CentOS6.5 Nginx optimized compilation Configuration

Speaking of Nginx, it is really a good friend of mine in O & M. Its excellent performance and extremely high work efficiency are really amazing, according to reports from the internet, the epoll model supports up to 50000 concurrent connections.

Epoll [Wikipedia]:

Epoll is an enhanced version of the select/poll multi-channel multiplexing I/O interface in Linux. It can significantly improve the CPU usage of the system when the program is active in a large number of concurrent connections, because it will reuse the file descriptor set to deliver results without forcing developers to re-Prepare the file descriptor set to be listened before each wait event. Another reason is that when obtaining the event, it does not need to traverse the entire listener descriptor set, as long as it traverses the descriptor set that is asynchronously awakened by kernel IO events and is added to the Ready queue. Epoll not only provides Level Triggered for IO events of select/poll, but also Edge Triggered, which makes it possible for user space programs to cache IO states, reduce epoll_wait/epoll_pwait calls to improve application efficiency.

Install Nginx. Here I skipped the Package Manager and used the compilation method to run Nginx:

1. Install the Zlib function library

#### Gcc compiling environment is a required condition #### [root @ I-it ~] # Yum install gcc-c ++ make autoconf aotomake [root @ I-it ~] # Tar zxf zlib-1.2.8.tar.gz [root @ I-it ~] # Cd zlib-1.2.8 [root @ I-it zlib-1.2.8] #./configure -- prefix =/software/zlib [root @ I-it zlib-1.2.8] # make & make install

2. Added support for rewrite, and enabled support for utf8 characters in compilation parameters, so that nginx supports regular expressions in Chinese.

[root@i-it ~]# tar zxf pcre-8.35.tar.gz [root@i-it ~]# cd pcre-8.35[root@i-it pcre-8.35]# ./configure --prefix=/software/pcre --enable-utf8 --enable-unicode-properties[root@i-it pcre-8.35]# make && make install

3. Add support for https

[root@i-it ~]# tar zxf openssl-1.0.1h.tar.gz [root@i-it ~]# cd openssl-1.0.1h[root@i-it openssl-1.0.1h]# ./config --prefix=/software/openssl[root@i-it openssl-1.0.1h]# make && make install

Compile TCMalloc, an open-source tool developed by Google, a member of goole-perftools. TCMalloc has much higher memory allocation efficiency and speed than the standard glibc library, it can be used not only to optimize Mysql under high concurrency, so as to reduce the system load, but also to implement the same function in Nginx. Therefore, it is undoubtedly a huge addition to high concurrency Nginx.

4. Install the libunwind Library

[root@i-it ~]# tar zxf libunwind-1.1.tar.gz [root@i-it ~]# cd libunwind-1.1[root@i-it libunwind-1.1]# CFLAGS=-fPIC ./configure --prefix=/software/google-libunwind[root@i-it libunwind-1.1]# make CFLAGS=-fPIC && make CFLAGS=-fPIC install

5. Install google-perftools

[root@i-it ~]# tar zxf gperftools-2.2.tar.gz [root@i-it ~]# cd gperftools-2.2[root@i-it gperftools-2.2]# LDFLAGS="-L/software/google-libunwind/lib" CPPFLAGS="-I/software/google-libunwind/include" ./configure --prefix=/software/google-perftools[root@i-it gperftools-2.2]# make && make install

6. Add a shared library path

[root@i-it ~]# echo "/software/google-libunwind/lib/" >> /etc/ld.so.conf[root@i-it ~]# echo "/software/google-perftools/lib/" >> /etc/ld.so.conf[root@i-it ~]# echo "/software/zlib/lib/" >> /etc/ld.so.conf[root@i-it ~]# echo "/software/pcre/lib/" >> /etc/ld.so.conf[root@i-it ~]# ldconfig -v

