nginx配置缓存限流
生产环境因促销活动,流量突增。使用nginx缓存,减少页面渲染。
- 先上一下配置文件
user ihsuser;
worker_processes 2;
events {
use epoll;
worker_connections 10240;
}
http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'"$status"------------"$body_bytes_sent"--- "$request_time" '
'$upstream_response_time $upstream_addr '
'"$http_referer" "$http_user_agent" "$http_x_forwarded_for"---------$http_x_real_ip';
access_log /eblog/openresty-web/nginx/access.log main;
# mall 负载均衡
upstream ***_server {
server was-1.********************:9080;
server was-2.********************:8080;
server was-3.********************:9080;
}
# img
upstream fdfs_img {
## need to confirm
server fdfs.********************:18081 weight=1 max_fails=2 fail_timeout=30s;
server fdfs.********************:18080 weight=1 max_fails=2 fail_timeout=30s;
server fdfs.********************:18080 weight=1 max_fails=2 fail_timeout=30s;
}
# report
upstream img_report {
## need to confirm
server dubbo-1.********************:18090 weight=1 max_fails=2 fail_timeout=30s;
server dubbo-2.********************:18080 weight=1 max_fails=2 fail_timeout=30s;
}
sendfile on; #设置为on表示启动高效传输文件的模式
keepalive_timeout 65; #连接超时时间
gzip on; #开启压缩
gzip_types text/plain application/x-javascript text/css application/xml text/javascript;
proxy_cache_path /ebank/apps/cache levels=1:2 keys_zone=cache1:500m inactive=1d max_size=2g; #配置缓存
#levels 设置缓存文件目录层次;levels=1:2 表示两级目录
#keys_zone 设置缓存名字和共享内存大小
#inactive 在指定时间内没人访问则被删除
#max_size 最大缓存空间,如果缓存空间满,默认覆盖掉缓存时间最长的资源。
limit_req_zone 'secKillList' zone=secKillListZone:10m rate=50r/s; #配置限流
#limit_req_zone的功能是通过 令牌桶原理来限制 用户的连接频率
#分配一个大小为10m的内存存储区,限制了每秒只接受50个IP的频率。
limit_req_zone 'cartAdd' zone=cartAdd:10m rate=50r/s;
server {
listen 80;
server_name localhost;
location ~* ^/(groupbuy|secbuy|brandshop)$ {
rewrite ^(.*) /mall$1;
}
location ~* ^/mall/(groupbuy|secbuy|brandshop)$ {
proxy_pass http://***_server;
proxy_intercept_errors on;
add_header Access-Control-Allow-Origin http://*****************.cn;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
add_header cache1 cache2;
proxy_cache cache1;
proxy_cache_valid 200 10s;
proxy_cache_key $uri;
expires 10s;
}
location ~* ^/(|index|mall|mall/)$ {
rewrite ^ /mall/index ;
}
location /mall/index {
proxy_pass http://***_server;
proxy_intercept_errors on;
add_header Access-Control-Allow-Origin http://*****************.cn;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
add_header cache1 cache3;
proxy_cache cache1;
proxy_cache_key $uri;
proxy_cache_valid 200 304 1s;
expires 2s;
}
# shop
location /mall {
if (-d $request_filename) {
rewrite ^/(.*) /mall$1 break;
}
proxy_pass http://***_server;
proxy_intercept_errors on;
add_header Access-Control-Allow-Origin http://*****************.cn;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
}
location / {
rewrite ^(.*) /mall$1 break;
proxy_pass http://***_server;
proxy_intercept_errors on;
add_header Access-Control-Allow-Origin http://*****************.cn;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
}
location /mall/goods/ {
proxy_intercept_errors on;
add_header Access-Control-Allow-Origin http://*****************.cn;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
add_header cache1 cache;
proxy_ignore_headers X-Accel-Expires Expires Cache-Control Set-Cookie;
#这里是应为后台返回的头文件中包含max-age
#如果这里不配置的话。在后台返回500页面时也会缓存使后面的proxy_cache_valid 起不到作用。
proxy_cache cache1; #配置缓存
proxy_cache_key $uri$is_args$args; #缓存的key
