[LNMP]Nginx生产环境配置：基础和负责均衡

Nginx是一款轻量级的Web 服务器/反向代理服务器及电子邮件（IMAP/POP3）代理服务器，并在一个BSD-like 协议下发行。其特点是占有内存少，并发能力强。

Nginx

基础环境

---

8核CPU
centos 6.x
nginx 1.6+

yum安装

---


yum -y install nginx
chkconfig nginx on
service nginx start


nginx角色定位**

---

在目前生产环境中，nginx目前有三种不同角色，所采用的配置也有所不同，根据不同角色需采用不同的配置文件

1. 前端反向代理（负责均衡机）
2. 后端php处理机

3. 后端图片处理机

   
   
   

   整体架构图

前端反向代理机配置（负责均衡机）：8核

---

作为应用请求入口，转发请求和负载均衡，对机器性能要求相对较低（但需稳定）：

1. 负载策略配置
2. 请求转发配置
3. 反向代理缓存
4. gzip配置

主配置：/etc/nginx/nginx.conf

 worker_processes 8;
 worker_cpu_affinity 00000001 00000010 00000100 00001000 00010000 00100000 01000000 10000000;
 error_log /var/log/nginx/error.log warn;
 pid /var/run/nginx.pid;
 worker_rlimit_nofile 65535;
 events {
 use epoll;
 worker_connections 65535;
 accept_mutex off;
 }
 
 
http {
 include /etc/nginx/mime.types;
 default_type application/octet-stream;
 charset utf-8;
 
 
#log config
 log_format main '$remote_addr - $remote_user [$time_local] "$request" '
 '$status $body_bytes_sent "$http_referer" '
 '"$http_user_agent" "$http_x_forwarded_for"';
 access_log off;
 sendfile on;
 tcp_nopush on;
 tcp_nodelay on;
 
 
timeout config
 
 
keepalive_timeout 60;
 client_header_timeout 60;
 client_body_timeout 60;
 reset_timedout_connection on;
 
 
client size config
 
 
client_max_body_size 16m;
 client_header_buffer_size 2k;
 large_client_header_buffers 4 8k;
 client_body_buffer_size 8k;
 
 
gzip config
 
 
gzip on;
 gzip_min_length 2k;
 gzip_buffers 4 16k;
 gzip_http_version 1.0;
 gzip_comp_level 8;
 gzip_proxied any;
 gzip_types text/plain application/x-javascript text/css application/xml text/javascript application/x-httpd-php image/jpeg image/gif image/png;
 gzip_disable "MSIE [1-6].|Mozilla/4";
 gzip_vary on;
 
 
#proxy cache config
 proxy_temp_path /data/nginx_temp;
 proxy_cache_path /data/nginx_cache levels=1:2 keys_zone=dayoo:200m inactive=10d max_size=4g;
 
 
#other config
 server_tokens off;
 include /etc/nginx/conf.d/*.conf;
 }

负载均衡配置：/etc/nginx/conf.d/upstreams.conf（假设有三台后端php机器）

 ### bakend_101_102_103
 upstream bakend_123 {
 server 192.168.1.101 weight=1;
 server 192.168.1.102 weight=1;
 server 192.168.1.103 backup;
 }
 ### end bakend_101_102_103
 

虚拟主机配置（代理转发）：/etc/nginx/conf.d/hosts.conf

 
 
xxx.example.com
 
 
server {
 listen 80;
 server_name xxx.dayoo.com;
 access_log off;
 error_log off;
 location / {
 proxy_pass http://bakend_123; #选择对应的负载均衡配置
 proxy_read_timeout 60; #与后端处理机timeout时间一致
 proxy_connect_timeout 60;
 proxy_send_timeout 60;
 proxy_next_upstream error timeout http_502;
 proxy_redirect off;
 proxy_set_header Host $host;
 proxy_set_header Accept-Encoding 'gzip';
 proxy_set_header Via '100'; #本机内网ip，标识用
 proxy_set_header X-Real-IP $remote_addr;
 proxy_set_header REMOTE-HOST $remote_addr;
 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 
 
