Recently, I found that in the JD (job description) of various recruitment websites, nginx is required when recruiting Java. Three and a half years ago, I contacted nginx at work. At that time, it was only at the level of use and did not summarize it. Write a summary if you are bored at home during the Chinese New Year.
Follow the daily routine:
1. What is Nginx?
Nginx is a very lightweight HTTP server written by the Russians. Nginx, pronounced "engine X", is a high-performance HTTP and reverse proxy server, as well as an IMAP/POP3/SMTP proxy server. Nginx was developed by Russian Igor Sysoev for the second most visited Rambler.ru site in Russia, and it has been running on the site for more than a few years. Igor Sysoev when the project is built, based BSD ( BSD open source license is given to use protocol's a great freedom. Basically users can "do whatever they want", you can freely use , modify the source code can also be modified after The code is republished as open source or proprietary software ) licensed. Since the release of Nginx, Nginx has been known for its stability, rich feature set, sample configuration files and low system resource consumption.
Second, the advantages of Nginx
1. High concurrent connections: The official test can support 50,000 concurrent connections, and the number of concurrent connections reaches 20,000 to 30,000 in the actual production environment.
2. Low memory consumption: under 30,000 concurrent connections, only 10 Nginx processes opened consume 150M of memory (15M*10=150M)
3. The configuration file is very simple: the style is simple and easy to understand
4. Low cost: Nginx is open source software and can be used for free. The purchase of hardware load balancing switches such as F5 BIG-IP and NetScaler requires more than 100,000 to hundreds of thousands of yuan.
5. Support Rewirte rewriting rules: According to different domain names and URLs, HTTP requests can be divided into different back-end server groups
6. Built-in health check function: if a certain web server at the back end of Nginx Proxy goes down, it will not affect front-end access
7. Bandwidth saving: Support GZIP compression, you can add the Header header of the browser's local cache
8. High stability: Used for reverse proxy, the probability of downtime is minimal
Nginx is specially developed for performance optimization. Performance is its most important consideration, and it pays great attention to efficiency in implementation. It supports the kernel Poll model, can withstand the test of high load, and reports indicate that it can support up to 50,000 concurrent connections. Nginx has high stability. When other HTTP servers encounter a peak of access, or someone maliciously initiates a slow connection, it may also cause the server's physical memory to be exhausted and frequent exchanges, and the server can only be restarted if it loses response. For example, once Apache has more than 200 processes, the web response speed is obviously very slow. Nginx adopts a staged resource allocation technology, which makes its CPU and memory usage very low. Nginx officially stated that it maintains 10,000 inactive connections, and it only occupies 2.5M of memory, so attacks like DOS are basically useless for Nginx. In terms of stability, nginx is better than lighttpd. Nginx supports hot deployment, its startup is particularly easy, and it can almost run 7*24 uninterrupted, even if it runs for several months, it does not need to be restarted. You can also upgrade the software version with uninterrupted service. Nginx adopts the master-slave ( now everyone advocates using master-follower to describe, the word slave is discriminatory, and it is used with caution worldwide ) model, which can make full use of the advantages of SMP, and can reduce the blocking delay of the work process in the disk I/O. Nginx code quality is very high, the code is very standardized, the technique is mature, and the module extension is also very easy. Nginx adopts some of the latest features provided by os, such as support for sendfile (Linux2.2+), accept-filter (FreeBSD4.1+), TCP_DEFER_ACCEPT (Linux 2.4+), which greatly improves performance
Third, who is using nginx
Nginx's market share continues to increase:
Which domestic companies are using nginx servers: Sina, NetEase, Tencent, CSDN , Kuliu, Shuimu Community, Douban, Six Rooms, Xiaomi, etc.
Fourth, the difference between Nginx and Apache
Nginx, like Apache, is an HTTP server software. Both adopt a modular structure design for functional implementation. Both support common language interfaces, such as PHP, Perl, Python, etc., and also support forward and reverse proxy, virtual host, and URL. Rewrite, compressed transmission, SSL encrypted transmission, etc. The biggest difference between them is that Apache is very slow in processing speed and occupies a lot of memory resources, while Nginx is the opposite; in terms of functional implementation, all Apache modules support dynamic and static compilation, while Nginx modules are statically compiled. At the same time, Apache does not support Fcgi ( Fast Common Gateway Interface ), while Nginx supports Fcgi very well; most importantly, in terms of connection processing, Nginx supports epoll ( epoll is the Linux kernel for processing large quantities of file descriptions). character and made improvements poll, is under Linux multiplexed IO enhanced version of the interface to select / poll, it can significantly improve the program in a large number of concurrent connections system in case only a small amount of active CPU utilization ), while Apache has Not supported; in terms of size, the Nginx installation package is only a few hundred K, and compared to Nginx, Apache is definitely a behemoth. After understanding the similarities and differences between Nginx and Apache, I basically know the advantages of Nginx as an HTTP server.
