nginx配置文件的优化
title: nginx配置文件的优化
tags: nginx,access.log,error.log,rewrite
nginx配置文件的优化
1. nginx配置文件简化
在生产环境当中,nginx的配置文件肯定很多行,可能上百行,如果贸然改的话可能会引起配置文件语法错误,当然是哪里需要改哪里,最好是简单添加就好了,这样不会改变根本的配置文件,这样不会导致配置文件错误,我们可以采用include功能包含,当然改完以后reload之前要先测试一下语法是不是OK的,这样的话reload nginx才不会报错,如果报错了网站宕机,你在匆忙改配置文件,至少要几分钟,这样网站就会宕机几分钟,造成的损失无法估量,如:
[root@maiyat conf]# cp nginx.conf nginx.conf.20180706
[root@maiyat conf]# vi nginx.conf
1 worker_processes 1;
2 events {
3 worker_connections 1024;
4 }
5 http {
6 include mime.types;
7 default_type application/octet-stream;
8 sendfile on;
9 keepalive_timeout 65;
10 include vhosts/*;
11 }
[root@maiyat conf]# mkdir -p vhosts
[root@maiyat conf]# sed -n '10,17p' nginx.conf.20180706
server {
listen 80;
server_name www.maiyat.com;
location / {
root html/www;
index index.html index.htm;
}
}
[root@maiyat conf]# sed -n '10,17p' nginx.conf.20180706 > /application/nginx/conf/vhosts/www.conf
[root@maiyat conf]# sed -n '18,25p' nginx.conf.20180706 > /application/nginx/conf/vhosts/bbs.conf
[root@maiyat conf]# sed -n '26,33p' nginx.conf.20180706 > /application/nginx/conf/vhosts/blog.conf
[root@maiyat conf]# cd ../sbin/
[root@maiyat sbin]# ./nginx -t
nginx: the configuration file /application/nginx-1.6.3/conf/nginx.conf syntax is ok
nginx: configuration file /application/nginx-1.6.3/conf/nginx.conf test is successful
[root@maiyat sbin]# ./nginx
[root@maiyat sbin]# curl www.maiyat.com
hello world
[root@maiyat sbin]# curl bbs.maiyat.com
hello oldboy
[root@maiyat sbin]# curl blog.maiyat.com
happy comeon maiyat.com !
这样每个虚拟主机的配置文件就会变成一个一个单独的配置文件,需要改哪里就可以直接改哪里,需要增加就直接增加一个即可。其中include支持* 匹配所有的配置文件,也可以单独增加一行一行的,如下所示:
include vhosts/www.conf;
include vhosts/bbs.conf;
include vhosts/blog.conf;
2. 虚拟主机别名配置
如果访问一个网站,用户输入 www.maiyat.com 可以访问,输入maiyat.com也可以访问,那这样就需要用到虚拟主机别名,或者用到rewrite 301跳转的配置思路,但是最好还是用别名,别名只有一次请求就可以达成,rewrite 301跳转需要2次请求才能完成。那虚拟主机别名怎么配置呢,直接在虚拟机server_name www.maiyat.com; 后增加别名即可,假设www.maiyat.com 的别名为w.maiyat.com,bbs.maiyat.com别名为s.maiyat.com,blog.maiyat.com的别名为g.maiyat.com,如:
[root@maiyat vhosts]# sed -i 's# bbs(.*);$# bbs1 s1;#g' bbs.con
[root@maiyat vhosts]# sed -i 's# www(.*);$# www1 w1;#g' www.conf
[root@maiyat vhosts]# sed -i 's# bbs(.*);$# bbs1 s1;#g' bbs.conf
[root@maiyat vhosts]# grep "server_name" www.conf
server_name www.maiyat.com w.maiyat.com;
[root@maiyat vhosts]# grep "server_name" bbs.conf server_name bbs.maiyat.com s.maiyat.com;
[root@maiyat vhosts]# grep "server_name" blog.conf
server_name blog.maiyat.com g.maiyat.com;
[root@maiyat sbin]# ./nginx -t
nginx: the configuration file /application/nginx-1.6.3/conf/nginx.conf syntax is ok
nginx: configuration file /application/nginx-1.6.3/conf/nginx.conf test is successful
[root@maiyat sbin]# ./nginx -s reload [root@maiyat sbin]#
[root@maiyat sbin]# cat /etc/hosts
127.0.0.1 maiyat www.maiyat.com bbs.maiyat.com blog.maiyat.com w.maiyat.com s.maiyat.com g.maiyat.com
192.168.50.2 maiyat www.maiyat.com bbs.maiyat.com blog.maiyat.com w.maiyat.com s.maiyat.com g.maiyat.com
192.168.211.128 maiyat
[root@maiyat sbin]# curl w.maiyat.com
hello world
[root@maiyat sbin]# curl s.maiyat.com
hello oldboy
[root@maiyat sbin]# curl g.maiyat.com
happy comeon maiyat.com !
