Nginx 0.7.x + PHP 5.2.6(FastCGI)搭建胜过Apache十倍的Web服务器(第4版)
25 09月 2008
288 views
No Comment
前言:本文是我撰写的关于搭建“Nginx + PHP(FastCGI)”Web服务器的第4篇文章。本系列文章作为国内最早详细介绍 Nginx + PHP 安装、配置、使用的资料之一,为推动 Nginx 在国内的发展产生了积极的作用。这是一篇关于Nginx 0.7.x系列版本的文章,安装、配置方式与第3篇文章相差不大,但配置参数有不同。Nginx 0.7.x系列版本虽然为开发版,但在很多大型网站的生产环境中已经使用。
链接:《2007年9月的第1版》、《2007年12月的第2版》、《2008年6月的第3版》
Nginx ("engine x") 是一个高性能的 HTTP 和反向代理服务器,也是一个 IMAP/POP3/SMTP 代理服务器。 Nginx 是由 Igor Sysoev 为俄罗斯访问量第二的 Rambler.ru 站点开发的,它已经在该站点运行超过两年半了。Igor 将源代码以类BSD许可证的形式发布。
Nginx 超越 Apache 的高性能和稳定性,使得国内使用 Nginx 作为 Web 服务器的网站也越来越多,其中包括新浪博客、新浪播客、网易新闻等门户网站频道,六间房、56.com等视频分享网站,Discuz!官方论坛、水木社区等知名论坛,豆瓣、YUPOO相册、海内SNS、迅雷在线等新兴Web 2.0网站。
在高并发连接的情况下,Nginx是Apache服务器不错的替代品。Nginx同时也可以作为7层负载均衡服务器来使用。根据我的测试结果,Nginx 0.7.14 + PHP 5.2.6 (FastCGI) 可以承受3万以上的并发连接数,相当于同等环境下Apache的10倍。
根据我的经验,4GB内存的服务器+Apache(prefork模式)一般只能处理3000个并发连接,因为它们将占用3GB以上的内存,还得为系统预留1GB的内存。我曾经就有两台Apache服务器,因为在配置文件中设置的MaxClients为4000,当Apache并发连接数达到3800时,导致服务器内存和Swap空间用满而崩溃。
而这台 Nginx 0.7.14 + PHP 5.2.6 (FastCGI) 服务器在3万并发连接下,开启的10个Nginx进程消耗150M内存(15M*10=150M),开启的64个php-cgi进程消耗1280M内存(20M*64=1280M),加上系统自身消耗的内存,总共消耗不到2GB内存。如果服务器内存较小,完全可以只开启25个php-cgi进程,这样php-cgi消耗的总内存数才500M。
在3万并发连接下,访问Nginx 0.7.14 + PHP 5.2.6 (FastCGI) 服务器的PHP程序,仍然速度飞快。下图为Nginx的状态监控页面,显示的活动连接数为28457(关于Nginx的监控页配置,会在本文接下来所给出的Nginx配置文件中写明):
我生产环境下的两台Nginx + PHP5(FastCGI)服务器,跑多个一般复杂的纯PHP动态程序,单台Nginx + PHP5(FastCGI)服务器跑PHP动态程序的处理能力已经超过“700次请求/秒”,相当于每天可以承受6000万(700*60*60*24=60480000)的访问量(更多信息见此),而服务器的系统负载也不高:
安装步骤:
(系统要求:Linux 2.6+ 内核,本文中的Linux操作系统为CentOS 5.1,另在RedHat AS4上也安装成功)
一、获取相关开源程序:
1、利用CentOS Linux系统自带的yum命令安装、升级所需的程序库(RedHat等其他Linux发行版可从安装光盘中找到这些程序库的RPM包,进行安装):
sudo -s
LANG=C
yum -y install gcc gcc-c++ autoconf libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2 glib2-devel bzip2 bzip2-devel ncurses ncurses-devel curl curl-devel
2、RedHat等其他Linux发行版可从安装光盘中找到这些程序库的RPM包(事先可通过类似“rpm -qa | grep libjpeg”的命令查看所需的RPM包是否存在,通常是“xxx-devel”不存在,需要安装)。RedHat可以直接利用CentOS的RPM包安装,以下是RPM包下载网址:
①、RedHat AS4 & CentOS 4
http://mirror.be10.com/centos/4/os/i386/CentOS/RPMS/
http://mirror.be10.com/centos/4/os/x86_64/CentOS/RPMS/
②、RedHat AS5 & CentOS 5
http://mirror.be10.com/centos/5/os/i386/CentOS/
http://mirror.be10.com/centos/5/os/x86_64/CentOS/
③、RPM包搜索网站
http://rpm.pbone.net/
http://www.rpmfind.net/
3、下载程序源码包:
本文中提到的所有开源软件为截止到2008年8月28日的最新稳定版。
mkdir -p /data0/software
cd /data0/software
wget http://sysoev.ru/nginx/nginx-0.7.14.tar.gz
wget http://www.php.net/get/php-5.2.6.tar.gz/from/this/mirror
wget http://php-fpm.anight.org/downloads/head/php-5.2.6-fpm-0.5.8.diff.gz
#wget http://dev.mysql.com/get/Downloads/MySQL-5.1/mysql-5.1.26-rc.tar.gz/from/http://mirror.x10.com/mirror/mysql/
wget http://blog.s135.com/soft/linux/mysql/mysql-5.1.26-rc.tar.gz
wget http://ftp.gnu.org/pub/gnu/libiconv/libiconv-1.12.tar.gz
#wget "http://downloads.sourceforge.net/mcrypt/libmcrypt-2.5.8.tar.gz?modtime=1171868460&big_mirror=0"
wget http://mirror.optus.net/sourceforge/m/mc/mcrypt/libmcrypt-2.5.8.tar.gz
