利用Nginx替代apache實現高性能的Web環境
更新時間:2007-11-27
作者:NetSeek 歡迎轉載,轉載請注明出處:
http://bbs.linuxpk.com原文鏈接:
http://bbs.linuxpk.com/thread-11845-1-1.html Nginx介紹:
Nginx發音為[engine x],是由俄羅斯人Igor Sysoev建立的項目,基于BSD許可。
據說他當初是F5的成員之一,英文主頁:
http://nginx.net。俄羅斯的一些大網站已經使用它超過兩年多了, 一直表現不凡,相信想了解nginx的朋友都讀過阿葉大哥的利用nginx實現負載均衡的文章相關鏈接見(六)。
測試環境:紅動中國(redocn)提供運營服務器環境.
關于紅動服務環境:
紅動中國在早期利用apache環境,再加上一些優化的工作,一直是相對很穩定,但是最近由于網站發展,訪問量越來越大,在線人數一多經常出現,負載過高,性能急劇下降,經過雙木站長的同意,考慮是否能利用nginx來代替apache,經過長時間的觀察目前nginx工作很穩定,系統也不會再說現高負載的狀況,占用內存也很低,訪問速率從用戶體驗來看明顯有提升.
關于紅動中國:
紅動中國(redocn)論壇經過近1年的快速發展,目前日均頁面訪問量超過100萬,位居全球設計論壇(中文)第1位,是國內最具影響力的設計論壇之一。目前論壇擁有近20萬會員,包括眾多設計界領軍人物在內的行業中堅力量、相關藝術院校師生以及部分設計愛好者等。
遷移目標:實現網站論壇靜態化,防盜鏈,下載并發數和速率限制,實現原站apache所具有的所有功能,將原apache環境下的站點全部遷移到Nginx
一.PHP(Fastcgi)編譯安裝
[root@att php-5.2.4]# cat in.sh
- ./configure \
- --prefix=/usr/local/php-fcgi \
- --enable-fastcgi \
- --enable-discard-path \
- --enable-force-cgi-redirect \
- --with-config-file-path=/usr/local/php-fcgi/etc \
- --enable-zend-multibyte \
- --with-mysql=/usr/local/mysql \
- --with-libxml-dir=/usr/local/libxml2 \
- --with-gd=/usr/local/gd2 \
- --with-jpeg-dir \
- --with-png-dir \
- --with-bz2 \
- --with-freetype-dir \
- --with-iconv-dir \
- --with-zlib-dir \
- --with-openssl=/usr/local/openssl \
- --with-mcrypt=/usr/local/libmcrypt \
- --enable-sysvsem \
- --enable-inline-optimization \
- --enable-soap \
- --enable-gd-native-ttf \
- --enable-ftp \
- --enable-mbstring \
- --enable-exif \
- --disable-debug \
- --disable-ipv6
-
- make
- make install
- cp php.ini-dist /usr/local/php-fcgi/etc/php.ini
復制代碼 注:關于如何安裝gd庫,mysql的編譯安裝,本文將不介紹,本文重點在于介紹nginx的安裝與配置,如想了解其它相關的問題可以到
LinuxPk去找相關的貼子(
http://bbs.linuxpk.com)
二.Nginx編譯安裝
1.創建nginx運行用戶和虛擬主機目錄
- groupadd www -g 48
- useradd -u 48 -g www www
- mkdir -p /data/www/wwwroot
- chown -R www:www /data/www/wwwroot
復制代碼 2.安裝lighttpd中附帶的spawn-fcgi,用來啟動php-cgi
先編譯安裝lighttpd產生spawn-fcgi二進制文件.
