nginx configuration file optimization
title: nginx configuration file optimization
tags: nginx,access.log,error.log,rewrite
nginx configuration file optimization
1. nginx configuration file simplification
In the production environment, the configuration file of nginx must have many lines, maybe hundreds of lines. If you change it carelessly, it may cause the syntax error of the configuration file. Of course, it's better to add it simply. This will not change the basic configuration file, so it won't lead to the configuration file error. We can In order to use include function, of course, before reload, you should test whether the grammar is OK, so that reload nginx will not report errors. If the wrong website is down, you should change the configuration file in a hurry, at least for a few minutes, so that the website will be down for a few minutes, resulting in incalculable losses, such as:
[root@maiyat conf]# cp nginx.conf nginx.conf.20180706
[root@maiyat conf]# vi nginx.conf
1 worker_processes 1;
2 events {
3 worker_connections 1024;
4 }
5 http {
6 include mime.types;
7 default_type application/octet-stream;
8 sendfile on;
9 keepalive_timeout 65;
10 include vhosts/*;
11 }
[root@maiyat conf]# mkdir -p vhosts
[root@maiyat conf]# sed -n '10,17p' nginx.conf.20180706
server {
listen 80;
server_name www.maiyat.com;
location / {
root html/www;
index index.html index.htm;
}
}
[root@maiyat conf]# sed -n '10,17p' nginx.conf.20180706 > /application/nginx/conf/vhosts/www.conf
[root@maiyat conf]# sed -n '18,25p' nginx.conf.20180706 > /application/nginx/conf/vhosts/bbs.conf
[root@maiyat conf]# sed -n '26,33p' nginx.conf.20180706 > /application/nginx/conf/vhosts/blog.conf
[root@maiyat conf]# cd ../sbin/
[root@maiyat sbin]# ./nginx -t
nginx: the configuration file /application/nginx-1.6.3/conf/nginx.conf syntax is ok
nginx: configuration file /application/nginx-1.6.3/conf/nginx.conf test is successful
[root@maiyat sbin]# ./nginx
[root@maiyat sbin]# curl www.maiyat.com
hello world
[root@maiyat sbin]# curl bbs.maiyat.com
hello oldboy
[root@maiyat sbin]# curl blog.maiyat.com
happy comeon maiyat.com !In this way, the configuration file of each virtual host will become a separate configuration file, which can be changed directly where it needs to be changed and added directly. include supports * matching all configuration files, or adding one line and one line separately, as follows:
include vhosts/www.conf; include vhosts/bbs.conf; include vhosts/blog.conf;
2. Virtual host alias configuration
If you visit a website, the user enters www.maiyat.com It can be accessed by inputting maiyat.com, which requires the use of virtual host aliases, or rewrite 301 jump configuration ideas, but it is better to use aliases, aliases can be achieved only once, rewrite 301 jump needs two requests to complete. How to configure the virtual host alias, directly in the virtual machine server_name www.maiyat.com After that, add an alias. Assume www.maiyat.com Its alias is w.maiyat.com,bbs.maiyat.com alias s.maiyat.com,The alias of blog.maiyat.com is g.maiyat.com For example:
[root@maiyat vhosts]# sed -i 's# bbs\(.*\);$# bbs\1 s\1;#g' bbs.con
[root@maiyat vhosts]# sed -i 's# www\(.*\);$# www\1 w\1;#g' www.conf
[root@maiyat vhosts]# sed -i 's# bbs\(.*\);$# bbs\1 s\1;#g' bbs.conf
[root@maiyat vhosts]# grep "server_name" www.conf
server_name www.maiyat.com w.maiyat.com;
[root@maiyat vhosts]# grep "server_name" bbs.conf server_name bbs.maiyat.com s.maiyat.com;
[root@maiyat vhosts]# grep "server_name" blog.conf
server_name blog.maiyat.com g.maiyat.com;
[root@maiyat sbin]# ./nginx -t
nginx: the configuration file /application/nginx-1.6.3/conf/nginx.conf syntax is ok
nginx: configuration file /application/nginx-1.6.3/conf/nginx.conf test is successful
[root@maiyat sbin]# ./nginx -s reload [root@maiyat sbin]#
[root@maiyat sbin]# cat /etc/hosts
