nginx单机1w并发优化
目录
ab工具
整体优化思路
具体的优化思路
编写脚本完成并发优化配置
性能统计工具
tips
总结
ab工具
ab -c 10000 -n 200000 http://localhost/index.html
[root@study02 ~]# ab -c 10000 -n 100000 http://192.168.0.217/index.html
This is ApacheBench, Version 2.3 <$Revision: 1430300 $>
Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/
Licensed to The Apache Software Foundation, http://www.apache.org/
Benchmarking 192.168.0.217 (be patient)
socket: Too many open files (24)
整体优化思路
- 允许建立更多的socket连接
- 允许打开更多的文件
具体的优化思路
1、socket层面
- 系统层面
- 不做洪水抵御
- 最大连接数somaxconn
- 加快tcp连接回收 recyle
- 空的tcp连接是否允许回收利用reuse
- nginx
- 每个子进程允许打开的连接(work_connections)
- 加快http连接,快速关闭,keepalive_timeout 0
2、文件层面
- nginx层面
- 子进程允许打开的文件 worker_rlimit_nofile
- 系统层面
- ulimit -n 10000(设置一个比较大的值,允许打开文件数)
具体的配置操作
1、系统配置
查看系统允许打开的最大连接数
more /proc/sys/net/core/somaxconn
echo 50000 > /proc/sys/net/core/somaxconn
打开系统快速连接回收
cat /proc/sys/net/ipv4/tcp_tw_recycle
echo 1 > /proc/sys/net/ipv4/tcp_tw_recycle
打开空的tcp连接允许回收利用
cat /proc/sys/net/ipv4/tcp_tw_reuse
echo 1 > /proc/sys/net/ipv4/tcp_tw_reuse
不做洪水抵御
cat /proc/sys/net/ipv4/tcp_syncookies
echo 0 > /proc/sys/net/ipv4/tcp_syncookies
2、nginx配置
- http 1.0 client server 请求-应答-断开
- http 1.1 防止频繁的握手,nginx设置keepalive_timeout参数是一个请求完成之后还要保持连接多久减少tcp的连接次数,在高并发的网站中,keepalived是一个需要严重注意的选项,需要将其设置为0不做保持连接提高并发
worker_rlimit_nofile 10000;
events {
worker_connections 10000;
}
keepalive_timeout 0;
编写脚本完成并发优化配置
echo 50000 > /proc/sys/net/core/somaxconn
echo 1 > /proc/sys/net/ipv4/tcp_tw_recycle
echo 1 > /proc/sys/net/ipv4/tcp_tw_reuse
echo 0 > /proc/sys/net/ipv4/tcp_syncookies
排除问题:
- 系统的dmesg观察
- nginx的error.log来观察
dmesg|tail
性能统计工具
安装统计模块http_stub_status_module,便于观察nginx的状态
- 1.进入之前nginx的安装包目录,查找是否有统计模块可以安装
删选出所有可以安装的包
root@STUDY3 nginx-1.14.2]# cat auto/options |grep YES
HTTP=YES
HTTP_CACHE=YES
HTTP_CHARSET=YES
HTTP_GZIP=YES
HTTP_SSI=YES
HTTP_ACCESS=YES
HTTP_AUTH_BASIC=YES
HTTP_MIRROR=YES
HTTP_USERID=YES
HTTP_AUTOINDEX=YES
HTTP_GEO=YES
HTTP_MAP=YES
HTTP_SPLIT_CLIENTS=YES
HTTP_REFERER=YES
HTTP_REWRITE=YES
HTTP_PROXY=YES
HTTP_FASTCGI=YES
HTTP_UWSGI=YES
HTTP_SCGI=YES
HTTP_GRPC=YES
HTTP_MEMCACHED=YES
HTTP_LIMIT_CONN=YES
HTTP_LIMIT_REQ=YES
HTTP_EMPTY_GIF=YES
HTTP_BROWSER=YES
HTTP_UPSTREAM_HASH=YES
HTTP_UPSTREAM_IP_HASH=YES
HTTP_UPSTREAM_LEAST_CONN=YES
HTTP_UPSTREAM_KEEPALIVE=YES
HTTP_UPSTREAM_ZONE=YES
MAIL_POP3=YES
MAIL_IMAP=YES
MAIL_SMTP=YES
STREAM_LIMIT_CONN=YES
STREAM_ACCESS=YES
STREAM_GEO=YES
STREAM_MAP=YES
STREAM_SPLIT_CLIENTS=YES
STREAM_RETURN=YES
STREAM_UPSTREAM_HASH=YES
STREAM_UPSTREAM_LEAST_CONN=YES
STREAM_UPSTREAM_ZONE=YES
--with-select_module) EVENT_SELECT=YES ;;
--with-poll_module) EVENT_POLL=YES ;;
--with-threads) USE_THREADS=YES ;;
--with-file-aio) NGX_FILE_AIO=YES ;;
--with-http_ssl_module) HTTP_SSL=YES ;;
--with-http_v2_module) HTTP_V2=YES ;;
--with-http_realip_module) HTTP_REALIP=YES ;;
--with-http_addition_module) HTTP_ADDITION=YES ;;
--with-http_xslt_module) HTTP_XSLT=YES ;;
--with-http_image_filter_module) HTTP_IMAGE_FILTER=YES ;;
--with-http_geoip_module) HTTP_GEOIP=YES ;;
--with-http_sub_module) HTTP_SUB=YES ;;
--with-http_dav_module) HTTP_DAV=YES ;;
--with-http_flv_module) HTTP_FLV=YES ;;
--with-http_mp4_module) HTTP_MP4=YES ;;
--with-http_gunzip_module) HTTP_GUNZIP=YES ;;
--with-http_gzip_static_module) HTTP_GZIP_STATIC=YES ;;
--with-http_auth_request_module) HTTP_AUTH_REQUEST=YES ;;
--with-http_random_index_module) HTTP_RANDOM_INDEX=YES ;;
--with-http_secure_link_module) HTTP_SECURE_LINK=YES ;;
--with-http_degradation_module) HTTP_DEGRADATION=YES ;;
