Preface
Memory is not good, the relevant nginx problems and solutions will be expanded on the above, if there are any problems, please leave a message.
Catalog
Install nginx
Install gcc g + + development library environment
ubunto
$ apt-get install build-essential
$ apt-get install libtool
centos
$ yum -y install gcc automake autoconf libtool make
$ yum install gcc gcc-c++
Download nginx
* nginx
Download dependency modules gzpi, rewrite, ssl
* zlib
* pcre
* openssl
Set up nginx installation directory
/usr/local/nginx/
Compile and install after unzipping nginx
$ sudo ./configure \
--prefix=/usr/local/nginx/nginx \
--with-pcre=/usr/local/opensoft/pcre-8.39 \
--with-zlib=/usr/local/opensoft/zlib-1.2.8 \
--with-openssl=/usr/local/opensoft/openssl-1.0.1t
Function
/usr/local/nginx/sbin/nginx
Check whether port 80 is running
netstat -ano | grep 80
Visit localhost and display Welcome to nginx! Complete installation.
Managing nginx
Compilation and installation needs to be built by oneself nginx shell
Configure nginx.conf
Configuration introduction
user www www; #Running users and groups
worker_processes number | auto; #The number of worker processes and the total number of cpu cores reduce the cost of cpu scheduling.
worker_cpu_affinity 01 10; #Multi-core binding, bitmap representation, ps-F view, PSR column corresponding to CPU number
pid /usr/local/webserver/nginx/nginx.pid; #Specify the path for pid storage
worker_rlimit_nofile; #Number of file descriptors
master_process on | off; #Start the process pool mechanism, default on, if set to off, will not establish the master process, with a worker to deal with. The worker_processes will also fail.
daemon on | off; #Whether to daemon the process, default on.
#Arbitrary domain assignable
error_log file | level #debug | info | notice | warn | error | crit | alert | emerg default error, filter the front contains the back, debug needs to compile - with-debug, debug by module control level, such as debug_http.
events{
use poll; #Open multiplexing IO (linux 2.6 or more)
worker_connections 65535; #Maximum number of concurrent connections for a single worker process
debug_connection 192.168.1.0/24; #debug a single ip segment
}
http{
include mime.types; #Contains the mime.types file
include vhost/*.conf; #Contains all virtual host configuration files under vhost
default_type application/octet-stream; #Specify the default MIME type
client_max_body_size 8m; #File Size Uploaded by Client
#Setting Log Format
log_format name '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" $http_x_forwarded_for '
'"$upstream_addr" "$upstream_status" "$upstream_response_time" "$request_time"';
#Log storage path, format and cache size, formatted as the name defined above
access_log /var/log/nginx/access.log name;
sendfile on; #sendfile is a higher performance system interface than read and write, and is invalid when reverse proxying because the file handle is socket.
tcp_nopush on; #Call the tcp_core method, which is also the default, the result is that the packet will not be sent out immediately, until the maximum packet, one-time output, which helps to solve network congestion.
tcp_nodelay on; #Combining small TCP packets into one can avoid the bandwidth wasted by too many small TCP headers. If this algorithm is turned on (default), the protocol stack will accumulate data until one of the following two conditions is satisfied, and the accumulated data reaches the maximum TCP Segment Size or receives an Ack.
server_tokens off; #Close the nginx version number, modify the version number vi src/core/nginx.h, NGINX_VER
gzip on; #Enable compression
gzip_static on; #Enable the HTTP GzipStatic module (not in the core and standard module groups, but with this module installed in rpm), which can read pre-compressed gz files, thus reducing the CPU resource consumption of gzip compression for each request.
gzip_comp_level 5; #Compression level, 1 minimum fastest, 9 maximum slowest, generally set to 3
gzip_min_length 1024; #Minimum length of compression, less than the length of uncompression (that is, Content-Length in header)
gzip_types text/plain text/css application/x-javascript application/javascript application/xml; (What types of pages or documents enable compression?
limit_zone myzone $binary_remote_addr 10m; #myzone name, $binary_remote_addr = $remore_addr, $10m session space pool
limit_req_zone $binary_remote_addr zone=req_one:10m rate=1r/s; #rate=1r/s means that every address can only be requested once per second. That is to say, according to leaky bucket algorithm burst=120, there are 120 tokens in total, and only one token is added every second. After 120 tokens are issued, those requests will return 503.
server{
limit_conn one 1; #Limit the number of concurrent client connections to 1
limit_req zone=req_one burst=120; #With nodelay, requests that exceed burst size return directly to 503
}
#Upstream Servers and Load Balancing Policies Needed by nginx in Reverse Proxy
#Weighted polling, basic strategy, calculate the current weights of each back-end server, select the server with the highest score to process the current request.