127.0.0.1 maiyat www.maiyat.com bbs.maiyat.com blog.maiyat.com w.maiyat.com s.maiyat.com g.maiyat.com
192.168.50.2 maiyat www.maiyat.com bbs.maiyat.com blog.maiyat.com w.maiyat.com s.maiyat.com g.maiyat.com
192.168.211.128 maiyat
[root@maiyat sbin]# curl w.maiyat.com
hello world
[root@maiyat sbin]# curl s.maiyat.com
hello oldboy
[root@maiyat sbin]# curl g.maiyat.com
happy comeon maiyat.com !3. nginx status information configuration
There is a ngx_http_stub_status in the function module of nginx software, which can record the basic access status information of nginx. If nginx is to support this function, it must be activated at compile time. When configuring the state information of nginx, So enter status.maiyat.com in the browser The current server's connection status information is fed back. The configuration of the status information is similar to that of configuring a virtual host, such as:
[root@maiyat vhosts]# cat blog.conf > status.conf
[root@maiyat vhosts]# vi status.conf
server {
listen 80;
server_name status.maiyat.com;
location / {
stub_status on;
access_log off;
}
}
"/application/nginx-1.6.3/conf/vhosts/status.conf" 8L, 170C written
[root@maiyat sbin]# ./nginx -t
nginx: the configuration file /application/nginx-1.6.3/conf/nginx.conf syntax is ok
nginx: configuration file /application/nginx-1.6.3/conf/nginx.conf test is successful
[root@maiyat sbin]# ./nginx -s reload
[root@maiyat sbin]#
[root@maiyat sbin]# vi /etc/hosts
#127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
127.0.0.1 maiyat www.maiyat.com bbs.maiyat.com blog.maiyat.com w.maiyat.com s.maiyat.com g.maiyat.com status.maiyat.com
192.168.50.2 maiyat www.maiyat.com bbs.maiyat.com blog.maiyat.com w.maiyat.com s.maiyat.com g.maiyat.com status.maiyat.com
[root@maiyat sbin]# curl status.maiyat.com
Active connections: 1
server accepts handled requests
13 13 13
Reading: 0 Writing: 1 Waiting: 0 The difference between the status information configuration and the virtual host configuration is that in the server_name tag, it is changed to status.maiyat.com, and in location / {, the virtual host directory and web page format are removed, and then stub_status is added.
access_log off;
The feedback from curl status.maiyat.com is explained as follows:
- Active connections: 1 means the number of active connections that nginx is processing is 1.
- The first server indicates that there are 13 connections processed since nginx was started.
- The second accepts indicates that nginx has created 13 handshakes since it was launched. The number of requests lost = the number of handshakes - the number of connections. Here we can see if there are any requests lost.
- The third handled requests indicates that a total of 13 requests have been processed.
- Reading: Number of Header messages read to the client by nginx.
- Writing: Number of Header messages returned by nginx to the client.
- Waiting: nginx has processed the resident connection waiting for the next request instruction. When keep-alive is turned on, this value is equal to active -(Reading+Writing)
4.0 nginx error log introduction
Error information of nginx is an important means of debugging nginx service. It belongs to the parameter of the core function module (ngx_core_module). The name of the parameter is error_log. It can be placed in the Main block for global configuration, or it can be placed in different virtual hosts to record the error information of the virtual host separately.
The grammatical format and parameter grammar of error_log are as follows:
Error_log file level; error_log is the keyword, cannot be changed, file is the log file, level is the error log level.
Common error levels are [debug |info | notice | warn |error| crit | alert |emerg]. The higher the level, the less information recorded, and generally the better
One of the three levels of warn|error|crit, do not configure info or other lower levels, which will result in additional disk I/O consumption.
