标签:Nginx编译 Nginx yum安装 主配置文件分析 Core functionality分
一、Nginx的安装方法及配置介绍
1、yum安装
官方:
http://nginx.org/packages/centos/7/x86_64/RPMS
Fedora-EPEL:
https://mirrors.aliyun.com/epel/7/x86_64/
官方yum源
[nginx]
name=nginx_repo
baseurl=http://nginx.org/packages/centos/7/x86_64/
gpgcheck=0
enabled=1
2、编译安装
yum install pcre-devel openssl-devel zlib-devel
useradd -r nginx
./configure --prefix=/usr/local/nginx --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --user=nginx --group=nginx --with-http_ssl_module --with-http_v2_module --with-http_dav_module --with-http_stub_status_module --with-threads --with-file-aio
make && make install
3、编译安装选项简要介绍
--prefix=/etc/nginx 安装路径
--sbin-path=/usr/sbin/nginx 指明nginx程序文件安装路径
--conf-path=/etc/nginx/nginx.conf 主配置文件安装位置
--error-log-path=/var/log/nginx/error.log 错误日志文件安装位置
--http-log-path=/var/log/nginx/access.log 访问日志文件安装位置
--pid-path=/var/run/nginx.pid 指明pid文件安装位置
--lock-path=/var/run/nginx.lock 锁文件安装位置
--http-client-body-temp-path=/var/cache/nginx/client_temp 客户端body部分的临时文件存放路径,如果服务器允许客户端使用put方法提交大数据时,临时存放的磁盘路径
--http-proxy-temp-path=/var/cache/nginx/proxy_temp 作为代理服务器,服务器响应报文的临时文件存放路径
--http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp 作为fastcgi代理服务器,服务器响应报文的临时文件存放路径
--http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp 作为uwsgi代理服务器,服务器响应报文的临时文件存放路径
--http-scgi-temp-path=/var/cache/nginx/scgi_temp 作为scgi反代服务器,服务器响应报文的临时文件存放路径
--user=nginx 指明以那个身份运行worker进程,主控master进程一般由root运行
--group=nginx
--with-http_ssl_module 表示把指定模块编译进来
[root@VSserver~]#nginx -v nginx version: nginx/1.12.2 [root@VSserver~]#nginx -V #yum安装的配置参数 nginx version: nginx/1.12.2 built by gcc 4.4.7 20120313 (Red Hat 4.4.7-18) (GCC) built with OpenSSL 1.0.1e-fips 11 Feb 2013 TLS SNI support enabled configure arguments: --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib64/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-compat --with-file-aio --with-threads --with-http_addition_module --with-http_auth_request_module --with-http_dav_module --with-http_flv_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_mp4_module --with-http_random_index_module --with-http_realip_module --with-http_secure_link_module --with-http_slice_module --with-http_ssl_module --with-http_stub_status_module --with-http_sub_module --with-http_v2_module --with-mail --with-mail_ssl_module --with-stream --with-stream_realip_module --with-stream_ssl_module --with-stream_ssl_preread_module --with-cc-opt='-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic -fPIC' --with-ld-opt='-Wl,-z,relro -Wl,-z,now -pie'
4、Nginx目录结构和命令
ls /usr/local/nginx/ #这个是编译路径
html是测试页,sbin是主程序
ls /usr/local/nginx/sbin/ #这个是编译路径
nginx 只有一个程序文件
ls /usr/local/nginx/html/ #这个是编译路径
50x.html index.html 测试网页
Nginx:默认为启动nginx
-h 查看帮助选项
-V 查看版本和配置选项
-t 测试nginx语法错误
-c filename 指定配置文件(default: /etc/nginx/nginx.conf)
-s signal 发送信号给master进程,signal可为:stop, quit, reopen, reload
示例:-s stop 停止nginx -s reload 加载配置文件
-g directives 在命令行中指明全局指令
[root@VSserver~]#nginx -t nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful [root@VSserver~]#nginx -h nginx version: nginx/1.12.2 Usage: nginx [-?hvVtTq] [-s signal] [-c filename] [-p prefix] [-g directives] Options: -?,-h : this help -v : show version and exit -V : show version and configure options then exit -t : test configuration and exit -T : test configuration, dump it and exit -q : suppress non-error messages during configuration testing -s signal : send signal to a master process: stop, quit, reopen, reload -p prefix : set prefix path (default: /etc/nginx/) -c filename : set configuration file (default: /etc/nginx/nginx.conf) -g directives : set global directives out of configuration file [root@VSserver~]#rpm -ql nginx #yum安装的配置路径 /etc/logrotate.d/nginx /etc/nginx /etc/nginx/conf.d /etc/nginx/conf.d/default.conf /etc/nginx/fastcgi_params /etc/nginx/koi-utf /etc/nginx/koi-win /etc/nginx/mime.types /etc/nginx/modules /etc/nginx/nginx.conf /etc/nginx/scgi_params /etc/nginx/uwsgi_params /etc/nginx/win-utf /etc/rc.d/init.d/nginx /etc/rc.d/init.d/nginx-debug /etc/sysconfig/nginx /etc/sysconfig/nginx-debug /usr/lib64/nginx /usr/lib64/nginx/modules /usr/sbin/nginx /usr/sbin/nginx-debug /usr/share/doc/nginx-1.12.2 /usr/share/doc/nginx-1.12.2/COPYRIGHT /usr/share/man/man8/nginx.8.gz /usr/share/nginx /usr/share/nginx/html /usr/share/nginx/html/50x.html /usr/share/nginx/html/index.html /var/cache/nginx /var/log/nginx
