规范优化Nginx配置文件:
----------------------------------------------------------------------------------------
Nginx的主配置文件为nginx.conf,主配置文件包含所有虚拟主机的子配置文件同一放到extra目录中。
虚拟主机的配置文件按照网站的域名或功能取名。
使用include包含到Nginx主配置文件。
优化后示例:
mkdir /application/nginx/extra     #创建虚拟主机配置文件目录
vim /application/nginx/conf/nginx.conf      #Nginx主配置文件
worker_processes  1;
events {
    worker_connections  1024;
}
http {
    include       mime.types;
    default_type  application/octet-stream;
    sendfile        on;
    keepalive_timeout  65;
    include ../extra/www.conf;             #包含虚拟主机配置文件
    include ../extra/bbs.conf;             #包含虚拟主机配置文件
    include ../extra/pan.conf;             #包含虚拟主机配置文件
}

vim /application/nginx/extra/www.conf      #虚拟主机配置文件
server {
        listen       192.168.30.3;
        server_name  www.smartbro.com;
        location / {
            root   html/www;
            index  index.html index.htm;
        }
}

vim /application/nginx/extra/bbs.conf      #虚拟主机配置文件
server {
        listen       192.168.20.3;
        server_name  bbs.smartbro.com;
        location / {
            root   html/bbs;
            index  index.html index.htm;
        }
}

vim /application/nginx/extra/pan.conf      #虚拟主机配置文件
server {
        listen       192.168.10.3;
        server_name  pan.smartbro.com;
        location / {
            root   html/pan;
            index  index.html index.htm;
        }
}

/application/nginx/sbin/nginx -t           #检查配置文件
nginx: the configuration file /application/nginx-1.13.4//conf/nginx.conf syntax is ok
nginx: configuration file /application/nginx-1.13.4//conf/nginx.conf test is successful
/application/nginx/sbin/nginx -s reload    #平滑重启Nginx
----------------------------------------------------------------------------------------
Nginx虚拟主机配置文件:
----------------------------------------------------------------------------------------
所谓虚拟主机别名,就是为虚拟主机设置除了主域名以外的一个或多个域名名字,这样就能实现用户访问的多个域名对应同一个主机。
vim /application/nginx/extra/www.conf
server {
        listen       192.168.30.3;
        server_name  www.smartbro.com smart.com;      #设置别名
        location / {
            root   html/www;
            index  index.html index.htm;
        }
}
----------------------------------------------------------------------------------------
Nginx状态信息功能实战:
----------------------------------------------------------------------------------------
Nginx 软件的功能模块有一个ngx_http_stub_status_module模块,这个模块的主要功能就是记录Nginx的基本访问状态信息的。
要是用该模块的功能必须编译安装增加http_stub_status_module模块。
/application/nginx/sbin/nginx -V      #查看编译安装的参数
nginx version: nginx/1.13.4
built by gcc 4.4.7 20120313 (Red Hat 4.4.7-16) (GCC)
built with OpenSSL 1.0.1e-fips 11 Feb 2013
TLS SNI support enabled
configure arguments: --user=nginx --group=nginx --prefix=/application/nginx-1.13.4/ --with-http_stub_status_module --with-http_ssl_module
配置Nginx status:
(1)生成状态配置,并增加状态配置参数:
vim /application/nginx/extra/status.conf     #创建新的配置文件
server {
    listen 192.168.10.3:8088;
    server_name status.smartbro.com;
    location / {
        stub_status on;                      #打开状态开关
        access_log  off;
    }
}
vim /application/nginx/conf/nginx.conf       #修改Nginx主配置文件
include ../extra/status.conf;                #将状态配置文件包含
/application/nginx/sbin/nginx -t             #检查配置文件
nginx: the configuration file /application/nginx-1.13.4//conf/nginx.conf syntax is ok
nginx: configuration file /application/nginx-1.13.4//conf/nginx.conf test is successful
/application/nginx/sbin/nginx                #启动Nginx
curl http://192.168.10.3:8088                #测试服务
Active connections: 1                        #表示Nginx正处理的活动连接数
server accepts handled requests              #表示到现在总共创建的握手次数
 2 2 2
Reading: 0 Writing: 1 Waiting: 0
#Reading是Nginx读取客户端的Header信息次数
#Writing是Nginx返回给客户端的Header信息次数
#Waiting是Nginx已经处理完正在等候下一次请求指令的驻留连接
#在开启Keepalived的情况下,Waiting的值等于active - (reading - writing)
----------------------------------------------------------------------------------------
Nginx错误日志:
----------------------------------------------------------------------------------------
属于核心模块(ngx_core_module)的参数,参数名是error_log,可以放到Main区块的全局配置,也可以放到不同的虚拟主机中。
语法格式:
error_log      file     level;
关键字         日志文件 等级
日志级别常见有:debug info notice warn error crit alert emerg
生产场景一般是:warn error crit
使用debug或info时会带来巨大的磁盘I/O消耗
error_log的默认配置是:
error_log logs/error.log error;
可以放置的标签段:
main http server location
配置Nginx错误日志:
vim /application/nginx/conf/nginx.conf
error_log logs/error.log error;
/application/nginx/sbin/nginx -t           #检查配置文件语法
nginx: the configuration file /application/nginx-1.13.4//conf/nginx.conf syntax is ok
nginx: configuration file /application/nginx-1.13.4//conf/nginx.conf test is successful
/application/nginx/sbin/nginx -s reload    #平滑重启Nginx
----------------------------------------------------------------------------------------
Nginx访问日志:
----------------------------------------------------------------------------------------
功能由ngx_http_log_module模块负责。
log_format:用来定义记录日志的格式
access_log:用来指定日志文件的路径和使用日志格式记录文件
默认的格式:
log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                  '$status $body_bytes_sent "$http_referer" '
                  '"$http_user_agent" "$http_x_forwarded_for"';
访问日志配置说明:
(1)日志格式的定义说明
log_format是关键字
main用来指定日志格式的标签
Nginx日志文件的变量说明:
+------------------------------------------------------------------------------------------------------+
|$remote_addr                  |记录访问网站的客户端地址                                                                     |
+------------------------------------------------------------------------------------------------------+
|$http_x_forwarded_for|当前端有代理服务器的时候,设置Web节点记录客户端得我配置,此参数生  |
|                                     |效的前提是代理服务器上也进行相关的x_forwarded_for设置                       |
+------------------------------------------------------------------------------------------------------+
|$remote_user                |远程客户端用户名称                                                                                  |
+------------------------------------------------------------------------------------------------------+
|$request                       |用户的HTTP请求起始行信息                                                                       |
+------------------------------------------------------------------------------------------------------+
|$status                         |HTTP状态码,记录请求返回的状态                                                             |
+------------------------------------------------------------------------------------------------------+
|$body_bytes_sent       |服务器发送给客户端的响应body字节数                                                       |
+------------------------------------------------------------------------------------------------------+
|$http_referer               |记录此次请求是从哪个链接访问过来的,可以根据referer进行防盗链设置     |
+------------------------------------------------------------------------------------------------------+
|$http_user_agent       |记录客户端访问信息                                                                                    |
+------------------------------------------------------------------------------------------------------+
在没有特殊情况的前提下,采用默认配置即可。
记录日志的access_log参数说明:
access_log path [format [buffer=size] [flush=time] [if=condition]];
access_log path format gzip=[level] [buffer=size] [flush=time] [if=condition];
access_log syslog:server=address [,parameter=value] [format [if=condition]];
buffer=size是存放访问日志的缓冲区大小
flush=time是讲缓冲区的日志刷新到磁盘的时间
gzip[=level]是压缩级别
[if=condition]表示其他条件
一般情况下,这些参数都无需配置,极端优化时才会考虑这些参数。
默认配置:
access_log logs/access.log combined;
放置位置:
http server  location  if in location  limit_eccept

