1.worker_processes:工作进程数,通过如下命令可以看出worker_processes默认工作进程数为1个worker进程
一般配置需要配置成CPU的核心数或者直接配置成auto
[root@localhost ~]# cat /apps/nginx/conf/nginx.conf|grep work worker_processes 1; #修改worker_processes参数之前nginx的worker进程数 [root@localhost ~]# ps -ef|grep nginx root 1162 1 0 00:00 ? 00:00:00 nginx: master process /apps/nginx/sbin/nginx -c /apps/nginx/conf/nginx.conf nginx 1225 1162 0 00:19 ? 00:00:00 nginx: worker process root 1302 1250 0 01:24 pts/0 00:00:00 grep --color=auto nginx [root@localhost ~]# #将worker进程修改为2之后,然后进行热启动查看nginx的worker进程数 [root@localhost ~]# vi /apps/nginx/conf/nginx.conf user nginx nginx; worker_processes 2; [root@localhost ~]# nginx -t nginx: the configuration file /apps/nginx/conf/nginx.conf syntax is ok nginx: configuration file /apps/nginx/conf/nginx.conf test is successful [root@localhost ~]# nginx -s reload [root@localhost ~]# ps -ef|grep nginx root 1162 1 0 00:00 ? 00:00:00 nginx: master process /apps/nginx/sbin/nginx -c /apps/nginx/conf/nginx.conf nginx 1306 1162 0 01:26 ? 00:00:00 nginx: worker process nginx 1307 1162 0 01:26 ? 00:00:00 nginx: worker process root 1309 1250 0 01:26 pts/0 00:00:00 grep --color=auto nginx [root@localhost ~]# #配置成auto [root@localhost ~]# ps -ef|grep nginx root 1162 1 0 00:00 ? 00:00:00 nginx: master process /apps/nginx/sbin/nginx -c /apps/nginx/conf/nginx.conf nginx 1306 1162 0 01:26 ? 00:00:00 nginx: worker process nginx 1307 1162 0 01:26 ? 00:00:00 nginx: worker process root 1309 1250 0 01:26 pts/0 00:00:00 grep --color=auto nginx [root@localhost ~]# vi /apps/nginx/conf/nginx.conf user nginx nginx; worker_processes auto; [root@localhost ~]# nginx -t nginx: the configuration file /apps/nginx/conf/nginx.conf syntax is ok nginx: configuration file /apps/nginx/conf/nginx.conf test is successful [root@localhost ~]# nginx -s reload [root@localhost ~]# ps -ef|grep nginx root 1095 1 0 23:38 ? 00:00:00 nginx: master process nginx nginx 1103 1095 0 23:40 ? 00:00:00 nginx: worker process nginx 1104 1095 0 23:40 ? 00:00:00 nginx: worker process root 1107 1073 0 23:41 pts/0 00:00:00 grep --color=auto nginx
的,绑定并不意味着当前nginx进程独占一个CPU核心,但是可以保证次进程不会运行在其他核心上,这就极大减
少nginx的工作进程在不同CPU核心上来回跳转,减少了CPU对进程的资源分配与回收以及内存管理等,因此可以
有效的提升nginx服务器性能。
[root@localhost ~]# vi /apps/nginx/conf/nginx.conf user nginx nginx; worker_processes auto; worker_cpu_affinity 00000001 00000010; [root@localhost ~]# nginx -t nginx: the configuration file /apps/nginx/conf/nginx.conf syntax is ok nginx: configuration file /apps/nginx/conf/nginx.conf test is successful [root@localhost ~]# nginx -s reload [root@localhost ~]# ps axo pid,cmd,psr |grep nginx 1095 nginx: master process nginx 1 1113 nginx: worker process 0 1114 nginx: worker process 1 1116 grep --color=auto nginx 0 #从上图中可以看出来当前worker进程工作在不同CPU上
程在哪个CPU上运行
[root@localhost ~]# yum -y install httpd-tools #下载ab命令
[root@localhost ~]# ps axo pid,cmd,psr |grep nginx
1095 nginx: master process nginx 1
1124 nginx: worker process 0
1125 nginx: worker process 1
1165 grep --color=auto nginx 1
[root@localhost ~]# ab -n1000 -c1000 http://192.168.1.170/index.html
This is ApacheBench, Version 2.3 <$Revision: 1430300 $>
Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/
