Nginx作为高性能的Web服务器和反向代理,可以通过多种配置优化来提升HTTP请求处理能力。以下是一些关键的优化策略:
# 调整工作进程数(通常等于CPU核心数)
worker_processes auto;
# 每个worker的最大连接数
events {
worker_connections 10240;
use epoll; # Linux下高性能事件模型
multi_accept on; # 同时接受多个连接
}
http {
# 缓冲区优化
client_body_buffer_size 10K;
client_header_buffer_size 1k;
client_max_body_size 8m;
large_client_header_buffers 4 4k;
# 超时设置
client_body_timeout 12;
client_header_timeout 12;
keepalive_timeout 65;
send_timeout 10;
# 关闭不必要的日志
access_log off;
error_log /var/log/nginx/error.log crit;
}
gzip on;
gzip_min_length 10240;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain text/css text/xml text/javascript application/x-javascript application/xml;
gzip_disable "MSIE [1-6]\.";
gzip_vary on;
location ~* \.(jpg|jpeg|png|gif|ico|css|js)$ {
expires 365d;
add_header Cache-Control "public, no-transform";
access_log off;
}
listen 443 ssl http2;
http2_max_concurrent_streams 128;
http2_recv_timeout 30s;
upstream backend {
least_conn; # 最少连接算法
server backend1.example.com weight=5;
server backend2.example.com;
server backend3.example.com max_fails=3 fail_timeout=30s;
keepalive 32; # 保持连接池
}
proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=my_cache:10m inactive=60m;
proxy_cache_key "$scheme$request_method$host$request_uri";
proxy_cache_valid 200 302 10m;
proxy_cache_valid 404 1m;
limit_req_zone $binary_remote_addr zone=one:10m rate=10r/s;
location /api/ {
limit_req zone=one burst=20 nodelay;
}
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384';
location /nginx_status {
stub_status on;
access_log off;
allow 127.0.0.1;
deny all;
}
使用性能分析工具:
nginx -t 测试配置strace 跟踪系统调用htop 监控资源使用日志分析:
通过以上优化措施,可以显著提高Nginx处理HTTP请求的性能和效率,同时保持系统的稳定性。