To see their various configurations, too much, to the current level of primary operations can not be understood, so it is intended to ask you what you are familiar with the special need to know the configuration, how to configure better maintenance projects, improve performance.
Reply content:
To see their various configurations, too much, to the current level of primary operations can not be understood, so it is intended to ask you what you are familiar with the special need to know the configuration, how to configure better maintenance projects, improve performance.
Big question, say I personally focus on which points, welcome other partners to complement the improvement will certainly leak
Safety
Nginx (user config), php-fpm (user,group configuration items), and permissions, users, and user groups for the site Directory this is really important.
PHP Security also pay attention to system-level functions if no project requirements are all disabled (disable_functions)
PHP do not open error printing, it is easy to expose information is attacked
display_startup_errors = Off ,display_errors = Off
Performance
Nginx process number worker_processes, maximum number of connections worker_connections
PHP-FPM Performance Related: Pm.max_children, pm.start_servers, Pm.min_spare_servers, Pm.max_spare_servers, pm.max_requests
Log monitoring Analysis
Nginx log: Access_log with Log_format
PHP log: log_errors
PHP-FPM record Slow execution log: Slowlog mate Request_slowlog_timeout
I will also focus on the system level: Iptables,/etc/sysctl.conf, etc.
Suggestions
It is best to write a script to monitor memory, traffic, CPU, number of processes, disk space, etc., can also use monitoring products, open source monitoring projects and so on, reasonable control of the alarm strategy.
Then periodically analyze the above configuration in the output of the log files, some slow response to the log, the wrong time, slow execution of the log to understand, to solve some of the daily operational performance problems
PHP configuration is basically the default does not need to change, the main thing is to add xdebug when you need to increase the configuration in php.ini, such as
[xdebug]zend_extension="/Applications/MAMP/bin/php/php7.0.0/lib/php/extensions/no-debug-non-zts-20151012/xdebug.so"xdebug.remote_enable = 1xdebug.remote_connect_back = 1xdebug.remote_port = 9000xdebug.scream=0 xdebug.cli_color=1xdebug.show_local_vars=1
Xdebug in the development environment is particularly useful, in the production environment need to open opcache, it needs to be opened php.ini Opcache configuration such as:
[OPcache]zend_extension="/Applications/MAMP/bin/php/php7.0.0/lib/php/extensions/no-debug-non-zts-20151012/opcache.so" opcache.memory_consumption=128 opcache.interned_strings_buffer=8 opcache.max_accelerated_files=4000 opcache.revalidate_freq=60 opcache.fast_shutdown=1 opcache.enable_cli=1
For PHP log processing, we recommend using the Monolog/monolog library to handle log printing.
An exception handling tool, Sentry, and log processing tool logentries are recommended here.
PHP-FPM:
pm 系列配置