- cd /usr/local/src/lighttpd-1.4.18
- cp src/spawn-fcgi /usr/local/php-fcgi/bin/
復制代碼 啟動php-cgi進程,監聽127.0.0.1的8085端口,進程數為250(如果服務器內存小于3GB,可以只開啟25個進程),用戶為www:
/usr/local/php-fcgi/bin/spawn-fcgi -a 127.0.0.1 -p 8085 -C 250 -u www -f /usr/local/php-fcgi/bin/php-cgi
3.nginx的安裝與配置
安裝Nginx所需的pcre庫:
http://ftp.dk.debian.org/exim/pcre/pcre-7.3.tar.gz
- tar zxvf pcre-7.2.tar.gz
- cd pcre-7.2/
- ./configure
- make && make install
- cd ../
- http://sysoev.ru/nginx/nginx-0.5.32.tar.gz
- tar zxvf nginx-0.5.32.tar.gz
- cd nginx-0.5.32
- ./configure --user=www --group=www --prefix=/usr/local/nginx/ --with-http_stub_status_module --with-
- openssl=/usr/local/openssl
- make && make install
復制代碼 此模塊非核心模塊,需要在編譯的時候手動添加編譯參數 --with-http_stub_status_module
配置nginx
三.Nginx主配置文件及PHP支持.
1.nginx.conf 主配置文件的配置
#cd /usr/local/nginx/conf/
#cp nginx.conf nginx.conf.cao
#cat /dev/null > nginx.conf
#vi nginx.conf //主配置文件
[code
user www www;
worker_processes 10;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
pid /var/run/nginx.pid;
#Specifies the value for maximum file descriptors that can be opened by this process.
worker_rlimit_nofile 51200;
events
{
use epoll;
#maxclient = worker_processes * worker_connections / cpu_number
worker_connections 51200;
}
http
{
include conf/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] $request '
'"$status" $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
#access_log /data/www/logs/access.log main;
#sendfile on;
tcp_nopush on;
tcp_nodelay off;
keepalive_timeout 60;
client_header_timeout 3m;
client_body_timeout 3m;
send_timeout 3m;
connection_pool_size 256;
client_header_buffer_size 1k;
large_client_header_buffers 4 2k;
request_pool_size 4k;
output_buffers 4 32k;
postpone_output 1460;
client_max_body_size 10m;
client_body_buffer_size 256k;
client_body_temp_path /dev/shm/client_body_temp;
proxy_temp_path /usr/local/nginx/proxy_temp;
fastcgi_temp_path /usr/local/nginx/fastcgi_temp;
#gzip
gzip on;
gzip_http_version 1.0;
gzip_comp_level 2;
gzip_proxied any;
gzip_types text/plain text/html text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript;
gzip_min_length 1100;
gzip_buffers 4 8k;
# The following includes are specified for virtual hosts //以下是加載虛擬主機配置.
#www.redocn.com
include conf/vhosts/www_redocn_com.conf;
#bbs.redocn.com
include conf/vhosts/bbs_redocn_com.conf;
#blog.redocn.com
include conf/vhosts/blog_redocn_com.conf;
#down.redocn.com
include conf/vhosts/down_redocn_com.conf;
}[/code]
2.配置支持Fastcgi模式的PHP
[root@redocn conf]# cat enable_php5.conf
- fastcgi_pass 127.0.0.1:8085;
- fastcgi_index index.php;
- fastcgi_param GATEWAY_INTERFACE CGI/1.1;
- fastcgi_param SERVER_SOFTWARE nginx;
- #new ac upload
- #fastcgi_pass_request_body off;
- #client_body_in_file_only clean;
- #fastcgi_param REQUEST_BODY_FILE $request_body_file;
- #
- fastcgi_param QUERY_STRING $query_string;
- fastcgi_param REQUEST_METHOD $request_method;
- fastcgi_param CONTENT_TYPE $content_type;
- fastcgi_param CONTENT_LENGTH $content_length;
- fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
- fastcgi_param SCRIPT_NAME $fastcgi_script_name;
- fastcgi_param REQUEST_URI $request_uri;
- fastcgi_param DOCUMENT_URI $document_uri;
- fastcgi_param DOCUMENT_ROOT $document_root;
- fastcgi_param SERVER_PROTOCOL $server_protocol;
- fastcgi_param REMOTE_ADDR $remote_addr;
- fastcgi_param REMOTE_PORT $remote_port;
- fastcgi_param SERVER_ADDR $server_addr;
- fastcgi_param SERVER_PORT $server_port;
- fastcgi_param SERVER_NAME $server_name;
- # PHP only, required if PHP was built with --enable-force-cgi-redirect
- fastcgi_param REDIRECT_STATUS 200;
復制代碼 四,多虛擬主機應用配置案例.