#ip hash, hash selection failure more than 20 or a back-end server, using weighted.
#Weighted applicability is strong, does not depend on any information of the client, and can distribute the client requests reasonably and evenly. The disadvantage is that multiple requests from the same client will be allocated to different back-end servers, which can not meet the needs of session maintenance.
#ip hash can distribute multiple requests from the same client to the same back-end server better. The disadvantage is that there are too many requests for an ip address (a large number of users request through a nat proxy). This will lead to a very heavy pressure on one back-end server and a very idle imbalance of other servers.
upstream back_end{
ip_hash; #Load balancing strategy, default use of weighted polling (round robin), official built-in, consistent hash, fair third-party module.
server 127.0.0.1:80; #An Ordinary Upstream Server
server 127.0.0.1:8080 max_fails=3 fail_timeout=30s; #The default value is 1 and 30s. The connection fails three times in 30s. Take a rest and come back after 30s.
server UNIX:/tmp/backend3 backup; #When standby is unavailable, ip_hash can not be used. Disturbing hash results violates the original intention of ip_hash policy.
server 192.168.0.1:9000 down; #Initiative outage, do not participate in the selection.
server backend1.example.com weight=3; #Weight 3, default 1, used in conjunction with weighting strategy.
}
#Take the value of $is_args and define it as $my_flag. The default value is 0, if it is "?" The value is 1.
map $is_args $my_flag{
default 0;
"?" 1;
}
#Users are prohibited from accessing the server through the ip address. nginx does not configure the domain name or accesses the server through the ip address.
server{
listen 80 default; #Represents that this server is the default server for port 80
return 500; #Represents that any request using this server configuration will return 500
}
#Virtual Host Configuration Block
server{
listen 80; #Listen on port 80
server_name localhost | *.ibeiliao.com | *.* ; #Host name, ~beginning regular expression
keepalive_timeout 75 | 0;#Timeout, default 75s, set to 0 automatic disconnection, http, location, server domain.
# Common variables in nginx (run by stages, unify set variables first)
# curl -v -o /dev/null 'http://localhost/index.html?a=1&b=2' -H 'hello:world'
# uri: The uri of the current request does not contain the following parameter: / index.html
# is_args: Does the current request take parameters, if any? Otherwise, it's an empty string=?
# $args: The complete parameter of the current request, that is? The string after that = a = 1 & B = 2
# $request_uri: The complete URI of the current request, containing the parameter =/index.html? A = 1 & B = 2
# $arg_xxx: A parameter arg_a=1 for the current request
# $http_xxx: The value corresponding to the XXX header of the current request http_hello= world
# Send_http_xxx: The value corresponding to the response header returned to the client = nginx/1.8.0
#
# nginx custom variable
# set $max_size 10000;
# set $new_uri /v2$request_uri
# set $log_tag "extra action"
#
# location [ = | ~ | ~* | ^~ | @ ] uri { ... }
# For example, location/image/{...} matching/image/001.jpg
# = URI s must match perfectly
# ~ Case-sensitive matching location . (php) ${...} Case-sensitive processing of PHP requests
# ~* Case insensitive matching location ~*. (png) ${...} ignores case and matches all PNG files
# ^~ The first half of the matching is location ^/ image/ {...} matching / image /*. * with lower priority than above.
# @ For internal sub-requests, external inaccessibility
#A forwarded location
location /passto {
proxy_set_header Host $host; #The host header that forwards the original request
proxy_buffering off; #Disable reverse proxy caching to ensure true forwarding of each request
proxy_pass http://back_end; #Forwarding to server cluster defined by upstream block
#Use try_files instead of try_files. Otherwise, don't use if. Officially, if it's not good, there will be bug s.
