1. What is Nginx?
Nginx is a high-performance HTTP server and reverse proxy, often used to do load balancing server
2. Why Nginx?
Cross-platform, simple configuration
non-blocking, high concurrent connections:
processing 2-3 million concurrent connections, the official monitor can support 50,000 concurrent
small memory consumption:
open only accounted for 10 nginx 150M memory, Nginx take phased resource allocation techniques
good static files nginx, less the cost of memory
built-in health check function:
If you have a server goes down, will do a health check, and then send the request will not be sent to the server downtime. Re-submit the request to other nodes.
Save Broadband:
support GZIP compression, you can add a local browser cache
high stability:
the probability of downtime is very small
master / worker structure:
a master process, generate one or more worker processes
receive a user request is asynchronous:
the browser will request nginx sent to the server, all user requests it receives down first, and then sent to the backend web server disposable, greatly reduces the pressure on the web server, the web server while receiving return data, while transmitted to the browser client
network dependent relatively low, as long as you can ping the load balancer
you can have multiple nginx server
3. Why Nginx performance so high?
Thanks to its event handling mechanism:
non-blocking asynchronous event handling mechanism: the use of epoll model, provides a queue, the queue to solve
4, why not use multithreading?
Apache Tomcat: create multiple processes or threads, and each thread or process will assign cpu and memory (multi-threading process than small, so the worker is higher than perfork support concurrency), concurrent drain server resources over the General Assembly.
Nginx: single-threaded asynchronously (number of work processes Administrators can configure Nginx master process of) non-blocking process request (epoll), will not be allocated for each request cpu and memory resources, save a lot of resources, but also reduce the a large amount of CPU context switching. So that makes Nginx support higher concurrency.
Said the following about how to handle a request Nginx is it?
First of all, when you start nginx, will parse the configuration file to give the desired listening port and ip address, then the master process in which the nginx
Well first initialize the socket monitoring (create socket, set addrreuse other options, bound to the specified ip address port, and then listen)
And then fork (an existing process can call the fork function to create a new process. The new process created by fork is called the child process) out of a plurality of sub-processes
Then the child will compete accept new connections. In this case, the client can connect up to nginx initiated. When the client with nginx be three-way handshake to establish a good connection with nginx
In this case, a sub-process will accept success, to get this socket to establish a good connection, and then to create nginx package connections that ngx_connection_t structure
Why nginx can handle asynchronous non-blocking way?
See the full process a request: First of all, the request came, to establish a connection, and then receive data, after receiving the data, and then send the data.
Specific to the bottom of the system, that is, reading and writing events, and when the event is not ready to read and write, not necessarily operations, if not non-blocking way to call, it would have blocked calls, and events not ready, it can only wait , and other events ready, you then continue it. Blocking calls into the kernel will wait, cpu will give it away to someone else to use, single-threaded worker, is clearly inappropriate, when the long time network events, everyone is waiting for it, cpu idle down with no one, cpu utilization do not increase the natural rate, let alone a high concurrency. Well, you say that the number of added process, what is the difference with the threading model apache, pay attention, do not increase unnecessary context switches. So, in nginx inside, the most taboo blocking system calls. Do not block, it is non-blocking myself. Non-blocking is that the event is not ready to return EAGAIN immediately tell you that the event not ready, what you panic, I would come back. Well, you after a while, check the event again until the ready event so far, during which you'll be able to do other things, and then look at the events to be yet. Although it is not blocked, but when you come Debu to check the status of an event, you can do more things, but the overhead is not small.
nginx supported event model?
the Nginx supporting method (I / O multiplexing method) a process of connecting, by use of these methods can be specified instruction.
● select- standard methods. If the current platform is no more effective way, it is the default compile-time method. You can use the configuration parameters -with-select_module and -without-select_module to enable or disable this module.
● poll- standard methods. If the current platform is no more effective way, it is the default compile-time method. You can use the configuration parameters -with-poll_module and -without-poll_module to enable or disable this module.
● kqueue- efficient method, in FreeBSD 4.1+, OpenBSD 2.9+, NetBSD 2.0 and MacOS X. MacOS X using dual-processor system using a kernel crash kqueue may cause.
