeout_connection ¸æËßnginx¹Ø±Õ²»ÏìÓ¦µÄ¿Í»§¶ËÁ¬½Ó¡£Õ⽫»áÊÍ·ÅÄǸö¿Í»§¶ËËùÕ¼ÓеÄÄÚ´æ¿Õ¼ä¡£
send_timeoutÏìÓ¦¿Í»§¶Ë³¬Ê±Ê±¼ä£¬Õâ¸ö³¬Ê±Ê±¼ä½öÏÞÓÚÁ½¸ö»î¶¯Ö®¼äµÄʱ¼ä£¬Èç¹û³¬¹ýÕâ¸öʱ¼ä£¬¿Í»§¶ËûÓÐÈκλ£¬nginx¹Ø±ÕÁ¬½Ó
server_tokens ²¢²»»áÈÃnginxÖ´ÐеÄËٶȸü¿ì£¬µ«Ëü¿ÉÒԹرÕÔÚ´íÎóÒ³ÃæÖеÄnginx°æ±¾Êý×Ö£¬ÕâÑù¶ÔÓÚ°²È«ÐÔÊÇÓкô¦µÄ¡£client_max_body_sizeÉÏ´«Îļþ´óСÏÞÖÆ
(5)fastcgiµ÷ÓÅ
fastcgi_connect_timeout 600; fastcgi_send_timeout 600; fastcgi_read_timeout 600; fastcgi_buffer_size 64k; fastcgi_buffers 4 64k; fastcgi_busy_buffers_size 128k; fastcgi_temp_file_write_size 128k; fastcgi_temp_path /usr/local/nginx1.10/nginx_tmp; fastcgi_intercept_errors on; fastcgi_cache_path /usr/local/nginx1.10/fastcgi_cache levels=1:2 keys_zone=cache_fastcgi:128m inactive=1d max_size=10g; |
fastcgi_connect_timeout 600; #Ö¸¶¨Á¬½Óµ½ºó¶ËFastCGIµÄ³¬Ê±Ê±¼ä¡£
fastcgi_send_timeout 600; #ÏòFastCGI´«ËÍÇëÇóµÄ³¬Ê±Ê±¼ä¡£
fastcgi_read_timeout 600; #Ö¸¶¨½ÓÊÕFastCGIÓ¦´ðµÄ³¬Ê±Ê±¼ä¡£
fastcgi_buffer_size 64k; #Ö¸¶¨¶ÁÈ¡FastCGIÓ¦´ðµÚÒ»²¿·ÖÐèÒªÓöà´óµÄ»º³åÇø£¬Ä¬ÈϵĻº³åÇø´óСΪfastcgi_buffersÖ¸ÁîÖеÄÿ¿é´óС£¬¿ÉÒÔ½«Õâ¸öÖµÉèÖøüС¡£
fastcgi_buffers 4 64k; #Ö¸¶¨±¾µØÐèÒªÓöàÉٺͶà´óµÄ»º³åÇøÀ´»º³åFastCGIµÄÓ¦´ðÇëÇó£¬Èç¹ûÒ»¸öphp½Å±¾Ëù²úÉúµÄÒ³Ãæ´óСΪ256KB£¬ÄÇô»á·ÖÅä4¸ö64KBµÄ»º³åÇøÀ´»º´æ£¬Èç¹ûÒ³Ãæ´óС´óÓÚ256KB£¬ÄÇô´óÓÚ256KBµÄ²¿·Ö»á»º´æµ½fastcgi_temp_pathÖ¸¶¨µÄ·¾¶ÖУ¬µ«ÊÇÕâ²¢²»ÊǺ÷½·¨£¬ÒòΪÄÚ´æÖеÄÊý¾Ý´¦ÀíËÙ¶ÈÒª¿ìÓÚ´ÅÅÌ¡£Ò»°ãÕâ¸öÖµÓ¦¸ÃΪվµãÖÐphp½Å±¾Ëù²úÉúµÄÒ³Ãæ´óСµÄÖмäÖµ£¬Èç¹ûÕ¾µã´ó²¿·Ö½Å±¾Ëù²úÉúµÄÒ³Ãæ´óСΪ256KB£¬ÄÇô¿ÉÒÔ°ÑÕâ¸öÖµÉèÖÃΪ¡°8
32K¡±¡¢¡°4 64k¡±µÈ¡£
fastcgi_busy_buffers_size 128k; #½¨ÒéÉèÖÃΪfastcgi_buffersµÄÁ½±¶£¬·±Ã¦Ê±ºòµÄbuffer
fastcgi_temp_file_write_size 128k; #ÔÚдÈëfastcgi_temp_pathʱ½«Óöà´óµÄÊý¾Ý¿é£¬Ä¬ÈÏÖµÊÇfastcgi_buffersµÄÁ½±¶£¬¸ÃÊýÖµÉèÖÃСʱÈô¸ºÔØÉÏÀ´Ê±¿ÉÄܱ¨502Bad
Gateway
fastcgi_temp_path #»º´æÁÙʱĿ¼
fastcgi_intercept_errors on;#Õâ¸öÖ¸ÁîÖ¸¶¨ÊÇ·ñ´«µÝ4xxºÍ5xx´íÎóÐÅÏ¢µ½¿Í»§¶Ë£¬»òÕßÔÊÐínginxʹÓÃerror_page´¦Àí´íÎóÐÅÏ¢¡£
×¢£º¾²Ì¬Îļþ²»´æÔڻ᷵»Ø404Ò³Ãæ£¬µ«ÊÇphpÒ³ÃæÔò·µ»Ø¿Õ°×Ò³!!
