如何優化高流量站點的nginx和php-fpm的幾個方面

通信機制的選擇

nginx和php-fpm 是使用 tcp socket 還是 unix socket ？

合理的配置nginx處理請求數

#cat /proc/cpuinfo | grep processor #查看服務器cpu的處理器數量
# vi /etc/nginx/nginx.conf
worker_processes 16;  #修改爲處理器數量
events { 
  worker_connections 4096; # 單個woker進程最大連接併發數 
  multi_accept on;  #linux2.6+默認epoll，如果使用了更優秀的kqueue模型，則使用默認off。
}

配置nginx+php-fpm負載均衡

單機能力有限，比如要支持1000臺併發，生成兩個sock文件，讓每個php-fpm處理500臺。

# nginx.conf
upstream backend { 
  server unix:/dev/shm/php-fpm.sock1 weight=100 max_fails=5 fail_timeout=5; 
  server unix:/dev/shm/php-fpm.sock2 weight=100 max_fails=5 fail_timeout=5; 
}


# php-fpm.conf(同理，php7在的配置文件末行引入了pool.d的所有配置)
# www1.conf
listen = /dev/shm/php-fpm.sock1;
listen.backlog = -1  
listen.allowed_clients = 127.0.0.1

pm.max_children = 500
pm.max_requests = 5000

rlimit_files = 50000
request_slowlog_timeout = 20s
slowlog = /var/log/php-slow.log

# cp www1.conf www.conf2
listen = /dev/shm/php-fpm.sock2;

禁止訪問日誌文件

高流量站點涉及大量I/O，必須在線程間同步。

# nginx.conf
access_log off; 
log_not_found off; 
error_log /var/log/nginx-error.log warn;

如果不能關閉日誌訪問，至少設置緩衝

access_log /var/log/nginx/access.log main buffer=16k;

啓用GZip

# nginx.conf
gzip on; 
gzip_disable "msie6"; 
gzip_vary on; 
gzip_proxied any; 
gzip_comp_level 6; 
gzip_min_length 1100; 
gzip_buffers 16 8k; 
gzip_http_version 1.1; 
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;

緩存經常訪問的文件

# nginx.conf
open_file_cache max=2000 inactive=20s; 
open_file_cache_valid 60s; 
open_file_cache_min_uses 5; 
open_file_cache_errors off;

調整客戶端超時

# nginx.conf
client_max_body_size 50M; 
client_body_buffer_size 1m; 
client_body_timeout 15; 
client_header_timeout 15; 
keepalive_timeout 2 2; 
send_timeout 15; 
sendfile on; 
tcp_nopush on; 
tcp_nodelay on;

調整輸出緩衝區

# nginx.conf
fastcgi_buffers 256 16k; 
fastcgi_buffer_size 128k; 
fastcgi_connect_timeout 3s; 
fastcgi_send_timeout 120s; 
fastcgi_read_timeout 120s; 
fastcgi_busy_buffers_size 256k; 
fastcgi_temp_file_write_size 256k; 
reset_timedout_connection on; 
server_names_hash_bucket_size 100;

調整/etc/sysctl.conf

# Recycle Zombie connections 
net.inet.tcp.fast_finwait2_recycle=1 
net.inet.tcp.maxtcptw=200000 

# Increase number of files 
kern.maxfiles=65535 
kern.maxfilesperproc=16384 

# Increase page share factor per process 
vm.pmap.pv_entry_max=54272521 
vm.pmap.shpgperproc=20000 

# Increase number of connections 
vfs.vmiodirenable=1 
kern.ipc.somaxconn=3240000 
net.inet.tcp.rfc1323=1 
net.inet.tcp.delayed_ack=0 
net.inet.tcp.restrict_rst=1 
kern.ipc.maxsockbuf=2097152 
kern.ipc.shmmax=268435456 

# Host cache 
net.inet.tcp.hostcache.hashsize=4096 
net.inet.tcp.hostcache.cachelimit=131072 
net.inet.tcp.hostcache.bucketlimit=120 

# Increase number of ports 
net.inet.ip.portrange.first=2000 
net.inet.ip.portrange.last=100000 
net.inet.ip.portrange.hifirst=2000 
net.inet.ip.portrange.hilast=100000 
kern.ipc.semvmx=131068 

# Disable Ping-flood attacks 
net.inet.tcp.msl=2000 
net.inet.icmp.bmcastecho=1 
net.inet.icmp.icmplim=1 
net.inet.tcp.blackhole=2 
net.inet.udp.blackhole=1

Nginx狀態監控

Nginx中的stub_status模塊主要用於查看Nginx的一些狀態信息，默認不會編譯進Nginx，重新編譯安裝nginx stub_status模塊，

持續監視打開的連接數，可用內存和等待線程數。 設置警報以在閾值超過時通知您。您可以自己構建這些警報，或使用像ServerDensity。 請務必安裝NGINX stub_status模塊 你需要重新編譯NGINX -

./configure \
--prefix=/usr/local/nginx \
--with-http_stub_status_module \

make && make install

安裝完畢後在server塊中加入location

server{  
         location /nginx-status {  
             stub_status on;  
        }  
} 

重啓nginx後訪問www.x.com/nginx-status即可看到返回的信息

active connections – 活躍的連接數量
server accepts handled requests — 總共處理了11989個連接 , 成功創建11989次握手, 總共處理了11991個請求
reading — 讀取客戶端的連接數.
writing — 響應數據到客戶端的數量
waiting — 開啓 keep-alive 的情況下,這個值等於 active – (reading+writing), 意思就是 Nginx 已經處理完正在等候下一次請求指令的駐留連接.

參考
Nginx基本配置整理
Nginx Core functionality
Optimizing NGINX and PHP-fpm for high traffic sites
啓用nginx status狀態詳解