Licensed to The Apache Software Foundation, http://www.apache.org/
Benchmarking 192.168.1.170 (be patient)
Completed 100 requests
Completed 200 requests
Completed 300 requests
Completed 400 requests
Completed 500 requests
Completed 600 requests
Completed 700 requests
Completed 800 requests
Completed 900 requests
Completed 1000 requests
Finished 1000 requests
Server Software: nginx/1.14.2
Server Hostname: 192.168.1.170
Server Port: 80
Document Path: /index.html
Document Length: 612 bytes
Concurrency Level: 1000
Time taken for tests: 0.065 seconds
Complete requests: 1000
Failed requests: 0
Write errors: 0
Total transferred: 845000 bytes
HTML transferred: 612000 bytes
Requests per second: 15424.24 [#/sec] (mean)
Time per request: 64.833 [ms] (mean)
Time per request: 0.065 [ms] (mean, across all concurrent requests)
Transfer rate: 12728.01 [Kbytes/sec] received
Connection Times (ms)
min mean[+/-sd] median max
Connect: 0 17 5.8 16 27
Processing: 7 15 6.9 11 30
Waiting: 0 14 7.5 11 30
Total: 17 32 5.7 34 38
Percentage of the requests served within a certain time (ms)
50% 34
66% 35
75% 36
80% 36
90% 36
95% 37
98% 38
99% 38
100% 38 (longest request)
[root@localhost ~]# ps axo pid,cmd,psr |grep nginx
1095 nginx: master process nginx 1
1124 nginx: worker process 0
1125 nginx: worker process 0
1168 grep --color=auto nginx 1
最大并发数为worker_connections * worker_processes;作为反向代理服务器或者负载均衡服务器的时候,
nginx的最大并发数为(worker_connections * worker_processes)/2;改参数的默认值为1024;也可以设置成10
万个连接。
#查看默认配置
[root@localhost ~]# cat /apps/nginx/conf/nginx.conf|grep worker
worker_processes auto;
worker_cpu_affinity 00000001 00000010;
worker_connections 1024;#默认配置大小
#设置每个worker进程可以并发100000个连接
[root@localhost ~]# cat /apps/nginx/conf/nginx.conf|grep -1 worker_connections
events {
worker_connections 100000;
}
4、server模块之location模块:
示编译安装),在这个目录下会有2个html文件,为nginx默认访问文件分别是index.html以及50x.html.
location:location是server的一个指令,为nginx服务器提供比较多而且灵活的指令,都是在location中提取,主要是基于nginx接收到的请求字符串,对用户请求的URI进行匹配,并对特定的指令进行处理,包括地址重定向、数据缓冲和应答控制等功能都是在这部分实现,另外很多第三方模块的配置也是在location模块中配置。
root:默认网页的目录名称,默认是相对路径,可以使用绝对路径配置。
index:默认的页面文件名称
location / {
root html;
index index.html index.htm;
}
#location模块配置如下 location / { root html; index index.html index.htm; } location /test { root html; index test.html; } #在html目录下新建一个test目录,并在test目录下新建一个test.html [root@localhost html]# mkdir test [root@localhost html]# cd test/ [root@localhost test]# vi test.html #编辑test.html内容 test #由于修改了配置文件因此 [root@localhost html]# nginx -t nginx: the configuration file /apps/nginx/conf/nginx.conf syntax is ok nginx: configuration file /apps/nginx/conf/nginx.conf test is successful [root@localhost html]# nginx -s reload
location /hqs { root /data/nginxtest; index index.html; } #配置完成之后创建对应的目录以及文件 [root@localhost data]# mkdir -p /data/nginxtest/hqs [root@localhost data]# vim nginxtest/hqs/index.html #然后reloadnginx [root@localhost html]# nginx -t nginx: the configuration file /apps/nginx/conf/nginx.conf syntax is ok nginx: configuration file /apps/nginx/conf/nginx.conf test is successful [root@localhost html]# nginx -s reload [root@localhost html]#
5、server模块之server_name:
到对应的应用服务器中去。因此host显示的域名会匹配到server_name中的参数,由于server_name支持正则表