#mkdir /usr/local/nginx/conf/vhosts //建立虛擬主機配置存放目錄.
1.www.redocn.com //首站配置
[root@redocn vhosts]#vi www_redocn_com.conf
- server
- {
- listen 80;
- server_name www.redocn.com;
- index index.html index.htm index.php;
- root /data/www/wwwroot;
- error_page 404 http://bbs.redocn.com;
- rewrite ^/bbs/(.*) http://bbs.redocn.com/$1;
- location ~ .*\.php?$
- {
- include conf/enable_php5.conf;
- }
- }
復制代碼 注: 關于rewite需求,紅動中國希望當用戶訪問http://www.redocn.com/bbs的時候自動轉至http://bbs.redocn.com
在原apache中利用redirect實現
Redirect /bbs http://bbs.redocn.com
本文中在nginx下利用rewrite實現:
rewrite ^/bbs/(.*) http://bbs.redocn.com/$1;
2.[root@redocn vhosts] vi bbs_redocn_com.conf
- server
- {
- listen 80;
- server_name bbs.redocn.com yan.redocn.com majia.redocn.com wt.redocn.com;
- index index.html index.htm index.php;
- root /home/www/htdocs/bbs;
- access_log /var/log/nginx/access_bbs.redocn.com.log combined;
- location / {
- #bbs rewrite
- rewrite ^/archiver/((fid|tid)-[\w\-]+\.html)[code] server
- {
- listen 80;
- server_name bbs.redocn.com yan.redocn.com majia.redocn.com wt.redocn.com;
- index index.html index.htm index.php;
- root /home/www/htdocs/bbs;
- access_log /var/log/nginx/access_bbs.redocn.com.log combined;
- location / {
- #bbs rewrite
- rewrite ^/archiver/((fid|tid)-[\w\-]+\.html)[ DISCUZ_CODE_17 ]nbsp; /archiver/index.php?$1 last;
- rewrite ^/forum-([0-9]+)-([0-9]+)\.html[ DISCUZ_CODE_17 ]nbsp; /forumdisplay.php?fid=$1&page=$2 last;
- rewrite ^/thread-([0-9]+)-([0-9]+)-([0-9]+)\.html[ DISCUZ_CODE_17 ]nbsp; /viewthread.php?tid=$1&extra=page\%3D$3&page=$2 last;
- rewrite ^/space-(username|uid)-(.+)\.html[ DISCUZ_CODE_17 ]nbsp; /space.php?$1=$2 last;
- rewrite ^/tag-(.+)\.html$ /tag.php?name=$1 last;
- break;
- #error
- error_page 404 /index.php;
- #redirect server error pages to the static page /50x.html
- error_page 500 502 503 504 /50x.html;
- location = /50x.html {
- root html;
- }
- }
- #Preventing hot linking of images and other file types
- location ~* ^.+\.(gif|jpg|png|swf|flv|rar|zip)$ {
- valid_referers none blocked server_names
- *.redocn.com redocn.com *.taobao.com taobao.com
- bbs.blueidea.com bbs.asiaci.com bbs.arting365.com forum.chinavisual.com softbbs.pconline.com.cn
- bbs.chinaddu.com bbs.photops.com *.baidu.com *.google.com *.google.cn *.soso.com *.yahoo.com.cn
- *.yahoo.cn;
- if ($invalid_referer) {
- rewrite ^/ http://www.redocn.com/images/redocn.gif;
- #return 403;
- }
- }
-
- #support php
- location ~ .*\.php?$
- {
- include conf/enable_php5.conf;