fastcgi_cache_path /usr/local/nginx1.10/fastcgi_cachelevels=1:2
keys_zone=cache_fastcgi:128minactive=1d max_size=10g;#
fastcgi_cache»º´æÄ¿Â¼£¬¿ÉÒÔÉèÖÃĿ¼²ã¼¶£¬±ÈÈç1:2»áÉú³É16*256¸ö×ÓĿ¼£¬cache_fastcgiÊÇÕâ¸ö»º´æ¿Õ¼äµÄÃû×Ö£¬cacheÊÇÓöàÉÙÄÚ´æ(ÕâÑùÈÈÃŵÄÄÚÈÝnginxÖ±½Ó·ÅÄڴ棬Ìá¸ß·ÃÎÊËÙ¶È)£¬inactive±íʾĬÈÏʧЧʱ¼ä£¬Èç¹û»º´æÊý¾ÝÔÚʧЧʱ¼äÄÚûÓб»·ÃÎÊ,½«±»É¾³ý£¬max_size±íʾ×î¶àÓöàÉÙÓ²Å̿ռ䡣
fastcgi_cache cache_fastcgi; #±íʾ¿ªÆôFastCGI»º´æ²¢ÎªÆäÖ¸¶¨Ò»¸öÃû³Æ¡£¿ªÆô»º´æ·Ç³£ÓÐÓ㬿ÉÒÔÓÐЧ½µµÍCPUµÄ¸ºÔØ£¬²¢ÇÒ·ÀÖ¹502µÄ´íÎó·ÅÉú¡£cache_fastcgiΪproxy_cache_pathÖ¸Áî´´½¨µÄ»º´æÇøÃû³Æ
fastcgi_cache_valid 200 302 1h; #ÓÃÀ´Ö¸¶¨Ó¦´ð´úÂëµÄ»º´æÊ±¼ä£¬ÊµÀýÖеÄÖµ±íʾ½«200ºÍ302Ó¦´ð»º´æÒ»Ð¡Ê±£¬ÒªºÍfastcgi_cacheÅäºÏʹÓÃ
fastcgi_cache_valid 301 1d; #½«301Ó¦´ð»º´æÒ»Ìì
fastcgi_cache_valid any 1m; #½«ÆäËûÓ¦´ð»º´æÎª1·ÖÖÓ
fastcgi_cache_min_uses 1; #¸ÃÖ¸ÁîÓÃÓÚÉèÖþ¹ý¶àÉÙ´ÎÇëÇóµÄÏàͬURL½«±»»º´æ¡£
fastcgi_cache_keyhttp://$host$request_uri; #¸ÃÖ¸ÁîÓÃÀ´ÉèÖÃweb»º´æµÄKeyÖµ,nginx¸ù¾ÝKeyÖµmd5¹þÏ£´æ´¢.Ò»°ã¸ù¾Ý$host(ÓòÃû)¡¢$request_uri(ÇëÇóµÄ·¾¶)µÈ±äÁ¿×éºÏ³Éproxy_cache_key
¡£
fastcgi_pass #Ö¸¶¨FastCGI·þÎñÆ÷¼àÌý¶Ë¿ÚÓëµØÖ·£¬¿ÉÒÔÊDZ¾»ú»òÕ߯äËü
×ܽ᣺
nginxµÄ»º´æ¹¦ÄÜÓУºproxy_cache /fastcgi_cache
proxy_cacheµÄ×÷ÓÃÊÇ»º´æºó¶Ë·þÎñÆ÷µÄÄÚÈÝ£¬¿ÉÄÜÊÇÈκÎÄÚÈÝ£¬°üÀ¨¾²Ì¬µÄºÍ¶¯Ì¬¡£
fastcgi_cacheµÄ×÷ÓÃÊÇ»º´æfastcgiÉú³ÉµÄÄÚÈÝ£¬ºÜ¶àÇé¿öÊÇphpÉú³ÉµÄ¶¯Ì¬µÄÄÚÈÝ¡£
proxy_cache»º´æ¼õÉÙÁËnginxÓëºó¶ËͨÐŵĴÎÊý£¬½ÚÊ¡ÁË´«Êäʱ¼äºÍºó¶Ë¿í´ø¡£
fastcgi_cache»º´æ¼õÉÙÁËnginxÓëphpµÄͨÐŵĴÎÊý£¬¸ü¼õÇáÁËphpºÍÊý¾Ý¿â(mysql)µÄѹÁ¦¡£
(6)gzipµ÷ÓÅ
ʹÓÃgzipѹËõ¹¦ÄÜ£¬¿ÉÄÜΪÎÒÃǽÚÔ¼´ø¿í£¬¼Ó¿ì´«ÊäËÙ¶È£¬ÓиüºÃµÄÌåÑ飬ҲΪÎÒÃǽÚÔ¼³É±¾£¬ËùÒÔ˵ÕâÊÇÒ»¸öÖØµã¡£NginxÆôÓÃѹËõ¹¦ÄÜÐèÒªÄãÀ´ngx_http_gzip_moduleÄ£¿é£¬apacheʹÓõÄÊÇmod_deflateÒ»°ãÎÒÃÇÐèҪѹËõµÄÄÚÈÝÓУºÎı¾£¬js£¬html£¬css£¬¶ÔÓÚͼƬ£¬ÊÓÆµ£¬flashʲôµÄ²»Ñ¹Ëõ£¬Í¬Ê±Ò²Òª×¢Ò⣬ÎÒÃÇʹÓÃgzipµÄ¹¦ÄÜÊÇÐèÒªÏûºÄCPUµÄ!