Five, the installation of Nginx
①Installation on windows
1. Download the windows version of nginx: http://nginx.org/download
Just select a version to download.
2. Unzip the compressed file to a non-Chinese directory (green software only needs to be compressed)
3. To start and stop Nginx (prerequisite: make sure apache is closed ), enter the decompression directory, execute the start nginx.exe command in the decompression directory, and then you can access the address in the browser after startup.
nginx -s stop 快速关闭
nginx -s quit 安全关闭
nginx -s reload 重载配置文件
nginx -s reopen 重新打开日志文件
The above is the Nginx stop command.
Configure the controller station to restart and shut down:
3.1 Copy the nginx.bat file to the nginx folder:
3.2 Modify the configuration in the nginx.bat file. Configure the installation path of nginx
3.3 Use nginx.bat to control nginx
① Installation on Linux. The installation process on linux is a little bit longer. In order not to make a document too long, I will write a separate article later on the installation process of installing Nginx on a linux server.
Six, detailed analysis of Nginx configuration files
1. Know the configuration file:
Basically every service under Linux will have its main configuration file, which defines how the service should be run, what parameters to use, what functions to enable, and where are some of the relevant operation files, so the main configuration file It is essential to service. Let's analyze the main configuration file of Nginx.
The main configuration file of Nginx is located at /usr/local/nginx/nginx.conf by default. The following is a comment on some parameters of the Nginx configuration file.
The sample refers to this configuration file:
#指定使用的用户
#user nobody;
#启动进程,通常设置成和cpu的数量相等
worker_processes 1;
#全局错误日志
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#PID文件--存放进程号的文件
#pid logs/nginx.pid;
#工作模式及连接数上限
events {
#单个后台worker process进程的最大并发链接数
worker_connections 1024;
#并发总数是 worker_processes 和 worker_connections 的乘积
#Nginx支持如下处理连接的方法(I/O复用方法),这些方法可以通过 use指令指定。
#use [ kqueue | rtsig | epoll | /dev/poll | select | poll ];
#use epoll; #使用 epoll(linux2.6的 性能方式 )
#select - 标准方法。 如果当前平台没有更有效的方法,它是编译时默认的方法。你可以使用配置参数 –with-select_module 和 –without-select_module 来启用或禁用这个模块。
#poll - 标准方法。 如果当前平台没有更有效的方法,它是编译时默认的方法。你可以使用配置参数–with-poll_module 和 –without-poll_module 来启用或禁用这个模块。
#kqueue - 效的方法,使用于 FreeBSD 4.1+, OpenBSD 2.9+, NetBSD 2.0 和 MacOS X. 使用双处理器的 MacOS X系统使用 kqueue可能会造成内核崩溃。
#epoll - 效的方法,使用于Linux内核2.6版本及以后的系统。在某些发行版本中,如 SuSE 8.2,有让2.4版本的内核支持epoll的补丁。
#rtsig - 可执行的实时信号,使用于Linux内核版本 2.2.19以后的系统。可是从Linux内核版本2.6.6-mm2开始,这个参数就不再使用了.
#/dev/poll - 效的方法,使用于 Solaris 7 11/99+, HP/UX 11.22+ (eventport), IRIX 6.5.15+ 和 Tru64 UNIX 5.1A+.
#eventport - 效的方法,使用于 Solaris 10. 为了防止出现内核崩溃的问题, 有必要安装 这个 安全补丁。
}
http {
#设定mime类型,类型由mime.type文件定义
include mime.types;
default_type application/octet-stream;
#设定日志格式
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#sendfile 指令指定 nginx 是否调用 sendfile 函数(zero copy 方式)来输出文件,
#对于普通应用,必须设为 on,
#如果用来进行下载等应用磁盘IO重负载应用,可设置为 off,
#以平衡磁盘与网络I/O处理速度,降低系统的uptime.
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#连接超时时间
#keepalive_timeout 0;
keepalive_timeout 65;
#开启gzip压缩
#gzip on;
#设定虚拟主机配置
server {
#侦听80端口
listen 80;
#定义使用 www.nginx.cn访问
server_name localhost;
#定义服务器的默认网站根目录位置
root html;
#设置编码
#charset koi8-r;
#设定本虚拟主机的访问日志
#access_log logs/host.access.log main;
#默认请求
location / {
root html;
#定义首页索引文件的名称
index index.html index.htm;
}
# 定义错误提示页面
#error_page 404 /404.html;
#redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#PHP脚本转给apache处理
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#PHP 脚本请求全部转发到 FastCGI处理. 使用FastCGI默认配置.
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
# 禁止访问 .htxxx 文件
#location ~ /\.ht {
# deny all;
#}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
# }
#}
# HTTPS server
#
#server {
# listen 443 ssl;
# server_name localhost;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
#}
}
2. The structure of the configuration file:
nginx.conf consists of multiple blocks, the outermost block is main, main contains events and http, http contains multiple upstream and multiple servers, and server contains multiple locations:
main (global settings), server (virtual host settings), upstream (load balancing server settings), and location (settings where the URL matches a specific location).