● epoll - efficient way, using the system Linux kernel version 2.6 and later. In some releases, such as SuSE 8.2, 2.4 version of the kernel so that there is support for the patch epoll.
● rtsig - perform real-time signal, for use in Linux kernel version 2.2.19 of the future system. POSIX real time is greater than 1024 (queued) signals can not appear in the entire system by default. This situation is highly inefficient for a server is loaded; it is necessary by adjusting the kernel parameter / proc / sys / kernel / rtsig -max to increase the size of the queue. But starting with Linux kernel version 2.6.6-mm2, this parameter is no longer used, and there is a separate queue for each process signal, the size of the queue can be adjusted with RLIMIT_SIGPENDING parameters. When the queue is too congested, nginx to give it up and start using the poll method to handle the connection until it returned to normal.
● / dev / poll - efficient method, used on Solaris 7 11/99 +, HP / UX 11.22+ (eventport), IRIX 6.5.15+ + 5.1A and the UNIX Tru64.
● eventport - efficient way, using the Solaris 10 in order to prevent problems kernel panic, it is necessary to install this security patch.
In linux below, epoll is the only efficient way, in the end is how epoll efficient
Epoll Linux kernel to handle high-volume processing has been improved while the poll. To use epoll only three system calls: epoll_create (2), epoll_ctl ( 2), epoll_wait (2). It is to be introduced kernel 2.5.44 (epoll (4) is a new API introduced in Linux kernel 2.5.44), is widely used in the 2.6 kernel.
epoll advantage of?
● support a process to open a large number of socket descriptors (FD)
the SELECT can not stand is a process that is open FD certain restrictions, by the FD_SETSIZE set, the default value is 2048. The number of those thousands of connections IM server needs to support is obviously too little. First, this time you can choose to modify this macro and recompile the kernel, but the information also pointed out that this would bring down the network efficiency, and second, you can select the solution that multiple processes (traditional Apache program), but although the above created linux the cost of the process is relatively small, but still can not be ignored, plus inter-process data synchronization is far smaller than inter-thread synchronization efficient, it is not a perfect solution. But epoll is not the limit, FD it supports the upper limit is the maximum number of files can be opened, this number is generally much larger than 2048, for example, on the 1GB memory machines is about 100,000, a specific number can cat / proc / sys / fs / file-max view, in general, this is a big number and the relationship between the system memory.
● IO efficiency increases linearly with the number of drops FD
The traditional select / poll another fatal weakness is that when you have a great set of socket, but due to network delay, at any one time only a part of the socket is "active", but select / poll will all linear scanning each call collection, resulting in decreased efficiency linear presentation. But epoll not have this problem, it only would be "active" socket to operate - this is because the kernel implementation epoll fd is implemented according to each of the above callback function. So, only the "active" socket will take the initiative to call a callback function, other idle status socket is not, at this point, epoll achieve a "pseudo" AIO, because this time the driving force in the os kernel. In some benchmark, if all of the socket are basically active - such as a high-speed LAN environment, epoll does not have any more efficient than select / poll, contrary, if excessive use epoll_ctl, there is a slight decrease compared to the efficiency. But once the use of idle connections simulated WAN environment, efficiency far above epoll on select / poll up.
● using mmap acceleration kernel and user space messaging.
This fact relates specifically to epoll achieved. Whether select, poll or epoll kernel needs to FD message notification to the user space, how to avoid unnecessary memory copy is very important, at this point, epoll by kernel to user space mmap the same memory implementation. And if you want me to focus on epoll from the 2.5 kernel, we must not forget the hand-mmap this step.
● kernel tuning
This is actually not the epoll advantage, but to the advantage of the whole linux platform. Perhaps you may wonder linux platform, but you can not avoid the linux platform gives you the ability to fine-tune the kernel. For example, the kernel TCP / IP protocol stack uses a memory pool management sk_buff structure, you can adjust the dynamic memory pool (skb_head_pool) size at runtime - by echo XXXX> / proc / sys / net / core / hot_list_length completed. Another example of a function of two parameters listen (TCP completion packet queue length 3-way handshake), may be dynamically adjusted based on your internet memory size. Even more enormous the number of a data packet face but at the same time to try the latest NIC driver architecture NAPI each data packet itself is very small size of the particular system.
