利用Nginx替代apache實現高性能的Web環境

2019-11-17 04:11:29

字體：大中小

來源：轉載

供稿：網友

作者:NetSeek
歡迎轉載，轉載請注明出處: http://bbs.linuxpk.com
原文鏈接:http://bbs.linuxpk.com/thread-11845-1-1.html

Nginx介紹:
Nginx發音為[engine x]，是由俄羅斯人Igor Sysoev建立的項目,基于BSD許可。
據說他當初是F5的成員之一，英文主頁：http://nginx.net。俄羅斯的一些大網站已經使用它超過兩年多了，一直表現不凡,相信想了解nginx的朋友都讀過阿葉大哥的利用nginx實現負載均衡的文章相關鏈接見(六)。

測試環境:紅動中國(redocn)提供運營服務器環境.

關于紅動服務環境:
紅動中國在早期利用apache環境，再加上一些優化的工作，一直是相對很穩定，但是最近由于網站發展，訪問量越來越大，在線人數一多經常出現，負載過高，性能急劇下降，經過雙木站長的同意，考慮是否能利用nginx來代替apache，經過長時間的觀察目前nginx工作很穩定，系統也不會再說現高負載的狀況，占用內存也很低,訪問速率從用戶體驗來看明顯有提升.

關于紅動中國:
紅動中國（redocn)論壇經過近1年的快速發展，目前日均頁面訪問量超過100萬，位居全球設計論壇(中文)第1位，是國內最具影響力的設計論壇之一。目前論壇擁有近20萬會員，包括眾多設計界領軍人物在內的行業中堅力量、相關藝術院校師生以及部分設計愛好者等。

遷移目標:實現網站論壇靜態化，防盜鏈，下載并發數和速率限制,實現原站apache所具有的所有功能,將原apache環境下的站點全部遷移到Nginx

一.php(Fastcgi)編譯安裝
[root@att php-5.2.4]# cat in.sh./configure /

–PRefix=/usr/local/php-fcgi /

–enable-fastcgi /

–enable-discard-path /

–enable-force-cgi-redirect /

–with-config-file-path=/usr/local/php-fcgi/etc /

–enable-zend-multibyte /

–with-MySQL=/usr/local/mysql /

–with-libxml-dir=/usr/local/libxml2 /

–with-gd=/usr/local/gd2 /

–with-jpeg-dir /

–with-png-dir /

–with-bz2 /

–with-freetype-dir /

–with-iconv-dir /

–with-zlib-dir /

–with-openssl=/usr/local/openssl /

–with-mcrypt=/usr/local/libmcrypt /

–enable-sysvsem /

–enable-inline-optimization /

–enable-soap /

–enable-gd-native-ttf /

–enable-ftp /

–enable-mbstring /

–enable-exif /

–disable-debug /

–disable-ipv6

make

make install

cp php.ini-dist /usr/local/php-fcgi/etc/php.ini
復制代碼注:關于如何安裝gd庫，mysql的編譯安裝，本文將不介紹，本文重點在于介紹nginx的安裝與配置，如想了解其它相關的問題可以到
LinuxPk去找相關的貼子(http://bbs.linuxpk.com)

二.Nginx編譯安裝
1.創建nginx運行用戶和虛擬主機目錄groupadd www -g 48

useradd -u 48 -g www www

mkdir -p /data/www/wwwroot

chown -R www:www /data/www/wwwroot
復制代碼2.安裝lighttpd中附帶的spawn-fcgi，用來啟動php-cgi
先編譯安裝lighttpd產生spawn-fcgi二進制文件.cd /usr/local/src/lighttpd-1.4.18
http://www.49028c.com/
cp src/spawn-fcgi /usr/local/php-fcgi/bin/
復制代碼啟動php-cgi進程，監聽127.0.0.1的8085端口，進程數為250（如果服務器內存小于3GB，可以只開啟25個進程），用戶為www：
/usr/local/php-fcgi/bin/spawn-fcgi -a 127.0.0.1 -p 8085 -C 250 -u www -f /usr/local/php-fcgi/bin/php-cgi

3.nginx的安裝與配置
安裝Nginx所需的pcre庫：
http://ftp.dk.debian.org/exim/pcre/pcre-7.3.tar.gz tar zxvf pcre-7.2.tar.gz

cd pcre-7.2/

./configure

make && make install

cd ../

http://sysoev.ru/nginx/nginx-0.5.32.tar.gz

tar zxvf nginx-0.5.32.tar.gz

cd nginx-0.5.32

./configure –user=www –group=www –prefix=/usr/local/nginx/ –with-http_stub_status_module –with-

openssl=/usr/local/openssl

make && make install
復制代碼此模塊非核心模塊，需要在編譯的時候手動添加編譯參數 –with-http_stub_status_module
配置nginx

三.Nginx主配置文件及PHP支持.

