概述
这里演示以编译安装的nginx1.16版本:
#配置文件路径:/usr/local/nginx/conf/nginx.conf
#user nobody;
worker_processes 4;
worker_rlimit_nofile 1024000;
working_directory /nginx;
error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024000;
accept_mutex off;
}
#accept_mutex的意义:当一个新接到达时,如果激活了accept_mutex,那么多个Worker将以串行方式来处理,其中有一个Worker会被唤醒其他的Worker继续保持休眠状态;如果没有激活accept_mutex,那么所有的Worker都会被唤醒,不过只一个Worker能获取新连接,其它的Worker会重新进入休眠状态,这就是「惊群问题」。Nginx缺省激活了acept_mutex,是一种保守的选择。如果关闭了它,可能会引起一定程度的惊群问题,表现为上下文切换增(sar -w)或者负载上升,但是如果你的网站访问量比较大,为了系统的吞吐量,我还是建议大家关闭它。
thread_pool one threads=128 max_queue=0;
http {
include mime.types;
default_type application/octet-stream;
server_tokens off;
client_header_buffer_size 16k;
client_body_buffer_size 512k;
client_body_temp_path /dev/shm/client_body_temp;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$body_bytes_sent "$http_referer" '
'"$request_body" '
'"$http_user_agent" "$http_x_forwarded_for"'
'$upstream_addr $status $request_time $upstream_response_time' ;
log_format json '{"@timestamp":"$time_iso8601",'
'"host":"$server_addr",'
'"clientip":"$remote_addr",'
'"size":$body_bytes_sent,'
'"xff":"$http_x_forwarded_for",'
'"upstreamhost":"$upstream_addr",'
'"status":"$status",'
'"responsetime":$request_time,'
'"upstreamtime":"$upstream_response_time",'
'"http_host":"$host",'
'"url":"$uri"}';
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
#access_log logs/access.log main;
access_log off;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
max_ranges 1;
#keepalive_timeout 0;
keepalive_timeout 300s 300s;
keepalive_requests 8192;
gzip on;
gzip_min_length 10k;
gzip_buffers 16 16k;
gzip_comp_level 5;
gzip_vary on;
gzip_types text/plain application/x-javascript text/css application/xml application/javascript image/jpeg image/gif image/png;
proxy_cache_path /nginx/cache levels=1:2 keys_zone=first:100m inactive=24h max_size=2G use_temp_path=off;
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_set_header Host $host;
proxy_set_header x-real-ip $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 1m;
proxy_send_timeout 10m;
proxy_read_timeout 10m;
proxy_buffering on;
proxy_buffer_size 256k;
proxy_buffers 4 256k;
proxy_busy_buffers_size 256k;
#proxy_next_upstream http_502 http_504 http_404 error timeout invalid_header;#负载均衡http配置:
upstream iewebservice {
server 10.230.248.115:9529 weight=1 max_fails=2;
server 10.230.248.116:9529 weight=1 max_fails=2;
}
server {
listen 80 default_server;
server_name _;
location /ngx_status {
stub_status on;
access_log off;
allow 127.0.0.1;
allow 10.3.22.153;
deny all;
}
}
#上面的server模块是全局指向
#下面的server模块是针对upstream
server {
listen 80;
server_name crm2.wuliusys.com;
rewrite ^/(.*) https://crm2.wuliusys.com/$1 permanent;
}
#匹配成功后跳转到指定域,执行永久301跳转
server {
listen 80;
server_name iewebservice.rfddc.com;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
root html;
proxy_pass http://iewebservice;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}#负载均衡https配置
upstream backend-crm {
server 10.230.4.11:8081 weight=1 max_fails=2;
server 10.230.3.34:8081 weight=1 max_fails=2;
}
server {
listen 443;
client_max_body_size 15M;
server_name crm2.wuliusys.com;
client_header_timeout 5m;
client_body_timeout 5m;
send_timeout 5m;
ssl on;
ssl_certificate /etc/nginx/cert/server.crt;
ssl_certificate_key /etc/nginx/cert/key.txt;
#这里的证书要存放到指定的路径下
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
proxy_set_header X-Forwarded-Proto https;
proxy_redirect http:// https://;
#charset koi8-r;
error_log logs/crm2.error.log;
#access_log logs/crm2.access.log;
location / {
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_set_header Host $host;
proxy_set_header x-real-ip $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://backend-crm;
}
location ~* ".(jpg|jpeg|png|gif|html|css|js)$" {
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_set_header Host $host;
proxy_set_header x-real-ip $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 5m;
proxy_send_timeout 10m;
proxy_read_timeout 10m;
proxy_buffering on;
proxy_buffer_size 256k;
proxy_buffers 4 256k;
proxy_busy_buffers_size 256k;
proxy_next_upstream http_502 http_504 http_404 error timeout invalid_header;
proxy_cache first;
proxy_cache_valid 200 24h;
proxy_cache_valid 302 10m;
add_header X-Cache-Status $upstream_cache_status;
proxy_pass http://backend-crm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
location = /404-3.png {
root html;
}
}
最后
以上就是魔幻柠檬为你收集整理的nginx.conf文件配置实用案例的全部内容,希望文章能够帮你解决nginx.conf文件配置实用案例所遇到的程序开发问题。
如果觉得靠谱客网站的内容还不错,欢迎将靠谱客网站推荐给程序员好友。
本图文内容来源于网友提供,作为学习参考使用,或来自网络收集整理,版权属于原作者所有。
发表评论 取消回复