- The instructions set by the main block will affect all other settings;
- The instructions of the server block are mainly used to specify the host and port;
- The upstream command is mainly used for load balancing, setting up a series of back-end servers;
- The location block is used to match the location of the web page.
The relationship between the four: server inherits main , location inherits server , upstream neither inherits other settings nor is inherited.
Among these four parts, each part contains several instructions. These instructions mainly include Nginx main module instructions, event module instructions, and HTTP core module instructions. At the same time, each part can also use other HTTP module instructions, such as Http SSL module. , HttpGzip Static module and Http Addition module, etc.
2.1 Nginx global configuration
#指定使用的用户和组
#user nginx nginx;
#启动进程,通常设置成和cpu的数量相等
worker_processes 1;
#全局错误日志
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#PID文件--存放进程号的文件
#pid logs/nginx.pid;Create the running user required by nginx in the global configuration:
groupadd nginx
useradd -g nginx nginx
2.2 events configuration: When the server is linux, please open use epoll, and use the linux kernel to provide a performance optimization solution
#工作模式及连接数上限
events {
#单个后台worker process进程的最大并发链接数
worker_connections 1024;
#并发总数是 worker_processes 和 worker_connections 的乘积
#Nginx支持如下处理连接的方法(I/O复用方法),这些方法可以通过 use指令指定。
#use [ kqueue | rtsig | epoll | /dev/poll | select | poll];
use epoll; #使用 epoll(linux2.6的 性能方式 )
}
2.3 http configuration:
http {
#Nginx对HTTP服务器相关属性的配置
include mime.types;
default_type application/octet-stream;
#设定虚拟主机配置
server {
#侦听80端口
listen 80;
#定义使用 www.itsource.cn访问
server_name www.itsource.cn;
location {
}
location {
}
…..
}
server {
#侦听80端口
listen 80;
#定义使用 www.example.cn访问
server_name www.example.cn;
location {
}
location {
}
…..
}
}
Include is a main module command, which realizes the setting of the files included in the configuration file, which can reduce the complexity of the main configuration file. Similar to the include method in Apache.
The default_type belongs to the HTTP core module instruction. Here, the default type is set to binary stream, which is to use this method when the file type is not defined. For example, when the PHP environment is not configured, Nginx will not parse it. At this time, use the browser A download window will appear when accessing the PHP file.
The instructions of the server block are mainly used to specify the host and port (virtual host);
The location part is mainly used to match the location of the webpage and set different features. For example: caching, redirection, etc.
2.4 Location of important instructions
The location part is mainly used to match the location of the webpage and set different features. For example: caching, redirection, etc...
Examples :
Static files with extensions ending in .gif, .jpg, .jpeg, .png, .bmp, .swf are handed over to nginx for processing, and expires is used to specify the expiration time of static files, here is 30 days
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ {
root /wwwroot/www.itsource.com;
expires 30d;
}
All files under upload and html are handed over to nginx for processing. Of course, the upload and html directories are contained in the /web/wwwroot/www.itsource.cn directory
location ~ ^/(upload|html)/ {
root /web/wwwroot/www.itsource.com;
expires 30d;
}
Location is the filtering processing of dynamic web pages under this virtual host, that is, all files with a .php suffix are handed over to the local 8080 port for processing
location ~ .*.php$ {
index index.php;
proxy_pass http://localhost:8080;
}
The syntax of location:
- ~ #The wavy line indicates that a regular matching is performed, which is case sensitive
- ~* # means to perform a regular match, not case sensitive
- ^~ #^~ means normal character matching. If this option matches, only this option is matched, and other options are not matched. It is generally used to match directories.
- = #Perform an exact match of ordinary characters
- The following grammatical rules can be accepted in the location
location = / {
# 只匹配"/".
[ configuration A ]
}
location / {
# 匹配任何请求,因为所有请求都是以"/"开始
# 但是更长字符匹配或者正则表达式匹配会优先匹配
[ configuration B ]
}
location ^~ /images/ {
# 匹配任何以 /images/ 开始的请求,并停止匹配 其它location
[ configuration C ]
}
location ~* \.(gif|jpg|jpeg)$ {
# 匹配以 gif, jpg, or jpeg结尾的请求.
# 但是所有 /images/ 目录的请求将由 [Configuration C]处理.
[ configuration D ]
}
Priority :
1. The instruction of the = prefix exactly matches this query. If found, stop searching.
2. All remaining regular strings, the longest match. If this match uses the ^~ prefix, the search stops.
3. Regular expressions, the order defined in the configuration file.
4. If rule 3 produces a match, the result is used. Otherwise, it is used as from the second rule.
Example request URI:
/ -> conform to configuration A
/documents/document.html -> conforms to configuration B
/images/1.gif -> conform to configuration C
/documents/1.jpg -> meet the configuration