Nginx配置指令(二)

Nginx配置指令(二)

客户端请求的相关配置:

1. keepalive_timeout

设定保持连接的超时时长,0表示禁止长连接;默认为75s;

1
2
3
4
5
6
7
8
9
10
11
Syntax: keepalive_timeout timeout [header_timeout];
Default: keepalive_timeout 75s;
Context: http, server, location
The first parameter sets a timeout during which a keep-alive client connection will
stay open on the server side.
The zero value disables keep-alive client connections. The optional second parameter sets
a value in the “Keep-Alive: timeout=time” response header field. Two parameters may differ.
The “Keep-Alive: timeout=time” header field is recognized by Mozilla and Konqueror.
MSIE closes keep-alive connections by itself in about 60 seconds.

2. keepalive_requests

在一次长连接上所允许请求的资源的最大数量,默认为100;

1
2
3
4
5
6
7
8
Syntax: keepalive_requests number;
Default: keepalive_requests 100;
Context: http, server, location
This directive appeared in version 0.8.0.
Sets the maximum number of requests that can be served through one keep-alive connection.
After the maximum number of requests are made, the connection is closed.

3. keepalive_disable

对哪种浏览器禁用长连接;

1
2
3
4
5
6
7
8
9
10
11
Syntax: keepalive_disable none | browser ...;
Default:
keepalive_disable msie6;
Context: http, server, location
Disables keep-alive connections with misbehaving browsers. The browser parameters specify which browsers will be affected.
The value msie6 disables keep-alive connections with old versions of MSIE, once a POST request is received.
The value safari disables keep-alive connections with Safari and Safari-like browsers on macOS and macOS-like operating systems.
The value none enables keep-alive connections with all browsers.

4. send_timeout

向客户端发送响应报文的超时时长,此处,是指两次写操作之间的间隔时长;

1
2
3
4
5
6
7
8
Syntax: send_timeout time;
Default: send_timeout 60s;
Context: http, server, location
Sets a timeout for transmitting a response to the client.
The timeout is set only between two successive write operations,
not for the transmission of the whole response.
If the client does not receive anything within this time, the connection is closed.

5. client_body_buffer_size

用于接收客户端请求报文的body部分的缓冲区大小;默认为16k;超出此大小时,其将被暂存到磁盘上的由client_body_temp_path指令所定义的位置;
上传数据量不大时,默认大小不必要修改。例如论坛等一次性上传较大数据时,需要调整默认大小。

1
2
3
4
5
6
7
8
Syntax: client_body_buffer_size size;
Default: client_body_buffer_size 8k|16k;
Context: http, server, location
Sets buffer size for reading client request body. In case the request body is larger than the buffer,
the whole body or only its part is written to a temporary file.
By default, buffer size is equal to two memory pages. This is 8K on x86, other 32-bit platforms,
and x86-64. It is usually 16K on other 64-bit platforms.

6. client_body_temp_path

设定用于存储客户端请求报文的body部分的临时存储路径及子目录结构和数量;

16进制的数字;

client_body_temp_path   /var/tmp/ [2 [1 [1]]]
    1:表示用一位16进制数字表示一级子目录;0-f
    2:表示用2位16进程数字表示二级子目录:00-ff
    2:表示用2位16进程数字表示三级子目录:00-ff
1
2
3
4
5
6
7
8
9
10
11
12
13
Syntax: client_body_temp_path path [level1 [level2 [level3]]];
Default: client_body_temp_path client_body_temp;
Context: http, server, location
Defines a directory for storing temporary files holding client request bodies.
Up to three-level subdirectory hierarchy can be used under the specified directory.
For example, in the following configuration
client_body_temp_path /spool/nginx/client_temp 1 2;
a path to a temporary file might look like this:
/spool/nginx/client_temp/7/45/00000123457

对客户端进行限制的相关配置:

1. limit_rate;

限制响应给客户端的传输速率,单位是bytes/second,0表示无限制;

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Syntax: limit_rate rate;
Default: limit_rate 0;
Context: http, server, location, if in location
Limits the rate of response transmission to a client.
The rate is specified in bytes per second.
The zero value disables rate limiting.
The limit is set per a request, and so if a client simultaneously opens two connections,
the overall rate will be twice as much as the specified limit.
Rate limit can also be set in the $limit_rate variable.
It may be useful in cases where rate should be limited depending on a certain condition:
server {
if ($slow) {
set $limit_rate 4k;
}
...
}
Rate limit can also be set in the “X-Accel-Limit-Rate” header field of a proxied server response.
This capability can be disabled using the proxy_ignore_headers, fastcgi_ignore_headers,
uwsgi_ignore_headers, and scgi_ignore_headers directives.