1.nginx.conf 主配置文件的配置
#cd /usr/local/nginx/conf/
#cp nginx.conf nginx.conf.cao
#cat /dev/null > nginx.conf
#vi nginx.conf //主配置文件user www www;

worker_processes 10;

#error_log logs/error.log;

#error_log logs/error.log notice;

#error_log logs/error.log info;

pid /var/run/nginx.pid;

#Specifies the value for maximum file descriptors that can be opened by this process.

worker_rlimit_nofile 51200;

events

{

use epoll;

#maxclient = worker_processes * worker_connections / cpu_number

worker_connections 51200;

}

http

{

include conf/mime.types;

default_type application/octet-stream;

log_format main ‘$remote_addr - $remote_user [$time_local] $request ‘

‘"$status" $body_bytes_sent "$http_referer" ‘

‘"$http_user_agent" "$http_x_forwarded_for"’;

#access_log /data/www/logs/access.log main;

#sendfile on;

tcp_nopush on;

tcp_nodelay off;

keepalive_timeout 60;

client_header_timeout 3m;

client_body_timeout 3m;

send_timeout 3m;

connection_pool_size 256;

client_header_buffer_size 1k;

large_client_header_buffers 4 2k;

request_pool_size 4k;

output_buffers 4 32k;

postpone_output 1460;

client_max_body_size 10m;

client_body_buffer_size 256k;

client_body_temp_path /dev/shm/client_body_temp;

proxy_temp_path /usr/local/nginx/proxy_temp;

fastcgi_temp_path /usr/local/nginx/fastcgi_temp;

#gzip

gzip on;

gzip_http_version 1.0;

gzip_comp_level 2;

gzip_proxied any;

gzip_types text/plain text/html text/CSS application/x-javascript text/xml application/xml application/xml+rss text/Javascript;

gzip_min_length 1100;

gzip_buffers 4 8k;

# The following includes are specified for virtual hosts //以下是加載虛擬主機配置.

#[url]www.redocn.com[/url]

include conf/vhosts/www_redocn_com.conf;

#bbs.redocn.com

include conf/vhosts/bbs_redocn_com.conf;

#blog.redocn.com

include conf/vhosts/blog_redocn_com.conf;

#down.redocn.com

include conf/vhosts/down_redocn_com.conf;

}
復制代碼2.配置支持Fastcgi模式的PHP
[root@redocn conf]# cat enable_php5.conffastcgi_pass 127.0.0.1:8085;

fastcgi_index index.php;

fastcgi_param GATEWAY_INTERFACE CGI/1.1;

fastcgi_param SERVER_SOFTWARE nginx;

#new ac upload

#fastcgi_pass_request_body off;

#client_body_in_file_only clean;

#fastcgi_param REQUEST_BODY_FILE $request_body_file;

fastcgi_param QUERY_STRING $query_string;

fastcgi_param REQUEST_METHOD $request_method;

fastcgi_param CONTENT_TYPE $content_type;

fastcgi_param CONTENT_LENGTH $content_length;

fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;

fastcgi_param SCRIPT_NAME $fastcgi_script_name;

fastcgi_param REQUEST_URI $request_uri;

fastcgi_param DOCUMENT_URI $document_uri;

fastcgi_param DOCUMENT_ROOT $document_root;

fastcgi_param SERVER_PROTOCOL $server_protocol;

fastcgi_param REMOTE_ADDR $remote_addr;

fastcgi_param REMOTE_PORT $remote_port;

fastcgi_param SERVER_ADDR $server_addr;

fastcgi_param SERVER_PORT $server_port;

fastcgi_param SERVER_NAME $server_name;

# PHP only, required if PHP was built with –enable-force-cgi-redirect

fastcgi_param REDIRECT_STATUS 200;
復制代碼四，多虛擬主機應用配置案例.

