nginx优化参考

系统优化

系统内核优化参考

$ cat /etc/sysctl.conf
net.ipv4.tcp_max_syn_backlog = 65536
net.core.netdev_max_backlog =  36768
net.core.somaxconn = 36768
 
net.core.wmem_default = 8588608
net.core.rmem_default = 8588608
net.core.rmem_max = 16877216
net.core.wmem_max = 16877216
 
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_syn_retries = 2
 
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_tw_reuse = 1
 
net.ipv4.tcp_mem = 94500000 915000000 927000000
net.ipv4.tcp_max_orphans = 3376800
net.ipv4.ip_local_port_range = 1024  65535

$ sysctl -p
$ cat /etc/security/limit.conf
*  hard  nofile  65535
*  soft  nofile  65535

Nginx配置优化

#user  nobody;
worker_processes  4;
worker_cpu_affinity 0001 0010 0100 1000;
worker_rlimit_nofile 65535;

#pid        logs/nginx.pid;

events {
        use epoll;
        worker_connections 65535;
        multi_accept on;
}

http {
    include       /usr/local/nginx/conf/conf.d/*.conf
    include       mime.types;
    default_type  application/octet-stream;

    #access_log  logs/access.log  main;
    log_format  main  '$http_X_Real_IP $http_CLIENTIP $remote_addr $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for" $request_time';

    sendfile        on;
    tcp_nopush     on;

    keepalive_timeout  60;
    keepalive_requests 10240;
    tcp_nodelay on;
    client_header_buffer_size 4k;
    open_file_cache max=102400 inactive=20s;
    open_file_cache_valid 30s;
    open_file_cache_min_uses 1;
    client_header_timeout 15;
    client_body_timeout 15;
    reset_timedout_connection on;
    send_timeout 15;
    server_tokens off;
    client_max_body_size 10m;

    gzip  off;
    gzip_min_length 1k;
    gzip_buffers 4 16k;
    gzip_http_version 1.0;
    gzip_comp_level 2;
    gzip_types text/plain application/x-javascript text/css application/xml;
    gzip_vary on;

    fastcgi_connect_timeout    600;
    fastcgi_send_timeout 600;
    fastcgi_read_timeout 600;
    fastcgi_buffer_size 64k;
    fastcgi_buffers 4 64k;
    fastcgi_busy_buffers_size 128k;
    fastcgi_temp_file_write_size 128k;
    fastcgi_temp_path /usr/local/nginx/fastcgi_temp;

    server {
          listen 80;
          listen 443 ssl;
     server_name www.pansn.cn;
     ssl_certificate /usr/local/nginx/crt/pansn.cn.crt;
     ssl_certificate_key /usr/local/nginx/crt/pansn.cn.key;
     ssl_session_cache shared:sslcace:20m;
     ssl_session_timeout 10m;
#     ssl_protocls SSLv2 SSLv3 TLSv1;
    root /data/www;
    index index.html index.htm index.php;
   location / {
        if ( $scheme = http ){
           rewrite / https://www.pansn.cn permanent;
    }
  }

  location ~* .(ico|jpe?g|gif|png|bmp|swf|flv)$ {
          expires 30d;
          #log_not_found off;
          access_log off;
        }
   location ~* .(js|css)$ {
          expires 7d;
         log_not_found off;
          access_log off;
        }
   location ~ .php$ {
        alias /data/www;
        fastcgi_pass 127.0.0.1:9000;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;

  }

  }

}

php优化

[root@s2 ~]# cat /etc/php-fpm.d/www.conf 
[www]
listen = 127.0.0.1:9000 #监听地址及IP
listen.allowed_clients = 127.0.0.1 #允许客户端从哪个源IP地址访问，要允许所有行首加 ;注释即可 user = nginx #php-fpm启动的用户和组，会涉及到后期文件的权限问题
group = nginx
pm = dynamic #动态模式进程管理
pm.max_children = 500 #静态方式下开启的php-fpm进程数量，在动态方式下他限定php-fpm的最大进程数 pm.start_servers = 100 #动态模式下初始进程数，必须大于等于pm.min_spare_servers 和小于等于 pm.max_children 的值。
pm.min_spare_servers = 100 #最小空闲进程数
pm.max_spare_servers = 200 #最大空闲进程数
pm.max_requests = 500000 #进程累计请求回收值，会重启
pm.status_path = /pm_status #状态访问URL
ping.path = /ping #ping访问动地址
ping.response = ping-pong #ping返回值
slowlog = /var/log/php-fpm/www-slow.log #慢日志路径
php_admin_value[error_log] = /var/log/php-fpm/www-error.log #错误日志 php_admin_flag[log_errors] = on
php_value[session.save_handler] = files #phpsession 保存方式及路径 php_value[session.save_path] = /var/lib/php/session #当时使用file保存session的文件路