nginx簡介
Nginx是異步框架的網頁服務器,也可以用作反向代理、負載平衡器和HTTP緩存
模塊
核心模塊:core module
標準模塊:HTTP modules:Mail modules Stream modules:
其他模塊:第三方模塊
核心模塊
一、必備配置:
1.定義工作進程使用user和group。 默認group,nginx會使用與user相同的組名。
Syntax: user user [group];
Default:
user nobody nobody;
Context: main
3.定義將存儲主進程的進程ID的文件
Syntax: pid file;
Default:
pid logs/nginx.pid;
Context: main
3.包含另一個文件或與指定掩碼匹配的文件到配置中
Syntax: include file | mask;
Default: —
Context: any
4.指明要裝載的動態模塊
Syntax: load_module file;
Default: —
Context: main
This directive appeared in version 1.9.11.
二、性能優化相關配置
1.定義工作進程的數量
Syntax: worker_processes number | auto;
Default:
worker_processes 1;
Context: main
2.綁定工作進程到指定的CPU
Syntax: worker_cpu_affinity cpumask ...;
worker_cpu_affinity auto [cpumask];
Default: —
Context: main
示例
0001:0號CPU
0010:1號CPU
worker_processes 4;
worker_cpu_affinity 0001 0010 0100 1000;
自動綁定的CPU
worker_processes auto;
worker_cpu_affinity auto;
3.定義工作進程的調度優先級,就像使用nice命令一樣:負數表示更高的優先級。(-20~20)
Syntax: worker_priority number;
Default:
worker_priority 0;
Context: main
4.最大打開文件數。用於在不重新啓動主進程的情況下增加限制。
Syntax: worker_rlimit_nofile number;
Default: —
Context: main
三、調試、定位問題
1.nginx是否應該成爲守護進程
Syntax: daemon on | off;
Default:
daemon on;
Context: main
2.master、worker模型運行nginx
Syntax: master_process on | off;
Default:
master_process on;
Context: main
3.配置日誌 第一個參數定義了存放日誌的文件。第二個參數定義日誌級別
Syntax: error_log file [level];
Default:
error_log logs/error.log error;
Context: main, http, mail, stream, server, location
HTTP模塊
一、HTTP服務器提供配置
Syntax: http { ... }
Default: —
Context: main
二、設置虛擬服務器的配置
Syntax: server { ... }
Default: —
Context: http
1.定義讀取客戶端請求頭部的超時。 返回錯誤408
Syntax: client_header_timeout time;
Default:
client_header_timeout 60s;
Context: http, server
2.定義讀取客戶端請求正文的超時。返回錯誤408
Syntax: client_body_timeout time;
Default:
client_body_timeout 60s;
Context: http, server, location
3.設置向客戶端傳輸響應的超時。返回錯誤408
Syntax: send_timeout time;
Default:
send_timeout 60s;
Context: http, server, location
4.設置讀取客戶端請求標頭的緩衝區大小。
Syntax: client_header_buffer_size size;
Default:
client_header_buffer_size 1k;
Context: http, server
5.設置用於讀取大型客戶端請求標頭的緩衝區的最大數量和大小
Syntax: large_client_header_buffers number size;
Default:
large_client_header_buffers 4 8k;
Context: http, server
6.設置用於從磁盤讀取響應的緩衝區的數量和大小
Syntax: output_buffers number size;
Default:
output_buffers 2 32k;
Context: http, server, location
7.客戶端的數據將被推遲發送,直到nginx需要發送的數據至少有1460字節
Syntax: postpone_output size;
Default:
postpone_output 1460;
Context: http, server, location
8.啓用或禁用sendfile功能
Syntax: sendfile on | off;
Default:
sendfile off;
Context: http, server, location, if in location
9.啓用或禁用TCP_NOPUSH套接字功能
Syntax: tcp_nopush on | off;
Default:
tcp_nopush off;
Context: http, server, location
10.啓用或禁用TCP_NODELAY套接字功能
Syntax: tcp_nodelay on | off;
Default:
tcp_nodelay on;
Context: http, server, location
11.將嘗試最小化向客戶端發送數據的次數,第二個參數爲可選項,設置“Keep-Alive: timeout=time”響應頭的值