gzip on; gzip_min_length 2k; gzip_buffers 4 32k; gzip_http_version 1.1; gzip_comp_level 6; gzip_types text/plaintext/css text/javascript application/json application/javascriptapplication/x-javascript application/xml; gzip_vary on; gzip_proxied any; |
gzip on; #¿ªÆôѹËõ¹¦ÄÜ
gzip_min_length 1k; #ÉèÖÃÔÊÐíѹËõµÄÒ³Ãæ×îС×Ö½ÚÊý£¬Ò³Ãæ×Ö½ÚÊý´ÓheaderÍ·µÄContent-LengthÖлñÈ¡£¬Ä¬ÈÏÖµÊÇ0£¬²»¹ÜÒ³Ãæ¶à´ó¶¼½øÐÐѹËõ£¬½¨ÒéÉèÖóɴóÓÚ1K£¬Èç¹ûСÓë1K¿ÉÄÜ»áԽѹԽ´ó¡£
gzip_buffers 4 32k; #ѹËõ»º³åÇø´óС£¬±íʾÉêÇë4¸öµ¥Î»Îª32KµÄÄÚ´æ×÷ΪѹËõ½á¹ûÁ÷»º´æ£¬Ä¬ÈÏÖµÊÇÉêÇëÓëÔʼÊý¾Ý´óСÏàͬµÄÄÚ´æ¿Õ¼äÀ´´æ´¢gzipѹËõ½á¹û¡£
gzip_http_version 1.1; #ѹËõ°æ±¾£¬ÓÃÓÚÉèÖÃʶ±ðHTTPÐÒé°æ±¾£¬Ä¬ÈÏÊÇ1.1£¬Ä¿Ç°´ó²¿·Öä¯ÀÀÆ÷ÒѾ֧³ÖGZIP½âѹ£¬Ê¹ÓÃĬÈϼ´¿É
gzip_comp_level 6; #ѹËõ±ÈÀý£¬ÓÃÀ´Ö¸¶¨GZIPѹËõ±È£¬1ѹËõ±È×îС£¬´¦ÀíËÙ¶È×î¿ì£¬9ѹËõ±È×î´ó£¬´«ÊäËٶȿ죬µ«ÊÇ´¦ÀíÂý£¬Ò²±È½ÏÏûºÄCPU×ÊÔ´¡£
gzip_types text/css text/xmlapplication/javascript;
#ÓÃÀ´Ö¸¶¨Ñ¹ËõµÄÀàÐÍ£¬¡®text/html¡¯ÀàÐÍ×ÜÊǻᱻѹËõ¡£
ĬÈÏÖµ: gzip_types text/html (ĬÈϲ»¶Ôjs/cssÎļþ½øÐÐѹËõ)
# ѹËõÀàÐÍ£¬Æ¥ÅäMIMEÀàÐͽøÐÐѹËõ
# ²»ÄÜÓÃͨÅä·û text/*
# (ÎÞÂÛÊÇ·ñÖ¸¶¨)text/htmlĬÈÏÒѾѹËõ
# ÉèÖÃÄÄѹËõÖÖÎı¾Îļþ¿É²Î¿¼ conf/mime.types
gzip_vary on; #vary headerÖ§³Ö£¬¸ÄÑ¡Ïî¿ÉÒÔÈÃǰ¶ËµÄ»º´æ·þÎñÆ÷»º´æ¾¹ýGZIPѹËõµÄÒ³Ãæ£¬ÀýÈçÓÃSquid»º´æ¾¹ýnginxѹËõµÄÊý¾Ý
(7)expires»º´æµ÷ÓÅ
»º´æ£¬Ö÷ÒªÕë¶ÔÓÚͼƬ£¬css£¬jsµÈÔªËØ¸ü¸Ä»ú»á±È½ÏÉÙµÄÇé¿öÏÂʹÓã¬ÌرðÊÇͼƬ£¬Õ¼Óôø¿í´ó£¬ÎÒÃÇÍêÈ«¿ÉÒÔÉèÖÃͼƬÔÚä¯ÀÀÆ÷±¾µØ»º´æ365d£¬css£¬js£¬html¿ÉÒÔ»º´æ¸ö10À´Ì죬ÕâÑùÓû§µÚÒ»´Î´ò¿ª¼ÓÔØÂýÒ»µã£¬µÚ¶þ´Î£¬¾Í·Ç³£¿ìÁË!»º´æµÄʱºò£¬ÎÒÃÇÐèÒª½«ÐèÒª»º´æµÄÍØÕ¹ÃûÁгöÀ´£¬
Expires»º´æÅäÖÃÔÚserver×Ö¶ÎÀïÃæ
location ~*\.(ico|jpe?g|gif|png|bmp|swf|flv)$ { expires 30d; #log_not_found off; access_log off; }
location ~* \.(js|css)$ {
expires 7d;
log_not_found off;
access_log off;
} |
×¢£ºlog_not_found off;ÊÇ·ñÔÚerror_logÖмǼ²»´æÔڵĴíÎó¡£Ä¬ÈÏÊÇ¡£
×ܽ᣺
expire¹¦ÄÜÓŵã (1)expires¿ÉÒÔ½µµÍÍøÕ¾¹ºÂòµÄ´ø¿í£¬½ÚÔ¼³É±¾(2)ͬʱÌáÉýÓû§·ÃÎÊÌåÑé(3)¼õÇá·þÎñµÄѹÁ¦£¬½ÚÔ¼·þÎñÆ÷³É±¾£¬ÊÇweb·þÎñ·Ç³£ÖØÒªµÄ¹¦ÄÜ¡£
expire¹¦ÄÜȱµã£º±»»º´æµÄÒ³Ãæ»òÊý¾Ý¸üÐÂÁË£¬Óû§¿´µ½µÄ¿ÉÄÜ»¹ÊǾɵÄÄÚÈÝ£¬·´¶øÓ°ÏìÓû§ÌåÑé¡£½â¾ö°ì·¨£ºµÚÒ»¸öËõ¶Ì»º´æÊ±¼ä£¬ÀýÈ磺1Ì죬µ«²»³¹µ×£¬³ý·Ç¸üÐÂÆµÂÊ´óÓÚ1Ìì;µÚ¶þ¸ö¶Ô»º´æµÄ¶ÔÏó¸ÄÃû¡£
ÍøÕ¾²»Ï£Íû±»»º´æµÄÄÚÈÝ 1)ÍøÕ¾Á÷Á¿Í³¼Æ¹¤¾ß2)¸üÐÂÆµ·±µÄÎļþ(googleµÄlogo)
(8)·ÀµÁÁ´
·ÀÖ¹±ðÈËÖ±½Ó´ÓÄãÍøÕ¾ÒýÓÃͼƬµÈÁ´½Ó£¬ÏûºÄÁËÄãµÄ×ÊÔ´ºÍÍøÂçÁ÷Á¿£¬ÄÇôÎÒÃǵĽâ¾ö°ì·¨Óɼ¸ÖÖ£º 1£ºË®Ó¡£¬Æ·ÅÆÐû´«£¬ÄãµÄ´ø¿í£¬·þÎñÆ÷×ã¹»
2£º·À»ðǽ£¬Ö±½Ó¿ØÖÆ£¬Ç°ÌáÊÇÄãÖªµÀIPÀ´Ô´ 3£º·ÀµÁÁ´²ßÂÔÏÂÃæµÄ·½·¨ÊÇÖ±½Ó¸øÓè404µÄ´íÎóÌáʾ
location ~*^.+\.(jpg|gif|png|swf|flv|wma|wmv|asf|mp3|mmf|zip|rar)$ { valid_referers none blocked www.benet.com benet.com; if ($invalid_referer) { #return 302 http://www.benet.com/img/nolink.jpg; return 404; break; } access_log off; } |
²ÎÊý¿ÉÒÔʹÈçÏÂÐÎʽ£º
none Òâ˼ÊDz»´æÔÚµÄRefererÍ·(±íʾ¿ÕµÄ£¬Ò²¾ÍÊÇÖ±½Ó·ÃÎÊ£¬±ÈÈçÖ±½ÓÔÚä¯ÀÀÆ÷´ò¿ªÒ»¸öͼƬ)
blocked ÒâΪ¸ù¾Ý·À»ðǽαװRefererÍ·£¬È磺¡°Referer: XXXXXXX¡±¡£
server_names Ϊһ¸ö»ò¶à¸ö·þÎñÆ÷µÄÁÐ±í£¬0.5.33°æ±¾ÒÔºó¿ÉÒÔÔÚÃû³ÆÖÐʹÓá°*¡±Í¨Åä·û¡£
(9)Äں˲ÎÊýÓÅ»¯
fs.file-max =999999£ºÕâ¸ö²ÎÊý±íʾ½ø³Ì(±ÈÈçÒ»¸öworker½ø³Ì)¿ÉÒÔͬʱ´ò¿ªµÄ×î´ó¾ä±úÊý£¬Õâ¸ö²ÎÊýÖ±ÏßÏÞÖÆ×î´ó²¢·¢Á¬½ÓÊý£¬Ðè¸ù¾Ýʵ¼ÊÇé¿öÅäÖá£
net.ipv4.tcp_max_tw_buckets= 6000 #Õâ¸ö²ÎÊý±íʾ²Ù×÷ϵͳÔÊÐíTIME_WAITÌ×½Ó×ÖÊýÁ¿µÄ×î´óÖµ£¬Èç¹û³¬¹ýÕâ¸öÊý×Ö£¬TIME_WAITÌ×½Ó×Ö½«Á¢¿Ì±»Çå³ý²¢´òÓ¡¾¯¸æÐÅÏ¢¡£¸Ã²ÎÊýĬÈÏΪ180000£¬¹ý¶àµÄTIME_WAITÌ×½Ó×Ö»áʹWeb·þÎñÆ÷±äÂý¡£
