1. nginx.conf
2. upstream configuration
3. location matching rules
4. Other common configurations of nginx.conf: 1. user
#Specify the user and user group used, such as user www www 2. worker_processes #Specify the derived worker process The number is generally the total number of cpu cores or 2 times; use ps –ef |grep "nginx" to see that there is one main nginx and the number of other derived worker processes 3, error_log #Specify the path and level of the nginx error log , the level is divided into debug, info, notice, warn, error, crit (debug is the most detailed, crit is the least) 4, pid, # specifies the file storage path of the nginx main process id 5, worker_rlimit_nofile, the most file descriptors opened by an nginx process The theoretical value should be the maximum number of open files (the system value ulimit -n) divided by the number of nginx processes, but nginx allocates requests unevenly, so it is recommended to keep the value of ulimit -n consistent. Ps: The default number of linux file handles is 1024, which must be modified in high concurrent web applications. 6. Internal settings of events: 6.1 use [ kqueue | rtsig | epoll | /dev/poll | select | poll ] , #The network I/O model used, the epoll model is the high-performance network I/O in the kernel of Linux version 2.6 and above The model, if running on FreeBSD, use the kqueue model. 6.2 The number of connections allowed by worker_connections should be less than the number of file handles in the system
7. http internal settings:
7.1 include mime.types (file extension and file type mapping table, must have!!)
7.2 charset utf-8; #Default character set, if you are not sure about the website character set, do not set it, pass The html meta tag specifies.
#user nobody;
worker_processes 12;
error_log /opt/logs/error.log;
pid logs/nginx.pid; worker_rlimit_nofile 51200
events
{
use epoll; worker_connections
10240; .types file, specifying supported MIME) log_format main … upstream backend1 {# load balancing backend service} upstream backend2 { } server {# external virtual host... location /{ } } } 2. Upstream configuration 2.1 Polling method (Default) The default load balancing method, applicable: The performance of the back-end servers is similar, and each request is allocated to different back-end servers (14 and 15 in the example) one by one in chronological order. If the back-end server goes down, it can be automatically cull.
upstream bakend {
server 192.168.0.14;
server 192.168.0.15;
}
2.2 weight Specifies the polling probability. The weight is proportional to the access ratio. Applicable: The backend server has uneven performance. upstream bakend {
server 192.168.0.14 weight=10;
server 192.168.0.15; #default is 1
}
If there are 11 requests, 10 will be called to 14, the default is 1 2.3 ip_hash Do it according to the source IP and backend configuration Hash allocation to ensure that a fixed IP only accesses one backend.
upstream bakend {
ip_hash;
server 192.168.0.14;
server 192.168.0.15;
}
Advantages of ip_hash: A client and a backend under ip can establish a stable session. ip_hash is not suitable for occasions: nginx is not the most front-end server. ip_hash requires that nginx must be the front-end server, otherwise nginx cannot get the correct ip, and it cannot hash according to the ip. For example, if Squid is used as the front end, then nginx can only get the IP address of Squid's server when it obtains the IP address. It is definitely confusing to use this address for distribution. Note: You cannot use weight in conjunction with ip_hash to distribute connections. backup cannot be used with the ip_hash command.
2.4 fair is allocated according to the response time of the backend service, and the backend with short response time will be allocated first.
upstream bakend {
server 192.168.0.14;
server 192.168.0.15;
fair;
}
Note: In this way, nginx is required to install the Upstream Fair Balancer module
2.5 Custom hash Hash allocation is performed according to a given string, such as allocation according to the requested url (applicable backend has local cache)
upstream bakend {
192.168.0.14;
server 192.168.0.15;
hash $request_uri;
hash_method crc32;
}
Note: In this way, Upstream Hash module
2.6 needs to be installed. The parameters that can be set for each upstream backend are:
1.down: Indicates that this server does not participate in the load temporarily.
2.weight: The default is 1, the larger the weight, the greater the weight of the load.
3. max_fails: The default number of allowed requests to fail is 1. When the maximum number of times is exceeded, the error defined by the proxy_next_upstream module is returned.
4.fail_timeout: The time to pause after max_fails failures.
5.backup: When all other non-backup machines are down or busy, request backup machines, emergency measures.
3. Location matching rules Syntax rules:
location [=|~|~*|^~] /uri/ {…} 1. The beginning of = indicates an exact match
. 2. The beginning of ^~ indicates that the uri starts with a regular string.
3. The beginning of ~ indicates a case-sensitive regular match. The beginning of ~* indicates a case-insensitive regular match. !~ and !~* are case-sensitive mismatches and case-insensitive mismatches, respectively.
4. / Universal matching, any request will be matched. Note: nginx will preferentially choose rewrite, and then enter the location nginx does not encode the url, so the request is /static/20%/aa, which can be matched by the rule ^~ /static/ /aa (note the space). The matching order of multiple locations: firstly matches =, secondly matches ^~, thirdly is regular matching according to the order in the nginx.conf file, and finally is handed over to / general matching. When there is a successful match, stop matching and process the request according to the current matching rules. Note: If the string starts with ^~, when the match is successful, it will not continue to match the regular expression but if it does not start with ^~, when the match is successful, the following regular expression will continue to match, if the regular expression If the matching is successful, it will enter the corresponding rule to process the request. If the regularization is unsuccessful, it will enter the location where the previous string matched for processing. See the examples on the next page for details!