Syntax: send_lowat size;
Default:
send_lowat 0;
Context: http, server, location
12.客戶端的長連接在服務器端保持的最長時間
Syntax: keepalive_timeout timeout [header_timeout];
Default:
keepalive_timeout 75s;
Context: http, server, location
13.設置監聽IP的地址和端口
Syntax: listen address[:port] [default_server] [ssl] [http2 | spdy] [proxy_protocol] [setfib=number] [fastopen=number] [backlog=number] [rcvbuf=size] [sndbuf=size] [accept_filter=filter] [deferred] [bind] [ipv6only=on|off] [reuseport] [so_keepalive=on|off|[keepidle]:[keepintvl]:[keepcnt]];
listen port [default_server] [ssl] [http2 | spdy] [proxy_protocol] [setfib=number] [fastopen=number] [backlog=number] [rcvbuf=size] [sndbuf=size] [accept_filter=filter] [deferred] [bind] [ipv6only=on|off] [reuseport] [so_keepalive=on|off|[keepidle]:[keepintvl]:[keepcnt]];
listen unix:path [default_server] [ssl] [http2 | spdy] [proxy_protocol] [backlog=number] [rcvbuf=size] [sndbuf=size] [accept_filter=filter] [deferred] [bind] [so_keepalive=on|off|[keepidle]:[keepintvl]:[keepcnt]];
Default:
listen *:80 | *:8000;
Context: server
14.設置請求的根目錄
Syntax: root path;
Default:
root html;
Context: http, server, location, if in location
15.根據請求URI設置配置
Syntax: location [ = | ~ | ~* | ^~ ] uri { ... }
location @name { ... }
Default: —
Context: server, location
一個server可配置多個location
匹配優先級:=, ^~, ~,~*,不帶符號
=:對URI做精確匹配
~:對URI做正則表達式模式匹配,區分字符大小寫
*~:對URI做正則表達式模式匹配,不區分字符大小寫
^~:對URI的左半部分做匹配檢查,不區分字符大小寫
不帶符號:匹配起始於此uri的所有的url
示例**
請求“/”匹配配置A, 請求“/index.html”匹配配置B, 請求“/documents/document.html”匹配配置C, 請求“/images/1.gif”匹配配置D, 請求“/documents/1.jpg”匹配配置E
location = / {
[ configuration A ]
}
location / {
[ configuration B ]
}
location /documents/ {
[ configuration C ]
}
location ^~ /images/ {
[ configuration D ]
}
location ~* \.(gif|jpg|jpeg)$ {
[ configuration E ]
}
15.定義路徑別名
Syntax: alias path;
Default: —
Context: location
root:給定的路徑對應於location中的/uri/左側的/;
alias:給定的路徑對應於location中的/uri/右側的/;
16.定義錯誤顯示的URL
Syntax: error_page code ... [=[response]] uri;
Default: —
Context: http, server, location, if in location
17.按指定順序檢查文件是否存在
Syntax: try_files file ... uri;
try_files file ... =code;
Default: —
Context: server, location
定義客戶端請求的相關配置
18.客戶端的長連接在服務器端保持的最長時間
Syntax: keepalive_timeout timeout [header_timeout];
Default:
keepalive_timeout 75s;
Context: http, server, location
19.在一次長連接上所允許請求的資源的最大數量,默認爲100;
Syntax: keepalive_requests number;
Default:
keepalive_requests 100;
Context: http, server, location
20.禁用某種瀏覽器長連接;
Syntax: keepalive_disable none | browser ...;
Default:
keepalive_disable msie6;
Context: http, server, location
21.向客戶端發送響應報文的超時時長,此處,是指兩次寫操作之間的間隔時長;
Syntax: send_timeout time;
Default:
send_timeout 60s;
Context: http, server, location
22.用於接收客戶端請求報文的body部分的緩衝區大小;默認爲16k;超出此大小時,其將被暫存到磁盤上的由client_body_temp_path指令所定義的位置;
Syntax: client_body_buffer_size size;
Default:
client_body_buffer_size 8k|16k;
Context: http, server, location