7. Compile Nginx

[Root @ I-it ~] # Groupadd-g 1500 nginx [root @ I-it ~] # Useradd-M-u 1500-g nginx-s/sbin/nologin nginx [root @ I-it ~] # Mkdir/var/tmp/nginx [root @ I-it ~] # Chown nginx: nginx/var/tmp/nginx/[root @ I-it ~] # Tar zxf nginx-1.7.1.tar.gz [root @ I-it ~] # Cd nginx-1.7.1 ############# comment out the 174 line of the file to cancel the debug mode ##############[ root @ I-it nginx-1.7.1] # vi auto/cc/gcc 173 # debug 174 # CFLAGS = "$ CFLAGS-g" ##### because of google-perftools library Installation PATH is not default, so here we need to modify the source code #### [root @ I-it nginx-1.7.1] # sed-I "s #/usr/local #/software/google-perftools #" auto/ lib/google-perftools/conf [root @ I-it nginx-1.7.1] #. /configure -- prefix =/software/nginx -- user = nginx -- group = nginx -- with-http_stub_status_module -- with-http_ssl_module -- with-http_realip_module -- with-http_gzip_static_module -- with-debug -- http-client-body-temp- path =/var/tmp/nginx/client -- http-proxy-temp-path =/var/tmp/nginx/proxy -- http-fastcgi-temp-path =/var/tmp /nginx/fastcgi -- http-uwsgi-temp-path =/var/tmp/nginx/uwsgi -- http-scgi-temp-path =/var/tmp/nginx/scgi -- -pcre =/root/pcre-8.35 -- with-openssl =/root/openssl-1.0.1h -- with-zlib =/root/zlib-1.2.8 [root @ I-it nginx-1.7.1] # make & make install

8. Add a STARTUP script to run Nginx.

[Root @ I-it ~] # Vi/etc/init. d/nginx #! /Bin/bash # nginx Startup script for the Nginx HTTP Server # it is v.0.0.2 version. # chkconfig:-85 15 # description: Nginx is a high-performance web and proxy server. # It has a lot of features, but it's not for everyone. # processname: nginx # pidfile:/software/nginx/logs/nginx. pid # config:/software/nginx/conf/nginx. confnginxd =/software/nginx/sbin/nginxnginx_config =/software/nginx/conf/nginx. confngi Nx_pid =/software/nginx/logs/nginx. pidRETVAL = 0 prog = "nginx" # Source function library .. /etc/rc. d/init. d/functions # Source networking configuration .. /etc/sysconfig/network # Check that networking is up. [$ {NETWORKING} = "no"] & exit 0 [-x $ nginxd] | exit 0 # Start nginx daemons functions. start () {if [-e $ nginx_pid]; thenecho "nginx already running .... "exit 1 fiecho-n $" Starting $ prog: "daemon $ ng Inxd-c $ {nginx_config} RETVAL = $? Echo [$ RETVAL = 0] & touch/var/lock/subsys/nginxreturn $ RETVAL} # Stop nginx daemons functions. stop () {echo-n $ "Stopping $ prog:" killproc $ nginxdRETVAL =$? Echo [$ RETVAL = 0] & rm-f/var/lock/subsys/nginx/usr/local/nginx/logs/nginx. pid} reload () {echo-n $ "Reloading $ prog:" # kill-HUP 'cat $ {nginx_pid} 'killproc $ nginxd-HUPRETVAL =$? Echo} # See how we were called. case "$1" instart) start; stop) stop; reload) reload; restart) stopstart; status) status $ progRETVAL =$ ?;; *) Echo $ "Usage: $ prog {start | stop | restart | reload | status | help} "exit 1 esacexit $ RETVAL ######## grant permissions to run it ##### #### [root @ I-it ~] # Chmod 755/etc/init. d/nginx & chkconfig nginx on [root @ I-it ~] # Service nginx startStarting nginx: [OK] [root @ I-it ~] # Netstat-pant | grep 80tcp 0 0 0.0.0.0: 80 0.0.0.0: * LISTEN 37831/nginx

