Openresty 簡介
Openresty是一個基於NGINX和Lua的高性能Web平台,內部有大量的Lua庫和第三方模塊,能夠很方便的搭建處理高並發,擴展性高的Web平台和動態網關,充分利用 Nginx 的非阻塞 I/O 模型,不僅僅對 HTTP 客戶端請求,甚至於對遠程后端諸如 MySQL、PostgreSQL、Memcached 以及 Redis 等都進行一致的高性能響應。
Openresty 安裝
1. 依賴包安裝:
# yum install readline-devel pcre-devel openssl-devel
2. 在系統中添加openresty的倉庫:
# sudo yum install yum-utils
# sudo yum-config-manager --add-repo https://openresty.org/package/centos/openresty.repo
3. 開始安裝openresty
# sudo yum install openresty
# sudo yum install openresty-resty (注:這個是openresty的命令工具包)
4. 以上安裝完成后Openresty就安裝完成了,默認安裝目錄在/usr/local/openresty下
Openresty下nginx配置
- /usr/local/openresty/nginx/conf下nginx.conf文件配置:
創建NGINX用戶:
#groupadd nginx
#useradd -g nginx -s /sbin/nologin -M nginx
以下是配置文件內容:
###########################################
user nginx nginx; #啟動用戶
worker_processes 4; #nginx的進程數,建議和cpu核數一致
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
error_log logs/error.log warn; #全局LOG定義
pid logs/nginx.pid; # 進程文件ID
worker_rlimit_nofile 65535; #nginx進程打開的文件數
#工作模式與連接數配置
events {
use epoll; # epoll是高版本內核優化后的網絡I/O模型
worker_connections 65535; #單個進程最大連接數
multi_accept on; #打開快速接收新連接
}
#http服務設置
http {
include mime.types;#文件擴展名與類型映射表
default_type application/octet-stream;#默認文件類型
charset utf-8;#默認編碼
server_names_hash_bucket_size 128; #服務器名字的hash表大小
client_header_buffer_size 32k; #上傳文件大小限制
large_client_header_buffers 4 32k; #設定請求緩存數
client_max_body_size 32m; #設定請求緩存大小
#include proxy.conf;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
#resolver 8.8.8.8;
sendfile on; #開啟高效文件傳輸
tcp_nopush on; #防止網絡阻塞
tcp_nodelay on;
#keepalive_timeout 0;
keepalive_timeout 30; #長連接超時時間,默認單位秒
####解決跨域問題(我們服務中已有跨域功能所以我這里已全注釋)###########
#add_header Access-Control-Allow-Origin *;
#add_header Access-Control-Allow-Headers X-Requested-With,Content-Type,If-Modified-Since;
#add_header Access-Control-Allow-Methods GET,POST,OPTIONS;
#以下是FastCGI 的相關參數,主要作用減少資源占用優化網站性能提高訪問速度
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 64k;
- open_file_cache max=10240 inactive=20s;
- open_file_cache_min_uses 1;
- open_file_cache_valid 30s;
#gizp優化配置,加速傳速
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.0;
gzip_comp_level 2;
gzip_types text/plain application/x-javascript text/css application/xml;
gzip_vary on;
gzip_disable msie6;
lua_package_path "/usr/local/openresty/nginx/lua/?.lua;;"; #需要用到lua的項目腳本設用路徑
# 虛擬主機配置我這定義到了/usr/local/openresty/nginx/conf/vhosts目錄下
include vhosts/*.conf;
}
#####################################################################
- 虛擬主機文件的配置
以bizapi.xx.com的/usr/local/openresty/nginx/conf/vhosts /bizapi.conf反向代理配置為例:
以下是配置文件內容:
###########################################
server
{
listen 80;
server_name bizapi.xx.com;
location /api/BasicService/authBaseService/ { #要做反向代理轉發的路徑
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr; #獲取真實ip
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; #獲取代理者的真實ip
add_header X-Frame-Options SAMEORIGIN;
client_max_body_size 10m; #允許客戶端請求字節數
client_body_buffer_size 128k; #緩沖區代理請求最字節數
proxy_connect_timeout 90; #后端服務器超進間間
proxy_send_timeout 90; #后端服務器數據傳回時間
proxy_read_timeout 90; #后端服務器的響應時間
proxy_buffer_size 128k; #代理服務器保存的用戶頭信息緩沖區大小
proxy_buffers 2 256k; #緩沖區設置,網頁平均在256K以下設
proxy_busy_buffers_size 256k; #高並發下緩存大小
proxy_temp_file_write_size 256k; #設定文件大小限制
proxy_pass http://192.168.102.47:9002; #要轉發到的地址與端口配置
}
location /api/sas/recoManageService/ {
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr; #獲取真實ip
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; #獲取代理者的真實ip
add_header X-Frame-Options SAMEORIGIN;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 128k;
proxy_buffers 2 256k;
proxy_busy_buffers_size 256k;