#mkdir /usr/local/nginx/conf/vhosts //建立虛擬主機配置存放目錄.
1.www.redocn.com //首站配置
[root@redocn vhosts]#vi www_redocn_com.confserver

{

listen 80;

server_name www.redocn.com;

index index.html index.htm index.php;

root /data/www/wwwroot;

error_page 404 http://bbs.redocn.com;

rewrite ^/bbs/(.*) http://bbs.redocn.com/$1;

location ~ .*/.php?$

{

include conf/enable_php5.conf;

}

}
復制代碼注: 關于rewite需求,紅動中國希望當用戶訪問http://www.redocn.com/bbs的時候自動轉至http://bbs.redocn.com
在原apache中利用redirect實現
Redirect /bbs http://bbs.redocn.com

本文中在nginx下利用rewrite實現:
rewrite ^/bbs/(.*) http://bbs.redocn.com/$1;
2.[root@redocn vhosts] vi bbs_redocn_com.confserver

{

listen 80;

server_name bbs.redocn.com yan.redocn.com majia.redocn.com wt.redocn.com;

index index.html index.htm index.php;

root /home/www/htdocs/bbs;

access_log /var/log/nginx/access_bbs.redocn.com.log combined;

location / {

#bbs rewrite

rewrite ^/archiver/((fid|tid)-[/w/-]+/.html)$ /archiver/index.php?$1 last;

rewrite ^/forum-([0-9]+)-([0-9]+)/.html$ /forumdisplay.php?fid=$1&page=$2 last;

rewrite ^/thread-([0-9]+)-([0-9]+)-([0-9]+)/.html$ /viewthread.php?tid=$1&extra=page/%3D$3&page=$2 last;

rewrite ^/space-(username|uid)-(.+)/.html$ /space.php?$1=$2 last;

rewrite ^/tag-(.+)/.html$ /tag.php?name=$1 last;

break;

#error

error_page 404 /index.php;

#redirect server error pages to the static page /50x.html

error_page 500 502 503 504 /50x.html;

location = /50x.html {

root html;

}

#Preventing hot linking of images and other file types

location ~* ^.+/.(gif|jpg|png|swf|flv|rar|zip)$ {

valid_referers none blocked server_names

*.redocn.com redocn.com *.taobao.com taobao.com

bbs.blueidea.com bbs.asiaci.com bbs.arting365.com forum.chinavisual.com softbbs.pconline.com.cn

bbs.chinaddu.com bbs.photops.com *.baidu.com *.google.com *.google.cn *.soso.com *.yahoo.com.cn

*.yahoo.cn;

if ($invalid_referer) {

rewrite ^/ http://www.redocn.com/images/redocn.gif;

#return 403;

}

#support php

location ~ .*/.php?$

{

include conf/enable_php5.conf;

}

}
復制代碼注:
1.紅動中國采用高性能的Discuz!論壇，原apache的rewrite規則幾乎不要做什么修改即可全部移植到nginx下.
靜態化配置見面上面的:#bbs rewrite部分.
2.一般論壇都希望實現防盜鏈功能，在apache很輕松實現？在nginx下是否容易實現呢？答案是肯定的. #Preventing hot linking of images and other file types

valid_referers none blocked server_names *.redocn.com redocn.com …你允許連接的網址;

if ($invalid_referer) {

rewrite ^/ http://www.redocn.com/images/redocn.gif; //讓別人盜鏈時顯示你指定的圖片.

#return 403;

}
復制代碼3.blog.redocn.com
[root@redocn vhosts]#vi blog_redocn_com.confserver

{

listen 80;

server_name blog.redocn.com;

index index.html index.htm index.php;

root /data/www/wwwroot/blog;

error_page 404 http://bbs.redocn.com;

#supsite rewrite

rewrite ^([0-9]+)/spacelist(.*)$ index.php?$1/action_spacelist$2;

rewrite ^([0-9]+)/viewspace_(.+)$ index.php?$1/action_viewspace_itemid_$2;

rewrite ^([0-9]+)/viewbbs_(.+)$ index.php?$1/action_viewbbs_tid_$2;

rewrite ^([0-9]+)/(.*)$ index.php?$1/$2;

rewrite ^([0-9]+)$ index.php?$1;

rewrite ^action_(.+)$ index.php?action_$1;

rewrite ^category_(.+)$ index.php?action_category_catid_$1;

rewrite ^itemlist_(.+)$ index.php?action_itemlist_catid_$1;

