没有缓存的Nginx高流量静态文件服务器

时间:2018-07-24 15:31:17

标签: nginx high-traffic

我有一个NGINX服务器,它通过http提供1个文件。 该文件将作为高流量网站中的Ajax请求加载。

类似这样的事情: http://req.site.com/ajax.json?rev=123

我将其与包含datetime的修订版一起使用,因此它总是新鲜的(不被缓存)。因为此文件的内容每5秒更改一次。

当我们有大约5千个在线时,这很好。但是一旦用户增长到12k或更高,它就会变得发疯...

  • 正在加载Ajax卡住或根本不加载
  • 服务器的FTP和SFTP将被完全禁用

问题:

问题是我该如何更改配置文件以实现更多在线连接以供该文件使用。

配置:

ajax.site.org.nginx.conf:

server {
listen      xyz:80;
server_name ajax.site.org www.ajax.site.org;
root        /home/platform/web/ajax.site.org/public_html;
index       index.php index.html index.htm;
access_log  /var/log/nginx/domains/ajax.site.org.log combined;
access_log  /var/log/nginx/domains/ajax.site.org.bytes bytes;
error_log off;

location / {

    add_header Access-Control-Allow-Origin *;

    log_not_found       off;
    server_tokens       off;
    autoindex           off;
    sendfile            on;
    sendfile_max_chunk  1m;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    add_header          Cache-Control public;
    expires             max;
    #fastcgi_hide_header Set-Cookie;

    gzip                off;
}

error_page  403 /error/404.html;
error_page  404 /error/404.html;
error_page  500 502 503 504 /error/50x.html;

location /error/ {
    alias   /home/platform/web/ajax.site.org/document_errors/;
}

location ~* "/\.(htaccess|htpasswd)$" {
    deny    all;
    return  404;
}
}

/etc/nginx/nginx.conf:

# Server globals
user                    nginx;
worker_processes        auto;
worker_rlimit_nofile    65535;
error_log               /var/log/nginx/error.log crit;
pid                     /var/run/nginx.pid;


# Worker config
events {
    worker_connections  65536;
    use                 epoll;
    multi_accept        on;
}


http {
# Main settings
sendfile                        on;
tcp_nopush                      on;
tcp_nodelay                     on;
client_header_timeout           1m;
client_body_timeout             1m;
client_header_buffer_size       2k;
client_body_buffer_size         256k;
client_max_body_size            256m;
large_client_header_buffers     4   8k;
send_timeout                    30;
keepalive_timeout               60 60;
reset_timedout_connection       on;
server_tokens                   off;
server_name_in_redirect         off;
server_names_hash_max_size      512;
server_names_hash_bucket_size   512;


# Log format
log_format  main    '$remote_addr - $remote_user [$time_local] $request '
            '"$status" $body_bytes_sent "$http_referer" '
            '"$http_user_agent" "$http_x_forwarded_for"';
log_format  bytes   '$body_bytes_sent';
#access_log          /var/log/nginx/access.log main;
access_log off;


# Mime settings
include             /etc/nginx/mime.types;
default_type        application/octet-stream;


# Compression
gzip                off;



# Proxy settings
proxy_redirect      off;
proxy_set_header    Host            $host;
proxy_set_header    X-Real-IP       $remote_addr;
proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass_header   Set-Cookie;
proxy_connect_timeout   90;
proxy_send_timeout  90;
proxy_read_timeout  90;
proxy_buffers       32 4k;


# Cloudflare https://www.cloudflare.com/ips
set_real_ip_from   103.21.244.0/22;
set_real_ip_from   103.22.200.0/22;
set_real_ip_from   103.31.4.0/22;
set_real_ip_from   104.16.0.0/12;
set_real_ip_from   108.162.192.0/18;
set_real_ip_from   131.0.72.0/22;
set_real_ip_from   141.101.64.0/18;
set_real_ip_from   162.158.0.0/15;
set_real_ip_from   172.64.0.0/13;
set_real_ip_from   173.245.48.0/20;
set_real_ip_from   188.114.96.0/20;
set_real_ip_from   190.93.240.0/20;
set_real_ip_from   197.234.240.0/22;
set_real_ip_from   198.41.128.0/17;
#set_real_ip_from   2400:cb00::/32;
#set_real_ip_from   2606:4700::/32;
#set_real_ip_from   2803:f800::/32;
#set_real_ip_from   2405:b500::/32;
#set_real_ip_from   2405:8100::/32;
#set_real_ip_from   2c0f:f248::/32;
#set_real_ip_from   2a06:98c0::/29;
real_ip_header     CF-Connecting-IP;


# SSL PCI Compliance
ssl_session_cache   shared:SSL:10m;
ssl_protocols       TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers        "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";


# Error pages
error_page          403          /error/403.html;
error_page          404          /error/404.html;
error_page          502 503 504  /error/50x.html;


# Cache settings
proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=1024m;
proxy_cache_key "$host$request_uri $cookie_user";
proxy_temp_path  /var/cache/nginx/temp;
proxy_ignore_headers Expires Cache-Control;
proxy_cache_use_stale error timeout invalid_header http_502;
proxy_cache_valid any 1d;


# Cache bypass
map $http_cookie $no_cache {
    default 0;
    ~SESS 1;
    ~wordpress_logged_in 1;
}


# File cache settings
# cache informations about FDs, frequently accessed files
# can boost performance, but you need to test those values
#open_file_cache max=1000000 inactive=5s; 
#open_file_cache_valid 5s; 
#open_file_cache_min_uses 1;
#open_file_cache_errors off;
#open_file_cache off;


# Wildcard include
include             /etc/nginx/conf.d/*.conf;
}

谢谢。

0 个答案:

没有答案
相关问题
最新问题