Nginx核心配置-作为下载服务器配置
作者:尹正杰
版权声明:原创作品,谢绝转载!否则将追究法律责任。
一.无限速版本的下载服务器
1>.查看主配置文件
[root@node101.yinzhengjie.org.cn ~]# cat /yinzhengjie/softwares/nginx/conf/nginx.conf
worker_processes 4;
worker_cpu_affinity 00000001 00000010 00000100 00001000;
events {
worker_connections 100000;
use epoll;
accept_mutex on;
multi_accept on;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
gzip on;
charset utf-8;
#开启长连接后,返回客户端的会话保持时间为60s,单次长连接累计请求达到指定次数请求或65秒就会被断开,后面的60为发送给客户端应答报文头部中显示的超时时间设置为60s:如不设置
客户端将不显示超时时间。 keepalive_timeout 65 60;
#在一次长连接上所允许请求的资源的最大数量
keepalive_requests 3;
#导入其他路径的配置文件
include /yinzhengjie/softwares/nginx/conf.d/*.conf;
}
[root@node101.yinzhengjie.org.cn ~]#
[root@node101.yinzhengjie.org.cn ~]# nginx -t
nginx: the configuration file /yinzhengjie/softwares/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /yinzhengjie/softwares/nginx/conf/nginx.conf test is successful
[root@node101.yinzhengjie.org.cn ~]#
2>.查看子配置文件
[root@node101.yinzhengjie.org.cn ~]# cat /yinzhengjie/softwares/nginx/conf.d/share.conf
server {
listen 80;
server_name node101.yinzhengjie.org.cn;
location / {
root /yinzhengjie/data/web/nginx/static;
index index.html;
}
location /download {
root /yinzhengjie/data/web/nginx;
autoindex on;
autoindex_exact_size on;
autoindex_localtime on;
}
}
[root@node101.yinzhengjie.org.cn ~]#
[root@node101.yinzhengjie.org.cn ~]# nginx -t
nginx: the configuration file /yinzhengjie/softwares/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /yinzhengjie/softwares/nginx/conf/nginx.conf test is successful
[root@node101.yinzhengjie.org.cn ~]#
3>.创建测试数据
[root@node101.yinzhengjie.org.cn ~]# mkdir -pv /yinzhengjie/data/web/nginx/download
mkdir: created directory ‘/yinzhengjie/data/web/nginx/download’
[root@node101.yinzhengjie.org.cn ~]#
[root@node101.yinzhengjie.org.cn ~]# ll
total 3338920
-rw-r--r-- 1 root root 3419052032 Oct 6 2016 cn_windows_7_ultimate_with_sp1_x64_dvd_618537.iso
[root@node101.yinzhengjie.org.cn ~]#
[root@node101.yinzhengjie.org.cn ~]# mv cn_windows_7_ultimate_with_sp1_x64_dvd_618537.iso /yinzhengjie/data/web/nginx/download/
[root@node101.yinzhengjie.org.cn ~]#
[root@node101.yinzhengjie.org.cn ~]# cp /etc/passwd /etc/mtab /etc/sysctl.conf /etc/fstab /yinzhengjie/data/web/nginx/download/
[root@node101.yinzhengjie.org.cn ~]#
[root@node101.yinzhengjie.org.cn ~]# ll /yinzhengjie/data/web/nginx/download/
total 3338936
-rw-r--r-- 1 root root 3419052032 Oct 6 2016 cn_windows_7_ultimate_with_sp1_x64_dvd_618537.iso
-rw-r--r-- 1 root root 541 Dec 17 14:41 fstab
-r--r--r-- 1 root root 2205 Dec 17 14:41 mtab
-rw-r--r-- 1 root root 1145 Dec 17 14:41 passwd
-rw-r--r-- 1 root root 735 Dec 17 14:41 sysctl.conf
[root@node101.yinzhengjie.org.cn ~]#
[root@node101.yinzhengjie.org.cn ~]#
4>.重新加载nginx的配置文件
[root@node101.yinzhengjie.org.cn ~]# ps -ef | grep ngin | grep -v grep
root 2840 1 0 09:37 ? 00:00:00 nginx: master process nginx
nginx 4769 2840 0 14:12 ? 00:00:00 nginx: worker process
nginx 4770 2840 0 14:12 ? 00:00:00 nginx: worker process