(epoll content, reference epoll_ interactive encyclopedia)
the number of worker recommended setting for the number of cpu core, where it is easy to understand, the more the number of worker, will only lead to a competitive process cpu resources, so as not to bring the context switch is necessary. Moreover, nginx in order to better take advantage of multi-core properties, offers a cpu affinity binding options, we can be certain a process bound to one core, so as not to bring the cache of failure because the switching process. Like this small optimization is very common in the nginx, nginx also illustrates the author's painstaking. For example, when compared Nginx four byte string will be four characters into an int type, then compared, in order to reduce the number of instructions the cpu and the like.
5, Nginx is how to deal with a request it?
First, nginx at startup, parses the configuration file to give the desired listening port and ip address, and then inside nginx's master process, initialized good socket of this monitor, and then listen
before you fork out multiple sub-processes it, son the competitive process will accept new connections.
In this case, the client can connect up to nginx initiated. When the client with nginx be three-way handshake to establish a good connection with nginx
this case, will accept a sub-process is successful, then nginx to create package connections that ngx_connection_t structure
then calls the appropriate event processing module based on the event, the http module for data exchange with the client.
Finally, nginx or client to take the initiative to turn off the connection to this, a connection will come to an end
6. forward proxy, reverse proxy
Forward proxy summary on the word: Agent Agent is a client
for example, access to domestic google will be blocked by the wall, but you can access the server through other countries, to access Google's results
if it is positive to the agent, then, is the other countries of the server to solve the problem of the wall, will you visit forwarded directly to Google on top of
a server located between the client and the origin server (origin server), in order to obtain content from the origin server, the client to send a request and targeting (origin server), and then transmit the request to the proxy server and return the original content available to the client. The client can use the forward proxy
Reverse proxy on the word summary: Agent proxy server is
a reverse proxy is that you simply do not know where is the address you want to visit, but a visit to a server, but the server is actually to access other servers, after obtaining the data back to you, you do not even know the source of the data
reverse proxy (reverse proxy) mode refers to the proxy server to accept connection requests on the internet, then the request to the server and on the internal network from the server the results obtained are returned to the client requests on the internet connection, in which case the external proxy server on the performance of a reverse proxy server
7. static and dynamic separation of
dynamic resource and static resources are separated so that a dynamic website where dynamic pages according to certain rules do not separate variable resources and resources often become district, static and dynamic resource well after the split, we can according to the characteristics of static resources to do the cache operation, which is the core idea of a static site processing of
dynamic resource and static resources isolated simple summary is: separation of dynamic and static files file
location ~.(png|jpg|css|js|htm|html){
root /home
}
8. Why do dynamic and static separation?
In our software development, some requests that require background processing (eg: .jsp, .do, etc.), some do not need to request spooled (such as: css, html, jpg, js files, etc.)
These files do not need to go through a background process is called static files, or dynamic file. So we ignore the static background processing files. It was said that I would ignore the background static file is not finished yet
Of course, this is possible, but that the number of requests has increased significantly on the background. When we have the required speed of response resources, we should use this strategy to solve static and dynamic separation of static and dynamic website will separate static resources (HTML, JavaScript, CSS, img, etc. files) and back-office applications deployed separately, improve the user speed access static code, reducing application access to background
Here we will put nginx in static resources, dynamic resource forwarded to tomcat server, Tomcat advantage, after all, is to handle dynamic requests
9. Load Balancing
Load Balancing that is, the proxy server receives a request distributed to balance server
load balancing mainly to solve network congestion problems and improve server responsiveness, the nearest service provided, to achieve better access to quality, reduce large concurrent back-end server pressure
tomcatlist {
IP Port + [weigth =. 3],
IP Port + [= weigth. 1],
...
}
LOCATION / {
pass_proxy Tomcat
}
The difference 10.nginx and apache
Lightweight, also from the web service, take up less memory than apache and resources
Anti concurrent, non-blocking Nginx processing request is asynchronous, and the apache is blocked type, low resource consumption Nginx high performance can be maintained under high concurrency
Highly modular design, relatively simple to write a module
The core difference is that apache is synchronized multi-process model, a connection corresponds to a process; nginx is asynchronous, multiple connections (million level) may correspond to a process