原创作品,允许转载,转载时请务必以超链接形式标明文章
原始出处 、作者信息和本声明。否则将追究法律责任。
http://dgd2010.blog.51cto.com/1539422/1684398
|
1
2
3
4
5
6
7
8
9
10
11
12
13
|
yum
install
jemalloc jemalloc-devel -y
groupadd -r www
useradd
-r -g www www -c
"Web user"
-d
/dev/null
-s
/sbin/nologin
wget -c http:
//nginx
.org
/download/nginx-1
.8.0.
tar
.gz
tar
zxf nginx-1.8.0.
tar
.gz
cd
nginx-1.8.0
.
/configure
--user=www --group=www --prefix=
/usr/local/nginx
--with-http_stub_status_module --with-http_ssl_module --with-http_spdy_module --with-http_gzip_static_module --with-ipv6 --with-http_sub_module --with-ld-opt=
'-ljemalloc'
make
make
install
/usr/local/nginx/sbin/nginx
-t
/usr/local/nginx/sbin/nginx
netstat
-ano |
grep
\:80
ln
-s
/usr/local/nginx/sbin/nginx
/usr/bin/nginx
|
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
|
apt-get
install
libjemalloc1 libjemalloc-dev
apt-get
install
libpcre3 libpcre3-dev
apt-get
install
openssl libssl1.0.0 libssl-dev
groupadd -r www
#www-data:x:33:
useradd
-r -g www www -c
"Web user"
-d
/dev/null
-s
/sbin/nologin
#www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin
wget -c http:
//nginx
.org
/download/nginx-1
.8.0.
tar
.gz
tar
zxf nginx-1.8.0.
tar
.gz
cd
nginx-1.8.0
.
/configure
--user=www --group=www --prefix=
/usr/local/nginx
--with-http_stub_status_module --with-http_ssl_module --with-http_spdy_module --with-http_gzip_static_module --with-ipv6 --with-http_sub_module --with-ld-opt=
'-ljemalloc'
make
make
install
/usr/local/nginx/sbin/nginx
-t
ln
-s
/usr/local/nginx/sbin/nginx
/usr/bin/nginx
ln
-s
/usr/local/nginx
/etc/nginx
|
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
|
wget http:
//nginx
.org
/download/nginx-1
.8.0.
tar
.gz
tar
zxf nginx-1.8.0.
tar
.gz
wget
ftp
:
//ftp
.csx.cam.ac.uk
/pub/software/programming/pcre/pcre2-10
.10.
tar
.gz
wget
ftp
:
//ftp
.csx.cam.ac.uk
/pub/software/programming/pcre/pcre-8
.37.
tar
.gz
mkdir
/usr/local/chrisdata
tar
zxf pcre2-10.10.
tar
.gz
tar
zxf pcre-8.37.
tar
.gz
cd
pcre-8.37
yum
install
gcc gcc-c++ -y
.
/configure
--prefix=
/usr/local/chrisdata/pcre
make
make
install
cd
..
cd
pcre2-10.10
.
/configure
--prefix=
/usr/local/chrisdata/pcre2
make
make
install
cd
..
wget http:
//www
.openssl.org
/source/openssl-1
.0.2a.
tar
.gz
tar
zxf openssl-1.0.2a.
tar
.gz
wget http:
//zlib
.net
/zlib-1
.2.8.
tar
.gz
tar
zxf zlib-1.2.8.
tar
.gz
cd
zlib-1.2.8
ls
.
/configure
--prefix=
/usr/local/chrisdata/zlib
make
make
install
cd
..
cd
nginx-1.8.0
.
/configure
--prefix=
/usr/local/chrisdata/nginx
--with-http_ssl_module --with-pcre=
/root/pcre-8
.37 --with-zlib=
/root/zlib-1
.2.8
.
/configure
--prefix=
/usr/local/chrisdata/nginx
--with-http_ssl_module --with-openssl=
/root/openssl-1
.0.2a --with-pcre=
/root/pcre-8
.37 --with-zlib=
/root/zlib-1
.2.8 --with-http_stub_status_module
.