5、Nginx配置文件介绍
配置文件的组成部分:
主配置文件:nginx.conf
子配置文件 include conf.d/*.conf
fastcgi, uwsgi,scgi等协议相关的配置文件
mime.types:支持的mime类型
主配置文件的配置指令:
directive value [value2 ...];
注意:
(1) 指令必须以分号结尾
(2) 支持使用配置变量
内建变量:由Nginx模块引入,可直接引用
自定义变量:由用户使用set命令定义
set variable_name value;
引用变量:$variable_name
官网查询帮助:http://nginx.org/en/docs/
6、主配置文件结构
#主配置文件结构:四部
main block: #主配置段,即全局配置段,对http,mail都有效
event {
...
} #事件驱动相关的配置
http {
...
} #http/https #协议相关配置段
mail {
...
} #mail #协议相关配置段
stream {
...
} #stream #服务器相关配置段
7、http协议相关的配置结构
http {
...
... #各server的公共配置
server { #每个server用于定义一个虚拟主机
...
}
server {
...
server_name #虚拟主机名
root #主目录
alias #路径别名
location [OPERATOR] URL { #指定URL的特性
...
if CONDITION {
...
}
}
}
}
二、Nginx配置
Main 全局配置段常见的配置指令分类
正常运行必备的配置
优化性能相关的配置
用于调试及定位问题相关的配置
事件驱动相关的配置
帮助文档
http://nginx.org/en/docs/
1、正常运行必备的配置
帮助文档:http://nginx.org/en/docs/ngx_core_module.html
1、user
Syntax: user user [group];
Default: user nobody nobody;
Context: main
指定worker进程的运行身份,如组不指定,默认和用户名同名
2、pid /PATH/TO/PID_FILE
指定存储nginx主进程PID的文件路径
3、include file | mask
指明包含进来的其它配置文件片断
4、load_module file
模块加载配置文件:/usr/share/nginx/modules/*.conf
指明要装载的动态模块路径: /usr/lib64/nginx/modules
[root@VSservernginx]#cat nginx.conf
user nginx;
worker_processes 1; #worker的数量,建议小于cpu的数量
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024; #每个worker最大连接数
}
http {
include /etc/nginx/mime.types; #支持的媒介
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
[root@VSservernginx]#ps aux
root 16773 0.0 0.1 45200 1056 ? Ss 22:40 0:00 nginx: master process nginx
nginx 16774 0.0 0.1 45584 1784 ? S 22:40 0:00 nginx: worker process
[root@VSservernginx]#pstree -p | grep nginx
|-nginx(16773)---nginx(16774)
[root@VSservernginx]#cat /var/run/nginx.pid #存放的是master的进程编号
16773
[root@VSservernginx]#ll
total 40
drwxr-xr-x 2 root root 4096 Mar 7 22:13 conf.d
drwxr-xr-x 2 root root 4096 Oct 31 2016 default.d
-rw-r--r-- 1 root root 1007 Oct 17 21:25 fastcgi_params
-rw-r--r-- 1 root root 2837 Oct 17 21:25 koi-utf
-rw-r--r-- 1 root root 2223 Oct 17 21:25 koi-win
-rw-r--r-- 1 root root 3957 Oct 17 21:25 mime.types
lrwxrwxrwx 1 root root 29 Mar 7 22:13 modules -> ../../usr/lib64/nginx/modules
-rw-r--r-- 1 root root 643 Oct 17 21:21 nginx.conf
-rw-r--r-- 1 root root 636 Oct 17 21:25 scgi_params
-rw-r--r-- 1 root root 664 Oct 17 21:25 uwsgi_params
-rw-r--r-- 1 root root 3610 Oct 17 21:25 win-utf
[root@VSserver~]#ulimit -n
1024
[root@VSserver~]#ulimit -n 10240
[root@VSserver~]#ulimit -a
core file size (blocks, -c) 0
data seg size (kbytes, -d) unlimited
scheduling priority (-e) 0
file size (blocks, -f) unlimited
pending signals (-i) 3808
max locked memory (kbytes, -l) 64
max memory size (kbytes, -m) unlimited
open files (-n) 10240
pipe size (512 bytes, -p) 8
POSIX message queues (bytes, -q) 819200
real-time priority (-r) 0
stack size (kbytes, -s) 10240
cpu time (seconds, -t) unlimited
max user processes (-u) 3808
virtual memory (kbytes, -v) unlimited
file locks (-x) unlimited
#加载第三方模块操作
#1、下载第三方模块
[root@VSservernginx]#wget http://mirrors.aliyun.com/epel/6/x86_64/Packages/n/nginx-mod-http-xslt-filter-1.10.2-1.el6.x86_64.rpm
--2018-03-07 23:00:41-- http://mirrors.aliyun.com/epel/6/x86_64/Packages/n/nginx-mod-http-xslt-filter-1.10.2-1.el6.x86_64.rpm
Resolving mirrors.aliyun.com... 202.108.249.220, 202.108.249.221, 123.125.18.87, ...