}  
 
 
}
 
 
end xxx. example.com
 
 

带宽控制

针对特定目录（download）进行带宽限制，在达到 limit_rate_after 上限后，限速为 limit_rate

 location /downLoad/ {
 limit_rate_after 500k;
 limit_rate 50k;
 }
 

并发控制

limit_conn 限制并发次数，虽然简单粗暴，但不能做精细控制

 limit_conn_zone $server_name zone=servers:10m;
 server {
 ...
 location /downLoad/ {
 limit_conn servers 100;
 ...
 }
 ...
 }
 

后端php处理机配置：8核

实际处理web请求，一般来说每台后端机器性能&配置保持一致，机器性能最终决定整体负载，相对而言对机器性能要求较高，主要配置项：

1. url rewrite
2. 错误日志记录
3. php处理

主配置：/etc/nginx/nginx.conf

 user nginx;
 worker_processes 8;
 worker_cpu_affinity 00000001 00000010 00000100 00001000 00010000 00100000 01000000 10000000;
 
 
error_log /var/log/nginx/error.log warn;
 pid /var/run/nginx.pid;
 
 
worker_rlimit_nofile 65535;
 events {
 use epoll;
 worker_connections 65535;
 accept_mutex off;
 }
 http {
 include /etc/nginx/mime.types;
 default_type application/octet-stream;
 charset utf-8;
 
 
log config
 
 
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
 '$status $body_bytes_sent "$http_referer" '
 '"$http_user_agent" "$http_x_forwarded_for"';
 access_log off;
 sendfile on;
 tcp_nopush on;
 tcp_nodelay on;
 
 
timeout config
 
 
keepalive_timeout 60;
 client_header_timeout 60;
 client_body_timeout 60;
 reset_timedout_connection on;
 
 
client size config
 
 
client_max_body_size 16m;
 client_header_buffer_size 2k;
 large_client_header_buffers 4 8k;
 client_body_buffer_size 8k;
 
 
other config
 
 
server_tokens off;
 
 
include /etc/nginx/conf.d/*.conf;
 }
 

fastcgi配置（php处理机）: 新建 /etc/nginx/fastcgi.conf

 fastcgi_param QUERY_STRING $query_string;
 fastcgi_param REQUEST_METHOD $request_method;
 fastcgi_param CONTENT_TYPE $content_type;
 fastcgi_param CONTENT_LENGTH $content_length;
 
 
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
 fastcgi_param REQUEST_URI $request_uri;
 fastcgi_param DOCUMENT_URI $document_uri;
 fastcgi_param DOCUMENT_ROOT $document_root;
 fastcgi_param SERVER_PROTOCOL $server_protocol;
 fastcgi_param HTTPS $https if_not_empty;
 
 
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
 fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
 
 
fastcgi_param REMOTE_ADDR $remote_addr;
 fastcgi_param REMOTE_PORT $remote_port;
 fastcgi_param SERVER_ADDR $server_addr;
 fastcgi_param SERVER_PORT $server_port;
 fastcgi_param SERVER_NAME $server_name;
 
 
PHP only, required if PHP was built with --enable-force-cgi-redirect
 
 
fastcgi_param REDIRECT_STATUS 200;
 fastcgi_param SCRIPT_FILENAME $request_filename;
 

虚拟主机配置（php处理机）：/etc/nginx/ conf.d/xxx.example.com.conf

 server {
 listen 80;
 server_name xxx. example.com;
 root /data/www/xxx. example.com;
 error_log /var/log/nginx/xxx. example.com.error.log warn;
 index index.html index.htm index.php;
 location / {
 ...
 }
 location ~ .php$ {
 try_files $uri =404;
 include fastcgi.conf;
 fastcgi_pass 127.0.0.1:9000;
 }
 }
 

后端图片处理机配置

---

[LNMP]缩略图网关：Nginx的http_image_filter_module应用

2014/08