[img]http://dl2.iteye.com/upload/attachment/0124/0542/69e76245-36f2-3789-8cfb-1bb4b2c01a27.png" alt="
[/img]
Example: / -> configuration A
/ index.html -> configuration B
/documents/document.html -> configuration C
/images/1.gif -> configuration D
/documents/1.jpg ->
4. Compression - Others
1.gzip Enable or disable gzip module syntax: gzip on|off Default value: gzip off Scope: http, server, location, if (x) location
2.gzip_buffers cache setting syntax: gzip_buffers number size Default value : gzip_buffers 4 4k/8k Scope: http, server, location Example: gzip_buffers 4 16k;//Set the system to obtain several units of cache to store the gzip compression result data stream. 4 16k means that the unit is 16k, and the memory is applied for 4 times the unit of 16k according to the original data size. If not set, the default value is to apply for the same size of memory space as the original data to store the gzip compression result.
3.gzip_comp_level - compression ratio setting syntax: gzip_comp_level 1..9 default value: gzip_comp_level 1 scope: http, server, location
4.gzip_min_length - the minimum number of bytes in a page to allow compression Syntax: gzip_min_length length default value: gzip_min_length 0 scope : http, server, location Note: gzip_comp_level, gzip compression ratio, 1 is the smallest compression ratio and the fastest processing speed, 9 is the largest compression ratio but the slowest processing (fast transmission but consumes CPU). gzip_min_length 1k;//Set the minimum number of bytes of the page allowed to be compressed, and the number of page bytes is obtained from the content-length of the header header. The default value is 0, which compresses regardless of page size. It is recommended to set the number of bytes to a value greater than 1k. If it is less than 1k, the pressure may increase.
5.gzip_http_version http version syntax: gzip_http_version 1.0|1.1 Default value: gzip_http_version 1.1 Scope: http, server, location
6.gzip_proxied syntax: gzip_proxied [off|expired|no-cache|no-store|private|no_last_modified|no_etag|auth |any] … Default: gzip_proxied off Scope: http, server, location
7.gzip_types match MIME compression syntax: gzip_types mime-type [mime-type ...] Default: gzip_types text/html Scope: http, server , location
Note:
1. gzip_http_version identifies the protocol version of http. Since some early browsers or http clients may not support gzip self-extraction, users will see garbled characters, so it is necessary to make some judgments. Note: The 21st century has come. Now, except for things like Baidu's spiders, which do not support self-extracting, 99.99% of browsers basically support gzip decompression, so you don't need to set this value, just keep the system default.
2. When gzip_proxied Nginx is used as a reverse proxy, enable or disable the result returned by the back-end server. The premise of matching is that the back-end server must return a header containing "Via". off - turns off compression of all proxy result data expired - enables compression if the header includes "Expires" header no-cache - enables compression if the header includes "Cache-Control: no-cache" header no- store - enable compression if the header contains "Cache-Control: no-store" header private - enable compression if the header contains "Cache-Control: private" header no_last_modified - enable compression if the header is not Include "Last-Modified" header no_etag - enable compression, if header header does not include "ETag" header auth - enable compression, if header header includes "Authorization" header any - enable compression unconditionally
3, gzip_types match MIME type For compression, (whether specified or not) the "text/html" type will always be compressed. Note: If it is used as an http server, the file type configuration file should be included in the main configuration file (the default include mime.types, the mime.types file in the current directory), for example: http { include mime.types; ..... .}
5. ip is limited
to the server, or
location / {
deny 192.168.1.1;
allow 192.168.1.0/24;
allow 10.1.1.0/16; deny all;
}
6. Built-in variables
$nginx_version
$args, parameters in the request;
$content_length, "Content-Length" in the HTTP request information;
$content_type, "Content-Type in the request information" ";
$document_root, set the value for the root path of the current request;
$document_uri, the same as $uri;
$host, "Host" in the request information, if there is no Host line in the request, it is equal to the set server name;
$request_method, Request method, such as "GET", "POST", etc.;
$remote_addr, client address;
$remote_port, client port number;
$remote_user, client user name, used for authentication;
$request_filename, the file path name of the current request
$ request_uri, the URI of the request, with parameters;
$uri, the URI of the request, which may be different from the original value, such as after a redirect.
Off-topic: Some built-in variables of Nginx come from http request headers, such as $request_uri, $content_length, $content_type http request header Referer: The client uses this header to tell the server which page the client is from (anti-theft Chain) User-Agent: Indicates the client operating system information and browser information Cookie: The client can bring some data to the server through this header
7.
Log 1. Set the log format log_format name format [format…] Note: name is in nginx.conf cannot be repeated 2. Set the log file path access_log path [format [buffer=size|off]]
3. Log cutting (timed task) mv kill -USR1 nginx main process number restart to generate a new log file
Note :
1. Log_format There is a default combined log format setting that does not need to be set. The specific parameters are as follows: Log_format combined '$remote_addr - $remote-user[$time_local]' '"$request" $status $body_bytes_sent' '"http_referer" "http_user_agent"'
2. If it is access_log off, the log output will be turned off. If the format is not specified, the output will be in the default combined format. 3. The nginx main process number can be found through the pid configuration of nginx.conf[/size]