Home>Article>Backend Development> Detailed explanation of Nginx configuration (with code)

Detailed explanation of Nginx configuration (with code)

Joseph Gordon-Levitt
Joseph Gordon-Levitt forward
2019-03-02 13:33:28 2719browse

This article brings you a detailed explanation of Nginx configuration (with code). It has certain reference value. Friends in need can refer to it. I hope it will be helpful to you.

Commonly used configuration items

At work, we mostly deal with Nginx through its configuration files. Then it is necessary to understand the respective functions of these configuration items.

First of all, the content of nginx.conf is usually like this:

... ... #核心摸块 events { #事件模块 ... } http { # http 模块 server { # server块 location [PATTERN] { # location块 ... } location [PATTERN] { ... } } server { ... } } mail { # mail 模块 server { # server块 ... } }

Let’s take a look at what configuration items each module generally has:

Core module

user admin; #配置用户或者组。 worker_processes 4; #允许生成的进程数,默认为1 pid /nginx/pid/nginx.pid; #指定 nginx 进程运行文件存放地址 error_log log/error.log debug; #错误日志路径,级别。

Event module

events { accept_mutex on; #设置网路连接序列化,防止惊群现象发生,默认为on multi_accept on; #设置一个进程是否同时接受多个网络连接,默认为off use epoll; #事件驱动模型select|poll|kqueue|epoll|resig worker_connections 1024; #最大连接数,默认为512 }

http module

http { include mime.types; #文件扩展名与文件类型映射表 default_type application/octet-stream; #默认文件类型,默认为text/plain access_log off; #取消服务日志 sendfile on; #允许 sendfile 方式传输文件,默认为off,可以在http块,server块,location块。 sendfile_max_chunk 100k; #每个进程每次调用传输数量不能大于设定的值,默认为0,即不设上限。 keepalive_timeout 65; #连接超时时间,默认为75s,可以在http,server,location块。 server { keepalive_requests 120; #单连接请求上限次数。 listen 80; #监听端口 server_name 127.0.0.1; #监听地址 index index.html index.htm index.php; root your_path; #根目录 location ~ \.php$ { fastcgi_pass unix:/var/run/php/php7.1-fpm.sock; #fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; include fastcgi_params; } } }

Configuration item analysis

  • worker_processes
    worker_processes is used to set up Nginx service Number of processes. This value is the recommended number of CPU cores.
  • worker_cpu_affinity
    worker_cpu_affinity is used to allocate the work core of the CPU to each process. The parameters are represented by multiple binary values. Each group represents a process, and each bit in each group represents the use of the CPU by the process. In the case of , 1 means use, 0 means not use. So we use worker_cpu_affinity 0001 0010 0100 1000; to bind processes to different cores. By default, worker processes are not bound to any CPU.
  • worker_rlimit_nofile

    Set the maximum number of open files for each process. If not set, the upper limit is the system ulimit –n number, which is generally 65535.

  • worker_connections

    Set the maximum number of connections theoretically allowed by a process. In theory, the larger the better, but it cannot exceed the value of worker_rlimit_nofile.

  • use epoll

    Set the event-driven model to use epoll. epoll is one of the high-performance event-driven libraries supported by Nginx. It is recognized as a very excellent event-driven model.

  • accept_mutex off

    Turn off network connection serialization. When it is set to on, multiple Nginx processes will accept connections for serialization to prevent multiple processes from competing for connections. . When there are not many server connections, turning on this parameter will reduce the load to a certain extent. But when the server's throughput is very high, for the sake of efficiency, please turn off this parameter; and turning off this parameter can also make requests more evenly distributed among multiple workers. So we set accept_mutex off;

  • multi_accept on

    Set a process to accept multiple network connections at the same time

  • Sendfile on

    Sendfile is Linux2.0 and later A system call launched that can simplify the steps in the network transmission process and improve server performance.

