这是我的网站的nginx conf文件:
server {
listen 80;
listen [::]:80;
server_name domain.com;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_intercept_errors on;
location / {
proxy_pass http://127.0.0.1:10000;
}
}
在高负载性能测试(1200 RPS)下使用nginx时,我得到50%的错误率并且它返回502.我在nodejs中的应用程序中没有错误日志,因为它被nginx立即拒绝。 / p>
如果我修改iptables以将端口80重定向到10000(应用程序端口),我会得到零错误;并且表现要好得多。
我想避免这种情况,因为将来我会使用let的加密和nginx来提供https;但我需要保持原始性能。
我已经尝试过寻找答案并看到了一些用于PHP但没有用于节点。
有没有人遇到过这个或者想知道如何微调nginx? nginx.conf现在设置为默认安装。
nginx.conf
user www-data;
worker_processes auto;
pid /run/nginx.pid;
events {
worker_connections 768;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
#mail {
# # See sample authentication script at:
# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
#
# # auth_http localhost/auth.php;
# # pop3_capabilities "TOP" "USER";
# # imap_capabilities "IMAP4rev1" "UIDPLUS";
#
# server {
# listen localhost:110;
# protocol pop3;
# proxy on;
# }
#
# server {
# listen localhost:143;
# protocol imap;
# proxy on;
# }
#}
更新:
除了遵循本指南(https://www.linode.com/docs/websites/nginx/configure-nginx-for-optimized-performance)之外,我还必须:
编辑sysctl.conf并添加以下内容:
sysctl net.core.somaxconn=65536
sysctl net.ipv4.tcp_max_tw_buckets=1440000
sysctl net.ipv4.ip_local_port_range=1024 65000
sysctl net.ipv4.tcp_fin_timeout=15
sysctl net.ipv4.tcp_window_scaling=1
sysctl net.ipv4.tcp_max_syn_backlog=3240000
编辑/etc/security/limits.conf并添加:
www-data hard nofile 65536
www-data soft nofile 65536
编辑lib / systemd / system / nginx.service配置并在KillMode下添加以下内容
LimitNOFILE=65536
对于性能,我将/ etc / nginx / proxy_params替换为:
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_cache_bypass $http_upgrade;
proxy_intercept_errors on;
proxy_redirect off;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 4k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
proxy_temp_path /etc/nginx/proxy_temp;
答案 0 :(得分:0)
以供将来参考。
通过access_log off
关闭访问日志以进行生产。
这几乎不会提高性能。