×¢£ºÖ÷¶¯¹Ø±ÕÁ¬½ÓµÄ·þÎñ¶Ë»á²úÉúTIME_WAIT״̬µÄÁ¬½Ó
net.ipv4.ip_local_port_range = 1024 65000 #ÔÊÐíϵͳ´ò¿ªµÄ¶Ë¿Ú·¶Î§¡£
net.ipv4.tcp_tw_recycle = 1#ÆôÓÃtimewait¿ìËÙ»ØÊÕ¡£
net.ipv4.tcp_tw_reuse = 1#¿ªÆôÖØÓá£ÔÊÐí½«TIME-WAITsocketsÖØÐÂÓÃÓÚеÄTCPÁ¬½Ó¡£Õâ¶ÔÓÚ·þÎñÆ÷À´ËµºÜÓÐÒâÒ壬ÒòΪ·þÎñÆ÷ÉÏ×Ü»áÓдóÁ¿TIME-WAIT״̬µÄÁ¬½Ó¡£
net.ipv4.tcp_keepalive_time= 30£ºÕâ¸ö²ÎÊý±íʾµ±keepaliveÆôÓÃʱ£¬TCP·¢ËÍkeepaliveÏûÏ¢µÄƵ¶È¡£Ä¬ÈÏÊÇ2Сʱ£¬Èô½«ÆäÉèÖõÄСһЩ£¬¿ÉÒÔ¸ü¿ìµØÇåÀíÎÞЧµÄÁ¬½Ó¡£
net.ipv4.tcp_syncookies = 1#¿ªÆôSYN Cookies£¬µ±³öÏÖSYNµÈ´ý¶ÓÁÐÒç³öʱ£¬ÆôÓÃcookiesÀ´´¦Àí¡£
net.core.somaxconn = 40960 #web Ó¦ÓÃÖÐ listen º¯ÊýµÄ backlog
ĬÈÏ»á¸øÎÒÃÇÄں˲ÎÊýµÄnet.core.somaxconn ÏÞÖÆµ½128£¬¶ønginx¶¨ÒåµÄNGX_LISTEN_BACKLOG
ĬÈÏΪ511£¬ËùÒÔÓбØÒªµ÷ÕûÕâ¸öÖµ¡£
×¢£º¶ÔÓÚÒ»¸öTCPÁ¬½Ó£¬ServerÓëClientÐèҪͨ¹ýÈý´ÎÎÕÊÖÀ´½¨Á¢ÍøÂçÁ¬½Ó.µ±Èý´ÎÎÕÊֳɹ¦ºó,ÎÒÃÇ¿ÉÒÔ¿´µ½¶Ë¿ÚµÄ״̬ÓÉLISTENת±äΪESTABLISHED,½Ó×ÅÕâÌõÁ´Â·ÉϾͿÉÒÔ¿ªÊ¼´«ËÍÊý¾ÝÁË.ÿһ¸ö´¦ÓÚ¼àÌý(Listen)״̬µÄ¶Ë¿Ú,¶¼ÓÐ×Ô¼ºµÄ¼àÌý¶ÓÁÐ.¼àÌý¶ÓÁеij¤¶ÈÓëÈçsomaxconn²ÎÊýºÍʹÓøö˿ڵijÌÐòÖÐlisten()º¯ÊýÓйØ
somaxconn²ÎÊý:¶¨ÒåÁËϵͳÖÐÿһ¸ö¶Ë¿Ú×î´óµÄ¼àÌý¶ÓÁеij¤¶È,ÕâÊǸöÈ«¾ÖµÄ²ÎÊý,ĬÈÏֵΪ128£¬¶ÔÓÚÒ»¸ö¾³£´¦ÀíÐÂÁ¬½ÓµÄ¸ß¸ºÔØ
web·þÎñ»·¾³À´Ëµ£¬Ä¬È쵀 128 ̫СÁË¡£´ó¶àÊý»·¾³Õâ¸öÖµ½¨ÒéÔö¼Óµ½ 1024 »òÕ߸ü¶à¡£´óµÄÕìÌý¶ÓÁжԷÀÖ¹¾Ü¾ø·þÎñDoS
¹¥»÷Ò²»áÓÐËù°ïÖú¡£
net.core.netdev_max_backlog = 262144 #ÿ¸öÍøÂç½Ó¿Ú½ÓÊÕÊý¾Ý°üµÄËÙÂʱÈÄں˴¦ÀíÕâЩ°üµÄËÙÂÊ¿ìʱ£¬ÔÊÐíË͵½¶ÓÁеÄÊý¾Ý°üµÄ×î´óÊýÄ¿¡£
net.ipv4.tcp_max_syn_backlog = 262144 #Õâ¸ö²ÎÊý±êʾTCPÈý´ÎÎÕÊÖ½¨Á¢½×¶Î½ÓÊÜSYNÇëÇó¶ÓÁеÄ×î´ó³¤¶È£¬Ä¬ÈÏΪ1024£¬½«ÆäÉèÖõôóһЩ¿ÉÒÔʹ³öÏÖNginx·±Ã¦À´²»¼°acceptÐÂÁ¬½ÓµÄÇé¿öʱ£¬Linux²»ÖÁÓÚ¶ªÊ§¿Í»§¶Ë·¢ÆðµÄÁ¬½ÓÇëÇó¡£
net.ipv4.tcp_rmem = 1024087380 12582912#Õâ¸ö²ÎÊý¶¨ÒåÁËTCP½ÓÊÜ»º´æ(ÓÃÓÚTCP½ÓÊÜ»¬¶¯´°¿Ú)µÄ×îСֵ¡¢Ä¬ÈÏÖµ¡¢×î´óÖµ¡£
net.ipv4.tcp_wmem = 10240 87380 12582912£ºÕâ¸ö²ÎÊý¶¨ÒåÁËTCP·¢ËÍ»º´æ(ÓÃÓÚTCP·¢ËÍ»¬¶¯´°¿Ú)µÄ×îСֵ¡¢Ä¬ÈÏÖµ¡¢×î´óÖµ¡£
net.core.rmem_default = 6291456£ºÕâ¸ö²ÎÊý±íʾÄÚºËÌ×½Ó×Ö½ÓÊÜ»º´æÇøÄ¬ÈϵĴóС¡£
net.core.wmem_default = 6291456£ºÕâ¸ö²ÎÊý±íʾÄÚºËÌ×½Ó×Ö·¢ËÍ»º´æÇøÄ¬ÈϵĴóС¡£
net.core.rmem_max = 12582912£ºÕâ¸ö²ÎÊý±íʾÄÚºËÌ×½Ó×Ö½ÓÊÜ»º´æÇøµÄ×î´ó´óС¡£
net.core.wmem_max = 12582912£ºÕâ¸ö²ÎÊý±íʾÄÚºËÌ×½Ó×Ö·¢ËÍ»º´æÇøµÄ×î´ó´óС¡£
net.ipv4.tcp_syncookies= 1£º¸Ã²ÎÊýÓëÐÔÄÜÎ޹أ¬ÓÃÓÚ½â¾öTCPµÄSYN¹¥»÷¡£
ÏÂÃæÌùÒ»¸öÍêÕûµÄÄÚºËÓÅ»¯ÉèÖãº
fs.file-max = 999999 net.ipv4.ip_forward = 0 net.ipv4.conf.default.rp_filter = 1 net.ipv4.conf.default.accept_source_route= 0 kernel.sysrq = 0 kernel.core_uses_pid = 1 net.ipv4.tcp_syncookies = 1 kernel.msgmnb = 65536 kernel.msgmax = 65536 kernel.shmmax = 68719476736 kernel.shmall = 4294967296 net.ipv4.tcp_max_tw_buckets = 6000 net.ipv4.tcp_sack = 1 net.ipv4.tcp_window_scaling = 1 net.ipv4.tcp_rmem = 10240 87380 12582912 net.ipv4.tcp_wmem = 10240 87380 12582912 net.core.wmem_default = 8388608 net.core.rmem_default = 8388608 net.core.rmem_max = 16777216 net.core.wmem_max = 16777216 net.core.netdev_max_backlog = 262144 net.core.somaxconn = 40960 net.ipv4.tcp_max_orphans = 3276800 net.ipv4.tcp_max_syn_backlog = 262144 net.ipv4.tcp_timestamps = 0 net.ipv4.tcp_synack_retries = 1 net.ipv4.tcp_syn_retries = 1 net.ipv4.tcp_tw_recycle = 1 net.ipv4.tcp_tw_reuse = 1 net.ipv4.tcp_mem = 94500000 915000000 927000000 net.ipv4.tcp_fin_timeout = 1 net.ipv4.tcp_keepalive_time = 30 net.ipv4.ip_local_port_range= 1024 65000 |