#wget "http://downloads.sourceforge.net/mcrypt/mcrypt-2.6.7.tar.gz?modtime=1194463373&big_mirror=0"
wget http://mirror.optus.net/sourceforge/m/mc/mcrypt/mcrypt-2.6.7.tar.gz
wget http://pecl.php.net/get/memcache-2.2.3.tgz
#wget "http://downloads.sourceforge.net/mhash/mhash-0.9.9.tar.gz?modtime=1175740843&big_mirror=0"
wget http://mirror.optus.net/sourceforge/m/mh/mhash/mhash-0.9.9.tar.gz
wget ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-7.7.tar.gz
wget http://bart.eaccelerator.net/source/0.9.5.3/eaccelerator-0.9.5.3.tar.bz2
二、安装PHP 5.2.6(FastCGI模式)
1、编译安装PHP 5.2.6所需的支持库:
tar zxvf libiconv-1.12.tar.gz
cd libiconv-1.12/
./configure --prefix=/usr/local
make
make install
cd ../tar zxvf libmcrypt-2.5.8.tar.gz
cd libmcrypt-2.5.8/
./configure
make
make install
/sbin/ldconfig
cd libltdl/
./configure --enable-ltdl-install
make
make install
cd ../../tar zxvf mhash-0.9.9.tar.gz
cd mhash-0.9.9/
./configure
make
make install
cd ../cp /usr/local/lib/libmcrypt.* /usr/lib
ln -s /usr/local/lib/libmhash.so.2 /usr/lib/libmhash.so.2tar zxvf mcrypt-2.6.7.tar.gz
cd mcrypt-2.6.7/
./configure
make
make install
cd ../
2、编译安装MySQL 5.1.26-rc
/usr/sbin/groupadd mysql
/usr/sbin/useradd -g mysql mysql
tar zxvf mysql-5.1.26-rc.tar.gz
cd mysql-5.1.26-rc/
./configure --prefix=/usr/local/webserver/mysql/ --enable-assembler --with-extra-charsets=complex --enable-thread-safe-client --with-big-tables --with-readline --with-ssl --with-embedded-server --enable-local-infile
make && make install
chmod +w /usr/local/webserver/mysql
chown -R mysql:mysql /usr/local/webserver/mysql
cp support-files/my-medium.cnf /usr/local/webserver/mysql/my.cnf
cd ../
附:以下为附加步骤,如果你想在这台服务器上运行MySQL数据库,则执行以下两步。如果你只是希望让PHP支持MySQL扩展库,能够连接其他服务器上的MySQL数据库,那么,以下两步无需执行。
①、以mysql用户帐号的身份建立数据表:
/usr/local/webserver/mysql/bin/mysql_install_db --defaults-file=/usr/local/webserver/mysql/my.cnf --basedir=/usr/local/webserver/mysql --datadir=/usr/local/webserver/mysql/data --user=mysql --pid-file=/usr/local/webserver/mysql/mysql.pid --skip-locking --port=3306 --socket=/tmp/mysql.sock
②、启动MySQL(最后的&表示在后台运行)
/bin/sh /usr/local/webserver/mysql/bin/mysqld_safe --defaults-file=/usr/local/webserver/mysql/my.cnf &
3、编译安装PHP(FastCGI模式)
tar zxvf php-5.2.6.tar.gz
gzip -cd php-5.2.6-fpm-0.5.8.diff.gz | patch -d php-5.2.6 -p1
cd php-5.2.6/
./configure --prefix=/usr/local/webserver/php --with-config-file-path=/usr/local/webserver/php/etc --with-mysql=/usr/local/webserver/mysql --with-mysqli=/usr/local/webserver/mysql/bin/mysql_config --with-iconv-dir=/usr/local --with-freetype-dir --with-jpeg-dir --with-png-dir --with-zlib --with-libxml-dir=/usr --enable-xml --disable-rpath --enable-discard-path --enable-safe-mode --enable-bcmath --enable-shmop --enable-sysvsem --enable-inline-optimization --with-curl --with-curlwrappers --enable-mbregex --enable-fastcgi --enable-fpm --enable-force-cgi-redirect --enable-mbstring --with-mcrypt --with-gd --enable-gd-native-ttf --with-openssl