The default value of error_log is:
#default: error_log logs/error.log error
The tag section that can be placed is:
main,http,server,location, such as:
[root@maiyat conf]# vi nginx.conf
worker_processes 1;
error_log logs/error.log error
events {
worker_connections 1024;
}
//Put it in the main area and take effect globally.
[root@maiyat vhosts]# vim bbs.conf
server {
error_log html/bbs/error.log error
listen 80;
//Placing it under server is an independent error logging tool for a single virtual host.
[root@maiyat sbin]# ./nginx -t
nginx: the configuration file /application/nginx-1.6.3/conf/nginx.conf syntax is ok
nginx: configuration file /application/nginx-1.6.3/conf/nginx.conf test is successful
[root@maiyat sbin]# ./nginx -s reload
[root@maiyat sbin]# cd ../html/
[root@maiyat html]# ls
50x.html.bak bbs blog index.html index.html.bak www
[root@maiyat html]# cd bbs
[root@maiyat bbs]# ls
error.log index.html
[root@maiyat bbs]# cat error.log5.0 User Access Log
5.1 The nginx software records the log information of each user visiting the website into the specified log file for the website to provide analysis of user's browsing behavior, etc.
This function is responsible for the ngx_http_log_module module module.
5.2 nginx access log is mainly controlled by log_format (used to define the format of log and access_log (used to specify the path of log file and which log format to use to record log).
The default access log format is:
[root@maiyat conf]# sed -n '21,23p' nginx.conf.default |sed 's@#@@g'
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';Usually placed in the http block in the main configuration file, above the server tag,
5.3 nginx log variable description:
- remote_addr records the client address to visit the site
- When the current proxy server is available at $http_x_forwarded_for, the configuration of the client address of the web node is set.
This parameter assumes that the relevant x_forwarded_for settings are also required on the server. - remote_user Remote Client User Name
- time_local records access time and time zone
- http request start line information for $request user
- status http status code to record the status returned by the request
- Number of body bytes sent by the $body_bytes_sent server to the client
- $http_referer records which link the request was accessed from and can be set up to guard against theft based on referer
- http_user_agent records client access information, such as browsers, mobile clients, etc.
5.4 Access Log Configuration
- access_log off; here off means no access log is recorded.
Default configuration: access_log logs/access,log combined
Place location: http,server,location,if in location, limit_except
The access logs of virtual hosts are best placed in separate virtual hosts, so that the logs will not be together and it is easier to do statistics, such as:
[root@maiyat vhosts]# vi www.conf
server {
listen 80;
server_name www.maiyat.com w.maiyat.com;
location / {
root html/www;
index index.html index.htm;
}
access_log logs/access_www.log main;
}
5.5 After completing the above steps, restart nginx, visit the web site on the client side, and then we can see the results in access_log, such as:
[root@maiyat sbin]# ./nginx -t nginx: the configuration file /application/nginx-1.6.3/conf/nginx.conf syntax is ok nginx: configuration file /application/nginx-1.6.3/conf/nginx.conf test is successful [root@maiyat sbin]# ./nginx -s reload nginx: [error] invalid PID number "" in "/application/nginx-1.6.3/logs/nginx.pid" [root@maiyat sbin]# ./nginx [root@maiyat ~]# curl www.maiyat.com [root@maiyat logs]# tail -1 access_www.log 127.0.0.1 - - [01/Jul/2018:04:17:22 +0800] "GET / HTTP/1.1" 200 12 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.27.1 zlib/1.2.3 libidn/1.18 libssh2/1.4.2" "-