达,所以会出现多个域名匹配到同一个server_name中。server_name,可以以空格隔开写多个并支持正则表达式,如:.tester.com www.tester.*等等。default_server域名重定向,当访问的域名不存在时,重定向到默认域名
#修改server_name模块为www.abc.com server_name www.abc.com; #修改完成之后,检查nginx的配置是否是正确的,然后热启动nginx(由于每次nginx修改之后都需要进行这两步,因此以后不再发出这部分代码) [root@localhost ~]# nginx -t nginx: the configuration file /apps/nginx/conf/nginx.conf syntax is ok nginx: configuration file /apps/nginx/conf/nginx.conf test is successful [root@localhost ~]# nginx -s reload [root@localhost ~]# #由于没有配置dns解析,所以使用域名访问服务器需要在电脑上配置host文件 #host文件路径:C:\Windows\System32\drivers\etc\host,添加如下配置 192.168.1.170 www.abc.com #使用浏览器访问www.abc.com,此时我们会发现http的Request Header的Host显示的就是我们配置的域名 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding: gzip, deflate Accept-Language: zh-CN,zh;q=0.9 Cache-Control: max-age=0 Connection: keep-alive Host: www.abc.com If-Modified-Since: Thu, 05 Dec 2019 20:18:51 GMT If-None-Match: "5de9662b-264" Upgrade-Insecure-Requests: 1
include是主配置文件(nginx.conf)中指定包含其他扩展你文件,从而简化nginx主配置文件,实现多个站点的功能
#添加主配置文件的include include /apps/nginx/conf/server/*.conf; #然后在然后在/apps/nginx/conf目录下新建server目录,并新建www_hu_com.conf文件,并编辑如下内容 server{ listen 80; server_name www.hu.com; location / { root /data/nginx/html/hu; index index.html index.htm; } } #然后新建/data/nginx/html/hu目录,并在hu目录下新建index.html编辑内容如下: <h1>hu</h1> #然后热启动nginx,并访问www.hu.com域名
include的默认值:
include mime.types;
#定义用户访问nginx时支持的文件类型
#默认支持的文件类型具体见conf下的 mime.types文件
1、mime.types:表示支持的mime类型,一般默认支持的类型详情见conf目录下的mime.types文件,
mime(Multipurpose Internet Mail Extensions)多用途互联网邮件扩展类型,mime消息能包含文本、图像、音
频、视频以及其他应用程序专用的数据,是设定某种扩展名的文件用一种应用程序来打开的方式类型,当该扩展名
文件被访问的时候,浏览器会自动使用指定应用程序来打开,多用于指定一些客户端自定义的文件名,以及一些媒
体文件打开方式。
[root@localhost conf]# cat mime.types types { text/html html htm shtml; text/css css; text/xml xml; image/gif gif; image/jpeg jpeg jpg; application/javascript js; application/atom+xml atom; application/rss+xml rss; text/mathml mml; text/plain txt; text/vnd.sun.j2me.app-descriptor jad; text/vnd.wap.wml wml; text/x-component htc; image/png png; image/svg+xml svg svgz; image/tiff tif tiff; image/vnd.wap.wbmp wbmp; image/webp webp; image/x-icon ico; image/x-jng jng; image/x-ms-bmp bmp; application/font-woff woff; application/java-archive jar war ear; application/json json; application/mac-binhex40 hqx; application/msword doc; application/pdf pdf; application/postscript ps eps ai; application/rtf rtf; application/vnd.apple.mpegurl m3u8; application/vnd.google-earth.kml+xml kml; application/vnd.google-earth.kmz kmz; application/vnd.ms-excel xls; application/vnd.ms-fontobject eot; application/vnd.ms-powerpoint ppt; application/vnd.oasis.opendocument.graphics odg; application/vnd.oasis.opendocument.presentation odp; application/vnd.oasis.opendocument.spreadsheet ods; application/vnd.oasis.opendocument.text odt; application/vnd.openxmlformats-officedocument.presentationml.presentation pptx; application/vnd.openxmlformats-officedocument.spreadsheetml.sheet xlsx; application/vnd.openxmlformats-officedocument.wordprocessingml.document docx; application/vnd.wap.wmlc wmlc; application/x-7z-compressed 7z; application/x-cocoa cco; application/x-java-archive-diff jardiff; application/x-java-jnlp-file jnlp; application/x-makeself