nginx单机1w并发优化
- 2019 年 10 月 3 日
- 笔记
目录
ab工具
整体优化思路
具体的优化思路
编写脚本完成并发优化配置
性能统计工具
tips
总结
ab工具
ab -c 10000 -n 200000 http://localhost/index.html
[root@study02 ~]# ab -c 10000 -n 100000 http://192.168.0.217/index.html This is ApacheBench, Version 2.3 <$Revision: 1430300 $> Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/ Licensed to The Apache Software Foundation, http://www.apache.org/ Benchmarking 192.168.0.217 (be patient) socket: Too many open files (24)整体优化思路
- 允许建立更多的socket连接
- 允许打开更多的文件
具体的优化思路
1、socket层面
- 系统层面
- 不做洪水抵御
- 最大连接数somaxconn
- 加快tcp连接回收 recyle
- 空的tcp连接是否允许回收利用reuse
- nginx
- 每个子进程允许打开的连接(work_connections)
- 加快http连接,快速关闭,keepalive_timeout 0
2、文件层面
- nginx层面
- 子进程允许打开的文件 worker_rlimit_nofile
- 系统层面
- ulimit -n 10000(设置一个比较大的值,允许打开文件数)
具体的配置操作
1、系统配置
查看系统允许打开的最大连接数
more /proc/sys/net/core/somaxconn echo 50000 > /proc/sys/net/core/somaxconn打开系统快速连接回收
cat /proc/sys/net/ipv4/tcp_tw_recycle echo 1 > /proc/sys/net/ipv4/tcp_tw_recycle打开空的tcp连接允许回收利用
cat /proc/sys/net/ipv4/tcp_tw_reuse echo 1 > /proc/sys/net/ipv4/tcp_tw_reuse不做洪水抵御
cat /proc/sys/net/ipv4/tcp_syncookies echo 0 > /proc/sys/net/ipv4/tcp_syncookies2、nginx配置
- http 1.0 client server 请求-应答-断开
- http 1.1 防止频繁的握手,nginx设置keepalive_timeout参数是一个请求完成之后还要保持连接多久减少tcp的连接次数,在高并发的网站中,keepalived是一个需要严重注意的选项,需要将其设置为0不做保持连接提高并发
worker_rlimit_nofile 10000; events { worker_connections 10000; } keepalive_timeout 0;编写脚本完成并发优化配置
echo 50000 > /proc/sys/net/core/somaxconn echo 1 > /proc/sys/net/ipv4/tcp_tw_recycle echo 1 > /proc/sys/net/ipv4/tcp_tw_reuse echo 0 > /proc/sys/net/ipv4/tcp_syncookies排除问题:
- 系统的dmesg观察
- nginx的error.log来观察
dmesg|tail
性能统计工具
安装统计模块http_stub_status_module,便于观察nginx的状态
- 1.进入之前nginx的安装包目录,查找是否有统计模块可以安装
删选出所有可以安装的包
root@STUDY3 nginx-1.14.2]# cat auto/options |grep YES HTTP=YES HTTP_CACHE=YES HTTP_CHARSET=YES HTTP_GZIP=YES HTTP_SSI=YES HTTP_ACCESS=YES HTTP_AUTH_BASIC=YES HTTP_MIRROR=YES HTTP_USERID=YES HTTP_AUTOINDEX=YES HTTP_GEO=YES HTTP_MAP=YES HTTP_SPLIT_CLIENTS=YES HTTP_REFERER=YES HTTP_REWRITE=YES HTTP_PROXY=YES HTTP_FASTCGI=YES HTTP_UWSGI=YES HTTP_SCGI=YES HTTP_GRPC=YES HTTP_MEMCACHED=YES HTTP_LIMIT_CONN=YES HTTP_LIMIT_REQ=YES HTTP_EMPTY_GIF=YES HTTP_BROWSER=YES HTTP_UPSTREAM_HASH=YES HTTP_UPSTREAM_IP_HASH=YES HTTP_UPSTREAM_LEAST_CONN=YES HTTP_UPSTREAM_KEEPALIVE=YES HTTP_UPSTREAM_ZONE=YES MAIL_POP3=YES MAIL_IMAP=YES MAIL_SMTP=YES STREAM_LIMIT_CONN=YES STREAM_ACCESS=YES STREAM_GEO=YES STREAM_MAP=YES STREAM_SPLIT_CLIENTS=YES STREAM_RETURN=YES STREAM_UPSTREAM_HASH=YES STREAM_UPSTREAM_LEAST_CONN=YES STREAM_UPSTREAM_ZONE=YES --with-select_module) EVENT_SELECT=YES ;; --with-poll_module) EVENT_POLL=YES ;; --with-threads) USE_THREADS=YES ;; --with-file-aio) NGX_FILE_AIO=YES ;; --with-http_ssl_module) HTTP_SSL=YES ;; --with-http_v2_module) HTTP_V2=YES ;; --with-http_realip_module) HTTP_REALIP=YES ;; --with-http_addition_module) HTTP_ADDITION=YES ;; --with-http_xslt_module) HTTP_XSLT=YES ;; --with-http_image_filter_module) HTTP_IMAGE_FILTER=YES ;; --with-http_geoip_module) HTTP_GEOIP=YES ;; --with-http_sub_module) HTTP_SUB=YES ;; --with-http_dav_module) HTTP_DAV=YES ;; --with-http_flv_module) HTTP_FLV=YES ;; --with-http_mp4_module) HTTP_MP4=YES ;; --with-http_gunzip_module) HTTP_GUNZIP=YES ;; --with-http_gzip_static_module) HTTP_GZIP_STATIC=YES ;; --with-http_auth_request_module) HTTP_AUTH_REQUEST=YES ;; --with-http_random_index_module) HTTP_RANDOM_INDEX=YES ;; --with-http_secure_link_module) HTTP_SECURE_LINK=YES ;; --with-http_degradation_module) HTTP_DEGRADATION=YES ;; --with-http_slice_module) HTTP_SLICE=YES ;; --with-http_perl_module) HTTP_PERL=YES ;; --with-http_stub_status_module) HTTP_STUB_STATUS=YES ;; --with-mail) MAIL=YES ;; --with-mail_ssl_module) MAIL_SSL=YES ;; MAIL=YES MAIL_SSL=YES --with-stream) STREAM=YES ;; --with-stream_ssl_module) STREAM_SSL=YES ;; --with-stream_realip_module) STREAM_REALIP=YES ;; --with-stream_geoip_module) STREAM_GEOIP=YES ;; STREAM_SSL_PREREAD=YES ;; --with-google_perftools_module) NGX_GOOGLE_PERFTOOLS=YES ;; --with-cpp_test_module) NGX_CPP_TEST=YES ;; --with-compat) NGX_COMPAT=YES ;; --with-debug) NGX_DEBUG=YES ;; --with-pcre) USE_PCRE=YES ;; --with-pcre-jit) PCRE_JIT=YES ;; --with-libatomic) NGX_LIBATOMIC=YES ;; --test-build-devpoll) NGX_TEST_BUILD_DEVPOLL=YES ;; --test-build-eventport) NGX_TEST_BUILD_EVENTPORT=YES ;; --test-build-epoll) NGX_TEST_BUILD_EPOLL=YES ;; --test-build-solaris-sendfilev) NGX_TEST_BUILD_SOLARIS_SENDFILEV=YES ;;查看是否有http_stub_status_module模块
[root@STUDY3 nginx-1.14.2]# cat auto/options |grep YES|grep 'http_stub_status_module' --with-http_stub_status_module) HTTP_STUB_STATUS=YES ;; make && make install- 2.安装nginx的性能统计工具
./configure --prefix=/usr/local/nginx/ --with-http_stub_status_module- 3.查看模块是否安装成功
[root@STUDY3 nginx-1.14.2]# /usr/local/nginx/sbin/nginx -V nginx version: nginx/1.14.2 built by gcc 4.8.5 20150623 (Red Hat 4.8.5-36) (GCC) configure arguments: --prefix=/usr/local/nginx/ --with-http_stub_status_module说明模块已经安装成功了
- 4.在nginx的server配置项里面加入如下配置开启性能统计工具
location /nginx_status { stub_status on; access_log off; allow 127.0.0.1; }- 5.查看,刷新访问页面http://192.168.0.217/nginx_status查看状态
Active connections: 2020 server accepts handled requests 897553 897553 442986 Reading: 0 Writing: 1 Waiting: 2019 - 6.ab测试
[root@study02 ~]# ab -c 10000 -n 200000 http://192.168.0.217/index.html This is ApacheBench, Version 2.3 <$Revision: 1430300 $> Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/ Licensed to The Apache Software Foundation, http://www.apache.org/ Benchmarking 192.168.0.217 (be patient) Completed 20000 requests Completed 40000 requests Completed 60000 requests Completed 80000 requests Completed 100000 requests Completed 120000 requests Completed 140000 requests Completed 160000 requests Completed 180000 requests Completed 200000 requests Finished 200000 requests Server Software: nginx/1.14.2 Server Hostname: 192.168.0.217 Server Port: 80 Document Path: /index.html Document Length: 612 bytes Concurrency Level: 10000 Time taken for tests: 13.268 seconds Complete requests: 200000 Failed requests: 345710 (Connect: 0, Receive: 0, Length: 174517, Exceptions: 171193) Write errors: 0 Non-2xx responses: 21 Total transferred: 24276700 bytes HTML transferred: 17581305 bytes Requests per second: 15074.19 [#/sec] (mean) Time per request: 663.386 [ms] (mean) Time per request: 0.066 [ms] (mean, across all concurrent requests) Transfer rate: 1786.87 [Kbytes/sec] received Connection Times (ms) min mean[+/-sd] median max Connect: 0 322 85.2 324 1238 Processing: 69 322 108.4 315 692 Waiting: 0 38 103.0 0 503 Total: 373 643 97.8 625 1651 Percentage of the requests served within a certain time (ms) 50% 625 66% 640 75% 643 80% 646 90% 739 95% 883 98% 976 99% 1015 100% 1651 (longest request)tips
- 测试机器也需要配置ulimit -n 一个较大的数字
- 测试机器需要配置echo 50000 > /proc/sys/net/core/somaxconn
总结
在做服务器部署的时候,首先必须要了解服务器的配置和服务器所能够处理的极限,最先测试的时候可以先从nginx的只跑html静态页面测试开始,不连数据库不做缓存,不做逻辑处理,不做cdn来测试nginx的最大能力。大家知道如果加入php,连接了数据库,做了数据库缓存做了图片cdn并发会有有影响,那之后的事情也是一样逐个调试压榨服务器的最大性能,有针对性的优化才是正确的。
