“This is the sixth day of my participation in the Gwen Challenge in November. Check out the details: The Last Gwen Challenge in 2021.”
Nginx configuration
Without further ado, load up
Global block
1.1 common global block instructions :(each instruction ends with a semicolon) 1. User XXX; Configure the common user or user group. The default user or user group is nobody. Pid XXX/XXX /xxx.pid specifies the number of nginx working processes that can be generated. The default value is 1, which should be the same as the number of CPU cores. 4. Error_log XXX /error.log error; Log path and log level, the default of the error (debug | info | notice | warn | error | crit | alert | emerg) 5. Worker_cpu_affinity # will work Nginx process is bound to the specified CPU core, By default, Nginx does not use process binding. Binding does not mean that the current Nginx process has exclusive access to one core CPU, but it does guarantee that the process does not run on another core. This greatly reduces the number of Nginx worker processes jumping back and forth between different CPU cores. The nGINx server performance can be effectively improved by reducing CPU resource allocation and recycling of processes and memory management. Worker_cpu_affinity 0001 0010 0100 1000 worker_CPU_affinity 0001 0010 0100 1000Copy the codeThe event of
2.1 Common Events block instructions: 1. Work_connnections 512; The default value is 512. A larger value indicates a higher concurrency. Work_connnections Specifies the maximum number of connections allowed by the system. Worker_processes * worker_connections/4 Nginx provides the worker_rlimit_nofile 40960 directive, which has the same effect as ulimit. The modification takes effect only after nginx is restarted. 2. Event-driven configuration instructions, the default for epoll, support the select | poll | kqueue | epoll | who | / dev/poll | eventport kqueue: FreeBSD 4.1+, OpenBSD 2.9+, NetBSD2.0 and MacOS X. Dual processor MacOS X systems using Kqueue can cause a kernel crash. Epoll: Used for Linux kernel 2.6 and later systems. /dev/poll: used on Solaris 7 11/99+, HP/UX 11.22+(EventPort), IRIX 6.5.15+ and Tru64 UNIX 5.A +. Eventport: for Solaris 10. To prevent kernel crashes, it is necessary to install security patches. 3. Accept_mutex on; Receive mutex command configuration, enable the effect that a request can wake up only one process at a time, prevent a large number of processes wake up at the same time (stampede) default off 4. Network connection command configuration, each worker process of the Nginx server can accept multiple new network connections at the same time, default off (off) When closed, multiple workers receive requests in a serial way, each request will only wake up to process the request, when opened, workers are arranged in parallel. One request will wake up all requests, which will reduce the load to a certain extent. When the service is heavy, it can be properly closed.Copy the codeHTTP block
Server_tokens off server_tokens off server_tokens off Controls the display of web service version information in HTTP Response Headers and error messages. Default on In the production environment, you need to hide the nginx version number to prevent other personnel from performing improper operations on the version and enhance security to some extent. You can also modify nginx source file hiding. 2.more_set_headers 'xxxxx.com'; Command for adding, modifying, or clearing more_set_input_headers 'xxx.com'. 3. Send_timeout 10s: back-end server data return time _ is the timeout time for the server to transmit data to the client, in seconds. Default 60s 4. Configuration of keepalive client behavior control instructions. keepalive_request 1000; Maximum number of HTTP requests to be executed on a TCP connection. Default value: 100 keepalive_timeout 100s[header_timeout 60s]; After the user completes an HTTP connection, the maximum time elapsed is 100s. If there is still no new request, the connection will be closed. The default time is 75s. The link will remain at least 60 seconds. keepalive_disadle none; No longer use Keepalive for some browsers, default mSIE6 - Internet Explorer 6, how annoying is IE? The Buffer that Nginx allocates to post and GET requests. If the number of requests is smaller than this value, the data is stored in memory first. If the requested value is greater than client_body_BUFFer_size, the data is first stored in a temporary file in the client_body_temp specified path, which is/TMP/by default. client_max_body_size 256M; The default value is 1M. If the body data of the Request is larger than client_max_body_size, the HTTP agreement will report an error. 413 Request Entity Too Large 6. limit_conn_zone $server_addr zone=perserver:10m; Limit the number of requests from a single IP address Configuration instruction limit_conn Number of concurrent connections limit_zone Number of requests per unit of time, that is, rate limit. $binary_remote_ADDR Indicates that remote_ADDR is used to limit the number of requests. The purpose of "binary_" is to abbreviate memory usage, which is limited to the same client IP address. Zone = perServer :10m Indicates that a memory area with a size of 10m and a name of perServer is generated to store access frequency information. Limit_req_conn /zone Limit IP connection/concurrency limit_req_zone $binary_REMOTE_ADDR Zone =one:10m rate=1r/s; Rate =1r/s indicates the allowed access frequency of clients with the same identity, which is limited to 1 time per second and can also have such as 30R /m. limit_req zone=one burst=5 nodelay; Burst =5, this configuration means that a buffer of size 5 can be placed first when a large number of requests (bursts) are coming. Nodelay, if set, returns 503 when the access frequency exceeds and the buffer is full. If not set, all requests are queued. Upstream XXX {} Load balancing proxy configuration command block. The default query mode is polling. For example: Upstream Backend {server baidu.com weight=5. Server 127.0.0.1:8080 max_fails = 3 fail_timeout = 30 s; server unix:/tmp/backend3; } server address [parameters]; -- "server baidu.com weight=5; Address can be domain name or IP address, port is optional, or specify Unix :,weight=number sets the weight of the server, the default is 1 max_fails=number sets the number of failed attempts for Nginx to communicate with the server. If the number of failures reaches this value within the time period defined by the fail_timeout parameter, Nginx considers the server unavailable. During the next fail_timeout period, the server will not be tried again. The default number of failed attempts is 1. Setting it to 0 stops counting attempts and assumes that the server is always available. Ip-hash sends different requests to different servers based on the hash algorithm. Load balancing that does not support NGINx can be divided into target-address hash scheduling and source-address hash scheduling. The difference is that the request object is the destination IP address or source IP address (the source IP address is the IP address of the originator).Copy the codeThe location of
5.0 Location block: Configures the routing of requests and the processing of various pages. 1. #root path; Root directory 2. #index vv.txt; Set default page 3. Deny 127.0.0.1; Allow 172.18.5.54; # Allowed IPCopy the codeAfter reading, you find any mistakes, write them down below! Rub it in with my Black Tiger Fu!