9. Nginx is running. Configure the google-perftools library.

##### Create a thread directory ##### [root @ I-it ~] # Mkdir/tmp/tcmalloc [root @ I-it ~] # Chmod 0777/tmp/tcmalloc/#### modify the Nginx configuration file #### [root @ I-it ~] # Vi/software/nginx/conf/nginx. confpid logs/nginx. pid; google_perftools_profiles/tmp/tcmalloc; ### check whether google-perftools is loaded ### [root @ I-it ~] # Service nginx restartStopping nginx: [OK] Starting nginx: [OK] [root @ I-it ~] # Lsof-n | grep tcmalloc nginx 37882 nginx 9 w REG 253,0 0 1179654/tmp/tcmalloc.37882nginx 37883 nginx 11 w REG 253,0 0 1179655/tmp/tcmalloc.37883 ### output for each line data indicates the value of worker_processes in the Nginx main configuration file, the value following each thread file is the PID started by Nginx ### [root @ I-it ~] # Ps aux | grep nginxroot 37880 0.0 0.2 30200 892? Ss nginx: master process/software/nginx/sbin/nginx-c/software/nginx/conf/nginx. confnginx 37882 0.0 1.1 34804? S nginx: worker process nginx 37883 0.0 1.1 34804 3772? S nginx: worker process #### enable port 80 on iptables ### [root @ I-it ~] # Iptables-I INPUT-p tcp -- dport 80-j ACCEPT

1. disable unnecessary services in the system

### Minimal is the minimum installation, so I will not mention it here. Follow your environment ### [root @ I-it ~] # Chkconfig -- listauditd 0: off1: off2: on3: on4: on5: on6: offblk-availability0: off1: on2: on3: on4: on5: on6: offcrond 0: off1: off2: on3: on4: on5: on6: offip6tables 0: off1: off2: on3: on4: on5: on6: offiptables 0: off1: off2: on3: on4: on5: on6: offiscsi 0: off1: off2: off3: on4: on5: on6: offiscsid 0: off1: off2: off3: on4: on5: on6: offlvm2-monitor 0: off1: on2: on3: on4: on5: on6: offmdmonitor 0: off1: off2: on3: on4: on5: on6: offmultipathd 0: off1: off2: off3: off4: off5: off6: offnetconsole 0: off1: off2: off3: off4: off5: off6: offnetfs 0: off1: off2: off3: on4: on5: on6: offnetwork 0: off1: off2: on3: on4: on5: on6: offnginx 0: off1: off2: on3: on4: on5: on6: offpostfix 0: off1: off2: on3: on4: on5: on6: offrdisc 0: off1: off2: off3: off4: off5: off6: offrestorecond 0: off1: off2: off3: off4: off5: off6: offrsyslog 0: off1: off2: on3: on4: on5: on6: offsaslauthd 0: off1: off2: off3: off4: off5: off6: offsshd 0: off1: off2: on3: on4: on5: on6: offudev-post 0: off1: on2: on3: on4: on5: on6: off

2. Clear the file descriptor

### We recommend that you back up your data ### [root @ I-it ~] # Ll/software/nginx/sbin/nginx-h-rwxr-xr-x. 1 root 2.9 M Jun 8/software/nginx/sbin/nginx [root @ I-it ~] # Strip/software/nginx/sbin/nginx [root @ I-it ~] # Ll/software/nginx/sbin/nginx-h-rwxr-xr-x. 1 root 2.6 M Jun 8 0:54/software/nginx/sbin/

2. Optimized disk write operations

#### Remount the current partition and do not record the Nginx File Access time #### mount-o defaults, noatime, nodiratime-o remount/dev/sda1

3. Optimize file descriptors

#### Modify the configuration file #### [root @ I-it ~] # Egrep-v "^ # | ^ $"/etc/security/limits. conf *-nofile 65535 *-nproc 65535 [root @ I-it ~] # Su-[root @ I-it ~] # Ulimit-u65535 [root @ I-it ~] # Ulimit-n65535

4. Optimize Kernel Parameters

[root@i-it ~]# cat >/etc/sysctl.conf<