rewrite ^viewnews_(.+)$ index.php?action_viewnews_itemid_$1;

rewrite ^viewthread_(.+)$ index.php?action_viewthread_tid_$1;

rewrite ^index([/.a-zA-Z0-9]*)$ index.php;

rewrite ^html/([0-9]+)/viewnews_itemid_([0-9]+)/.html$ index.php?action_viewnews_itemid_$2;

rewrite ^/([0-9]+)/spacelist(.+)$ /index.php?uid/$1/action/spacelist/type$2;

rewrite ^/([0-9]+)/viewspace(.+)$ /index.php?uid/$1/action/viewspace/itemid$2;

rewrite ^/([0-9]+)/viewbbs(.+)$ /index.php?uid/$1/action/viewbbs/tid$2;

rewrite ^/([0-9]+)/(.*)$ /index.php?uid/$1/$2;

rewrite ^/([0-9]+)$ /index.php?uid/$1;

rewrite ^/action(.+)$ /index.php?action$1;

rewrite ^/category(.+)$ /index.php?action/category/catid$1;

rewrite ^/viewnews(.+)$ /index.php?action/viewnews/itemid$1;

rewrite ^/viewthread(.+)$ /index.php?action/viewthread/tid$1;

rewrite ^/mygroup(.+)$ /index.php?action/mygroup/gid$1;

location ~ .*/.php?$

{

include conf/enable_php5.conf;

}

}
復制代碼注:blog采用功能強大的Supesite作為Blog站點: http://www.supesite.com/
1.Blog如何在Nginx里實現靜態化，具體設置見，上面的#supesite rewrite

4.down.redocn.com
[root@redocn vhosts]# vi down_redocn_com.conflimit_zone one $binary_remote_addr 10m;

server

{

listen 80;

server_name down.redocn.com;

index index.html index.htm index.php;

root /data/www/wwwroot/down;

error_page 404 /index.php;

# redirect server error pages to the static page /50x.html

error_page 500 502 503 504 /50x.html;

location = /50x.html {

root html;

}

#Zone limit

location / {

limit_conn one 1;

limit_rate 20k;

}

# serve static files

location ~ ^/(images|javascript|js|css|Flash|media|static)/ {

root /data/www/wwwroot/down;

expires 30d;

}

}
復制代碼注:
由于現在的BT下載軟件越來越多了，我們如何限制下載的并發數和速率呢？apache需要三方模塊，nginx就不用了
在nginx利用兩個指令即可實現:limit_zone(limit_conn) 來限制并發數,limit_rate來限制下載的速率,請看上面的配置實例.

5.啟動nginx服務/usr/local/php-fcgi/bin/spawn-fcgi -a 127.0.0.1 -p 8085 -C 250 -u www -f/usr/local/php-fcgi/bin/php-cgi

/usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
復制代碼你可以把上面兩條命令制做成系統啟動服務腳本，相關的腳本在網上也很多，本文就不再貼出來了,給出一個實例鏈接:
http://topfunky.net/svn/shovel/nginx/init.d/nginx

五.問題及經驗總結:
1.安裝Discuz論壇后，無法上傳大于M以上的附件？
在主配置文件里加入:client_max_body_size 10m; 詳細指令說明請參見(六)提供的Wiki鏈接.

2.Discuz附件無法下載附件?
最近遇到一個奇怪的問題在nginx下discuz論壇無法下載附件，后來打開error_log才知道，仍后一看/usr/local分區滿了,
清了一大堆無用文件后，馬上就正常了.

以上是本人遷移和測試過程中遇到的兩個小問題，在此附上說明，只是希望配置nginx的朋友不要犯我一樣的問題.
歡迎聯系NetSeek(狂熱linux愛好者^_^ msn:cnseek@msn.com QQ:67888954 Gtalk:cnseek@Gmail.com).

六.相關鏈接:
1.Discuz!.net高性能的PHP論壇程序 http://www.discuz.net Supesite: http://www.supesite.com/
2.Nginx參考文檔:http://wiki.codemongers.com/
3.利用Nginx實現負載均衡(阿葉大哥的文章):http://www.imysql.com/comment/reply/210
4.linuxPk[Linux寶庫]:http://bbs.linuxpk.com
5.紅動中國 http://bbs.redocn.com

上一篇：走進Zend Framework框架編程1（開篇）

下一篇：在linux下設置開機自動啟動程序的方法