Openresty 简介
Openresty是一个基于NGINX和Lua的高性能Web平台,内部有大量的Lua库和第三方模块,能够很方便的搭建处理高并发,扩展性高的Web平台和动态网关,充分利用 Nginx 的非阻塞 I/O 模型,不仅仅对 HTTP 客户端请求,甚至于对远程后端诸如 MySQL、PostgreSQL、Memcached 以及 Redis 等都进行一致的高性能响应。
Openresty 安装
1. 依赖包安装:
# yum install readline-devel pcre-devel openssl-devel
2. 在系统中添加openresty的仓库:
# sudo yum install yum-utils
# sudo yum-config-manager --add-repo https://openresty.org/package/centos/openresty.repo
3. 开始安装openresty
# sudo yum install openresty
# sudo yum install openresty-resty (注:这个是openresty的命令工具包)
4. 以上安装完成后Openresty就安装完成了,默认安装目录在/usr/local/openresty下
Openresty下nginx配置
- /usr/local/openresty/nginx/conf下nginx.conf文件配置:
创建NGINX用户:
#groupadd nginx
#useradd -g nginx -s /sbin/nologin -M nginx
以下是配置文件内容:
###########################################
user nginx nginx; #启动用户
worker_processes 4; #nginx的进程数,建议和cpu核数一致
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
error_log logs/error.log warn; #全局LOG定义
pid logs/nginx.pid; # 进程文件ID
worker_rlimit_nofile 65535; #nginx进程打开的文件数
#工作模式与连接数配置
events {
use epoll; # epoll是高版本内核优化后的网络I/O模型
worker_connections 65535; #单个进程最大连接数
multi_accept on; #打开快速接收新连接
}
#http服务设置
http {
include mime.types;#文件扩展名与类型映射表
default_type application/octet-stream;#默认文件类型
charset utf-8;#默认编码
server_names_hash_bucket_size 128; #服务器名字的hash表大小
client_header_buffer_size 32k; #上传文件大小限制
large_client_header_buffers 4 32k; #设定请求缓存数
client_max_body_size 32m; #设定请求缓存大小
#include proxy.conf;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
#resolver 8.8.8.8;
sendfile on; #开启高效文件传输
tcp_nopush on; #防止网络阻塞
tcp_nodelay on;
#keepalive_timeout 0;
keepalive_timeout 30; #长连接超时时间,默认单位秒
####解决跨域问题(我们服务中已有跨域功能所以我这里已全注释)###########
#add_header Access-Control-Allow-Origin *;
#add_header Access-Control-Allow-Headers X-Requested-With,Content-Type,If-Modified-Since;
#add_header Access-Control-Allow-Methods GET,POST,OPTIONS;
#以下是FastCGI 的相关参数,主要作用减少资源占用优化网站性能提高访问速度
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 64k;
- open_file_cache max=10240 inactive=20s;
- open_file_cache_min_uses 1;
- open_file_cache_valid 30s;
#gizp优化配置,加速传速
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.0;
gzip_comp_level 2;
gzip_types text/plain application/x-javascript text/css application/xml;
gzip_vary on;
gzip_disable msie6;
lua_package_path "/usr/local/openresty/nginx/lua/?.lua;;"; #需要用到lua的项目脚本设用路径
# 虚拟主机配置我这定义到了/usr/local/openresty/nginx/conf/vhosts目录下
include vhosts/*.conf;
}
#####################################################################
- 虚拟主机文件的配置
以bizapi.xx.com的/usr/local/openresty/nginx/conf/vhosts /bizapi.conf反向代理配置为例:
以下是配置文件内容:
###########################################
server
{
listen 80;
server_name bizapi.xx.com;
location /api/BasicService/authBaseService/ { #要做反向代理转发的路径
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr; #获取真实ip
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; #获取代理者的真实ip
add_header X-Frame-Options SAMEORIGIN;
client_max_body_size 10m; #允许客户端请求字节数
client_body_buffer_size 128k; #缓冲区代理请求最字节数
proxy_connect_timeout 90; #后端服务器超进间间
proxy_send_timeout 90; #后端服务器数据传回时间
proxy_read_timeout 90; #后端服务器的响应时间
proxy_buffer_size 128k; #代理服务器保存的用户头信息缓冲区大小
proxy_buffers 2 256k; #缓冲区设置,网页平均在256K以下设
proxy_busy_buffers_size 256k; #高并发下缓存大小
proxy_temp_file_write_size 256k; #设定文件大小限制
proxy_pass http://192.168.102.47:9002; #要转发到的地址与端口配置
}
location /api/sas/recoManageService/ {
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr; #获取真实ip
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; #获取代理者的真实ip
add_header X-Frame-Options SAMEORIGIN;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 128k;
proxy_buffers 2 256k;
proxy_busy_buffers_size 256k;