Ö´ÐÐsysctl -pʹÄÚºËÐÞ¸ÄÉúЧ
(10)¹ØÓÚϵͳÁ¬½ÓÊýµÄÓÅ»¯£º
linux ĬÈÏÖµ open filesΪ1024
[root@localhost ~]# ulimit -n
1024 |
˵Ã÷serverÖ»ÔÊÐíͬʱ´ò¿ª1024¸öÎļþ
ʹÓÃulimit -a ¿ÉÒԲ鿴µ±Ç°ÏµÍ³µÄËùÓÐÏÞÖÆÖµ£¬Ê¹ÓÃulimit -n ¿ÉÒԲ鿴µ±Ç°µÄ×î´ó´ò¿ªÎļþÊý¡£
ÐÂ×°µÄlinux ĬÈÏÖ»ÓÐ1024 £¬µ±×÷¸ºÔؽϴóµÄ·þÎñÆ÷ʱ£¬ºÜÈÝÒ×Óöµ½error: too many
open files¡£Òò´Ë£¬ÐèÒª½«Æä¸Ä´ó
ÔÚ/etc/security/limits.conf×îºóÔö¼Ó£º
* soft nofile 65535 * hard nofile 65535 * soft noproc 65535 * hard noproc 65535 |
¶þ¡¢²¿ÊðLNMP
1¡¢°²×°php
(1)½â¾öÒÀÀµ¹ØÏµ
[root@localhost ~]#yum -y install libxml2-devel libcurl-devel openssl-devel bzip2-devel |
°²×°libmcrypt
[root@localhost ~]#tar zxf libmcrypt-2.5.7.tar.gz [root@localhost ~]# cd libmcrypt-2.5.7/ [root@localhost libmcrypt-2.5.7]# ./configure --prefix=/usr/local/libmcrypt && make && make install |
(2)±àÒë°²×°php
[root@localhost ~]#tar zxf php-5.6.27.tar.gz [root@localhost ~]# cd php-5.6.27/ [root@localhost php-5.6.27]# ./configure --prefix=/usr/local/php5.6 --with-mysql=mysqlnd --with-pdo-mysql=mysqlnd --with-mysqli=mysqlnd --with-openssl --enable-fpm --enable-sockets --enable-sysvshm --enable-mbstring --with-freetype-dir --with-jpeg-dir --with-png-dir --with-zlib --with-libxml-dir=/usr --enable-xml --with-mhash --with-mcrypt=/usr/local/limcrypt --with-config-file-path=/etc --with-config-file-scan-dir=/etc/php.d --with-bz2--enable-maintainer-zts && make && make install |
(3)ÌṩphpÅäÖÃÎļþ
[root@localhost php-5.6.27]#cp php.ini-production /etc /php.ini |
(4)Ϊphp-fpmÌṩ½Å±¾
[root@localhost php-5.6.27]#cp sapi/fpm/init.d.php-fpm /etc/init.d/php-fpm [root@localhost php-5.6.27]#chmod +x /etc/init.d/php-fpm [root@localhost php-5.6.27]#chkconfig --add php-fpm [root@localhost php-5.6.27]#chkconfig php-fpm on |
(5)Ìṩphp-fpmÅäÖÃÎļþ²¢±à¼£º
[root@localhost php-5.6.27]#cp /usr/local/php5.6/etc/php-fpm.conf.default /usr/local/php5.6/etc/php-fpm.conf [root@localhost php-5.6.27]#vi /usr/local/php5.6/etc/php-fpm.conf |
ÐÞ¸ÄÄÚÈÝÈçÏ£º
pid = run/php-fpm.pid listen = 0.0.0.0:9000 pm.max_children =300 pm.start_servers =20 pm.min_spare_servers = 20 pm.max_spare_servers= 100 |
Æô¶¯php-fpm·þÎñ£º
[root@localhost php-5.6.27]#service php-fpm start Starting php-fpm done [root@localhost php-5.6.27]# netstat -anpt | grep php-fpm
tcp 0 0 0.0.0.0:9000 0.0.0.0:* LISTEN 33807/php-fpm:
mast
[root@localhost php-5.6.27]#firewall-cmd --permanent
--add-port=9000/tcp
success
[root@localhost php-5.6.27]#firewall-cmd --reloadl
success |
ÔÚnginx.confÎļþµÄserverÖÐÌí¼ÓÏÂÃæÄÚÈÝÖ§³Öphp
location ~ .*\.(php|php5)?$ { root html; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; include fastcgi.conf; fastcgi_cache cache_fastcgi; fastcgi_cache_valid 200 302 1h; fastcgi_cache_valid 301 1d; fastcgi_cache_valid any 1m; fastcgi_cache_min_uses 1; fastcgi_cache_use_stale errortimeout invalid_header http_500; fastcgi_cache_keyhttp://$host$request_uri; } |
ÏÂÃæÊÇnginx.confµÄÒ»¸öÍêÕûÅäÖÃÎļþ
user www www; worker_processes 4; worker_cpu_affinity 0001 0010 0100 1000; error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info;