Connecting to mirrors.aliyun.com|202.108.249.220|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 16016 (16K) [application/x-redhat-package-manager]
Saving to: “nginx-mod-http-xslt-filter-1.10.2-1.el6.x86_64.rpm”
100%[==================================================================>] 16,016 --.-K/s in 0.04s
2018-03-07 23:00:41 (387 KB/s) - “nginx-mod-http-xslt-filter-1.10.2-1.el6.x86_64.rpm” saved [16016/16016]
[root@VSservernginx]#rpm -qpl http://mirrors.aliyun.com/epel/6/x86_64/Packages/n/nginx-mod-http-xslt-filter-1.10.2-1.el6.x86_64.rpm
warning: http://mirrors.aliyun.com/epel/6/x86_64/Packages/n/nginx-mod-http-xslt-filter-1.10.2-1.el6.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID 0608b895: NOKEY
/usr/lib64/nginx/modules/ngx_http_xslt_filter_module.so
/usr/share/nginx/modules/mod-http-xslt-filter.conf #调用模块的配置文件
[root@VSservernginx]#cat /usr/share/nginx/modules/mod-http-xslt-filter.conf
load_module "/usr/lib64/nginx/modules/ngx_http_xslt_filter_module.so";
#2、安装模块
[root@VSservernginx]#rpm -ivh http://mirrors.aliyun.com/epel/6/x86_64/Packages/n/nginx-mod-http-xslt-filter-1.10.2-1.el6.x86_64.rpm
Retrieving http://mirrors.aliyun.com/epel/6/x86_64/Packages/n/nginx-mod-http-xslt-filter-1.10.2-1.el6.x86_64.rpm
warning: /var/tmp/rpm-tmp.WaMXQe: Header V3 RSA/SHA256 Signature, key ID 0608b895: NOKEY
Preparing... ########################################### [100%]
package nginx-mod-http-xslt-filter-1.10.2-1.el6.x86_64 is already installed
#3、调用模块
[root@VSservernginx]#vim /etc/nginx/nginx.conf
load_module "/usr/lib64/nginx/modules/ngx_http_xslt_filter_module.so"; #在全局设置添加这句命令
#或者把这个/usr/share/nginx/modules/mod-http-xslt-filter.conf文件,拷贝到 /etc/nginx/conf.d/ 目录下2、性能优化相关的配置
1、worker_processes number | auto
worker进程的数量;通常应该为当前主机的cpu的物理核心数
2、worker_cpu_affinity cpumask ...