3. nginx状态信息配置
nginx软件功能模块中有一个ngx_http_stub_status,它能记录nginx的基本访问状态信息,如果要nginx支持此功能则必须在编译的时候激活此功能。当配置nginx的状态信息,这样在浏览器输入status.maiyat.com,就会反馈当前server的连接状态信息,状态信息配置如同配置一个虚拟主机差不多,如:
[root@maiyat vhosts]# cat blog.conf > status.conf
[root@maiyat vhosts]# vi status.conf
server {
listen 80;
server_name status.maiyat.com;
location / {
stub_status on;
access_log off;
}
}
"/application/nginx-1.6.3/conf/vhosts/status.conf" 8L, 170C written
[root@maiyat sbin]# ./nginx -t
nginx: the configuration file /application/nginx-1.6.3/conf/nginx.conf syntax is ok
nginx: configuration file /application/nginx-1.6.3/conf/nginx.conf test is successful
[root@maiyat sbin]# ./nginx -s reload
[root@maiyat sbin]#
[root@maiyat sbin]# vi /etc/hosts
#127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
127.0.0.1 maiyat www.maiyat.com bbs.maiyat.com blog.maiyat.com w.maiyat.com s.maiyat.com g.maiyat.com status.maiyat.com
192.168.50.2 maiyat www.maiyat.com bbs.maiyat.com blog.maiyat.com w.maiyat.com s.maiyat.com g.maiyat.com status.maiyat.com
[root@maiyat sbin]# curl status.maiyat.com
Active connections: 1
server accepts handled requests
13 13 13
Reading: 0 Writing: 1 Waiting: 0
其中状态信息配置和虚拟主机配置的区别在于,在 server_name标签里改为status.maiyat.com,在location / {,下面把虚拟主机目录和网页格式去掉,然后加上stub_status on;
access_log off;
curl status.maiyat.com反馈的信息解释如下:
- Active connections: 1 的意思是nginx正在处理的活动连接数为1个。
- 第一个server表示nginx启动到现在共处理了13个连接。
- 第二个accepts表示nginx启动到现在共创建了13次握手,请求丢失数=握手数-连接数,这里可以看出有没有丢失的请求。
- 第三个handled requests 表示总共处理了13次请求。
- Reading:nginx 读取到客户端的Header 信息数。
- Writing :nginx返回给客户端的Header信息数。
- Waiting:nginx 已经处理完正在等候下一次请求指令的驻留连接,开启keep-alive 的情况下,这个值等于active -(Reading+Writing )
4.0 nginx的错误日志介绍
nginx的错误信息是调试nginx服务的重要手段,属于核心功能模块(ngx_core_module的参数,该参数的名字为error_log,可以放在Main区块中全局配置,也可以放置在不同的虚拟主机中单独记录虚拟主机的错误信息。
error_log的语法格式及参数语法说明如下:
error_log file level; error_log为关键字,不能更改,file为日志文件,level为错误日志级别。
错误级别常见的有[debug |info | notice | warn |error| crit | alert |emerg] ,级别越高,记录的信息越少,一般最好是
warn|error|crit这三个级别之一,不要配置info等较低级别,会带来额外的磁盘I/O消耗。
error_log的默认值为:
#default: error_log logs/error.log error
可以放在的标签段为:
main,http,server,location,如:
[root@maiyat conf]# vi nginx.conf
worker_processes 1;
error_log logs/error.log error
events {
worker_connections 1024;
}
放在main区,全局生效,
[root@maiyat vhosts]# vim bbs.conf
server {
error_log html/bbs/error.log error
listen 80;
放在server下是对单个虚拟主机拥有独立的错误日志工具。
[root@maiyat sbin]# ./nginx -t
nginx: the configuration file /application/nginx-1.6.3/conf/nginx.conf syntax is ok
