- 并发调节,默认是 1024
- keepAlive 开启和 Tomcat 的 长连接,
- 压缩优化,js,css
- 配置缓存
监控工具
- nginx_status 并发统计
- Ngxtop 请求统计
下载好如下软件包
- nginx-1.12.1.tar.gz
- ngx_cache_purge-2.3.tar.gz
- pcre-8.38.zip
安装依赖
yum install -y gcc gcc-c++
复制代码
解压软件包
root@server200 src]# pwd
/usr/local/src
[root@server200 src]#
[root@server200 src]# tar -zxvf nginx-1.12.1.tar.gz
[root@server200 src]# tar -zxvf ngx_cache_purge-2.3.tar.gz
[root@server200 src]# unzip pcre-8.28.zip
复制代码
给 pcre-8.38/configure 添加执行权限
[root@server200 src]# chmod 755 pcre-8.38/configure
复制代码
进入 Nginx目录
[root@server200 nginx-1.12.1]#./configure --prefix=/usr/local/nginx --with-pcre=/usr/local/src/pcre-8.38 --with-http_stub_status_module --with-http_gzip_static_module --add-module=/usr/local/src/ngx_cache_purge-2.3
[root@server200 nginx-1.12.1]# make
[root@server200 nginx-1.12.1]# make install
复制代码
进入Nginx安装目录
[root@server200 nginx]# pwd
/usr/local/nginx
[root@server200 nginx]#
[root@server200 nginx]#
复制代码
nginx.conf 配置文件参数说明
user www;
worker_processes 4;#取决于cpu
error_log logs/error.log;
pid logs/nginx.pid;
worker_rlimit_nofile 10240; #每个进程打开的最大的文件数,受限于操作系统/etc/security/limits.conf
events {
worker_connections 10240;#每一个进程打开的最大连接数,超出了log中会有记录
multi_accept on; #可以一次建立多个连接
use epoll;
}
http {
include mime.types;
default_type application/octet-stream;
server_tokens off; #隐藏版本号
client_max_body_size 10m; #文件上传需要调大
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log logs/access.log main;
#默认写日志:打开文件写入关闭,max:缓存的文件描述符数量,inactive缓存时间,valid:检查时间间隔,min_uses:在inactive时间段内使用了多少次加入缓存
open_log_file_cache max=200 inactive=20s valid=1m min_uses=2;
sendfile on;
tcp_nopush on;
#与浏览器的长连接
keepalive_timeout 65;#长连接超时时间
keepalive_requests 500;#500个请求以后,关闭长连接
keepalive_disable msie6;
# 启用压缩
gzip on;
gzip_disable "MSIE [1-6]\.(?!.*SV1)";
gzip_proxied any;
gzip_types text/plain application/x-javascript application/javascript text/css application/xml;
gzip_vary on; #Vary: Accept-Encoding
gzip_static on; #如果有压缩好的 直接使用
#超时时间
proxy_connect_timeout 5; #连接proxy超时
proxy_send_timeout 5; # proxy连接nginx超时
proxy_read_timeout 60;# proxy响应超时
# 开启缓存,2级目录
proxy_cache_path /usr/local/nginx/proxy_cache levels=1:2 keys_zone=cache_one:200m inactive=1d max_size=20g;
proxy_ignore_headers X-Accel-Expires Expires Cache-Control;
proxy_hide_header Cache-Control;
proxy_hide_header Pragma;
#反向代理服务器集群
upstream server_pool{
server localhost:8080 weight=1 max_fails=2 fail_timeout=30s;
server localhost:8081 weight=1 max_fails=2 fail_timeout=30s;
keepalive 200; # 最大的空闲的长连接数
}
server {
listen 80;
server_name localhost 192.168.220.133;
location / {
#长连接
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
#Tomcat获取真实用户ip
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://server_pool;
}
# 状态监控
location /nginx_status {
stub_status on;
access_log off;
allow 127.0.0.1;
allow 192.168.220.133;
deny all;
}
#用于清除缓存
location ~ /purge(/.*)
{
allow 127.0.0.1;
allow 192.168.220.133;
deny all;
proxy_cache_purge cache_one $host$1$is_args$args;
}
# 静态文件加缓存
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|js|css|html|htm)?$
{
expires 1d;
proxy_cache cache_one;
proxy_cache_valid 200 304 1d;
proxy_cache_valid any 1m;
proxy_cache_key $host$uri$is_args$args;
proxy_pass http://server_pool;
}
}
}
复制代码
修改
vi /etc/security/limits.conf,最后添加下面几行,软硬连接配置
* hard nofile 102400
* soft nofile 102400
* soft core unlimited
* soft stack 10240
复制代码