/configure
--prefix=
/usr/local/chrisdata/nginx
--with-http_ssl_module --with-openssl=
/root/openssl-1
.0.2a --with-pcre=
/root/pcre-8
.37 --with-zlib=
/root/zlib-1
.2.8
make
make
install
/usr/local/chrisdata/nginx/sbin/nginx
-t
/usr/local/chrisdata/nginx/sbin/nginx
netstat
-ano |
grep
\:80
ln
-s
/usr/local/chrisdata/nginx/sbin/nginx
/usr/bin/nginx
mkdir
/usr/local/nginx/conf/vhost
|
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
|
user www www;
worker_processes auto;
error_log logs
/error
.log crit;
pid logs
/nginx
.pid;
events {
use epoll;
worker_connections 51200;
multi_accept on;
}
http {
include mime.types;
default_type application
/octet-stream
;
sendfile on;
keepalive_timeout 65;
tcp_nopush on;
tcp_nodelay on;
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 50m;
gzip
on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.1;
gzip_comp_level 2;
gzip_types text
/plain
application
/javascript
application
/x-javascript
text
/javascript
text
/css
application
/xml
application
/xml
+rss;
gzip_vary on;
gzip_proxied expired no-cache no-store private auth;
gzip_disable
"MSIE [1-6]\."
;
server_tokens off;
log_format access
'$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" $http_x_forwarded_for'
;
server {
listen 80;
server_name localhost;
location / {
root html;
index index.html index.htm;
}
error_page 500 502 503 504
/50x
.html;
location =
/50x
.html {
root html;
}
}
include vhost/*.conf;
}
|
|
1
2
3
4
5
6
|
log_format backendtest
'$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'$bytes_sent '
'$request_length $request_time '
'$upstream_response_time $upstream_status $upstream_response_length $upstream_header_time $upstream_addr '
'"$http_user_agent" $http_x_forwarded_for'
;
|
|
1
2
3
4
|
upstream backendtest {
server 192.168.1.102 weight=5;
#...
}
|
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
|
server {
listen 8080;
server_name localhost;
#location ~ {
location / {
proxy_connect_timeout 300s;
proxy_send_timeout 900;
proxy_read_timeout 900;
proxy_buffer_size 32k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_redirect off;
proxy_hide_header Vary;
proxy_set_header Accept-Encoding
''
;
proxy_set_header Host $host;
proxy_set_header Referer $http_referer;
proxy_set_header Cookie $http_cookie;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http:
//backendtest
;
}
access_log
/home/wwwlogs/vhost-8080-backendtest-access
.log backendtest;
location
/nginx_status
{
stub_status on;
access_log off;
}
}
|
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
|
# Kernel sysctl configuration file for Red Hat Linux
#
# For binary values, 0 is disabled, 1 is enabled. See sysctl(8) and
# sysctl.conf(5) for more details.
fs.
file
-max = 808127
kernel.core_uses_pid = 1
kernel.hung_task_timeout_secs = 0
kernel.msgmax = 65536
kernel.msgmnb = 65536
kernel.sem = 250 32000 100 128
kernel.shmall = 4294967296
kernel.shmmax = 536870912
kernel.shmmax = 68719476736
kernel.shmmni = 4096
kernel.sysrq = 0
net.core.netdev_max_backlog = 262144
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.somaxconn = 262144
net.core.wmem_default = 8388608
net.core.wmem_max = 16777216
net.ipv4.conf.default.accept_source_route = 0
net.ipv4.conf.default.rp_filter = 1
net.ipv4.ip_forward = 0
net.ipv4.ip_local_port_range = 1024 65535
net.ipv4.tcp_fin_timeout = 1
net.ipv4.tcp_keepalive_time = 1200
net.ipv4.tcp_max_orphans = 3276800
net.ipv4.tcp_max_syn_backlog = 262144
net.ipv4.tcp_max_tw_buckets = 6000
net.ipv4.tcp_mem = 94500000 915000000 927000000
net.ipv4.tcp_rmem = 4096 87380 4194304
net.ipv4.tcp_sack = 1
net.ipv4.tcp_synack_retries = 5
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_syn_retries = 5
net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_wmem = 4096 16384 4194304
|
|
1
2
3
4
|
vim
/etc/security/limits
.conf
* soft nofile 65535
* hard nofile 65535
|
