跳至主要內容
3. nginx配置文件详解

3. nginx配置文件详解

配置文件详解

user nginx;
worker_processes  8;
worker_cpu_affinity auto;
#worker_cpu_affinity 00000001 00000010 00000100 00001000 00010000 00100000 01000000 10000000;
error_log  /var/log/nginx/error.log  error;
pid        /var/run/nginx.pid;
worker_rlimit_nofile 65535;

events {
    use epoll;
    worker_connections  20480;
}

http {
    include       mime.types;
    default_type  application/octet-stream;
    log_format  prod '$remote_addr|$remote_user|[$time_local]|$request|'
                     '$status|$body_bytes_sent|$http_referer|'
                     '$http_user_agent|$request_time|$host|$upstream_addr|$upstream_response_time';
    
    access_log  /var/log/nginx/access.log  prod;
    
    charset  utf-8;
    fastcgi_intercept_errors on;
    server_names_hash_bucket_size 256;
    client_header_buffer_size 32k;
    large_client_header_buffers 4 128k;

    server_tokens off;
    sendfile on;
    tcp_nopush on;
    tcp_nodelay on;
    #支持ssi包含文件
    ssi on;
    ssi_silent_errors on;
#   ssi_types text/html;

    keepalive_timeout  90;
    client_header_timeout 10;
    client_body_timeout 20;
    
    client_max_body_size 200m;
    client_body_buffer_size  128k;

    # include /etc/nginx/gzip.conf;
    gzip on;
	gzip_buffers 4 8k;
	gzip_comp_level 6;
	gzip_disable "MSIE [1-6]\.";
	gzip_http_version 1.1;
	gzip_min_length 1000;
	gzip_proxied any;
	gzip_vary on;
	gzip_types text/plain text/css application/javascript application/x-javascript text/xml application/xml application/xml+rss text/javascript application/json image/jpeg image/gif image/png image/jpg;
    

    # include /etc/nginx/proxy.conf;
    proxy_connect_timeout 90;
	proxy_read_timeout 90;
	proxy_send_timeout 90;
	proxy_buffer_size 32k;
	proxy_buffers 4 64k;
	proxy_busy_buffers_size 128k;
    
    
    # include /etc/nginx/backend.conf;
    upstream my_server_pool {
        server 192.168.1.109:80 weight=1 max_fails=2 fail_timeout=30;
        server 192.168.1.108:80 weight=2 max_fails=2 fail_timeout=30;
    }
    
    include /etc/nginx/conf.d/h5.conf;
}

Clay大约 11 分钟web中间件Nginx
4. 内核参数优化

4. 内核参数优化

linux内核参数优化(网络模块)

在Linux下调整内核参数,可以直接编辑配置文件/etc/sysctl.conf,然后执行sysctl -p命令生效

文件内容如下:

net.ipv4.ip_forward = 1
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
kernel.sysrq = 0
kernel.core_uses_pid = 1
kernel.msgmnb = 65536
kernel.msgmax = 65536
kernel.shmmax = 68719476736
kernel.shmall = 268435456
net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.core.somaxconn = 262144
net.core.netdev_max_backlog = 262144
net.ipv4.tcp_max_orphans = 262144
net.ipv4.tcp_max_tw_buckets = 6000
net.ipv4.tcp_tw_recycle = 0
net.ipv4.tcp_timestamps = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_max_syn_backlog = 30000
net.ipv4.tcp_syn_retries = 1
net.ipv4.tcp_synack_retries = 1
net.ipv4.ip_local_port_range = 1024 65000
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_keepalive_time = 30
net.ipv4.tcp_sack = 1
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_rmem = 4096 87380 4194304
net.ipv4.tcp_wmem = 4096 65536 4194304
net.ipv4.tcp_mem = 524288 699050 1048576
vm.swappiness = 0
vm.min_free_kbytes = 65536

Clay大约 6 分钟web中间件Nginx
1. 初识Nginx

1. 初识Nginx

1 Nginx的三个主要应用场景

三个主要应用场景为:

  • 静态资源服务(通过本地文件系统提供服务)
  • 反向代理服务
  • API服务(OpenRestydeng )

1.1 反向代理服务

1.1.1 负载均衡


Clay大约 17 分钟web中间件Nginx
2. nginx架构基础

2. nginx架构基础

1 Nginx请求处理流程

2 Nginx进程结构

3 Nginx进程管理:信号


Clay大约 2 分钟web中间件Nginx
3.1 nginx全局块和events块配置

3.1 nginx全局块和events块配置

1 example

# 运行Nginx进程的用户
user nginx;
worker_processes  8;
worker_cpu_affinity auto;

# 定义存储某类型的全局错误的日志位置
# nginx日志分为很多级别 [debug | info | notice | warn | error | crit | alert | emerg]
error_log  /var/log/nginx/error.log  error;
# 指定进程ID(pid)存放的路径 
pid        /var/run/nginx.pid;
# 一个nginx进程打开的最多文件描述符数目,理论值应该是系统的最多打开文件数(ulimit -n)与nginx进程数相除,但是nginx分配请求并不是那么均匀,所以最好与ulimit -n的值保持一致。
worker_rlimit_nofile 65535;

events {
    # 使用epoll的I/O模型,用这个模型来高效处理异步事件
    use epoll;
    # 每个进程允许的最多连接数,理论上每台nginx服务器的最大连接数为worker_processes*worker_connections。
    worker_connections  20480;
}

Clay大约 2 分钟web中间件Nginx
3.2 nginxHTTP块配置

3.2 nginxHTTP块配置

1 配置块的嵌套

http {
    upstream {...}
    split_clients {...}
    map {...}
    geo {...}
    server {
        if () {...}
        location {
            limit_except {...}
        }
        location {
            location {
                
            }
        }
    }
    server {
    }
}

Clay大约 3 分钟web中间件Nginx
3.4 nginxLOCATION块配置

3.4 nginxLOCATION块配置

nginxlocation的匹配模式有以下几种:

  • 精确匹配:以=开头,只有完全匹配才能生效,例子location = /uri

  • 非正则匹配:以^~开头,^表示非、~表示正则,例子location ^~ /uri

  • 正则匹配:

    • ~开头,表示区分大小写的正则匹配,例子location ~ pattern
    • !~开头,表示区分大小写不匹配的正则,例子location !~ pattern
    • ~*开头,表示不区分大小写的正则匹配,例子location ~* pattern
    • !~*开头,表示不区分大小写不匹配的正则,例子location !~* pattern
  • 普通匹配:不带任何修饰符,例子location /urilocation /


Clay大约 6 分钟web中间件Nginx
3.5 nginx常用模块

3.5 nginx常用模块

1 Module ngx_http_gzip_module

ngx_http_gzip_module模块是一个使用“gzip”方法压缩响应的过滤器。这通常有助于将传输数据的大小减少一半甚至更多。

使用SSL / TLS协议时,压缩的响应可能会受到 BREACH攻击。


Clay大约 9 分钟web中间件Nginx
6. nginx的常见问题

6. nginx的常见问题

nginx 配置支持 websocket 连接

        proxy_http_version 1.1;
        proxy_set_header Host $host;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection $http_connection;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

Clay大约 6 分钟web中间件Nginx
2