sed -i 's#-lz -lm -lxml2 -lz -lm -lxml2 -lz -lm -lcrypt#& -liconv#' Makefile
make
make install
cp php.ini-dist /usr/local/webserver/php/etc/php.ini
cd ../
4、编译安装PHP5扩展模块
tar zxvf memcache-2.2.3.tgz
cd memcache-2.2.3/
/usr/local/webserver/php/bin/phpize
./configure --with-php-config=/usr/local/webserver/php/bin/php-config
make
make install
cd ../tar jxvf eaccelerator-0.9.5.3.tar.bz2
cd eaccelerator-0.9.5.3/
/usr/local/webserver/php/bin/phpize
./configure --enable-eaccelerator=shared --with-php-config=/usr/local/webserver/php/bin/php-config
make
make install
cd ../
5、修改php.ini文件
手工修改:查找/usr/local/webserver/php/etc/php.ini中的extension_dir = "./"
修改为extension_dir = "/usr/local/webserver/php/lib/php/extensions/no-debug-non-zts-20060613/"
并在此行后增加以下几行,然后保存:
extension = "memcache.so"
再查找output_buffering = Off
修改为output_buffering = On
自动修改:若嫌手工修改麻烦,可执行以下shell命令,自动完成对php.ini文件的修改:
sed -i 's#extension_dir = "./"#extension_dir = "/usr/local/webserver/php/lib/php/extensions/no-debug-non-zts-20060613/"\nextension = "memcache.so"\n#' /usr/local/webserver/php/etc/php.ini
sed -i 's#output_buffering = Off#output_buffering = On#' /usr/local/webserver/php/etc/php.ini
6、配置eAccelerator加速PHP:
mkdir -p /usr/local/webserver/eaccelerator_cache
vi /usr/local/webserver/php/etc/php.ini
按shift+g键跳到配置文件的最末尾,加上以下配置信息:
[eaccelerator]
zend_extension="/usr/local/webserver/php/lib/php/extensions/no-debug-non-zts-20060613/eaccelerator.so"
eaccelerator.shm_size="128"
eaccelerator.cache_dir="/usr/local/webserver/eaccelerator_cache"
eaccelerator.enable="1"
eaccelerator.optimizer="1"
eaccelerator.check_mtime="1"
eaccelerator.debug="0"
eaccelerator.filter=""
eaccelerator.shm_max="0"
eaccelerator.shm_ttl="300"
eaccelerator.shm_prune_period="120"
eaccelerator.shm_only="0"
eaccelerator.compress="1"
eaccelerator.compress_level="9"
修改配置文件:
vi /etc/sysctl.conf
输入以下内容:
然后执行以下命令使配置生效:
/sbin/sysctl -p
7、创建www用户和组,以及供blog.s135.com和www.s135.com两个虚拟主机使用的目录:
/usr/sbin/groupadd www -g 48
/usr/sbin/useradd -u 48 -g www www
mkdir -p /data0/htdocs/blog
chmod +w /data0/htdocs/blog
chown -R www:www /data0/htdocs/blog
mkdir -p /data0/htdocs/www
chmod +w /data0/htdocs/www
chown -R www:www /data0/htdocs/www
8、创建php-fpm配置文件(php-fpm是为PHP打的一个FastCGI管理补丁,可以平滑变更php.ini配置而无需重启php-cgi):
在/usr/local/webserver/php/etc/目录中创建php-fpm.conf文件:
rm -f /usr/local/webserver/php/etc/php-fpm.conf
vi /usr/local/webserver/php/etc/php-fpm.conf
输入以下内容(如果您安装 Nginx + PHP 用于程序调试,请将以下的<value name="display_errors">0</value>改为<value name="display_errors">1</value>,以便显示PHP错误信息,否则,Nginx 会报状态为500的空白错误页):
<?xml version="1.0" ?>
<configuration>All relative paths in this config are relative to php's install prefix
<section name="global_options">
Pid file
<value name="pid_file">/usr/local/webserver/php/logs/php-fpm.pid</value>Error log file
<value name="error_log">/usr/local/webserver/php/logs/php-fpm.log</value>Log level
<value name="log_level">notice</value>When this amount of php processes exited with SIGSEGV or SIGBUS ...
