• nginx优化参考


    系统优化

    系统内核优化参考

    $ cat /etc/sysctl.conf
    net.ipv4.tcp_max_syn_backlog = 65536
    net.core.netdev_max_backlog =  36768
    net.core.somaxconn = 36768
     
    net.core.wmem_default = 8588608
    net.core.rmem_default = 8588608
    net.core.rmem_max = 16877216
    net.core.wmem_max = 16877216
     
    net.ipv4.tcp_synack_retries = 2
    net.ipv4.tcp_syn_retries = 2
     
    net.ipv4.tcp_tw_recycle = 1
    net.ipv4.tcp_tw_reuse = 1
     
    net.ipv4.tcp_mem = 94500000 915000000 927000000
    net.ipv4.tcp_max_orphans = 3376800
    net.ipv4.ip_local_port_range = 1024  65535
    
    $ sysctl -p
    $ cat /etc/security/limit.conf
    *  hard  nofile  65535
    *  soft  nofile  65535
    
    

    Nginx配置优化

    #user  nobody;
    worker_processes  4;
    worker_cpu_affinity 0001 0010 0100 1000;
    worker_rlimit_nofile 65535;
    
    #pid        logs/nginx.pid;
    
    events {
            use epoll;
            worker_connections 65535;
            multi_accept on;
    }
    
    http {
        include       /usr/local/nginx/conf/conf.d/*.conf
        include       mime.types;
        default_type  application/octet-stream;
    
        #access_log  logs/access.log  main;
        log_format  main  '$http_X_Real_IP $http_CLIENTIP $remote_addr $remote_user [$time_local] "$request" '
                          '$status $body_bytes_sent "$http_referer" '
                          '"$http_user_agent" "$http_x_forwarded_for" $request_time';
    
        sendfile        on;
        tcp_nopush     on;
    
        keepalive_timeout  60;
        keepalive_requests 10240;
        tcp_nodelay on;
        client_header_buffer_size 4k;
        open_file_cache max=102400 inactive=20s;
        open_file_cache_valid 30s;
        open_file_cache_min_uses 1;
        client_header_timeout 15;
        client_body_timeout 15;
        reset_timedout_connection on;
        send_timeout 15;
        server_tokens off;
        client_max_body_size 10m;
    
        gzip  off;
        gzip_min_length 1k;
        gzip_buffers 4 16k;
        gzip_http_version 1.0;
        gzip_comp_level 2;
        gzip_types text/plain application/x-javascript text/css application/xml;
        gzip_vary on;
    
        fastcgi_connect_timeout    600;
        fastcgi_send_timeout 600;
        fastcgi_read_timeout 600;
        fastcgi_buffer_size 64k;
        fastcgi_buffers 4 64k;
        fastcgi_busy_buffers_size 128k;
        fastcgi_temp_file_write_size 128k;
        fastcgi_temp_path /usr/local/nginx/fastcgi_temp;
    
        server {
              listen 80;
              listen 443 ssl;
         server_name www.pansn.cn;
         ssl_certificate /usr/local/nginx/crt/pansn.cn.crt;
         ssl_certificate_key /usr/local/nginx/crt/pansn.cn.key;
         ssl_session_cache shared:sslcace:20m;
         ssl_session_timeout 10m;
    #     ssl_protocls SSLv2 SSLv3 TLSv1;
        root /data/www;
        index index.html index.htm index.php;
       location / {
            if ( $scheme = http ){
               rewrite / https://www.pansn.cn permanent;
        }
      }
    
      location ~* .(ico|jpe?g|gif|png|bmp|swf|flv)$ {
              expires 30d;
              #log_not_found off;
              access_log off;
            }
       location ~* .(js|css)$ {
              expires 7d;
             log_not_found off;
              access_log off;
            }
       location ~ .php$ {
            alias /data/www;
            fastcgi_pass 127.0.0.1:9000;
            fastcgi_index index.php;
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            include fastcgi_params;
    
      }
    
      }
    
    }
    
    

    php优化

    [root@s2 ~]# cat /etc/php-fpm.d/www.conf 
    [www]
    listen = 127.0.0.1:9000 #监听地址及IP
    listen.allowed_clients = 127.0.0.1 #允许客户端从哪个源IP地址访问,要允许所有行首加 ;注释即可 user = nginx #php-fpm启动的用户和组,会涉及到后期文件的权限问题
    group = nginx
    pm = dynamic #动态模式进程管理
    pm.max_children = 500 #静态方式下开启的php-fpm进程数量,在动态方式下他限定php-fpm的最大进程数 pm.start_servers = 100 #动态模式下初始进程数,必须大于等于pm.min_spare_servers 和小于等于 pm.max_children 的值。
    pm.min_spare_servers = 100 #最小空闲进程数
    pm.max_spare_servers = 200 #最大空闲进程数
    pm.max_requests = 500000 #进程累计请求回收值,会重启
    pm.status_path = /pm_status #状态访问URL
    ping.path = /ping #ping访问动地址
    ping.response = ping-pong #ping返回值
    slowlog = /var/log/php-fpm/www-slow.log #慢日志路径
    php_admin_value[error_log] = /var/log/php-fpm/www-error.log #错误日志 php_admin_flag[log_errors] = on
    php_value[session.save_handler] = files #phpsession 保存方式及路径 php_value[session.save_path] = /var/lib/php/session #当时使用file保存session的文件路
    
    
  • 相关阅读:
    JS 数组去重复值
    git 上传项目 到github
    IntelliJ IDEA 创建maven 项目 并且,将springMVC 与Mybatis 整合
    easyui datagrid 动态添加columns属性
    codeMirror的简单使用,js比较文本差异(标注出增删改)
    sql注入
    Web For Pentester靶场
    一些数据库
    nginx的使用场景
    dockerfile
  • 原文地址:https://www.cnblogs.com/pansn/p/13021588.html
Copyright © 2020-2023  润新知