pid logs/nginx.pid;
events {
use epoll;
worker_connections 65535;
multi_accept on;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user
[$time_local]"$request" '
# '$status$body_bytes_sent "$http_referer"
'
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
tcp_nopush on;
keepalive_timeout 65;
tcp_nodelay on;
client_header_buffer_size 4k;
open_file_cache max=102400 inactive=20s;
open_file_cache_valid 30s;
open_file_cache_min_uses 1;
client_header_timeout 15;
client_body_timeout 15;
reset_timedout_connection on;
send_timeout 15;
server_tokens off;
client_max_body_size 10m;
fastcgi_connect_timeout 600;
fastcgi_send_timeout 600;
fastcgi_read_timeout 600;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 128k;
fastcgi_temp_path/usr/local/nginx1.10/nginx_tmp;
fastcgi_intercept_errors on;
fastcgi_cache_path /usr/local/nginx1.10/fastcgi_cache
levels=1:2keys_zone=cache_fastcgi:128m inactive=1d
max_size=10g;
gzip on;
gzip_min_length 2k;
gzip_buffers 4 32k;
gzip_http_version 1.1;
gzip_comp_level 6;
gzip_types text/plain text/csstext/javascript
application/json application/javascriptapplication/x-javascript
application/xml;
gzip_vary on;
gzip_proxied any;
server {
listen 80;
server_name www.benet.com;
#charset koi8-r;
#access_log logs/host.access.log main;
location ~* ^.+\.(jpg|gif|png|swf|flv|wma|wmv|asf|mp3|mmf|zip|rar)$
{
valid_referers none blocked www.benet.com benet.com;
if ($invalid_referer) {
#return 302 http://www.benet.com/img/nolink.jpg;
return 404;
break;
}
access_log off;
}
location / {
root html;
index index.php index.html index.htm;
}
location ~* \.(ico|jpe?g|gif|png|bmp|swf|flv)$
{
expires 30d;
#log_not_found off;
access_log off;
}
location ~* \.(js|css)$ {
expires 7d;
log_not_found off;
access_log off;
}
location = /(favicon.ico|roboots.txt) {
access_log off;
log_not_found off;
}
location /status {
stub_status on;
}
location ~ .*\.(php|php5)?$ {
root html;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fastcgi.conf;
fastcgi_cache cache_fastcgi;
fastcgi_cache_valid 200 3021h;
fastcgi_cache_valid 301 1d;
fastcgi_cache_valid any 1m;
fastcgi_cache_min_uses 1;
fastcgi_cache_use_stale errortimeout invalid_header
http_500;
fastcgi_cache_keyhttp://$host$request_uri;
}
#error_page 404 /404.html;
# redirect server error pages to the static
page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
} |
ÖØÔØnginx·þÎñ
[root@localhost ~]# /usr/local/nginx1.10/sbin/nginx -s reload |
Èý¡¢ÑéÖ¤¡¢Ñ¹Á¦²âÊÔ
(1)ÑéÖ¤·ÀµÁÁ´
ʹÓÃapache×öΪһ¸ö²âÊÔÕ¾µã£¬ÓòÃûΪwww.test.com£¬ÔÚ²âÊÔÒ³ÉÏ×öÒ»¸ö³¬Á´½Ó£¬Á´½ÓnginxÕ¾µãµÄÒ»ÕÅͼƬ
[root@centos1 ~]# cat/var/www/html/index.html <a href="http://www.benet.com/11.gif">lianjie</a> |
NginxÕ¾µãµÄÍøÒ³Ä¿Â¼½áÈçÏÂ
[root@localhost ~]# tree /usr/local/nginx1.10/html/
/usr/local/nginx1.10/html/
©À©¤©¤ 11.gif
©À©¤©¤ 50x.html
©À©¤©¤ img
©¦ ©¸©¤©¤ nolink.jpg
©À©¤©¤ index.html
©À©¤©¤ test.php |
ÔÚ¿Í»§¶Ëä¯ÀÀÆ÷ÖÐÊäÈëwww.test.com (×¢ÒâÓòÃû½âÎöºÍ·À»ðǽ)

µã»÷Ò³ÃæÁ´½Ó

´ÓÉÏͼ¿ÉÒÔ¿´µ½·ÀµÁÁ´ÉèÖÃÉúЧÁË
(2)ÑéÖ¤gzip¹¦ÄÜ
ʹÓùȸèä¯ÀÀÆ÷²âÊÔ·ÃÎÊ£¬ÈçÏÂͼÏÔʾ½á¹û£º(Ìáʾ£ºÔÚ·ÃÎʲâÊÔҳ֮ǰ°´F12¼ü)

