### 秒杀nginx优化 有问题或者宝贵意见联系我的QQ,非常希望你的加入! ##要求: >目标 1.并发优化 2.KeepALive长连接优化 3.压缩优化 4.配置缓存 #### [/docs/tools/nginx nginx优化相关包](/docs/tools) 安装:cd yum install -y gcc gcc-c++ ./configure --prefix=/usr/local/nginx --with-pcre=/home/qiurunze/下载/pcre-8.38 --with-http_stub_status_module --with-http_gzip_static_module --add-module=/home/qiurunze/下载/ngx_cache_purge-2.3 make make install ps -ef | grep nginx ./sbin/nginx -s reload http://nginx.org/en/docs/ 1.工作线程数和并发连接数 worker_processes 4; #cpu,如果nginx单独在一台机器上 worker_processes auto; events { worker_connections 4096;#每一个进程打开的最大连接数,超出了log中会有记录 multi_accept on; #可以一次建立多个连接 use epoll; } worker_rlimit_nofile 10240;每个进程打开的最大的文件数,受限于操作系统: vi /etc/security/limits.conf * hard nofile 102400 * soft nofile 102400 * soft core unlimited * soft stack 10240 2.操作系统优化 配置文件/etc/sysctl.conf sysctl -w net.ipv4.tcp_syncookies=1#防止一个套接字在有过多试图连接到达时引起过载 sysctl-w net.core.somaxconn=1024#默认128,连接队列 sysctl-w net.ipv4.tcp_fin_timeout=10 # timewait的超时时间 sysctl -w net.ipv4.tcp_tw_reuse=1 #os直接使用timewait的连接 sysctl -w net.ipv4.tcp_tw_recycle = 0 #回收禁用 3.Keepalive长连接 Nginx与upstream server: upstream server_pool{ server localhost:8080 weight=1 max_fails=2 fail_timeout=30s; keepalive 300; #300个长连接 } 同时要在location中设置: location / { proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } 客户端与nginx(默认是打开的): 4.keepalive_timeout 60s; #长连接的超时时间 keepalive_requests 100; #100个请求之后就关闭连接,可以调大 keepalive_disable msie6; #ie6禁用启用压缩 gzip on; gzip_disable "MSIE [1-6]\.(?!.*SV1)"; gzip_proxied any; gzip_types text/html text/plain application/x-javascript application/javascript text/css application/xml gzip_vary on; #Vary: Accept-Encoding gzip_static on; #如果有压缩好的 直接使用 5.状态监控 location = /nginx_status { stub_status on; access_log off; allow ; deny all; } 输出结果: Active connections: 1 server accepts handled requests 17122 17122 34873 Reading: 0 Writing: 1 Waiting: 0 Active connections:当前实时的并发连接数 accepts:收到的总连接数, handled:处理的总连接数 requests:处理的总请求数 Reading:当前有都少个读,读取客户端的请求 Writing:当前有多少个写,向客户端输出 Waiting:当前有多少个长连接(reading + writing) reading – nginx reads request header writing – nginx reads request body, processes request, or writes response to a client waiting – keep-alive connections, actually it is active - (reading + writing) 6.实时请求信息统计ngxtop https://github.com/lebinh/ngxtop (1)安装python-pip yum install epel-release yum install python-pip (2)安装ngxtop pip install ngxtop (3)使用 指定配置文件: ngxtop -c ./conf/nginx.conf 查询状态是200: ngxtop -c ./conf/nginx.conf --filter 'status == 200' 查询那个ip访问最多: ngxtop -c ./conf/nginx.conf --group-by remote_addr ----------------------------------------------------------------------------- nginx.conf配置文件 user www; worker_processes 4;#取决于cpu error_log logs/error.log; pid logs/nginx.pid; worker_rlimit_nofile 10240; #每个进程打开的最大的文件数,受限于操作系统/etc/security/limits.conf events { worker_connections 10240;#每一个进程打开的最大连接数,超出了log中会有记录 multi_accept on; #可以一次建立多个连接 use epoll; } http { include mime.types; default_type application/octet-stream; server_tokens off; #隐藏版本号 client_max_body_size 10m; #文件上传需要调大 log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log logs/access.log main; #默认写日志:打开文件写入关闭,max:缓存的文件描述符数量,inactive缓存时间,valid:检查时间间隔,min_uses:在inactive时间段内使用了多少次加入缓存 open_log_file_cache max=200 inactive=20s valid=1m min_uses=2; sendfile on; tcp_nopush on; #与浏览器的长连接 keepalive_timeout 65;#长连接超时时间 keepalive_requests 500;#500个请求以后,关闭长连接 keepalive_disable msie6; # 启用压缩 gzip on; gzip_disable "MSIE [1-6]\.(?!.*SV1)"; gzip_proxied any; gzip_types text/plain application/x-javascript application/javascript text/css application/xml; gzip_vary on; #Vary: Accept-Encoding gzip_static on; #如果有压缩好的 直接使用 #超时时间 proxy_connect_timeout 5; #连接proxy超时 proxy_send_timeout 5; # proxy连接nginx超时 proxy_read_timeout 60;# proxy响应超时 # 开启缓存,2级目录 proxy_cache_path /usr/local/nginx/proxy_cache levels=1:2 keys_zone=cache_one:200m inactive=1d max_size=20g; proxy_ignore_headers X-Accel-Expires Expires Cache-Control; proxy_hide_header Cache-Control; proxy_hide_header Pragma; #反向代理服务器集群 upstream server_pool{ server localhost:8080 weight=1 max_fails=2 fail_timeout=30s; server localhost:8081 weight=1 max_fails=2 fail_timeout=30s; keepalive 200; # 最大的空闲的长连接数 } server { listen 80; server_name localhost 192.168.220.133; location / { #长连接 proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; #Tomcat获取真实用户ip proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-Proto $scheme; proxy_pass http://server_pool; } # 状态监控 location /nginx_status { stub_status on; access_log off; allow 127.0.0.1; allow 192.168.220.133; deny all; } #用于清除缓存 location ~ /purge(/.*) { allow 127.0.0.1; allow 192.168.220.133; deny all; proxy_cache_purge cache_one $host$1$is_args$args; } # 静态文件加缓存 location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|js|css|html|htm)?$ { expires 1d; proxy_cache cache_one; proxy_cache_valid 200 304 1d; proxy_cache_valid any 1m; proxy_cache_key $host$uri$is_args$args; proxy_pass http://server_pool; } } }