proxy_temp_file_write_size 256k;
proxy_pass http://192.168.102.47:9031;
}
location /api/sas/paymManageService/ {
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr; #獲取真實ip
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; #獲取代理者的真實ip
add_header X-Frame-Options SAMEORIGIN;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 128k;
proxy_buffers 2 256k;
proxy_busy_buffers_size 256k;
proxy_temp_file_write_size 256k;
proxy_pass http://192.168.102.47:9032;
}
location /api/sas/invoManageService/ {
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr; #獲取真實ip
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; #獲取代理者的真實ip
add_header X-Frame-Options SAMEORIGIN;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 128k;
proxy_buffers 2 256k;
proxy_busy_buffers_size 256k;
proxy_temp_file_write_size 256k;
proxy_pass http://192.168.102.47:9033;
}
location /api/receiptPay/sapSyncManageService/ {
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr; #獲取真實ip
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; #獲取代理者的真實ip
add_header X-Frame-Options SAMEORIGIN;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 128k;
proxy_buffers 2 256k;
proxy_busy_buffers_size 256k;
proxy_temp_file_write_size 256k;
proxy_pass http://192.168.102.47:9036;
}
location /api/receiptPay/receiptManageService/ {
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr; #獲取真實ip
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; #獲取代理者的真實ip
add_header X-Frame-Options SAMEORIGIN;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 128k;
proxy_buffers 2 256k;
proxy_busy_buffers_size 256k;
proxy_temp_file_write_size 256k;
proxy_pass http://192.168.102.47:9034;
}
location /api/receiptPay/payManageService/ {
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr; #獲取真實ip
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; #獲取代理者的真實ip
add_header X-Frame-Options SAMEORIGIN;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 128k;
proxy_buffers 2 256k;
proxy_busy_buffers_size 256k;
proxy_temp_file_write_size 256k;
proxy_pass http://192.168.102.47:9035;
}
location /api/assignment/ {
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr; #獲取真實ip
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; #獲取代理者的真實ip
add_header X-Frame-Options SAMEORIGIN;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 128k;
proxy_buffers 2 256k;
proxy_busy_buffers_size 256k;
proxy_temp_file_write_size 256k;
proxy_pass http://139.224.147.71:9050;
}
#access_log logs/bizapi.log access;
}
###############################################################
- 啟動命令:
對配置文件進行更改后我們再啟動時先檢查配置文件的語法是否正確:
# openresty –t
返回以下情況說明配置沒問題:
啟動nginx:
# openresty -s reload
如果在啟動時出現以下報錯:
nginx: [error] invalid PID number "" in "/usr/local/openresty/nginx/logs/nginx.pid"
那我們就需要重新定義一下nginx.conf的指定
# /usr/local/openresty/nginx/sbin/nginx -c /usr/local/openresty/nginx/conf/nginx.conf
- 關於nginx的log切割:
對於nginx的處理,我這里是寫了一個shell腳本加上crontab做定時任務來實現的,相關腳本如下:
#############################################
#定義變量
LOGS_PATH=/usr/local/openresty/nginx/logs
YESTERDAY=$(date -d "yesterday" +%Y%m%d)
#按天切割日志
mv ${LOGS_PATH}/access.log ${LOGS_PATH}/access_${YESTERDAY}.log
mv ${LOGS_PATH}/error.log ${LOGS_PATH}/error_${YESTERDAY}.log
#向nginx主進程發送USR1信號,重新打開日志文件,否則會繼續往mv后的文件寫數據的。原因在於:linux系統中,內核是根據文件描述符來找文件的。如果不這樣操作導致日志切割失敗。
kill -USR1 `ps axu | grep "nginx: master process" | grep -v grep | awk '{print $2}'`
#刪除7天前的日志
cd ${LOGS_PATH}
find . -mtime +7 -name "*20[1-9][3-9]*" | xargs rm -f
#或者根據你定義的log名進行處理
#find . -mtime +7 -name "xx.com_*" | xargs rm -f
exit 0
##############################################
- 添加定時執行命令:
#nginx cut log
59 23 * * * sh /usr/local/openresty/nginx/cutlog.sh