Óû§·ÃÎÊtest.phpÎļþ£¬ÔÚÉÏͼÖÐcontent-encoding:gzip±íÃ÷ÏìÓ¦¸øÓû§µÄÊý¾ÝÊÇѹËõ´«Êä¡£
(3)ѹÁ¦²âÊÔ
°²×°httpd-toolsÈí¼þ°ü
[root@localhost ~]# yum -y install httpd-tools [root@localhost ~]# ab -c 500 -n 50000 http://192.168.129.150/index.html This is ApacheBench, Version 2.3 <$Revision: 1430300 $> Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/ Licensed to The Apache Software Foundation, http://www.apache.org/ Benchmarking 192.168.129.150 (be patient) Completed 5000 requests Completed 10000 requests Completed 15000 requests Completed 20000 requests Completed 25000 requests Completed 30000 requests Completed 35000 requests Completed 40000 requests Completed 45000 requests Completed 50000 requests Finished 50000 requests
Server Software: IIS
Server Hostname: 192.168.129.150
Server Port: 80
Document Path: /index.html
Document Length: 612 bytes
Concurrency Level: 500
Time taken for tests: 3.607 seconds
Complete requests: 50000
Failed requests: 0
Write errors: 0
Total transferred: 41800000 bytes
HTML transferred: 30600000 bytes
Requests per second: 13862.78 [#/sec] (mean)
Time per request: 36.068 [ms] (mean)
Time per request: 0.072 [ms] (mean, across all
concurrent requests)
Transfer rate: 11317.66 [Kbytes/sec] received
Connection Times (ms)
min mean[+/-sd] median max
Connect: 0 16 25.5 15 1013
Processing: 4 18 4.1 18 71
Waiting: 1 14 4.3 12 36
Total: 17 34 25.7 34 1032
Percentage of the requests served within a certain
time (ms)
50% 34
66% 35
75% 35
80% 36
90% 37
95% 37
98% 38
99% 64
100% 1032 (longest request) |
µÚ¶þ´ÎѹÁ¦²âÊÔ£¬±È½ÏÁ½´ÎµÄ²îÒì
[root@localhost ~]# ab -c 1000 -n 100000 http://192.168.129.150/index.html This is ApacheBench, Version 2.3 <$Revision: 1430300 $> Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/ Licensed to The Apache Software Foundation, http://www.apache.org/ Benchmarking 192.168.129.150 (be patient) Completed 10000 requests Completed 20000 requests Completed 30000 requests Completed 40000 requests Completed 50000 requests Completed 60000 requests Completed 70000 requests Completed 80000 requests Completed 90000 requests Completed 100000 requests Finished 100000 requests
Server Software: IIS
Server Hostname: 192.168.129.150
Server Port: 80
Document Path: /index.html
Document Length: 612 bytes
Concurrency Level: 1000
Time taken for tests: 7.332 seconds
Complete requests: 100000
Failed requests: 0
Write errors: 0
Total transferred: 83600000 bytes
HTML transferred: 61200000 bytes
Requests per second: 13638.90 [#/sec] (mean)
Time per request: 73.320 [ms] (mean)
Time per request: 0.073 [ms] (mean, across all
concurrent requests)
Transfer rate: 11134.88 [Kbytes/sec] received
Connection Times (ms)
min mean[+/-sd] median max
Connect: 0 40 114.5 27 1046
Processing: 7 32 9.4 33 237
Waiting: 1 24 8.8 23 232
Total: 29 72 115.3 62 1075
Percentage of the requests served within a certain
time (ms)
50% 62
66% 69
75% 71
80% 72
90% 75
95% 76
98% 80
99% 1056
100% 1075 (longest request) |
(4)xcache¼ÓËÙphp
°²×°xcache
