部落格開通以來,主要記錄學習和使用過程中遇到的問題及解決方案。文章風格偏向自娛自樂,是以通路量較少,一台1核2G的伺服器足以支撐網站的正常運作。
後來本站引入三個頁面,這三個頁面應該對有上外網需求的網友很有幫助,也給本站帶來了很大的流量。本站用的WordPress程式,嘗試過安裝各種緩存插件(super cache, w3 total cache等)加速運作,但是低配的vps依然難以支援這麼大的通路量。通過日志可以看到随着通路量的增加,php-fpm程序增多,Mysql的連接配接和線程增多,接着出現OOM,然後系統kill掉占用記憶體最大的Mysql程序,于是網站進入503當機模式。
買更好的vps能解決通路量大的問題,但是要花更多的錢。做為一個技術宅,首先想到的當然是如何榨幹現有機器來支撐大流量。做過的嘗試包括切換到比WordPress性能更好的Ghost,參考:嘗試Ghost 。但是相對于WordPress,Ghost的生态遠沒有那麼成熟,最終放棄了。
左思右想下,終極解決辦法是用Nginx緩存,最初的文章可參考:Nginx配置fastcgi cache。fastcgi_cache的好處是大部分使用者的請求不用後端php-fpm打交道,直接發送緩存的靜态頁面,速度上甩各種WordPress插件好幾條街!相比之下wordpress的各種插件還要執行php,也避免不了通路資料庫,弱爆了!
自從使用了nginx緩存,網站平穩運作,再也沒有出現過當機的現象。同時vps的cpu和記憶體占用率直線下降,再也無需擔心vps的配置問題,感覺再來10倍流量部落格也撐得住!
因為nginx穩如狗的體驗,是以現在對于部落格類讀多寫少的産品都是強推nginx緩存(fastcgi緩存或者proxy緩存)。鑒于可能幫到一些網友,現貼出 /etc/nginx/nginx.conf 配置檔案供網友參考(包含ssl設定和gzip部分):
# 檔案: /etc/nginx/nginx.conf
# For more information on configuration, see:
# * Official English Documentation: http://nginx.org/en/docs/
# * Official Russian Documentation: http://nginx.org/ru/docs/
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
# Load dynamic modules. See /usr/share/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for" "$request_time"';
access_log /var/log/nginx/access.log main buffer=32k flush=30s;
server_tokens off;
client_max_body_size 100m;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# ssl配置
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384;
ssl_ecdh_curve secp384r1;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
ssl_session_tickets off;
ssl_stapling on; # Requires nginx >= 1.3.7
ssl_stapling_verify on; # Requires nginx => 1.3.7
add_header Strict-Transport-Security "max-age=63072000; preload";
#add_header X-Frame-Options DENY;
add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
# 請按照自己的需求更改
fastcgi_cache_path /var/cache/nginx/tlanyan levels=1:2 keys_zone=tlanyan:10m inactive=30m use_temp_path=off;
fastcgi_cache_key $request_method$scheme$host$request_uri;
# note: can also use HTTP headers to form the cache key, e.g.
#fastcgi_cache_key $scheme$request_method$host$request_uri$http_x_custom_header;
#fastcgi_cache_lock on;
fastcgi_cache_use_stale error timeout invalid_header updating http_500;
fastcgi_cache_valid 200 301 302 10h;
fastcgi_cache_valid 404 10m;
fastcgi_ignore_headers Expires Set-Cookie Vary;
# gzip 配置
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_comp_level 7;
gzip_types
text/css
text/plain
text/javascript
application/javascript
application/json
application/x-javascript
application/xml
application/xml+rss
application/xhtml+xml
application/x-font-ttf
application/x-font-opentype
application/vnd.ms-fontobject
image/svg+xml
image/x-icon
application/rss+xml
application/atom_xml
image/jpeg
image/gif
image/png
image/icon
image/bmp
image/jpg;
gzip_vary on;
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;
}
以及用于WordPress站點的網站配置檔案(/etc/nginx/conf.d/tlanyan.conf):
server {
listen 80;
listen [::]:80;
server_name www.tlanyan.me tlanyan.me; # 請換成自己的域名
rewrite ^(.*) https://$server_name$1 permanent;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name www.tlanyan.me tlanyan.me; # 請換成自己的域名
charset utf-8;
ssl_certificate /etc/nginx/conf.d/tlanyan.pem; # 請換成自己的證書和密鑰
ssl_certificate_key /etc/nginx/conf.d/tlanyan.key;
set $host_path "/var/www/tlanyan"; # 請改成自己的路徑
access_log /var/log/nginx/tlanyan.access.log main buffer=32k flush=30s;
error_log /var/log/nginx/tlanyan.error.log;
root $host_path;
# 緩存标記
set $skip_cache 0;
if ($query_string != "") {
set $skip_cache 1;
}
if ($request_uri ~* "/wp-admin/|/xmlrpc.php|wp-.*.php|/feed/|sitemap(_index)?.xml") {
set $skip_cache 1;
}
# 登入使用者或發表評論者
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in") {
set $skip_cache 1;
}
location = / {
index index.php index.html;
try_files /index.php?$args /index.php?$args;
}
location / {
index index.php index.html;
try_files $uri $uri/ /index.php?$args;
}
location ~ ^/\.user\.ini {
deny all;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_index index.php;
fastcgi_pass 127.0.0.1:9000;
fastcgi_cache tlanyan;
fastcgi_cache_valid 200 301 302 30m;
fastcgi_cache_valid 404 10m;
fastcgi_cache_bypass $skip_cache;
fastcgi_no_cache $skip_cache;
fastcgi_cache_lock on;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
location ~ \.(js|css|png|jpg|gif|swf|ico|pdf|mov|fla|zip|rar|jpeg)$ {
expires max;
access_log off;
try_files $uri =404;
}
}
上述配置對最新版的Nginx測試有效,詳細配置指令請參考Nginx官方文檔。
![linux-svn解除安裝與安裝[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)