- }
-
- }
復制代碼 nbsp; /archiver/index.php?$1 last;
rewrite ^/forum-([0-9]+)-([0-9]+)\.html[ DISCUZ_CODE_17 ]nbsp; /forumdisplay.php?fid=$1&page=$2 last;
rewrite ^/thread-([0-9]+)-([0-9]+)-([0-9]+)\.html[ DISCUZ_CODE_17 ]nbsp; /viewthread.php?tid=$1&extra=page\%3D$3&page=$2 last;
rewrite ^/space-(username|uid)-(.+)\.html[ DISCUZ_CODE_17 ]nbsp; /space.php?$1=$2 last;
rewrite ^/tag-(.+)\.html$ /tag.php?name=$1 last;
break;
#error
error_page 404 /index.php;
#redirect server error pages to the static page /50x.html
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
#Preventing hot linking of images and other file types
location ~* ^.+\.(gif|jpg|png|swf|flv|rar|zip)$ {
valid_referers none blocked server_names
*.redocn.com redocn.com *.taobao.com taobao.com
bbs.blueidea.com bbs.asiaci.com bbs.arting365.com forum.chinavisual.com softbbs.pconline.com.cn
bbs.chinaddu.com bbs.photops.com *.baidu.com *.google.com *.google.cn *.soso.com *.yahoo.com.cn
*.yahoo.cn;
if ($invalid_referer) {
rewrite ^/ http://www.redocn.com/images/redocn.gif;
#return 403;
}
}
#support php
location ~ .*\.php?$
{
include conf/enable_php5.conf;
}
}[/code]注:
1.紅動中國采用高性能的Discuz!論壇,原apache的rewrite規則幾乎不要做什么修改即可全部移植到nginx下.
靜態化配置見面上面的:#bbs rewrite部分.
2.一般論壇都希望實現防盜鏈功能,在apache很輕松實現?在nginx下是否容易實現呢?答案是肯定的.
- #Preventing hot linking of images and other file types
- valid_referers none blocked server_names *.redocn.com redocn.com ...你允許連接的網址;
- if ($invalid_referer) {
- rewrite ^/ http://www.redocn.com/images/redocn.gif; //讓別人盜鏈時顯示你指定的圖片.
- #return 403;
- }
復制代碼 3.blog.redocn.com
[root@redocn vhosts]#vi blog_redocn_com.conf
- server
- {
- listen 80;
- server_name blog.redocn.com;
- index index.html index.htm index.php;
- root /data/www/wwwroot/blog;
- error_page 404 http://bbs.redocn.com;
- #supsite rewrite
- rewrite ^([0-9]+)/spacelist(.*)$ index.php?$1/action_spacelist$2;
- rewrite ^([0-9]+)/viewspace_(.+)$ index.php?$1/action_viewspace_itemid_$2;
- rewrite ^([0-9]+)/viewbbs_(.+)$ index.php?$1/action_viewbbs_tid_$2;
- rewrite ^([0-9]+)/(.*)$ index.php?$1/$2;
- rewrite ^([0-9]+)$ index.php?$1;
- rewrite ^action_(.+)$ index.php?action_$1;
- rewrite ^category_(.+)$ index.php?action_category_catid_$1;
- rewrite ^itemlist_(.+)$ index.php?action_itemlist_catid_$1;
- rewrite ^viewnews_(.+)$ index.php?action_viewnews_itemid_$1;
- rewrite ^viewthread_(.+)$ index.php?action_viewthread_tid_$1;
- rewrite ^index([\.a-zA-Z0-9]*)$ index.php;
- rewrite ^html/([0-9]+)/viewnews_itemid_([0-9]+)\.html$ index.php?action_viewnews_itemid_$2;
