Nginx Use small note

Source: Internet
Author: User
Tags openssl library

Chinese Wiki community: http://wiki.codemongers.com/NginxChs

One. Nginx Installation

1. Download nginx:http://sysoev.ru/nginx/download.html (official download page)
wget http://sysoev.ru/nginx/nginx-0.7.19.tar.gz

2. Dependent module download
Gzip module requires zlib library (http://www.zlib.net/)
Rewrite module requires Pcre library (http://www.pcre.org/)
The SSL feature requires the OpenSSL library (http://www.openssl.org/)

./configure--prefix=/home/ljh/program/nginx--with-http_stub_status_module--with-pcre=./external/pcre-7.8-- with-zlib=./external/zlib-1.2.3--with-openssl=./external/openssl-0.9.8i

Make & make Install


Control of Nginx via signal

Nginx supports the signals in the following table:

Signal Name Function Description
term, INT quickly closes the program, aborts the request currently being processed
QUIT after processing the current request, close the program
HUP reloads the configuration and opens a new worker process, shutting down the process, which does not interrupt the request
USR1 reopen the log file for switching logs, such as generating a new log file every day
USR2 Smooth Upgrade Executable program
WINCH gracefully close the work process

There are two ways to control nginx through these signals, the first is to view the currently running Nginx process ID through the nginx.pid in the logs directory.
Use kill–xxx <pid> to control Nginx, where XXX is the signal name listed in the table above. If you have only one Nginx process in your system, you can also do so with the Killall command, such as running Killall–s HUP Nginx to reload the configuration.

Killall-s HUP Nginx

Two Nginx configuration

1. Monitoring Configuration
Location/nginx_status {
# Copied from http://blog.kovyrin.net/2006/04/29/monitoring-nginx-with-rrdtool/
Stub_status on;
Access_log off;
Allow SOME. Ip. ADD. RESS;
Deny all;
}

Page results explained:
Active connections:291
Server accepts handled requests
16630948 16630948 31070465
Reading:6 writing:179 waiting:106
Active connections--number of active connections to the backend

Server accepts handled requests-Nginx handled a total of 16,630,948 connections, successfully created 16,630,948 handshakes (proving that there was no failure in the middle), and processed 31,070,465 requests in total (average each handshake processed 1.8 Data requests)
Reading--The number of header messages that Nginx reads to the client
Writing--The number of header information returned to the client by Nginx
Waiting--when keep-alive is turned on, this value is equal to active-(reading + writing), which means that Nginx has processed the host connection that is waiting for the next request instruction

2. Page Cache configuration Http://wiki.codemongers.com/NginxChsMemcachedModule
server {
Location/{
Set $memcached _key $uri;
Memcached_pass name:11211;
Default_type text/html;
Error_page 404 =/fallback;
}

Location =/fallback {
Proxy_pass backend;
}

3. Page configuration IP Access list http://wiki.codemongers.com/NginxHttpAccessModule
Location/{
Deny 192.168.1.1;
Allow 192.168.1.0/24;
Allow 10.1.1.0/16;
Deny all;
}

4. Configure page access control

Location/{
Auth_basic "Restricted";
} auth_basic_user_file conf/htpasswd;
HTPASSWD format is user name: password. You can use the HTPASSWD tool from Apache to create a password file.

5. Limit the number of concurrent Http://wiki.codemongers.com/NginxChsHttpLimit_zoneModule per IP
Limit_zone one $binary _remote_addr 10m;
server {
location/download/{
Limit_conn one 1;
}
}
Define a record area called "one" with a total capacity of 10M, with variable $binary _remote_addr as the base of the session (i.e., one session for an address). Restricted/download/directory, a session can only make one connection.
Simple point, is the limit/download/directory, an IP can only initiate a connection, more than one, all 503

6. Agent Module Http://wiki.codemongers.com/NginxChsHttpProxyModule

Location/{
Proxy_pass Http://localhost:8000/hello;
Proxy_redirect http:/localhost:8000/hello//;

Proxy_set_header X-real-ip $remote _addr;
Proxy_read_timeout 60
Proxy_connect_timeout 60
}

Configuration Item Description:

Daemon on | Off default value: On
Can be turned on at development time, but must be set to off in the real world

debug_points [Stop | abort] Default value: None
Can stop Nginx application on debugger

Error_log file [Debug | info | notice | warn | error | crit] Default: ${prefix}/logs/error.log


Include vhosts/*.conf; Default value: None
If the configuration file is long, you can use the include directive anywhere to implement the inclusion of the configuration file. *.conf matches all files ending with. conf

Lock_file/var/log/lock_file;
Nginx uses asynchronous mutex for access control

Master_process on | Off default value: On
And Dameon on are used at development time

Pid/var/log/nginx.pid;
The process ID stores the file. You can use Kill-hup cat/var/log/nginx.pid\ to reload the Nginx configuration file.

User User [Group]
Specifies that the Nginx worker process runs the user, the default is the nobody account.

Worker_processes Number Default: 1
Configure worker processes. max_clients = worker_processes * worker_connections


worker_priority [-]number
Set priority for worker processes

Worker_cpu_affinity 0001 0010 0100 1000;
Bind worker to four CPUs

Worker_rlimit_core size
Specify file limits for each process


Access_log path [format [buffer=size]] | Off default value: Access_log log/access.log combined
Instruction Access_log assigns path, format, and cache size. The parameter "off" clears all access_log directives at the current level. If no format is specified, the preset "combined" format is used. The cache cannot be larger than the maximum size of files that can be written to disk. In FreeBSD 3.0-6.0, there is no limit to the size of the cache.


Log_format name format [format ...] Default value: Log_format combined "..."
Log_format combined ' $remote _addr-$remote _user [$time _local] '
"$request" $status $apache _bytes_sent '
' "$http _referer" "$http _user_agent";

Expires [Time|epoch|max|off] default value: Expires off
Use this directive to control the headers of "Expires" and "Cache-control" in HTTP replies (as a function of controlling page caching).
You can use a positive or negative number in the time value. The value of the "Expires" header is obtained by adding the time value you set for the current system.
The epoch specifies a value of "Expires" of 1 January, 1970, 00:00:01 GMT.
MAX specifies that the value of "Expires" is December 2037 23:59:59 GMT, and the value of "Cache-control" is 10 years.
The value of the "Cache-control" header is determined by the time you specify:
Negative Number: Cache-control:no-cache
Positive or 0: Cache-control:max-age = #, # Specifies the number of seconds for your time.
"Off" means that the values of "Expires" and "Cache-control" are not modified

Http://www.blogjava.net/agapple/archive/2008/11/07/239327.html

Nginx Use small note

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.