
nginx的主要作用有三个方面:1、作为 Web 服务器;2、负载均衡服务器;3、邮件代理服务器等三个方面。其特点是占有内存少,并发能力强,给使用者带来了很多的便利。nginx是一款轻量级的Web 服务器/反向代理服务器及电子邮件(IMAP/POP3)代理服务器,在BSD-like 协议下发行。但是在日常的工作中,很多同学接触不到nginx服务和设计,更加谈不上学习nginx在系统中的应用设计。在大公司中nginx服务基本有公司基础架构组的同学负责。小公司基本上对nginx的优化与性能提升不关心。本博文将详细的介绍真实企业中Nginx在生产环境压测与性能优化实战,给想要学习的同学提供一个参考。


Ubuntu 20.42个4线程16G500G


2.1 Nginx的直接安装


apt-get update

apt-get install nginx

2.2 Nginx的docker部署

docker pull nginx

docker images


mkdir /opt/docker/nginx/conf.d -p
touch /opt/docker/nginx/conf.d/nginx.conf
mkdir /opt/docker/nginx/cert -p
vim /opt/docker/nginx/conf.d/nginx.conf


server {
    listen 80;  # 监听80端口
    server_name example.com www.example.com;  # 自己的域名
    location / {
        proxy_set_header HOST $host;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

        proxy_pass;  # 需要代理的地址:端口


# 非强制重定向https
server {
    listen 80; #侦听80端口,如果强制所有的访问都必须是HTTPs的,这行需要注销掉
    listen 443 ssl; #侦听443端口,用于SSL
    server_name example.cn www.example.cn;  # 自己的域名
    # 注意文件位置,是从/etc/nginx/下开始算起的
    ssl_certificate 1_example_bundle.crt;
    ssl_certificate_key 2_example.key;
    ssl_session_timeout 5m;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
    ssl_prefer_server_ciphers on;

    client_max_body_size 1024m;

    location / {
        proxy_set_header HOST $host;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	    # 这里写的是我的腾讯云内网地址,不知道为啥,不能用127.0.0.1...
        proxy_pass http://xxx.xx.xx.xx:8090;


# 强制重定向
server {
    listen 443 ssl;
    server_name example.com www.example.com;  # 自己的域名
    # 注意文件位置,是从/etc/nginx/下开始算起的
    ssl_certificate 1_www.example.com_bundle.crt;
    ssl_certificate_key 2_www.example.com.key;
    ssl_session_timeout 5m;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
    ssl_prefer_server_ciphers on;

    client_max_body_size 1024m;

    location / {
        proxy_set_header HOST $host;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        # 这里写的是我的腾讯云内网地址,不知道为啥,不能用127.0.0.1...
server {
     listen 80; # 监听80端口
     server_name example.com www.example.com;  # 绑定证书的域名
     return 301 https://$host$request_uri; 
docker run -itd --name nginx -p 80:80 -p 443:443 -v /opt/docker/nginx/conf.d/nginx.conf:/etc/nginx/conf.d/nginx.conf -v /opt/docker/nginx/cert:/etc/nginx -m 100m nginx

动后,输入docker ps 查看是否启动成功!docker logs nginx 查看日志。


3.1 webbench安装(Linux)


yum install -y gcc ctags

mkdir -m 644 -p /usr/local/man/man1

wget http://www.ha97.com/code/webbench-1.5.tar.gz

tar zxvf webbench-1.5.tar.gz

cd webbench-1.5


make install

-c client数量

-t time测试时间

webbench -c 300 -t 30 http://xxx.xxx.xxx.xxx/BBS/login.html(目标地址)

3.2  Apache bench安装

Centos:yum -y install httpd-tools

Ubuntu: sudo apt-get install apache2-utils
# 查询相关版本

ab -V

root@ubuntu:/home/xjl# ab -V
This is ApacheBench, Version 2.3 <$Revision: 1807734 $>
Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/
Licensed to The Apache Software Foundation, http://www.apache.org/

# 对目标ip 进访问 c表示单次访问量 n表示总的访问量

ab -c 100 -n 1000  https://targetip/



root@ubuntu:/home/xjl# ab -c 100 -n 10000
This is ApacheBench, Version 2.3 <$Revision: 1807734 $>
Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/
Licensed to The Apache Software Foundation, http://www.apache.org/