访问日志配置实战:
vim /application/nginx/conf/nginx.conf    #修改主配置文件
worker_processes  1;
error_log logs/error.log error;
events {
    worker_connections  1024;
}
http {
    include       mime.types;
    default_type  application/octet-stream;
    sendfile        on;
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '     #使用默认的配置
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';
    keepalive_timeout  65;
    include ../extra/www.conf;
    include ../extra/bbs.conf;
    include ../extra/pan.conf;
    include ../extra/status.conf;
}
vim /application/nginx/extra/www.conf      #修改各个虚拟主机的配置文件
server {
        listen       192.168.30.3;
        server_name  www.smartbro.com smart.com;
        location / {
            root   html/www;
            index  index.html index.htm;
        }
        access_log logs/access_www.log main;     #开启日志,默认使用combined格式距离日志
}
vim /application/nginx/extra/pan.conf      #修改各个虚拟主机的配置文件
server {
        listen       192.168.10.3;
        server_name  pan.smartbro.com;
        location / {
            root   html/pan;
            index  index.html index.htm;
        }
        access_log logs/access_pan.log main;     #开启日志,默认使用combined格式距离日志
}
vim /application/nginx/extra/bbs.conf      #修改各个虚拟主机的配置文件
server {
        listen       192.168.20.3;
        server_name  bbs.smartbro.com;
        location / {
            root   html/bbs;
            index  index.html index.htm;
        }
        access_log logs/access_bbs.log main;     #开启日志,默认使用combined格式距离日志
}
/application/nginx/sbin/nginx -t          #检查配置文件语法
nginx: the configuration file /application/nginx-1.13.4//conf/nginx.conf syntax is ok
nginx: configuration file /application/nginx-1.13.4//conf/nginx.conf test is successful
/application/nginx/sbin/nginx -s reload   #平滑重启Nginx
使用谷歌浏览器访问,出现日志:
192.168.10.1 - - [10/Aug/2017:23:38:48 +0800] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3159.5 Safari/537.36" "-"
可以在记录日志参数中加入buffer和flush选项,这样可以在高并发场景下提升网站访问性能。
----------------------------------------------------------------------------------------
Nginx访问日志轮询切割:
----------------------------------------------------------------------------------------
默认情况Nginx会把所有的日志生成到一个指定的文件,时间一长日志的个头很大,不利于日志的分析。
使用脚本加上计划任务进行定时切割:
mkdir -p /server/scripts/      #创建专门存放系统脚本的目录
vim /server/scripts/cut_log_nginx.sh
#!/bin/bash
DateFormat=`date +%Y-%m-%d`
BaseDir="/application/nginx"
NginxDir="$BaseDir/logs/"
LogName="access_www"
[ -d $NginxDir ] && cd $NginxDir || exit 1
[ -f ${LogName}.log ] || exit 1
/bin/mv ${LogName}.log ${DateFormat}_${LogName}.log
$BaseDir/sbin/nginx -s reload
vim /var/spool/cron/root       #编辑计划任务文件
00 00 * * * /bin/bash /server/scrpits/cut_log_nginx.sh > /dev/null 2>&1
常见的日志分析工具有:
rsyslog    awstats    flume    ELK    storm




http://blog.51cto.com/xvjunjie/1955309