#Define Nginx users and user groups to run the User the WWW the WWW; # #nginx number of processes, it is recommended core set equal to the total number of the CPU. Worker_processes 8 ; # # global error log-defined types, [Debug | info | Notice | The warn | error | Crit] error_log / var / log / nginx / error.log info; # # process file pid / var / RUN / nginx.pid; # # nginx process opens up a number of file descriptors, the theoretical value should be the maximum number of open files (the value of the system the ulimit -n) divided by the number of processes nginx, but nginx allocation request is not uniform, and it is proposed ulimit - consistent value of n. worker_rlimit_nofile 65535 ; # # operation mode with the maximum number of connections events { # reference event model, use [kqueue| Rtsig | the epoll | / dev / poll | SELECT | poll]; the epoll model is the Linux 2 .6 above high-performance network kernel version the I / . O model, if run on FreeBSD, use kqueue models use the epoll; # maximum number of connections a single process (the maximum number of connections = number * connection process number) worker_connections 65535 ; } # # set http server http { the include the mime.types; # file extension file type map default_type file application / OCTET - Uninterpreted Stream; # the default file type #charset UTF - 8 ; # default encoding server_names_hash_bucket_size 128 ; # server name hash table size client_header_buffer_size 32k; # upload file size limit large_client_header_buffers4 64K; # setting request slow client_max_body_size 8m; # setting request buffer # open access directory listings, download the appropriate server, off by default. Autoindex ON; # display directory autoindex_exact_size on; # display the file size defaults to on, the file shows the exact size of the unit is bytes read off, show the approximate size of the file, in units of kB or MB or GB autoindex_localtime on; # display the file time after default is off, the time display of the file is changed on GMT time, displayed documents for the file server time sendfile on; # open and efficient file transfer mode, nginx sendfile directive specifies whether to call sendfile function to output files for common applications is set to on, if used to download applications such as disk IO heavy load applications, set to off, the disk to balance the network the I / O processing speed and reduce the load on the system. Note: If this broken images into OFF tcp_nopush ON; # prevent network congestion tcp_nodelay on; # prevent network congestion keepalive_timeout 120 ; # (unit s) set client connection keep alive timeout, after exceeding this time service It will close the link # FastCGI parameters in order to improve site performance: reduce resource utilization, faster access literally see the following parameters can understand. fastcgi_connect_timeout 300 ; fastcgi_send_timeout 300 ; fastcgi_read_timeout 300 ; fastcgi_buffer_size 64K; fastcgi_buffers . 4 64K; fastcgi_busy_buffers_size 128K; fastcgi_temp_file_write_size 128K; # gzip module disposed gzip ON; # open gzip compressed output gzip_min_length 1k; # allowed minimum number of bytes of compressed pages, page byte number stolen from header Content - length obtaining default is 0, no matter what page are compressed recommendations set larger than the number of bytes of 1k, 1k may be less than the greater the pressure.. gzip_buffers 4 16K; # 4 units that the applicant 16k is a memory as a result of the compressed stream buffer, the default is the original application of the same size of the memory space to store data gzip compression result gzip_http_version 1.1 ; compressed version # (default 1. . 1Now most browsers already support gzip decompression if the front end is squid2.5 Use 1.. 0 # can have multiple domain names, with separated by a space ) gzip_comp_level 2 ; # .1 compression compression levels, the minimum processing speed faster than the maximum compression ratio .9 Comparison consumption cpu resources, the processing speed is the slowest, but because the maximum compression ratio, so that the minimum packet, the transmission speed gzip_types text / Plain file application / JavaScript text-the X-/ CSS the Application / xml; # compression type, default already contains text / HTML, so the following do not need to write, and write up there will not be a problem, but there will be a the warn. gzip_vary oN; # option let front-end cache server cache after gzip compressed pages for example: using nginx squid caching through compressed data. # Enable the IP limit the number of connections required when using #limit_zone binary_remote_addr crawler $ 10m; ## upstream load balancing the four scheduling algorithms (Example lower speaker) ## # virtual host configuration Server { # listening port the listen 80 ; the rewrite ably.com server_name; # the HTTP automatically jump the HTTPS ^ HTTPS: (*.) // $ $ server_name Permanent. 