nginx 4771 2840 0 14:12 ? 00:00:00 nginx: worker process
nginx 4772 2840 0 14:12 ? 00:00:00 nginx: worker process
[root@node101.yinzhengjie.org.cn ~]#
[root@node101.yinzhengjie.org.cn ~]# nginx -s reload
[root@node101.yinzhengjie.org.cn ~]#
[root@node101.yinzhengjie.org.cn ~]# ps -ef | grep ngin | grep -v grep
root 2840 1 0 09:37 ? 00:00:00 nginx: master process nginx
nginx 4991 2840 11 14:42 ? 00:00:00 nginx: worker process
nginx 4992 2840 10 14:42 ? 00:00:00 nginx: worker process
nginx 4993 2840 11 14:42 ? 00:00:00 nginx: worker process
nginx 4994 2840 10 14:42 ? 00:00:00 nginx: worker process
[root@node101.yinzhengjie.org.cn ~]#
5>.访问nginx的下载站点
6>.下载一个大文件,并观察下载的网速
二.限速版本的下载服务器
1>.编辑子配置文件
[root@node101.yinzhengjie.org.cn ~]# vim /yinzhengjie/softwares/nginx/conf.d/share.conf
[root@node101.yinzhengjie.org.cn ~]#
[root@node101.yinzhengjie.org.cn ~]# cat /yinzhengjie/softwares/nginx/conf.d/share.conf
server {
listen 80;
server_name node101.yinzhengjie.org.cn;
location / {
root /yinzhengjie/data/web/nginx/static;
index index.html;
}
location /download {
root /yinzhengjie/data/web/nginx;
autoindex on;
autoindex_exact_size on;
autoindex_localtime on;
limit_rate 10k;
}
}
[root@node101.yinzhengjie.org.cn ~]#
[root@node101.yinzhengjie.org.cn ~]# nginx -t
nginx: the configuration file /yinzhengjie/softwares/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /yinzhengjie/softwares/nginx/conf/nginx.conf test is successful
[root@node101.yinzhengjie.org.cn ~]#
2>.重新加载配置文件
[root@node101.yinzhengjie.org.cn ~]# ps -ef | grep nginx | grep -v grep
root 2840 1 0 09:37 ? 00:00:00 nginx: master process nginx
nginx 4991 2840 0 14:42 ? 00:00:00 nginx: worker process
nginx 4992 2840 0 14:42 ? 00:00:00 nginx: worker process
nginx 4993 2840 0 14:42 ? 00:00:00 nginx: worker process
nginx 4994 2840 0 14:42 ? 00:00:00 nginx: worker process
[root@node101.yinzhengjie.org.cn ~]#
[root@node101.yinzhengjie.org.cn ~]# nginx -s reload
[root@node101.yinzhengjie.org.cn ~]#
[root@node101.yinzhengjie.org.cn ~]# ps -ef | grep nginx | grep -v grep
root 2840 1 0 09:37 ? 00:00:00 nginx: master process nginx
nginx 5023 2840 10 14:48 ? 00:00:00 nginx: worker process
nginx 5024 2840 10 14:48 ? 00:00:00 nginx: worker process
nginx 5025 2840 10 14:48 ? 00:00:00 nginx: worker process
nginx 5026 2840 10 14:48 ? 00:00:00 nginx: worker process
[root@node101.yinzhengjie.org.cn ~]#
3>.打开网页并下载上次的那个大文件,观察下载速度,如下图所示
三.生产环境关于搭建下载网站的建议
1>.相关参数配置说明
autoindex on;
自动索引功能,即在没有index.html文件的存在下,列出root目录下的所有文件,但不包括隐藏文件。、
autoindex_exact_size on;
计算文件确切大小(单位bytes),off只显示大概大小(单位kb、mb、gb)
autoindex_localtime on;
显示本机时间而非GMT(格林威治)时间
limit_rate rate;
限制响应给客户端的传输速率,单位是bytes/second,默认值0表示无限制限速与不限速的对比:
2>.生产环境中限速和不限速的下载站点应用场景
不限速下载站点应用场景:
一般是公司内部员工使用,下载速度是没有必要限制了,因为同一个公司应该很少存在别人攻击咱们的显现,不过话又说回来,害人之心不可有,防人之心不可无啊,若干有人要离职前搞点事情的我们运维还是得防着点的,比如某某写了脚本恶意下载导致公司内网交换机传输带宽上线,导致员工无法正常办公的情况,可以考虑使用上网行为管理等工具或者是在交换机每个端口限速,当然还得对网络情况进行监控,一旦有问题我们运维人员立马收到消息,可以很快就处理掉这种情况。
限速下载站点的应用场景:
这种下载速度限制一般我们在公网上跑服务,害怕有人而已攻击咱们的下载站点,比如写个死循环开启N多个线程同时下载咱们下载站点的一个大文件,这样你会发现自己的带宽就这样被浪费啦~因此限速是有必要的。