    Traditional network transmission process without sendfile:

    Hard disk>> kernel buffer >> user buffer >> kernel socket buffer >> Protocol stack

    The process of using sendfile() for network transmission:

    Hard disk>> kernel buffer (quick copy to kernelsocket buffer)>>Protocol stack

  • tcp_nopush on ;

    Set data packets to be accumulated and then transmitted together, which can improve some transmission efficiency. tcp_nopush must be used with sendfile.

  • tcp_nodelay on;

    Small data packets are transmitted directly without waiting. The default is on. It seems to be the opposite function of tcp_nopush, but when both sides are on, nginx can also balance the use of these two functions.

  • keepalive_timeout

    The duration of the HTTP connection. Setting it too long will cause too many useless threads. This is considered based on the number of server accesses, processing speed and network conditions.

  • send_timeout

    Set the timeout time for the Nginx server to respond to the client. This timeout time is only for the time between a certain activity after the two clients and the server establish a connection. If after this time, If there is no activity on the client, the Nginx server will close the connection

  • gzip on

    Enable gzip to compress the response data online in real time to reduce the amount of data transmission.

  • gzip_disable "msie6"

    Nginx server does not use the Gzip function to cache application data when responding to these types of client requests. gzip_disable "msie6" does not perform GZIP compression on data from IE6 browsers. .

The commonly used configuration items are roughly as follows. For different business scenarios, some require additional configuration items, which will not be expanded here.

Others

There is a location item in the http configuration, which is used to match the corresponding processing rules based on the uri in the request.

location search rules

location = / { # 精确匹配 / ,主机名后面不能带任何字符串 [ config A ] } location / { # 因为所有的地址都以 / 开头,所以这条规则将匹配到所有请求 # 但是正则和最长字符串会优先匹配 [ config B ] } location /documents/ { # 匹配任何以 /documents/ 开头的地址,匹配符合以后,还要继续往下搜索 # 只有后面的正则表达式没有匹配到时,这一条才会采用这一条 [ config C ] } location ~ /documents/Abc { # 匹配任何以 /documents/Abc 开头的地址,匹配符合以后,还要继续往下搜索 # 只有后面的正则表达式没有匹配到时,这一条才会采用这一条 [ config CC ] } location ^~ /images/ { # 匹配任何以 /images/ 开头的地址,匹配符合以后,停止往下搜索正则,采用这一条。 [ config D ] } location ~* \.(gif|jpg|jpeg)$ { # 匹配所有以 gif,jpg或jpeg 结尾的请求 # 然而,所有请求 /images/ 下的图片会被 config D 处理,因为 ^~ 到达不了这一条正则 [ config E ] } location /images/ { # 字符匹配到 /images/,继续往下,会发现 ^~ 存在 [ config F ] } location /images/abc { # 最长字符匹配到 /images/abc,继续往下,会发现 ^~ 存在 # F与G的放置顺序是没有关系的 [ config G ] } location ~ /images/abc/ { # 只有去掉 config D 才有效:先最长匹配 config G 开头的地址,继续往下搜索,匹配到这一条正则,采用 [ config H ] }

The regular search priority from high to low is as follows:

The beginning of " = " means an exact match, such as in A Only match requests at the end of the root directory, and cannot be followed by any string.

The beginning of " ^~ " indicates that the uri starts with a regular string, not a regular match

The beginning of " ~ " indicates a case-sensitive regular match;

" ~ * "Starts with case-insensitive regular matching

" / " Universal matching, if there is no other match, any request will be matched to

Load balancing configuration

Nginx 的负载均衡需要用到 upstream 模块,可通过以下配置来实现:

upstream test-upstream { ip_hash; # 使用 ip_hash 算法分配 server 192.168.1.1; # 要分配的 ip server 192.168.1.2; } server { location / { proxy_pass http://test-upstream; } }

上面的例子定义了一个 test-upstream 的负载均衡配置,通过 proxy_pass 反向代理指令将请求转发给该模块进行分配处理。

The above is the detailed content of Detailed explanation of Nginx configuration (with code). For more information, please follow other related articles on the PHP Chinese website!

Statement:
This article is reproduced at:segmentfault.com. If there is any infringement, please contact admin@php.cn delete