1; } Server { # listening port the HTTPS the listen 443 SSL; server_name ably.com; # Configure domain certificate ssl_certificate C: \ WebServer \ Certs \ certificate.crt; ssl_certificate_key C: \ WebServer \ Certs \ Private .key; ssl_session_cache Shared: SSL: 1M; ssl_session_timeout 5m; ssl_protocols SSLv2 SSLv3 TLSv1; ssl_ciphers ALL: ADH: EXPORT56: RC4 + RSA: + HIGH:!! MEDIUM, +: + the LOW: + SSLv2: + the EXP; ON ssl_prefer_server_ciphers; index index.html index.htm index.php; root / the Data / the WWW / ; LOCATION ~ * \ (PHP | php5)..? $ { fastcgi_pass 127.0 . 0.1 : 9000 ; fastcgi_index index.php; the include fastcgi.conf; } # Configure forwarding address to intercept, resolve cross domain authentication problem LOCATION / OAuth / { proxy_pass HTTPS: // localhost: 13580 / OAuth /; proxy_set_header the HOST $ Host; proxy_set_header X- -Real- the IP $ REMOTE_ADDR; proxy_set_header X--Forwarded-The For $ proxy_add_x_forwarded_for; } # picture cache time LOCATION ~ * \ (GIF | JPG | jpeg | PNG | BMP |.. SWF) $ { the Expires 10d; } # JS and CSS cache time LOCATION ~ * \ (JS.. ? | CSS) $ { the Expires 1H; } # log format set log_format Access ' $ REMOTE_ADDR - $ REMOTE_USER [$ time_local] "$ Request" ' ' $ Status $ body_bytes_sent "$ HTTP_REFERER" ' ' "$ HTTP_USER_AGENT" $ HTTP_X_FORWARDED_FOR ' ; # Define this virtual hosts access log access_log /var / log / nginx / ; access.log Access manually specified to use when setting View # Nginx state address .StubStatus module can obtain a working state since Nginx since the last start, this module non-core module, you need to compile and install the Nginx LOCATION / NginxStatus { stub_status ON; access_log ON; auth_basic " NginxStatus " ; auth_basic_user_file the conf / htpasswd; content #htpasswd htpasswd file can be used to generate tools provided apache. } } }
Load Balancing
Events { use the epoll; worker_connections 65535 ; } HTTP { ## upstream load balancing, four kinds of scheduling algorithm ## # 1 scheduling algorithm: request individually polls each assigned to a different time order back-end server, if the backend a server goes down, the system failure is automatically removed, so that users access the affected upstream WebHost { server 192.168 . 0.5 : 6666 ; server 192.168 . 0.7 : 6666 ; } # scheduling algorithm 2: weight (weight) may be configured in accordance with the machine. . redefinition weight higher weight is assigned to the greater chance of upstream WebHost { Server 192.168 . 0.5 : 6666 weight = 2; Server 192.168 . 0.7 : 6666 weight = . 3 ; } # Scheduling Algorithm 3: ip_hash hash results for each access request in the allocated IP, fixed so that visitors from the same IP access a back-end server, the presence of an effective solution to the dynamic web page. the session sharing upstream WebHost { ip_hash; Server 192.168 . 0.5 : 6666 ; Server 192.168 . 0.7 : 6666 ; } # scheduling algorithm 4: url_hash (third-party plug-ins to be installed) the results of this hash method by the allocation request to access url. each url directed to the same back-end server, can further improve the efficiency of the back-end server's cache .Nginx itself does not support url_hash, if need to use this scheduling algorithm, the hash package must be installed Nginx upstream WebHost { server192.168 . 0.5 : 6666 ; Server 192.168 . 0.7 : 6666 ; hash $ REQUEST_URI; } # scheduling algorithm 5:.. Fair (need to install third-party plug-ins) which is more than the above two intelligent load balancing algorithm can be based on this algorithm page size and load duration intelligently load balance, that is, to the allocation request based on the response time of the back-end server, a short response time priority allocation .Nginx itself does not support the fair, and if you need to use this scheduling algorithm, must download the Nginx upstream_fair module # configuration # virtual host (using the scheduling algorithm. 3: ip_hash) Server { the listen 80 ; server_name mongo.demo.com; # of " / " enable reverse proxy LOCATION / { proxy_pass HTTP:// WebHost; proxy_redirect OFF; proxy_set_header the X- -Real- IP $ REMOTE_ADDR; # back-end Web server through the X- -Forwarded- the For users get real IP proxy_set_header the X- -Forwarded- the For $ proxy_add_x_forwarded_for; # Here are some reverse proxy configuration optional. proxy_set_header the Host Host $; client_max_body_size 10m; # allows clients to request a maximum number of bytes single file client_body_buffer_size 128k; the maximum number of bytes in the buffer agent requested by the client buffer #, proxy_connect_timeout 90 ; #nginx with the backend server connection time (connection time-out agent) proxy_send_timeout 90 ; # backend server data return time (send timeout) proxy_read_timeout90 ; # After successful connection, the response time of the backend server (proxy receive timeout) proxy_buffer_size 4K; # proxy settings (Nginx) to save the user header information buffer size proxy_buffers . 4 32k; #proxy_buffers buffer page 32k or less in average provided proxy_busy_buffers_size 64k; # buffer size at a high load (proxy_buffers * 2 ) proxy_temp_file_write_size 64K; # set cache folder size greater than this value, transmitted from the upstream server } } }