proxy_cache_valid 200 10s; #自定义响应的缓存时间
proxy_cache_min_uses 5; #1分钟超过5次该请求则缓存
proxy_pass http://***_server;
expires 20m;
}
location = /mall/api/mall/promotion/findPromListByPromType {
proxy_pass http://***_server;
proxy_intercept_errors on;
add_header Access-Control-Allow-Origin http://*****************.cn;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
limit_req zone=secKillListZone burst=40;
#在峰值burst=50以内的并发请求,会被挂起,延迟处理超出请求数限制则直接返回503
#这里与上面配置的rate=50r/s并用。并发120个,50个处理,40个等待,30个返回503
}
location = /mall/api/goodsDetail/addToGoodsCart {
proxy_pass http://***_server;
proxy_intercept_errors on;
add_header Access-Control-Allow-Origin http://*****************.cn;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
limit_req zone=cartAdd burst=40;
}
# static files for shop
location ~ ^/assets/(.*)$ {
## address need to change
root /ebank/apps/static/***china-front-mall/build;
expires 30d;
access_log off;
}
location /img/ReportDownload {
proxy_next_upstream http_502 http_504 error timeout invalid_header;
proxy_pass http://img_report;
}
# img
location /img {
proxy_next_upstream http_502 http_504 error timeout invalid_header;
proxy_cache_key $uri$is_args$args;
proxy_pass http://fdfs_img;
add_header Access-Control-Allow-Origin *;
expires 30d;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_method GET;
}
# security
location /img/security {
alias /ebankfile/security;
}
error_page 404 http://*****************.cn/404.html;
# security
location ~*^.+\.(eot|ttf|otf|woff|svg)$ {
access_log off;
expires max;
}
}
# HTTPS server
#
server {
listen 443 ssl;
server_name localhost;
ssl on;
ssl_certificate cert/***-test.crt;
ssl_certificate_key cert/***-test1.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
# shop
location /mall {
if (-d $request_filename) {
rewrite ^/(.*) /mall$1 break;
}
proxy_pass http://***_server;
proxy_intercept_errors on;
add_header Access-Control-Allow-Origin http://*****************.cn;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
}
location / {
rewrite ^(.*) /mall$1 break;
proxy_pass http://***_server;
proxy_intercept_errors on;
add_header Access-Control-Allow-Origin http://*****************.cn;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
}
# static files for shop
location ~ ^/assets/(.*)$ {
## address need to change
root /ebank/apps/static/***china-front-mall/build;
expires 30d;
access_log off;
}
# img
location /img {
proxy_next_upstream http_502 http_504 error timeout invalid_header;
proxy_cache_key $uri$is_args$args;
proxy_pass http://fdfs_img;
add_header Access-Control-Allow-Origin *;
add_header Access-Control-Allow-Headers X-Requested-With;
expires 30d;
proxy_method GET;
}
set $img_thumbnail_root /ebankfile/fdfs/thumbnail;
set $img_file $img_thumbnail_root$uri;
}
}
最初在配置的时候发现后台返回的500页面也被缓存了。通过查询资料发现源服务器返回的页面包含max-age。nginx以服务器返回的max-age为准缓存了页面。使得proxy_cache_valid 配置不起作用。
查询资料获得一下信息[^1]
(1)在同时设置了源服务器端Expires、源服务器端max-age和nginx cahe端的proxy_cache_valid的情况下,以源服务器端设置的Expires的值为标准进行缓存的过期处理
(2)若在nginx中配置了相关配置项,取消原服务器端Expires对缓存的影响,在同时设置了源服务器端Expires、源服务器端max-age和nginx cahe端的proxy_cache_valid的情况下,以源服务器端max-age的值为标准进行缓存的过期处理
(3)若同时取消源服务器端Expires和源服务器端max-age对缓存的影响,则以proxy_cache_valid设置的值为标准进行缓存的过期处理
(4) Inactive的值不受上述三个因素的影响,即第一次请求页面之后,每经过inactvie指定的时间,都要强制进行相应的缓存清理。因此inactive的优先级最高。
(5)所以对缓存过期影响的优先级进行排序为:inactvie、源服务器端Expires、源服务器端max-age、proxy_cache_valid
[1]: nginx – 缓存过期影响因素优先级分析 http://lmdkfs.blog.163.com/blog/static/7461132420142128311980/