run; application/x-perl pl pm; application/x-pilot prc pdb; application/x-rar-compressed rar; application/x-redhat-package-manager rpm; application/x-sea sea; application/x-shockwave-flash swf; application/x-stuffit sit; application/x-tcl tcl tk; application/x-x509-ca-cert der pem crt; application/x-xpinstall xpi; application/xhtml+xml xhtml; application/xspf+xml xspf; application/zip zip; application/octet-stream bin exe dll; application/octet-stream deb; application/octet-stream dmg; application/octet-stream iso img; application/octet-stream msi msp msm; audio/midi mid midi kar; audio/mpeg mp3; audio/ogg ogg; audio/x-m4a m4a; audio/x-realaudio ra; video/3gpp 3gpp 3gp; video/mp2t ts; video/mp4 mp4; video/mpeg mpeg mpg; video/quicktime mov; video/webm webm; video/x-flv flv; video/x-m4v m4v; video/x-mng mng; video/x-ms-asf asx asf; video/x-ms-wmv wmv; video/x-msvideo avi; } #测试 注释其中图片的格式png,然后使用浏览器访问png图片,此时发现只能下载该图片浏览器并不能渲染该图片
default_type访问mime.types中之外的类型,都会被浏览器下载下来
9、http模块:sendfile on;
调用在两个文件描述符之间直接传递数据(完全在内核中操作),从而避免了数据在内核缓冲区和用户缓冲区之间的
拷贝,操作效率很高,被称之为零拷贝,硬盘>>kernel buffer(快速拷贝到kernelsocket buffer)>>协议栈;
sendfile只有作为web服务器的时候才会有用。
长连接超时时间,单位是秒。
keepalive_requests:再一次长连接上所允许请求的资源的最大数量,默认是100次
#设置在http请求时,服务器给出响应头中带上keep-alive的时间 keepalive_timeout 65 65; #配置如下: keepalive_timeout 65 65; keepalive_requests 3; #验证:在192.168.1.172上下载telnet命令并验证,从验证可以看出来当出现请求3次之后tcp连接自动关闭 [root@localhost ~]# yum -y install telnet [root@localhost ~]# vim /etc/hosts 192.168.1.170 www.hu.com [root@localhost ~]# telnet www.hu.com 80 Trying 192.168.1.170... Connected to www.hu.com. Escape character is '^]'. GET / HTTP/1.1 HOST: www.hu.com HTTP/1.1 200 OK Server: nginx/1.14.2 Date: Mon, 06 Jan 2020 00:23:12 GMT Content-Type: text/html Content-Length: 4 Last-Modified: Sun, 05 Jan 2020 23:31:02 GMT Connection: keep-alive Keep-Alive: timeout=65 ETag: "5e1271b6-4" Accept-Ranges: bytes abc GET / HTTP/1.1 HOST: www.hu.com HTTP/1.1 200 OK Server: nginx/1.14.2 Date: Mon, 06 Jan 2020 00:23:16 GMT Content-Type: text/html Content-Length: 4 Last-Modified: Sun, 05 Jan 2020 23:31:02 GMT Connection: keep-alive Keep-Alive: timeout=65 ETag: "5e1271b6-4" Accept-Ranges: bytes abc GET / HTTP/1.1 HOST: www.hu.com HTTP/1.1 200 OK Server: nginx/1.14.2 Date: Mon, 06 Jan 2020 00:23:23 GMT Content-Type: text/html Content-Length: 4 Last-Modified: Sun, 05 Jan 2020 23:31:02 GMT Connection: close ETag: "5e1271b6-4" Accept-Ranges: bytes abc Connection closed by foreign host. [root@localhost ~]#
配置server的监听端口
12、http模块:server_name
本地server的名称,当访问此名称的时候nginx会调用当前server内部的配置进程匹配
13、http模块:error_page
定义错误页面的名称,其中500、502、503、504 表示response code的值,当response code
的值等于所定义的值时,返回错误页面,其中错误代码可以自定义;
location = /50x.html:location处理对应错误的response code的页面定义到/50x.html,
root:定义默认页面所在的目录
#在错误代码中定义404错误返回50x.html error_page 500 502 503 504 404 /50x.html; location = /50x.html { root html; } #访问一个不存在的URI时,页面返回错误页面:例如访问http://www.abc.com/baidu
定义pid文件所在路径
15、user
nginx的启动用户以及启动用户的用户组,一般都会修改为nginx用户和nginx用户组;修改完成之后需要对nginx目录下的文件以及对应的部署文件授权给nginx
[root@localhost conf]# chown nginx.nginx /data /apps/nginx/ -R [root@localhost conf]#
use定义了nginx当前使用的IO模型,这里一般情况而言都是定义为epoll,除非必要这里都建议使用epoll模型,默
认为epoll.