nginx: configuration file /application/nginx-1.6.3/conf/nginx.conf test is successful
[root@maiyat sbin]# ./nginx -s reload
[root@maiyat sbin]# cd ../html/
[root@maiyat html]# ls
50x.html.bak bbs blog index.html index.html.bak www
[root@maiyat html]# cd bbs
[root@maiyat bbs]# ls
error.log index.html
[root@maiyat bbs]# cat error.log
5.0 用户的访问日志
5.1 nginx 软件会把每个用户访问网站的日志信息记录到指定的日志文件里,供网站提供分析用户浏览行为等,
此功能由ngx_http_log_module模块负责。
5.2 nginx访问日志主要由log_format(用来定义记录日志的格式和access_log(用来指定日志文件的路径及使用的何种日志格式记录日志)参数来控制
默认的访问日志格式为:
[root@maiyat conf]# sed -n '21,23p' nginx.conf.default |sed 's@#@@g'
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
通常放在主配置文件里的http区块里面,server标签上面,
5.3 nginx日志变量说明:
- $remote_addr 记录访问网站的客户端地址
- $http_x_forwarded_for 当前端有代理服务器时,设置web节点客户端地址的配置,
此参数前提是服务器上也要进行相关的x_forwarded_for设置 - $remote_user 远程客户端用户名称
- $time_local 记录访问时间与时区
- $request 用户的http请求起始行信息
- $status http状态码,记录请求返回的状态
- $body_bytes_sent 服务器发给客户端相应body字节数
- $http_referer 记录此次请求是从哪个链接访问过来的,可以根据referer进行防盗链 设置
- $http_user_agent 记录客户端访问信息,如浏览器,手机客户端等。
5.4 访问日志的配置
- access_log off; 这里的off,表示不记录访问日志。
默认配置:access_log logs/access,log combined
放置位置: http,server,location,if in location, limit_except
虚拟主机的访问日志最好放在单独的各个虚拟主机当中,这样各个的日志不会在一起,比较容易做统计,如:
[root@maiyat vhosts]# vi www.conf
server {
listen 80;
server_name www.maiyat.com w.maiyat.com;
location / {
root html/www;
index index.html index.htm;
}
access_log logs/access_www.log main;
}
5.5 完成上述步骤后,把nginx重启一下,然后在客户端访问网址,然后我们再在access_log里看结果,如:
[root@maiyat sbin]# ./nginx -t
nginx: the configuration file /application/nginx-1.6.3/conf/nginx.conf syntax is ok
nginx: configuration file /application/nginx-1.6.3/conf/nginx.conf test is successful
[root@maiyat sbin]# ./nginx -s reload
nginx: [error] invalid PID number "" in "/application/nginx-1.6.3/logs/nginx.pid"
[root@maiyat sbin]# ./nginx
[root@maiyat ~]# curl www.maiyat.com
[root@maiyat logs]# tail -1 access_www.log
127.0.0.1 - - [01/Jul/2018:04:17:22 +0800] "GET / HTTP/1.1" 200 12 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.27.1 zlib/1.2.3 libidn/1.18 libssh2/1.4.2" "-
5.6 因为access一个劲的写日志,因此在高并发的情况下,我们可以在记录日志的参数中加上buffer和flush,这样可以提升网站的性能,增加的选项命令如下:
access_log path [format [buffer=size [flush=time]] [if=condition]];
access_log path format gzip [=level] [buffer=size] [flush=time] [if=condition];
access_log syslog:server=address[,parameter=value] [format [if=condition]];
如果选择不记log则可以关闭
access_log off;
例如以下优化,仅作为参考
access_log logs/access_www.log main gzip(使用压缩) buffer=32k(使用buffer) flush=5s(刷新时间为5秒);