- rewrite ^/([0-9]+)/spacelist(.+)$ /index.php?uid/$1/action/spacelist/type$2;
- rewrite ^/([0-9]+)/viewspace(.+)$ /index.php?uid/$1/action/viewspace/itemid$2;
- rewrite ^/([0-9]+)/viewbbs(.+)$ /index.php?uid/$1/action/viewbbs/tid$2;
- rewrite ^/([0-9]+)/(.*)$ /index.php?uid/$1/$2;
- rewrite ^/([0-9]+)$ /index.php?uid/$1;
- rewrite ^/action(.+)$ /index.php?action$1;
- rewrite ^/category(.+)$ /index.php?action/category/catid$1;
- rewrite ^/viewnews(.+)$ /index.php?action/viewnews/itemid$1;
- rewrite ^/viewthread(.+)$ /index.php?action/viewthread/tid$1;
- rewrite ^/mygroup(.+)$ /index.php?action/mygroup/gid$1;
- location ~ .*\.php?$
- {
- include conf/enable_php5.conf;
- }
- }
復制代碼 注:blog采用功能強大的Supesite作為Blog站點:
http://www.supesite.com/1.Blog如何在Nginx里實現靜態化,具體設置見,上面的#supesite rewrite
4.down.redocn.com
[root@redocn vhosts]# vi down_redocn_com.conf
- limit_zone one $binary_remote_addr 10m;
- server
- {
- listen 80;
- server_name down.redocn.com;
- index index.html index.htm index.php;
- root /data/www/wwwroot/down;
- error_page 404 /index.php;
- # redirect server error pages to the static page /50x.html
- error_page 500 502 503 504 /50x.html;
- location = /50x.html {
- root html;
- }
- #Zone limit
- location / {
- limit_conn one 1;
- limit_rate 20k;
- }
-
- # serve static files
- location ~ ^/(images|javascript|js|css|flash|media|static)/ {
- root /data/www/wwwroot/down;
- expires 30d;
- }
- }
復制代碼 注:
由于現在的BT下載軟件越來越多了,我們如何限制下載的并發數和速率呢?apache需要三方模塊,nginx就不用了:)
在nginx利用兩個指令即可實現:limit_zone(limit_conn) 來限制并發數,limit_rate來限制下載的速率,請看上面的配置實例.
5.啟動nginx服務
- /usr/local/php-fcgi/bin/spawn-fcgi -a 127.0.0.1 -p 8085 -C 250 -u www -f/usr/local/php-fcgi/bin/php-cgi
- /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
復制代碼 你可以把上面兩條命令制做成系統啟動服務腳本,相關的腳本在網上也很多,本文就不再貼出來了:),給出一個實例鏈接:
http://topfunky.net/svn/shovel/nginx/init.d/nginx五.問題及經驗總結:
1.安裝Discuz論壇后,無法上傳大于M以上的附件?
在主配置文件里加入:client_max_body_size 10m; 詳細指令說明請參見(六)提供的Wiki鏈接.
2.Discuz附件無法下載附件?
最近遇到一個奇怪的問題在nginx下discuz論壇無法下載附件,后來打開error_log才知道,仍后一看/usr/local分區滿了,
清了一大堆無用文件后,馬上就正常了.
以上是本人遷移和測試過程中遇到的兩個小問題,在此附上說明,只是希望配置nginx的朋友不要犯我一樣的問題.
歡迎聯系NetSeek(狂熱linux愛好者^_^ msn:cnseek@msn.com QQ:67888954 Gtalk:cnseek@gmail.com,免費提供linux技術咨詢和服務!~).
六.相關鏈接:
1.Discuz!.net高性能的PHP論壇程序
http://www.discuz.net Supesite:
http://www.supesite.com/ 2.Nginx參考文檔:
http://wiki.codemongers.com/ 3.利用Nginx實現負載均衡(阿葉大哥的文章):
http://www.imysql.com/comment/reply/210 4.linuxPk[Linux寶庫]:
http://bbs.linuxpk.com 5.紅動中國
http://bbs.redocn.com