events { worker_connections 100000; use epoll; }
当值==off的时候,nginx的工作进程会被关闭只有主进程,当值==on的时候开启工作进程;
#master_process的值==off的时候,查看nginx进程就只有主进程。 [root@localhost ~]# ps -ef|grep nginx root 1093 1 1 21:10 ? 00:00:00 nginx root 1097 1063 0 21:10 pts/0 00:00:00 grep --color=auto nginx #当master_process的值==on的时候,查看nginx进程,主进程和工作进程都会启动 [root@localhost ~]# ps -ef|grep nginx root 1110 1 0 21:15 ? 00:00:00 nginx: master process nginx nginx 1111 1110 3 21:15 ? 00:00:00 nginx: worker process nginx 1112 1110 5 21:15 ? 00:00:00 nginx: worker process root 1126 1063 0 21:15 pts/0 00:00:00 grep --color=auto nginx
优化同一时刻只有一个请求而避免多个睡眠进程被唤醒的设置,on为防止被同时唤醒,默认为off,全部唤醒的过
程也称为“惊群”,因此nginx刚安装完以后要进行适当的优化。
19、multi_accept:
nginx服务器的每个工作进程可以同时接收多个新的网络连接,但是需要在配置文件中配置,次指令默认为关闭,
即默认为一个工作进程只能一次接收一个新的网络连接,打开后一个工作进程可以同时接收多个请求
20、tcp_nopush:
在开启sendfile的情况下,合并请求后统一发给客户端。
21、tcp_nodelay:
在开启keepalived模式下的连接是否启用tcp_nodelay选项,当为off时,延迟0.2s发送,默认on时,不延迟发送,立即发送给客户端响应报文
开启文件压缩
#启用或禁用gzip,默认关闭 gzip on|off; #压缩比由低到高从1到9,默认为1 gzip_comp_level level; #gzip压缩的最小文件,小于设置值得文件将不会压缩 gzip_min_length 1k; #启用压缩功能时,协议的最小版本,默认HTTP/1.1 gzip_http_version 1.1 #指定nginx服务器需要想服务器申请的缓存空间的个数*大小,默认32 4k|16 8k; gzip_buffers number size; #指明仅对哪些类型的资源进行压缩操作;默认为gzip_types text/html,不用显示指定,否则出错 gzip_types mime-type ...; #如果启用压缩,是否在相应报文首部插入"Vary:Accept-Encoding" gzip_vary on|off; #配置如下内容到nginx的配置文件中(nginx.conf的http模块) gzip on; gzip_comp_level 5; gzip_min_length 1k; gzip_types text/plain application/javascript application/x-javascript text/cssapplication/xml text/javascript application/x-httpd-php; gzip_vary on; #重启nginx并验证 访问http://www.hu.com/message.css 查看response Haders Connection: keep-alive Content-Encoding: gzip Content-Type: text/css Date: Mon, 13 Jan 2020 19:33:19 GMT ETag: W/"5e1cb0e9-244c0" Keep-Alive: timeout=65 Last-Modified: Mon, 13 Jan 2020 18:03:21 GMT Server: nginx/1.14.2 Transfer-Encoding: chunked Vary: Accept-Encoding
编码格式,默认是俄语的编码格式,一般都会改成utf-8
#注释之后,从浏览器访问可以直接下载以.password结尾的文件,将如下代码开启之后将不能访问以.password文件结尾的文件 location ~ /\.password { deny all; }