--with-http_slice_module) HTTP_SLICE=YES ;;
--with-http_perl_module) HTTP_PERL=YES ;;
--with-http_stub_status_module) HTTP_STUB_STATUS=YES ;;
--with-mail) MAIL=YES ;;
--with-mail_ssl_module) MAIL_SSL=YES ;;
MAIL=YES
MAIL_SSL=YES
--with-stream) STREAM=YES ;;
--with-stream_ssl_module) STREAM_SSL=YES ;;
--with-stream_realip_module) STREAM_REALIP=YES ;;
--with-stream_geoip_module) STREAM_GEOIP=YES ;;
STREAM_SSL_PREREAD=YES ;;
--with-google_perftools_module) NGX_GOOGLE_PERFTOOLS=YES ;;
--with-cpp_test_module) NGX_CPP_TEST=YES ;;
--with-compat) NGX_COMPAT=YES ;;
--with-debug) NGX_DEBUG=YES ;;
--with-pcre) USE_PCRE=YES ;;
--with-pcre-jit) PCRE_JIT=YES ;;
--with-libatomic) NGX_LIBATOMIC=YES ;;
--test-build-devpoll) NGX_TEST_BUILD_DEVPOLL=YES ;;
--test-build-eventport) NGX_TEST_BUILD_EVENTPORT=YES ;;
--test-build-epoll) NGX_TEST_BUILD_EPOLL=YES ;;
--test-build-solaris-sendfilev) NGX_TEST_BUILD_SOLARIS_SENDFILEV=YES ;;
查看是否有http_stub_status_module模块
[root@STUDY3 nginx-1.14.2]# cat auto/options |grep YES|grep 'http_stub_status_module'
--with-http_stub_status_module) HTTP_STUB_STATUS=YES ;;
make && make install
- 2.安装nginx的性能统计工具
./configure --prefix=/usr/local/nginx/ --with-http_stub_status_module
- 3.查看模块是否安装成功
[root@STUDY3 nginx-1.14.2]# /usr/local/nginx/sbin/nginx -V
nginx version: nginx/1.14.2
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-36) (GCC)
configure arguments: --prefix=/usr/local/nginx/ --with-http_stub_status_module
说明模块已经安装成功了
- 4.在nginx的server配置项里面加入如下配置开启性能统计工具
location /nginx_status {
stub_status on;
access_log off;
allow 127.0.0.1;
}
- 5.查看,刷新访问页面http://192.168.0.217/nginx_status查看状态
Active connections: 2020
server accepts handled requests
897553 897553 442986
Reading: 0 Writing: 1 Waiting: 2019
- 6.ab测试
[root@study02 ~]# ab -c 10000 -n 200000 http://192.168.0.217/index.html
This is ApacheBench, Version 2.3 <$Revision: 1430300 $>
Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/
Licensed to The Apache Software Foundation, http://www.apache.org/
Benchmarking 192.168.0.217 (be patient)
Completed 20000 requests
Completed 40000 requests
Completed 60000 requests
Completed 80000 requests
Completed 100000 requests
Completed 120000 requests
Completed 140000 requests
Completed 160000 requests
Completed 180000 requests
Completed 200000 requests
Finished 200000 requests
Server Software: nginx/1.14.2
Server Hostname: 192.168.0.217
Server Port: 80
Document Path: /index.html
Document Length: 612 bytes
Concurrency Level: 10000
Time taken for tests: 13.268 seconds
Complete requests: 200000
Failed requests: 345710
(Connect: 0, Receive: 0, Length: 174517, Exceptions: 171193)
Write errors: 0
Non-2xx responses: 21
Total transferred: 24276700 bytes
HTML transferred: 17581305 bytes
Requests per second: 15074.19 [#/sec] (mean)
Time per request: 663.386 [ms] (mean)
Time per request: 0.066 [ms] (mean, across all concurrent requests)
Transfer rate: 1786.87 [Kbytes/sec] received
Connection Times (ms)
min mean[+/-sd] median max
Connect: 0 322 85.2 324 1238
Processing: 69 322 108.4 315 692
Waiting: 0 38 103.0 0 503
Total: 373 643 97.8 625 1651
Percentage of the requests served within a certain time (ms)
50% 625
66% 640
75% 643
80% 646
90% 739
95% 883
98% 976
99% 1015
100% 1651 (longest request)
tips
- 测试机器也需要配置ulimit -n 一个较大的数字
- 测试机器需要配置echo 50000 > /proc/sys/net/core/somaxconn
总结
在做服务器部署的时候,首先必须要了解服务器的配置和服务器所能够处理的极限,最先测试的时候可以先从nginx的只跑html静态页面测试开始,不连数据库不做缓存,不做逻辑处理,不做cdn来测试nginx的最大能力。大家知道如果加入php,连接了数据库,做了数据库缓存做了图片cdn并发会有有影响,那之后的事情也是一样逐个调试压榨服务器的最大性能,有针对性的优化才是正确的。