23.設定用於存儲客戶端請求報文的body部分的臨時存儲路徑及子目錄結構和數量;
Syntax: client_body_temp_path path [level1 [level2 [level3]]];
Default:
client_body_temp_path client_body_temp;
Context: http, server, location
對客戶端進行限制的相關配置
24限制向客戶端傳送響應的速率限制,單位是bytes/second,0表示無限制;
Syntax: limit_rate rate;
Default:
limit_rate 0;
Context: http, server, location, if in location
25.允許按請求的HTTP方法限制對某路徑的請求
Syntax: limit_except method ... { ... }
Default: —
Context: location
示例
limit_except GET {
allow 192.168.1.0/32;
deny all;
}
文件操作優化的配置
26.是否開啓aio功能
Syntax: aio on | off | threads[=pool];
Default:
aio off;
Context: http, server, location
This directive appeared in version 0.8.11.
27.當讀入長度大於等於指定size的文件時,是否開啓DirectIO功能
Syntax: directio size | off;
Default:
directio off;
Context: http, server, location
This directive appeared in version 0.7.7.
28.用於配置文件緩存
Syntax: open_file_cache off;
open_file_cache max=N [inactive=time];
Default:
open_file_cache off;
Context: http, server, location
緩存以下三種信息:
打開文件描述符,它們的大小和修改時間;
關於目錄存在的信息;
文件查找錯誤,例如“找不到文件”,“沒有讀取權限”等。
max=N:可緩存的緩存項上限;達到上限後會使用LRU算法實現緩存管理;
inactive=time:緩存項的非活動時長,如果在此期間未訪問該元素,則從該緩存中刪除該元素
29.緩存項有效性的檢查頻率;默認爲60s;
Syntax: open_file_cache_valid time;
Default:
open_file_cache_valid 60s;
Context: http, server, location
30.設置open_file_cache指令的inactive參數指定的時長內
Syntax: open_file_cache_min_uses number;
Default:
open_file_cache_min_uses 1;
Context: http, server, location
31.是否緩存查找時發生錯誤的文件一類的信息;
Syntax: open_file_cache_errors on | off;
Default:
open_file_cache_errors off;
Context: http, server, location
三、nginx官網配置示例
http {
include conf/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] '
'"$request" $status $bytes_sent '
'"$http_referer" "$http_user_agent" '
'"$gzip_ratio"';
log_format download '$remote_addr - $remote_user [$time_local] '
'"$request" $status $bytes_sent '
'"$http_referer" "$http_user_agent" '
'"$http_range" "$sent_http_content_range"';
client_header_timeout 3m;
client_body_timeout 3m;
send_timeout 3m;
client_header_buffer_size 1k;
large_client_header_buffers 4 4k;
gzip on;
gzip_min_length 1100;
gzip_buffers 4 8k;
gzip_types text/plain;
output_buffers 1 32k;
postpone_output 1460;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
send_lowat 12000;
keepalive_timeout 75 20;
#lingering_time 30;
#lingering_timeout 10;
#reset_timedout_connection on;
server {
listen one.example.com;
server_name one.example.com www.one.example.com;
access_log /var/log/nginx.access_log main;
location / {
proxy_pass http://127.0.0.1/;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
#proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 10m;
client_body_buffer_size 128k;
client_body_temp_path /var/nginx/client_body_temp;
proxy_connect_timeout 70;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_send_lowat 12000;
proxy_buffer_size 4k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
proxy_temp_path /var/nginx/proxy_temp;
charset koi8-r;
}