5.6 Because access writes logs vigorously, in the case of high concurrency, we can add buffer and flush to log parameters, which can improve the performance of the website. The additional options are as follows:
access_log path [format [buffer=size [flush=time]] [if=condition]]; access_log path format gzip [=level] [buffer=size] [flush=time] [if=condition]; access_log syslog:server=address[,parameter=value] [format [if=condition]]; //If you choose not to remember the log, you can close it access_log off;
For example, the following optimizations are for reference only
Access_log logs/access_www.log main gzip (using compressed buffer=32k (using buffer) flush = 5S (refresh time is 5 seconds);
5.7 If access log keeps writing, this file may become a file after that month, which is disadvantageous to query and analysis in the future. So we need to think about polling, and save access.log by day at the time of polling. We can make a simple script to achieve this, such as:
[root@maiyat script]# vim cut-nginx-accesslog.sh
#!/bin/bash
Dateformat=`date +%F -d -1day`
Basedir="/application/nginx"
Nginxlogdir="$Basedir/logs"
Lognamew="access_www"
Lognameb="access_bbs"
Lognameg="access_blog"
[ -d $Nginxlogdir ] && cd $Nginxlogdir || exit 1
[ -f ${Lognamew}.log ] || exit 2
/bin/mv ${Lognamew}.log ${Dateformat}_${Lognamew}.log
[ -f ${Lognameb}.log ] || exit 3
/bin/mv ${Lognameb}.log ${Dateformat}_${Lognameb}.log
[ -f ${Lognameg}.log ] || exit 4
/bin/mv ${Lognameg}.log ${Dateformat}_${Lognameg}.log
$Basedir/sbin/nginx -s reload
~
[root@maiyat logs]# ls
2018-05-05_access_bbs.log 2018-05-05_access_www.log 2018-06-30_access_blog.log access_bbs.log access.log error.log
2018-05-05_access_blog.log 2018-06-30_access_bbs.log 2018-06-30_access_www.log access_blog.log access_www.log nginx.pid
//Write the script into crontab and cut it by polling the sky
[root@maiyat script]# echo "00 00 * * * /bin/sh /service/script/cut-nginx-accesslog.sh " >>/var/spool/cron/root
[root@maiyat script]# crontab -l |grep nginx
00 00 * * * /bin/sh /service/script/cut-nginx-accesslog.sh 6.0 rewrite rewriting url
The main function of 6.1 nginx rewrite is to rewrite the URL address. It needs the support of the PCR E software, that is, to configure it by 6.2 Perl compatible regular expression grammar. When installing nginx, the installation of the PCR E software will be required, and the module supporting rewrite will be installed by default compilation parameter nginx.
6.3 Rewrite is the key instruction to implement URL rewriting. According to the regex (regular expression) part, redirect the replacement part, ending with flag tag.
6.4 rewrite instruction grammar
rewrite regex replacement [flag]; Default value: none Application location: server,location,if
6.5 Application examples:
1. [root@maiyat sbin]# vi ../conf/vhosts/rewrite.conf
server {
listen 80;
server_name maiyat.com ;
rewrite ^/(.*) http://www.maiyat.com/$1 permanent;
}
2. [root@maiyat sbin]# ./nginx -t
nginx: the configuration file /application/nginx-1.6.3/conf/nginx.conf syntax is ok
nginx: configuration file /application/nginx-1.6.3/conf/nginx.conf test is successful
[root@maiyat sbin]# ./nginx -s reload
nginx: [error] invalid PID number "" in "/application/nginx-1.6.3/logs/nginx.pid"
[root@maiyat sbin]# ./nginx
3. [root@maiyat sbin]# curl maiyat.com -I
HTTP/1.1 301 Moved Permanently
Server: nginx/1.6.3
Date: Tue, 08 May 2018 03:36:37 GMT
Content-Type: text/html
Content-Length: 184
Connection: keep-alive
Location: http://www.maiyat.com/
[root@maiyat sbin]# curl www.maiyat.com -I
HTTP/1.1 200 OK
Server: nginx/1.6.3
Date: Tue, 08 May 2018 03:36:53 GMT
Content-Type: text/html
Content-Length: 12
Last-Modified: Thu, 28 Jun 2018 23:50:21 GMT
Connection: keep-alive
ETag: "5b35743d-c"
Accept-Ranges: bytes