following previous article on "Debian+nginx configuration--php Environment, reverse proxy and load balancing " after the success, a little excited, and finally do not have the whole LVS so complex to fix the load, but there are many concepts did not clear.
What are CGI, FastCGI, php-cgi, PHP-FPM, spawn-fcgi?
- CGI Full name is "Universal Gateway Interface" (Common Gateway Interface), in fact, I understand is a protocol, it describes how the client and the HTTP server transfer data between, so it has a variety of language implementations such as Perl, TCL, etc. The implementation of PHP is php-cgi. And because of the shortcomings of CGI: each connection starts a process this causes the CGI performance to be low, therefore the fastcgi emerges.
- FASTCGI is an improved protocol for CGI that keeps the CGI interpreter process in memory for high performance. CGI program loading is the main reason for the poor CGI performance, if the CGI program is kept in memory and accepted fastcgi process manager scheduling, it can provide good performance, scalability, Fail-over features and so on.
In general, the whole workflow of fastcgi is this:
- Load the FASTCGI Process Manager (IIS ISAPI or Apache Module) when Web server starts.
- The FASTCGI process Manager itself initializes, starts multiple CGI interpreter processes (visible multiple php-cgi) and waits for a connection from the Web server.
- When a client request arrives at the Web server, the FASTCGI process manager selects and connects to a CGI interpreter. WEB server sends CGI environment variables and standard input to the FASTCGI child process php-cgi.
- The FASTCGI child process returns standard output and error information from the same connection to the Web Server after processing is complete. When the fastcgi child process closes the connection, the request is processed to completion. The fastcgi child process then waits and processes the next connection from the FASTCGI process Manager (running in Web server). In CGI mode, php-cgi exits here.
- PHP-FPM and spawn-fcgi are fastcgi PHP implementations, which are better than the latter, can effectively control memory and processes, and can smoothly overload the PHP configuration. And spawn-fcgi is a part of LIGHTTPD, is widely used before PHP-FPM appears.
Command options for PHP-FPM:
- Start the PHP fastcgi process
- Stop forcing PHP's fastcgi process to terminate
- Quit smooth termination of PHP fastcgi process
- Restart restarting PHP's fastcgi process
- Reload re-load PHP php.ini
- Logrotate re-enabling the log file
Location syntax in Nginx configuration
From the previous article can be perceptual under the use of location, its syntax is as follows:
Location [=|^~|~|~*]/uri/{...}
- = start with exact match
- ^~ begins by indicating that the URI begins with a regular string and is understood to match the URL path. Nginx does not encode the URL, so the request is/STATIC/20%/AA, which can be matched to the rule ^~/static//aa (note is a space).
- ~ Start indicates a case-sensitive regular match
- ~* Start indicates a case-insensitive regular match
- !~ and ! ~* for case-insensitive and case-insensitive matches, respectively
- / generic match, any request will be matched to.
in the case of multiple location configurations, the matching order is: first match =, next match ^~, followed by the regular match in the order of the file, and finally to the/General match. When a match succeeds, the match is stopped and the request is processed according to the current matching rule.
Example:
Location =/{ #规则A}location =/login { #规则B}location ^~/static/{ #规则C}location ~ \. ( GIF|JPG|PNG|JS|CSS) $ { #规则D}location ~* \.png$ { #规则E}location!~ \.xhtml$ {sudo/etc/init.d/nginx usage: nginx { Start|stop|restart|reload|force-reload|status|configtest|rotate|upgrade}start Start stop Stop restart restart reload Smooth reload Force-reload force Reload is actually restartstatus View status configtest test configuration is correct #规则F}location!~* \.xhtml$ { #规则G} Location/{ #规则H}
The resulting effect is as follows:
- access to the root directory/, such as http://localhost/will match rule a
- Access Http://localhost/login will match rule b,http://localhost/register then match rule h
- Access http://localhost/static/a.html will match rule C
- Access Http://localhost/a.gif, Http://localhost/b.jpg will match rule D and rule e, but rule D order takes precedence, Rule e does not work, and http://localhost/static/c.png first matches to rule C
- access/HTTP Localhost/a.png matches rule e without matching rule d because rule e is not case-sensitive.
- Access http://localhost/a.xhtml does not match rule f and rule g,http://localhost/a. XHTML does not match rule G because it is case insensitive. Rule f, rule g belongs to the exclusion method, conforms to the matching rule but does not match, so think about where the actual application will be used.
- Access http://localhost/category/id/1111 then final match to the rule H, because the above rules do not match, this time should be nginx forwarding request to the backend application server, such as fastcgi (PHP), Tomcat (JSP), Nginx as the direction of the proxy server exists.
Concept popularization
- Agent
- Standard proxy buffering Server
A standard proxy buffering service is used to cache static Web pages (for example, HTML files and picture files) to a host on the local network (that is, the proxy server). When the cached page is accessed for a second time, the browser will request data directly from the local proxy server and no longer request data from the original web site. This saves valuable network bandwidth and improves access speed. However, to do this, you must explicitly indicate the IP address and port number of the proxy server on each of the internal hosts ' browsers. When the client is surfing the Internet, each time the request is sent to the proxy server, the proxy server determines whether to connect to the remote Web server to obtain the data. If there is a destination file in the local buffer, pass the file directly to the user. If not, retrieve the file first, save a buffer locally, and then send the file to the client browser.