worker_cpu_affinity auto [cpumask] 提高缓存命中率
CPU MASK: 00000001:0号CPU
00000010:1号CPU
10000000:8号CPU
worker_cpu_affinity 0001 0010 0100 1000;
worker_cpu_affinity 0101 1010;
3、worker_priority number
指定worker进程的nice值,设定worker进程优先级:[-20,20]
4、worker_rlimit_nofile number
worker进程所能够打开的文件数量上限,如65535
#实验:简单优化
#实验:设置cup与worker绑定 [root@VSservernginx]#watch -n 0.5 ' ps axo cmd,pid,psr | grep nginx ' Every 0.5s: ps axo cmd,pid,psr | grep nginx Wed Mar 7 23:11:10 2018 nginx: master process nginx 16773 2 nginx: worker process 16774 3 nginx: worker process 16775 0 nginx: worker process 16776 1 nginx: worker process 16777 2 grep --color=auto nginx 16989 4 [root@VSservernginx]#vim /etc/nginx/nginx.conf worker_processes auto; worker_cpu_affinity 0001 0010 0100 1000; #在全局里添加 [root@VSservernginx]#watch -n 0.5 ' ps axo cmd,pid,psr | grep nginx ' Every 0.5s: ps axo cmd,pid,psr | grep nginx Wed Mar 7 23:11:10 2018 nginx: master process nginx 16773 2 nginx: worker process 16774 0 nginx: worker process 16775 1 nginx: worker process 16776 2 nginx: worker process 16777 3 grep --color=auto nginx 16989 4 #调整优先级 [root@VSservernginx]#ps axo cmd,pid,psr,ni | grep nginx nginx: master process nginx 16773 0 0 nginx: worker process 16774 0 0 #默认就是0 grep nginx 17530 0 0 [root@VSservernginx]#vim /etc/nginx/nginx.conf worker_priority -20 #在全局设置 [root@VSservernginx]#ps axo cmd,pid,psr,ni | grep nginx nginx: master process nginx 16773 0 -20 nginx: worker process 16774 0 -20 #nice的优先级就是-20~19 grep nginx 17530 0 0 #提升线程 Syntax:worker_rlimit_nofile number; #官网翻译 Default:— Context:main Changes the limit on the maximum number of open files (RLIMIT_NOFILE) for worker processes. Used to increase the limit without restarting the main process. #提示不用重启服务,用于在不重新启动主进程的情况下增加限制 [root@VSservernginx]#vim /etc/nginx/nginx.conf worker_rlimit_nofile 65530 这个要配合修改worker_connections 1024; 一起使用,几个worker乘以这个值,不要超出文件的最大上限 worker_connections 10240;
3、事件驱动相关的配置
events {
...
}
1、worker_connections number
每个worker进程所能够打开的最大并发连接数数量,如10240
总最大并发数:worker_processes * worker_connections
2、use method
指明并发连接请求的处理方法 ,默认自动选择最优方法
use epoll;
3、accept_mutex on | off 互斥
处理新的连接请求的方法;on指由各个worker轮流处理新请求,Off指每个新请求的到达都会通知(唤醒)所有的worker进程,但只有一个进程可获得连接,造成“惊群”,影响性能,默认on
Syntax:accept_mutex on | off; Default:accept_mutex off; Context:events If accept_mutex is enabled, worker processes will accept new connections by turn. Otherwise, all worker processes will be notified about new connections, and if volume of new connections is low, some of the worker processes may just waste system resources. There is no need to enable accept_mutex on systems that support the EPOLLEXCLUSIVE flag (1.11.3) or when using reuseport. Prior to version 1.11.3, the default value was on. #如果accept_mutex启用,工作进程将轮流接受新的连接。否则,所有工作进程都会收到有关新连接的通知, 并且如果新连接的数量很少,某些工作进程可能会浪费系统资源。 不需要accept_mutex 在支持EPOLLEXCLUSIVE标志(1.11.3)的系统 上启用或在使用复用端口时启用。 在版本1.11.3之前,默认值是on。
4、调试和定位问题
1、daemon on|off
是否以守护进程方式运行nignx,默认是守护进程方式
2、master_process on|off
是否以master/worker模型运行nginx;默认为on
off 将不启动worker(不建议关闭)
3、error_log file [level]
错误日志文件及其级别;出于调试需要,可设定为debug;但debug仅在编译时使用了“--with-debug”选项时才有效
方式:file /path/logfile;
stderr:发送到标准错误
syslog:server-address[,parameter=values]
发送到syslogmemory:size 内存
level:debug|info|notice|warn|error|crit|alter|emerg
5、http协议的相关配置
http {
... ...
server {
...
server_name
root
location [OPERATOR] /uri/ {
...
}
}
server {
...
}
}
[root@VSservernginx]#vim nginx.conf
http {
include /etc/nginx/mime.types; #媒介的设置
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on; #启用内核级封装
#tcp_nopush on;
keepalive_timeout 65; #持久连接,默认65秒
#gzip on; #压缩
include /etc/nginx/conf.d/*.conf; #包含的子配置文件
}
[root@VSservernginx]#cat conf.d/default.conf
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log /var/log/nginx/host.access.log main;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
Linux学习之路-Nginx(2)安装及配置文件篇【23】---20180210
标签:Nginx编译 Nginx yum安装 主配置文件分析 Core functionality分
原文地址:http://blog.51cto.com/exia00linux/2084696