<value name="emergency_restart_threshold">10</value>... in a less than this interval of time, a graceful restart will be initiated.
Useful to work around accidental curruptions in accelerator's shared memory.
<value name="emergency_restart_interval">1m</value>Time limit on waiting child's reaction on signals from master
<value name="process_control_timeout">5s</value>Set to 'no' to debug fpm
<value name="daemonize">yes</value></section>
<workers>
<section name="pool">
Name of pool. Used in logs and stats.
<value name="name">default</value>Address to accept fastcgi requests on.
Valid syntax is 'ip.ad.re.ss:port' or just 'port' or '/path/to/unix/socket'
<value name="listen_address">127.0.0.1:9000</value><value name="listen_options">
Set listen(2) backlog
<value name="backlog">-1</value>Set permissions for unix socket, if one used.
In Linux read/write permissions must be set in order to allow connections from web server.
Many BSD-derrived systems allow connections regardless of permissions.
<value name="owner"></value>
<value name="group"></value>
<value name="mode">0666</value>
</value>Additional php.ini defines, specific to this pool of workers.
<value name="php_defines">
<value name="sendmail_path">/usr/sbin/sendmail -t -i</value>
<value name="display_errors">0</value>
</value>Unix user of processes
<value name="user">www</value>Unix group of processes
<value name="group">www</value>Process manager settings
<value name="pm">Sets style of controling worker process count.
Valid values are 'static' and 'apache-like'
<value name="style">static</value>Sets the limit on the number of simultaneous requests that will be served.
Equivalent to Apache MaxClients directive.
Equivalent to PHP_FCGI_CHILDREN environment in original php.fcgi
Used with any pm_style.
<value name="max_children">200</value>Settings group for 'apache-like' pm style
<value name="apache_like">Sets the number of server processes created on startup.
Used only when 'apache-like' pm_style is selected
<value name="StartServers">20</value>Sets the desired minimum number of idle server processes.
Used only when 'apache-like' pm_style is selected
<value name="MinSpareServers">5</value>Sets the desired maximum number of idle server processes.
Used only when 'apache-like' pm_style is selected
<value name="MaxSpareServers">250</value></value>
</value>
Time limit on waiting execution of single request
Should be used when 'max_execution_time' ini option does not terminate execution for some reason
<value name="request_execution_timeout">31s</value>Set open file desc rlimit
<value name="rlimit_files">51200</value>Set max core size rlimit
<value name="rlimit_core">0</value>Chroot to this directory at the start
<value name="chroot"></value>Chdir to this directory at the start
<value name="chdir"></value>Redirect workers' stdout and stderr into main error log.
If not set, they will be redirected to /dev/null, according to FastCGI specs
<value name="catch_workers_output">yes</value>How much requests each process should execute before respawn.
Useful to work around memory leaks in 3rd party libraries.
For endless request processing please specify 0
Equivalent to PHP_FCGI_MAX_REQUESTS
<value name="max_requests">51200</value>Comma separated list of ipv4 addresses of FastCGI clients that allowed to connect.
Equivalent to FCGI_WEB_SERVER_ADDRS environment in original php.fcgi (5.2.2+)
Makes sense only with AF_INET listening socket.