- Transparent proxy buffering Server
The transparent proxy buffering service and the standard Proxy server function exactly the same. However, the agent operation is transparent to the client's browser (that is, it does not need to indicate the IP and port of the proxy server). The transparent proxy server blocks network traffic and filters out HTTP (80 port) traffic that is accessed externally. If the client's request is buffered locally, the buffered data is sent directly to the user, and if there is no buffering locally, the request is made to the remote Web server, and the remaining operations are identical to the standard proxy server. For Linux operating systems, transparent proxies are implemented using Iptables or IPChains. Transparent proxies are especially useful for ISPs (Internet server providers) because there is no need to make any settings for the browser.
- Reverse Proxy buffer Server
A reverse proxy is a proxy service that is completely different from the first two agents. Use it to reduce the load on the original Web server. The reverse proxy server takes on a static page request from the original Web server to prevent the original server from overloading. It is located between the local Web server and the Internet, handles all requests to the Web server, and prevents direct communication between the Web server and the Internet. If the page requested by the Internet user has buffering on the proxy server, the proxy server sends the buffered content directly to the user. If there is no buffering, a request is made to the Web server, the data is retrieved, and the local cache is sent to the user. This approach reduces the load on the Web server by reducing the number of requests to the Web server.
- common Web load Balancing methods
- User Manual Selection method
This is a more ancient way. Load balancing is achieved by providing different lines and different server connections in the main home portal. This approach is more common in some Web sites that offer downloads.
- DNS Polling methods
Most domain registrars support adding multiple A records to the same host name, which is the DNS polling, and the DNS server will resolve the riding cows randomly assigned to different IPs in the order of a records, thus completing a simple load balancer. However, the DNS load is low-cost, but low-reliability, and the load is not balanced. You can use the Linux Dig command to view DNS load.
- Four/Seven Layer load balancing device
the lowest or first layer of the OSI model: Physical layer physical layer including physical network media, is actually wiring, fiber, network card and other used to connect two network communication devices together things. It specifies the mechanical characteristics, electrical characteristics, functional characteristics, and process characteristics between the activation, maintenance, and closing of communication endpoints. Although the physical layer does not provide error correction services, it can set the data transfer rate and monitor the error rate. The standard of physical layer definition includes: Eia/tia RS-232, Eia/tia RS-449, v.35, RJ-45, etc.
second layer of the OSI model: The main function of Data link layer Data link layer is to control communication between network layer and physical layer. It ensures that the data is reliably delivered on unreliable physical lines. It divides the data received from the network layer into a specific frame that can be transmitted by the physical layer, ensuring the reliability of the transmission. Its main functions include: Physical address addressing, data framing, flow control, data error checking, re-sending and so on. It is independent of the network layer and the physical layer, and works without worrying about whether the computer is running software or other operations. The Data Link layer protocol includes: SDLC, HDLC, PPP, STP, Frame Relay, and so on.
the third layer of the OSI model: Many users of the network layer often confuse the 2-layer and 3-tier issues, so if you're talking about a problem with an IP address, routing protocol, or address Resolution Protocol (ARP), then this is the third tier problem. The network layer is responsible for routing the packets between subnets, and it determines the best path from two nodes in a network by taking into account the sending priority, network congestion, quality of service, and the cost of optional routing. In addition, it can realize congestion control, Internet interconnection and other functions. Network layer protocol representatives include: IP, IPX, RIP, OSPF, and so on.
layer Fourth of the OSI model: Transport layer Transport layer is the most important layer of the OSI model, it is the first end-to-end level of two computers data communication through the network, play a buffering role. When the service quality of the network layer does not meet the requirements, it will improve the service to meet the requirements of the high level, and when the Network layer service quality is good, it only needs to do very little work. In addition, it also deals with end-to-end error control and flow control, and ultimately provides reliable, error-accurate data transfer to the session. The Transport Layer protocol includes: TCP, UDP, SPX, and so on.
layer fifth of the OSI model: The session Layer session layer is responsible for establishing and maintaining communication between two nodes in the network, keeping the session in sync, and deciding where to resend the communication if it is interrupted and when the communication is interrupted.
layer Sixth of the OSI model: The function of the presentation layer is to manage the decryption and encryption of the data, such as the common system password processing, when your account data is encrypted before it is sent, and at the other end of the network, the presentation layer decrypts the data received. In addition, the presentation layer also needs to decode and encode the image and file format information.
layer seventh of the OSI model: The application layer simply means that the application layer is an interface that provides access to network services for operating systems or Web applications, including file transfer, file management, and e-mail processing. The application layer protocol includes: Telnet, FTP, HTTP, SNMP, and so on.
The relationship between the OSI model and the TCP/IP model:
Hardware four/Seven load switches generally have F5 big-IP, Citrix NetScaler, Radware, Cisco Css, foundry, etc., the software four-layer load of the Representative is LVS; Software seven-tier load is mostly based on HTTP reverse proxy, such as Nginx, L7SW, Haproxy and so on.
- Multi-line multi-region intelligent DNS resolution and hybrid load balancing method
Take Sina homepage As an example, the load balance uses the technology of "multi-line multi-region Intelligent DNS resolution, DNS polling, four/seven layer load balancing switch" and so on. Intelligent DNS resolution can resolve the same domain name request to a different IP based on the DNS server line and region that the user has set locally.
Start
can use
Sudo/etc/init.d/nginx
Usage
Nginx {Start|stop|restart|reload|force-reload|status|configtest|rotate|upgrade}
- Start startup
- Stop Stop
- Restart restart
- Reload Smooth Reload
- Force-reload forced reload, is actually restart
- Status View state
- Configtest test configuration is correct
You can see the exact meaning of "/etc/init.d/nginx".
In-depth understanding of nginx configuration