wget #ÏÂÔØ [root@localhost ~]#tar zxfxcache-3.2.0.tar.gz #½âѹ [root@localhost ~]# cd xcache-3.2.0/ #½øÈ밲װĿ¼ [root@localhost xcache-3.2.0]# /usr/local/php5.6/bin/phpize#ÓÃphpizeÉú³ÉconfigureÅäÖÃÎļþ [root@localhost xcache-3.2.0]# ./configure --enable-xcache --enable-xcache-coverager --enable-xcache-optimizer --with-php-config=/usr/local/php5.6/bin/php-config #ÅäÖà [root@localhost xcache-3.2.0]# make && make install #±àÒë¡¢°²×° Installing sharedextensions: /usr/local/php5.6/lib/php/extensions/no-debug-non-zts-20131226/ |
°²×°Íê³ÉÖ®ºó£¬³öÏÖÏÂÃæµÄ½çÃæ£¬¼ÇסÒÔÏ·¾¶£¬ºóÃæ»áÓõ½
/usr/local/php5.6/lib/php/extensions/no-debug-non-zts-20131226/
2)´´½¨xcache»º´æÎļþ
# touch /tmp/xcache # chmod 777 /tmp/xcache |
3)¿½±´xcacheºǫ́¹ÜÀí³ÌÐòµ½ÍøÕ¾¸ùĿ¼
[root@localhost xcache-3.2.0]# cp -r htdocs/ /usr/local/nginx1.10/html/xcache |
4)ÅäÖÃphpÖ§³Öxcache
vi / etc/php.ini #±à¼ÅäÖÃÎļþ£¬ÔÚ×îºóÒ»ÐÐÌí¼ÓÒÔÏÂÄÚÈÝ
[xcache-common] extension =/usr/local/php5.6/lib/php/extensions/no-debug-non-zts-20131226/xcache.so [xcache.admin] xcache.admin.enable_auth = Off [xcache] xcache.shm_scheme ="mmap" xcache.size=60M xcache.count =1 xcache.slots =8K xcache.ttl=0 xcache.gc_interval =0 xcache.var_size=64M xcache.var_count =1 xcache.var_slots =8K xcache.var_ttl=0 xcache.var_maxttl=0 xcache.var_gc_interval =300 xcache.test =Off xcache.readonly_protection = Off xcache.mmap_path="/tmp/xcache" xcache.coredump_directory ="" xcache.cacher =On xcache.stat=On xcache.optimizer =Off [xcache.coverager] xcache.coverager =On xcache.coveragedump_directory="" |
²âÊÔ
service php-fpm restart #ÖØÆôphp-fpm
ä¯ÀÀÆ÷´ò¿ªÍøÕ¾¸ùĿ¼ÏÂÃæµÄxcache
http://www.benet.com/xcache¿ÉÒÔ¿´µ½ÈçÏÂÒ³Ãæ£º

²âÊÔ¶Ôphp¶¯Ì¬Ò³ÃæµÄѹÁ¦²âÊÔ
[root@localhost xcache-3.2.0]# ab -c 1000 -n 100000 http://192.168.129.150/test.php This is ApacheBench, Version 2.3 <$Revision: 1430300 $> Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/ Licensed to The Apache Software Foundation, http://www.apache.org/
Benchmarking 192.168.129.150 (be patient)
Completed 10000 requests
Completed 20000 requests
Completed 30000 requests
Completed 40000 requests
Completed 50000 requests
Completed 60000 requests
Completed 70000 requests
Completed 80000 requests
Completed 90000 requests
Completed 100000 requests
Finished 100000 requests
Server Software: IIS
Server Hostname: 192.168.129.150
Server Port: 80
Document Path: /test.php
Document Length: 16 bytes
Concurrency Level: 1000
Time taken for tests: 7.031 seconds
Complete requests: 100000
Failed requests: 0
Write errors: 0
Non-2xx responses: 100000
Total transferred: 20000000 bytes
HTML transferred: 1600000 bytes
Requests per second: 14223.52 [#/sec] (mean)
Time per request: 70.306 [ms] (mean)
Time per request: 0.070 [ms] (mean, across all
concurrent requests)
Transfer rate: 2778.03 [Kbytes/sec] received
Connection Times (ms)
min mean[+/-sd] median max
Connect: 0 39 133.7 20 1035
Processing: 4 27 12.4 26 238
Waiting: 0 20 9.6 18 227
Total: 17 65 135.7 50 1254
Percentage of the requests served within a certain
time (ms)
50% 50
66% 54
75% 57
80% 59
90% 62
95% 65
98% 213
99% 1047
100% 1254 (longest request) |
Ö÷Òª²ÎÊý˵Ã÷£º
Requests per second£ºÆ½¾ùÿÃë´¦ÀíÊÂÎñÊý
Time per request£ºÆ½¾ùÊÂÎñÏìӦʱ¼ä
Tranfer rate£ºÆ½¾ùÿÃëÍøÂçÍÌÍÂÁ¿
|