5.7 如果access日志一直写,那一个月以后这个文件可能成为了一个文件,对于以后查询分析不利,因此我们要想着轮询,按天轮询定时将access.log按天保存日志,我们可以做一个简单脚本,来实现,如:
[root@maiyat script]# vim cut-nginx-accesslog.sh
#!/bin/bash
Dateformat=`date +%F -d -1day`
Basedir="/application/nginx"
Nginxlogdir="$Basedir/logs"
Lognamew="access_www"
Lognameb="access_bbs"
Lognameg="access_blog"
[ -d $Nginxlogdir ] && cd $Nginxlogdir || exit 1
[ -f ${Lognamew}.log ] || exit 2
/bin/mv ${Lognamew}.log ${Dateformat}_${Lognamew}.log
[ -f ${Lognameb}.log ] || exit 3
/bin/mv ${Lognameb}.log ${Dateformat}_${Lognameb}.log
[ -f ${Lognameg}.log ] || exit 4
/bin/mv ${Lognameg}.log ${Dateformat}_${Lognameg}.log
$Basedir/sbin/nginx -s reload
~
[root@maiyat logs]# ls
2018-05-05_access_bbs.log 2018-05-05_access_www.log 2018-06-30_access_blog.log access_bbs.log access.log error.log
2018-05-05_access_blog.log 2018-06-30_access_bbs.log 2018-06-30_access_www.log access_blog.log access_www.log nginx.pid
将该脚本写入crontab里,按天轮询切割
[root@maiyat script]# echo "00 00 * * * /bin/sh /service/script/cut-nginx-accesslog.sh " >>/var/spool/cron/root
[root@maiyat script]# crontab -l |grep nginx
00 00 * * * /bin/sh /service/script/cut-nginx-accesslog.sh
6.0 rewrite改写url
6.1 nginx rewrite 的主要功能是实现URL地址改写,它需要PCRE软件的支持,即通过6.2 perl兼容的正则表达式语法进行规范配置的,安装nginx时候已经会要求安装PCRE软件,默认编译参数nginx就会安装支持rewrite的模块。
6.3 rewrite是实现URL重写的关键指令,根据regex(正则表达式)部分内容,重定向replacement部分内容,结尾是flag标记。
6.4 rewrite 指令语法
rewrite regex replacement [flag];
默认值:none
应用位置:server,location,if
6.5 应用实例:
1. [root@maiyat sbin]# vi ../conf/vhosts/rewrite.conf
server {
listen 80;
server_name maiyat.com ;
rewrite ^/(.*) http://www.maiyat.com/$1 permanent;
}
2. [root@maiyat sbin]# ./nginx -t
nginx: the configuration file /application/nginx-1.6.3/conf/nginx.conf syntax is ok
nginx: configuration file /application/nginx-1.6.3/conf/nginx.conf test is successful
[root@maiyat sbin]# ./nginx -s reload
nginx: [error] invalid PID number "" in "/application/nginx-1.6.3/logs/nginx.pid"
[root@maiyat sbin]# ./nginx
3. [root@maiyat sbin]# curl maiyat.com -I
HTTP/1.1 301 Moved Permanently
Server: nginx/1.6.3
Date: Tue, 08 May 2018 03:36:37 GMT
Content-Type: text/html
Content-Length: 184
Connection: keep-alive
Location: http://www.maiyat.com/
[root@maiyat sbin]# curl www.maiyat.com -I
HTTP/1.1 200 OK
Server: nginx/1.6.3
Date: Tue, 08 May 2018 03:36:53 GMT
Content-Type: text/html
Content-Length: 12
Last-Modified: Thu, 28 Jun 2018 23:50:21 GMT
Connection: keep-alive
ETag: "5b35743d-c"
Accept-Ranges: bytes