#Example: Priority is given to images in person, and images in public directories are used when directories do not exist.
if(-e "${document_root}/person"){
rewrite ^/(.*)$ /person/$1 break;
}
#try_files
try_files /person$uri /$uri =400;
}
location / { #Match any URI
root html; #http request root directory, static web server
alias /var/data/; #The request directory, unlike root, treats location as an alias. Location/image/{...}, return / var/data/001.jpg
index index.php; #Default index file
auth_basic Auth; #The pop-up message prompt character is Auth
auth_basic_user_file /etc/ngx_passwd; #Account password
autoindex on; #Automatically list directories, disable index
autoindex_exact_size on; #Units that set the size of index files
autoindex_localtime on; #Open local time to display file time
}
#Increase support for websocket
location /wsapp/ {
proxy_pass http://wsbackend;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
location = /50x.html {
root html;
}
location ~ ^(.*)\/\.svn\/{ #Disallow access to SVN configuration files
deny all; #Disallow all access under this match
deny 192.168.10.1; #This ip access is prohibited, 403 forbidden error.
}
#The following files are cached in the local browser for 30 days
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)${
expires 30d;
}
#The following files are cached in a local browser for 1 hour
location ~ .*\.(js|css)?${
expires 1h;
}
error_page 500 502 503 504 /50x.html; #Error Return Page
}
}
nginx advantages
Event-driven, the internal process of nginx is driven by various event triggers. Otherwise, nginx will always block system calls such as function epoll_wait() or sigsuspend().
nginx is faster than apache because the epoll mode (linux kenel 2.6 +) is enabled, and it will not lead to a rapid decline in efficiency as the number of monitored descriptors increases. apache uses select mode, and uses traversal scanning to determine whether each descriptor has an event. The more descriptors monitored, the greater the consumption. And restricted by the default system, the select model can only monitor 1024 descriptors at the same time.
First, poll-based epoll has the advantage of native poll, that is, the number of descriptors monitored at the same time is not limited (limited by the number of open file descriptors, cat/proc/sys/fs/file-max). Secondly, the response of epoll model to events is triggered without list scanning.
epoll
1. Monitoring descriptors are unrestricted (limited by the number of file descriptors that can be opened by a process)
2. I/O Event Response Trigger (LT level trigger, no processing kernel continuous notification, ET edge trigger, notification once, more advantageous)
select
1. Maximum 1024 descriptors for monitoring
2. I/O Event Polling Trigger
The I/O multiplexing model of select standard, which is provided by unix system, has poor performance, and nginx can be disabled in compilation.
The I/O reuse model of poll standard is better than select in theory and similar to select.
A More Excellent I/O Reuse Model Officially Provided on Epoll Linux 2.6+
Kqueue FreeBSD 4.1+, OpenBSD 2.9+, NetBSD 2.0, OS X, unique and better I/O multiplexing model
High Performance I/O Multiplexing Model Available on Evetport Solaris 10
/ dev/poll Ibid.
rtsig real time signals
aio asynchronous I/O
Multiplexing Model
Example: If you want to monitor 10 highway traffic jams (readable or not), you need 10 people (10 threads, 10 codes) to do this, and use some technology to unify the situation of 10 roads to a center, then only one person is needed to monitor in the center. Multiplexing mechanisms such as select or epoll, like the function of a camera, can feed back the status of multiple I/O ports to one place, such as a specific file descriptor, so that the application only needs to use the corresponding select () or epoll_wait() system call blocking to focus on one place.
Debug nginx
Performance bottlenecks (strace-T tracking time consuming), startup failures, inconsistent response data with expectations, and inexplicable Segmentation Fault errors.
ps aux | grep nginx
The state is T s (s represents the Nginx process as the first process of the session, session leader, T represents the TASK_STOPPED state)
Debugging with gdb | cgdb
1. Binding gdb when compiling nginx
2. Modify nginx as a working process and close the daemon.
3. Start debugging gdb-q-p 4614
Debugging using strace (system call) / pstack (internal function)
1,strace -p 4033
2. wget 127.0.0.1 function
Other debugging
System Tap/
Reference resources
- An in-depth analysis of nginx-Gao Qunkai
- Actual nginx: High Performance web Server Replacing apache-Zhang Banquet
- ningx.cn