proxy_temp_file_write_size 256k;
proxy_pass http://192.168.102.47:9031;
}
location /api/sas/paymManageService/ {
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr; #获取真实ip
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; #获取代理者的真实ip
add_header X-Frame-Options SAMEORIGIN;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 128k;
proxy_buffers 2 256k;
proxy_busy_buffers_size 256k;
proxy_temp_file_write_size 256k;
proxy_pass http://192.168.102.47:9032;
}
location /api/sas/invoManageService/ {
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr; #获取真实ip
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; #获取代理者的真实ip
add_header X-Frame-Options SAMEORIGIN;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 128k;
proxy_buffers 2 256k;
proxy_busy_buffers_size 256k;
proxy_temp_file_write_size 256k;
proxy_pass http://192.168.102.47:9033;
}
location /api/receiptPay/sapSyncManageService/ {
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr; #获取真实ip
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; #获取代理者的真实ip
add_header X-Frame-Options SAMEORIGIN;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 128k;
proxy_buffers 2 256k;
proxy_busy_buffers_size 256k;
proxy_temp_file_write_size 256k;
proxy_pass http://192.168.102.47:9036;
}
location /api/receiptPay/receiptManageService/ {
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr; #获取真实ip
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; #获取代理者的真实ip
add_header X-Frame-Options SAMEORIGIN;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 128k;
proxy_buffers 2 256k;
proxy_busy_buffers_size 256k;
proxy_temp_file_write_size 256k;
proxy_pass http://192.168.102.47:9034;
}
location /api/receiptPay/payManageService/ {
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr; #获取真实ip
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; #获取代理者的真实ip
add_header X-Frame-Options SAMEORIGIN;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 128k;
proxy_buffers 2 256k;
proxy_busy_buffers_size 256k;
proxy_temp_file_write_size 256k;
proxy_pass http://192.168.102.47:9035;
}
location /api/assignment/ {
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr; #获取真实ip
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; #获取代理者的真实ip
add_header X-Frame-Options SAMEORIGIN;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 128k;
proxy_buffers 2 256k;
proxy_busy_buffers_size 256k;
proxy_temp_file_write_size 256k;
proxy_pass http://139.224.147.71:9050;
}
#access_log logs/bizapi.log access;
}
###############################################################
- 启动命令:
对配置文件进行更改后我们再启动时先检查配置文件的语法是否正确:
# openresty –t
返回以下情况说明配置没问题:
启动nginx:
# openresty -s reload
如果在启动时出现以下报错:
nginx: [error] invalid PID number "" in "/usr/local/openresty/nginx/logs/nginx.pid"
那我们就需要重新定义一下nginx.conf的指定
# /usr/local/openresty/nginx/sbin/nginx -c /usr/local/openresty/nginx/conf/nginx.conf
- 关于nginx的log切割:
对于nginx的处理,我这里是写了一个shell脚本加上crontab做定时任务来实现的,相关脚本如下:
#############################################
#定义变量
LOGS_PATH=/usr/local/openresty/nginx/logs
YESTERDAY=$(date -d "yesterday" +%Y%m%d)
#按天切割日志
mv ${LOGS_PATH}/access.log ${LOGS_PATH}/access_${YESTERDAY}.log
mv ${LOGS_PATH}/error.log ${LOGS_PATH}/error_${YESTERDAY}.log
#向nginx主进程发送USR1信号,重新打开日志文件,否则会继续往mv后的文件写数据的。原因在于:linux系统中,内核是根据文件描述符来找文件的。如果不这样操作导致日志切割失败。
kill -USR1 `ps axu | grep "nginx: master process" | grep -v grep | awk '{print $2}'`
#删除7天前的日志
cd ${LOGS_PATH}
find . -mtime +7 -name "*20[1-9][3-9]*" | xargs rm -f
#或者根据你定义的log名进行处理
#find . -mtime +7 -name "xx.com_*" | xargs rm -f
exit 0
##############################################
- 添加定时执行命令:
#nginx cut log
59 23 * * * sh /usr/local/openresty/nginx/cutlog.sh