2. limit_except method

限制对指定的请求方法之外的其它方法的使用客户端;

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
Syntax: limit_except method ... { ... }
Default: —
Context: location
Limits allowed HTTP methods inside a location.
The method parameter can be one of the following: GET, HEAD, POST, PUT, DELETE,
MKCOL, COPY, MOVE, OPTIONS, PROPFIND, PROPPATCH, LOCK, UNLOCK, or PATCH.
Allowing the GET method makes the HEAD method also allowed. Access to other methods can
be limited using the ngx_http_access_module and ngx_http_auth_basic_module modules directives:
limit_except GET {
allow 192.168.1.0/32;
deny all;
}
Please note that this will limit access to all methods except GET and HEAD.

文件操作优化的配置:

1. aio

详情:http://www.tuicool.com/articles/AvmUz2b

1
2
3
4
5
6
7
8
9
10
11
12
Syntax: aio on | off | threads[=pool];
Default: aio off;
Context: http, server, location
This directive appeared in version 0.8.11.
Enables or disables the use of asynchronous file I/O (AIO) on FreeBSD and Linux:
location /video/ {
aio on;
output_buffers 1 64k;
}

2. directio size

在Linux主机启用O_DIRECT标记,此处意味文件大于等于给定的大小时使用,例如directio 4m;

1
2
3
4
5
6
7
8
9
10
11
12
13
14
Syntax: directio size | off;
Default:
directio off;
Context: http, server, location
This directive appeared in version 0.7.7.
Enables the use of the O_DIRECT flag (FreeBSD, Linux), the F_NOCACHE flag (macOS), or the directio() function (Solaris), when reading files that are larger than or equal to the specified size. The directive automatically disables (0.7.15) the use of sendfile for a given request. It can be useful for serving large files:
directio 4m;
or when using aio on Linux.

3. open_file_cache

open_file_cache max=N [inactive=time];

nginx可以缓存以下三种信息:

(1) 文件的描述符、文件大小和最近一次的修改时间;
(2) 打开的目录结构;
(3) 没有找到的或者没有权限访问的文件的相关信息;

max=N:可缓存的缓存项上限;达到上限后会使用LRU算法实现缓存管理;

inactive=time:缓存项的非活动时长,在此处指定的时长内未被命中的或命中的次数少于
open_file_cache_min_uses指令所指定的次数的缓存项即为非活动项;

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
Syntax: open_file_cache off;
open_file_cache max=N [inactive=time];
Default: open_file_cache off;
Context: http, server, location
Configures a cache that can store:
open file descriptors, their sizes and modification times;
information on existence of directories;
file lookup errors, such as “file not found”, “no read permission”, and so on.
Caching of errors should be enabled separately by the open_file_cache_errors directive.
The directive has the following parameters:
max
sets the maximum number of elements in the cache; on cache overflow the least recently used (LRU) elements are removed;
inactive
defines a time after which an element is removed from the cache if it has not been accessed during this time; by default, it is 60 seconds;
off
disables the cache.
Example:
open_file_cache max=1000 inactive=20s;
open_file_cache_valid 30s;
open_file_cache_min_uses 2;
open_file_cache_errors on;

4. open_file_cache_valid

缓存项有效性的检查频率;默认为60s;

1
2
3
4
5
Syntax: open_file_cache_valid time;
Default: open_file_cache_valid 60s;
Context: http, server, location
Sets a time after which open_file_cache elements should be validated.

5. open_file_cache_min_uses

在open_file_cache指令的inactive参数指定的时长内,至少应该被命中多少次方可被归类为活动项;

1
2
3
4
5
6
Syntax: open_file_cache_min_uses number;
Default: open_file_cache_min_uses 1;
Context: http, server, location
Sets the minimum number of file accesses during the period configured by the inactive parameter of the
open_file_cache directive, required for a file descriptor to remain open in the cache.

6. open_file_cache_errors

是否缓存查找时发生错误的文件一类的信息;

1
2
3
4
5
Syntax: open_file_cache_errors on | off;
Default: open_file_cache_errors off;
Context: http, server, location
Enables or disables caching of file lookup errors by open_file_cache.

<% if (theme.canvas_nest) { %> <% } %> s