Tengine详解
Tengine是由淘宝网发起的Web服务器项目。在Nginx的基础上,针对大访问量网站的需求,添加了很多高级功能和特性。它的目的是打造一个高效的、安全的平台,是基于nginx基础上的二次开发的
一、发展
Tengine的性能和稳定性已经在大型的网站如淘宝网,天猫商城等得到了很好的检验它的最终目标是打造一个高效、稳定、安全、易用的Web平台。从2011年12月开始,Tengine称为一个开源项目,它由Tengine团开发和维护。Tengine团队的核心成员来自于淘宝、搜狗和互联网企业
二、功能
- 继承Nginx-1.6.2的所有特性,兼容Nginx的配置;
- 动态模块加载(DSO)支持。加入一个模块不在需要重新编译整个Tengine;
- 支持SO_REUSERPORT选项,建连性能提升为官方Nginx的三倍;
- 支持SPDY v3协议,自动检测同一端口的SPDY请求和HTTP请求;
- 流式上传到HTTP后端服务器或FastCGI服务器,大量减少机器的I/O压力;
- 更加强大的负载均衡能力,包括一致性hash模块、会话保持模块、还可以对后端的服务器就那些主动健康检查,根据服务器转态自动上线下线,以及动态解析upstream中出现的域名;
- 输入过滤器机制支持。通过使用这种机制Web应用防火墙的编写更为方便;
- 支持设置proxy、memcached、fastcgi、scgi、uwsgi在后端失败时的重试次数;
- 动态脚本语言Lua支持。扩展功能非常高效简单;
- 支持管道(pipe)和syslog(本地和远端)形式的日志以及日志抽样;
- 支持按指定关键字(域名,url等)收集Tengine运行状态;
- 组合多个CSS、JavaScrpit文件的访问请求变成一个请求;
- 自动去除空白字符和注释从而减小页面的体积;
- 自动根据CPU数目设置进程个数和绑定CPU亲缘性;
- 监控系统的负载和资源占用从而对系统进行保护;
- 显示对运维人员更友好的出错信息,便于定位出错机器;
- 更强大的防攻击(访问速度限制)模块;
- 更方便的命令行参数,如列出编译的模块列表、支持的指令等
- 可以根据访问文件类型设置过期时间;
三、编译安装
Tengine的编译参数基本上与Nginx一致,针对Tengine的新增特性,可以在编译的时候增加一些参数,比如增加“–with-http_concat_module”这一参数,就可以将Tengine的组合多个访问请求变为一个的功能打开。以下是一段Tengine的编译参数实例:
#解决依赖
[root@localhost ~]# yum install gcc patch libffi-devel python-devel zlib-devel bzip2-devel openssl-devel ncurses-devel sqlite-devel readline-devel tk-devel gdbm-devel db4-devel libpcap-devel xz-devel openssl openssl-devel -y
#编译安装
[root@localhost ~]# tar -zxvf tengine-2.3.3.tar.gz
[root@localhost tengine-2.3.3]# ./configure --prefix=/usr/local/
[root@localhost tengine-2.3.3]# make && make install
[root@localhost tengine-2.3.3]# cd objs/
[root@localhost objs]# nginx
[root@localhost objs]# netstat -anpt | grep 80
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 7739/nginx: master
tcp6 0 0 :::80 :::* LISTEN 7739/nginx: master
nginx.conf
[root@localhost tengine-2.3.3]# cat conf/nginx.conf
#user nobody;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#error_log "pipe:rollback logs/error_log interval=1d baknum=7 maxsize=2G";
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
#access_log "pipe:rollback logs/access_log interval=1d baknum=7 maxsize=2G" main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
#access_log "pipe:rollback logs/host.access_log interval=1d baknum=7 maxsize=2G" main;
location / {
root html;
index index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# pass the Dubbo rpc to Dubbo provider server listening on 127.0.0.1:20880
#
#location /dubbo {
# dubbo_pass_all_headers on;
# dubbo_pass_set args $args;
# dubbo_pass_set uri $uri;
# dubbo_pass_set method $request_method;
#
# dubbo_pass org.apache.dubbo.samples.tengine.DemoService 0.0.0 tengineDubbo dubbo_backend;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# upstream for Dubbo rpc to Dubbo provider server listening on 127.0.0.1:20880
#
#upstream dubbo_backend {
# multi 1;
# server 127.0.0.1:20880;
#}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
# }
#}
# HTTPS server
#
#server {
# listen 443 ssl;
# server_name localhost;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
#}
}