<value name="allowed_clients">127.0.0.1</value>Pass environment variables like LD_LIBRARY_PATH
All $VARIABLEs are taken from current environment
<value name="environment">
<value name="HOSTNAME">$HOSTNAME</value>
<value name="PATH">/usr/local/bin:/usr/bin:/bin</value>
<value name="TMP">/tmp</value>
<value name="TMPDIR">/tmp</value>
<value name="TEMP">/tmp</value>
<value name="OSTYPE">$OSTYPE</value>
<value name="MACHTYPE">$MACHTYPE</value>
<value name="MALLOC_CHECK_">2</value>
</value></section>
</workers>
</configuration>
9、启动php-cgi进程,监听127.0.0.1的9000端口,进程数为200(如果服务器内存小于3GB,可以只开启64个进程),用户为www:
ulimit -SHn 51200
/usr/local/webserver/php/sbin/php-fpm start
注:/usr/local/webserver/php/sbin/php-fpm还有其他参数,包括:start|stop|quit|restart|reload|logrotate,修改php.ini后不重启php-cgi,重新加载配置文件使用reload。
三、安装Nginx 0.7.14
1、安装Nginx所需的pcre库:
tar zxvf pcre-7.7.tar.gz
cd pcre-7.7/
./configure
make && make install
cd ../
2、安装Nginx
tar zxvf nginx-0.7.14.tar.gz
cd nginx-0.7.14/
./configure --user=www --group=www --prefix=/usr/local/webserver/nginx --with-http_stub_status_module --with-http_ssl_module
make && make install
cd ../
3、创建Nginx日志目录
mkdir -p /data1/logs
chmod +w /data1/logs
chown -R www:www /data1/logs
4、创建Nginx配置文件
①、在/usr/local/webserver/nginx/conf/目录中创建nginx.conf文件:
rm -f /usr/local/webserver/nginx/conf/nginx.conf
vi /usr/local/webserver/nginx/conf/nginx.conf
输入以下内容:
user www www;
worker_processes 8;
error_log /data1/logs/nginx_error.log crit;
pid /usr/local/webserver/nginx/nginx.pid;
#Specifies the value for maximum file descriptors that can be opened by this process.
worker_rlimit_nofile 51200;events
{
use epoll;
worker_connections 51200;
}http
{
include mime.types;
default_type application/octet-stream;#charset gb2312;
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;sendfile on;
tcp_nopush on;keepalive_timeout 60;
tcp_nodelay on;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 128k;gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.0;
gzip_comp_level 2;
gzip_types text/plain application/x-javascript text/css application/xml;
gzip_vary on;#limit_zone crawler $binary_remote_addr 10m;
server
{
listen 80;
server_name blog.s135.com;
index index.html index.htm index.php;
root /data0/htdocs/blog;#limit_conn crawler 20;
location ~ .*\.(php|php5)?$
{
#fastcgi_pass unix:/tmp/php-cgi.sock;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fcgi.conf;
}location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 30d;
}location ~ .*\.(js|css)?$
{
expires 1h;
}log_format access '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" $http_x_forwarded_for';
access_log /data1/logs/access.log access;
}server
{
listen 80;
server_name www.s135.com;
index index.html index.htm index.php;
root /data0/htdocs/www;location ~ .*\.(php|php5)?$
{
#fastcgi_pass unix:/tmp/php-cgi.sock;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fcgi.conf;
}log_format wwwlogs '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" $http_x_forwarded_for';
access_log /data1/logs/wwwlogs.log wwwlogs;
}server
{
listen 80;
server_name status.blog.s135.com;location / {
stub_status on;
access_log off;
}
}
}
②、在/usr/local/webserver/nginx/conf/目录中创建fcgi.conf文件:
vi /usr/local/webserver/nginx/conf/fcgi.conf
输入以下内容:
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx;fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param REDIRECT_STATUS 200;
5、启动Nginx
vi /etc/rc.local
在末尾增加以下内容:
ulimit -SHn 51200
/usr/local/webserver/php/sbin/php-fpm start
/usr/local/webserver/nginx/sbin/nginx
五、优化Linux内核参数
vi /etc/sysctl.conf
在末尾增加以下内容:
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_keepalive_time = 300
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.ip_local_port_range = 5000 65000
使配置立即生效:
/sbin/sysctl -p
六、在不停止Nginx服务的情况下平滑变更Nginx配置
(1)、修改/usr/local/webserver/nginx/conf/nginx.conf配置文件后,请执行以下命令检查配置文件是否正确:
如果屏幕显示以下两行信息,说明配置文件正确:
the configuration file /usr/local/webserver/nginx/conf/nginx.conf syntax is ok
the configuration file /usr/local/webserver/nginx/conf/nginx.conf was tested successfully
(2)、这时,输入以下命令查看Nginx主进程号:
ps -ef | grep "nginx: master process" | grep -v "grep" | awk -F ' ' '{print $2}'
屏幕显示的即为Nginx主进程号,例如:
6302
这时,执行以下命令即可使修改过的Nginx配置文件生效:
kill -HUP 6302
或者无需这么麻烦,找到Nginx的Pid文件:
Related Posts
Tags: eAccelerator, Linux, Nginx, PHP
(No Ratings Yet)
Loading ...
Leave your response!