Benchmarking (be patient)
Completed 1000 requests
Completed 2000 requests
Completed 3000 requests
Completed 4000 requests
Completed 5000 requests
Completed 6000 requests
Completed 7000 requests
Completed 8000 requests
Completed 9000 requests
Completed 10000 requests
Finished 10000 requests

Server Software:        nginx/1.14.0
Server Hostname:
Server Port:            80

Document Path:          /index.html
Document Length:        178 bytes

Concurrency Level:      100
Time taken for tests:   0.706 seconds
Complete requests:      10000
Failed requests:        0
Non-2xx responses:      10000
Total transferred:      3370000 bytes
HTML transferred:       1780000 bytes
Requests per second:    14154.44 [#/sec] (mean)
Time per request:       7.065 [ms] (mean)
Time per request:       0.071 [ms] (mean, across all concurrent requests)
Transfer rate:          4658.25 [Kbytes/sec] received

Connection Times (ms)
              min  mean[+/-sd] median   max
Connect:        0    3   0.8      3       6
Processing:     1    4   0.9      4       8
Waiting:        0    3   1.0      3       7
Total:          1    7   0.7      7      10

Percentage of the requests served within a certain time (ms)
  50%      7
  66%      7
  75%      7
  80%      7
  90%      8
  95%      8
  98%      8
  99%      8
 100%     10 (longest request)


root@ubuntu:/home/xjl# ab -c 1000 -n 10000
This is ApacheBench, Version 2.3 <$Revision: 1807734 $>
Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/
Licensed to The Apache Software Foundation, http://www.apache.org/

Benchmarking (be patient)
Completed 1000 requests
Completed 2000 requests
Completed 3000 requests
Completed 4000 requests
Completed 5000 requests
Completed 6000 requests
Completed 7000 requests
Completed 8000 requests
Completed 9000 requests
Completed 10000 requests
Finished 10000 requests

Server Software:
Server Hostname:
Server Port:            80

Document Path:          /index.html
Document Length:        0 bytes

Concurrency Level:      1000
Time taken for tests:   0.796 seconds
Complete requests:      10000
Failed requests:        10000
   (Connect: 0, Receive: 0, Length: 9936, Exceptions: 64)
Non-2xx responses:      9936
Total transferred:      3348432 bytes
HTML transferred:       1768608 bytes
Requests per second:    12563.18 [#/sec] (mean)
Time per request:       79.598 [ms] (mean)
Time per request:       0.080 [ms] (mean, across all concurrent requests)
Transfer rate:          4108.10 [Kbytes/sec] received

Connection Times (ms)
              min  mean[+/-sd] median   max
Connect:       13   35   6.9     35      57
Processing:    10   41  10.8     41      78
Waiting:        0   29  10.9     26      65
Total:         40   76   7.0     77      92

Percentage of the requests served within a certain time (ms)
  50%     77
  66%     79
  75%     80
  80%     81
  90%     83
  95%     84
  98%     84
  99%     85
 100%     92 (longest request)


root@ubuntu:/home/xjl# ab -c 2000 -n 10000
This is ApacheBench, Version 2.3 <$Revision: 1807734 $>
Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/
Licensed to The Apache Software Foundation, http://www.apache.org/

Benchmarking (be patient)
socket: Too many open files (24)

五、 Nginx优化下的生产环境压测试验

5.1 Nginx的服务出错


2020-07-23 02:53:49 [alert] 13576#0: accept() failed (24: Too many open files)
2020-07-23 02:53:49 [alert] 13576#0: accept() failed (24: Too many open files)
2020-07-23 02:53:49 [alert] 13576#0: accept() failed (24: Too many open files)
2020-07-23 02:53:49 [alert] 13576#0: accept() failed (24: Too many open files)
2020-07-23 02:53:49 [alert] 13576#0: accept() failed (24: Too many open files)
2020-07-23 02:53:49 [alert] 13576#0: accept() failed (24: Too many open files)
2020-07-23 02:53:49 [alert] 13576#0: accept() failed (24: Too many open files)
2020-07-23 02:53:49 [alert] 13576#0: accept() failed (24: Too many open files)
2020-07-23 02:53:49 [alert] 13576#0: accept() failed (24: Too many open files)
2020-07-23 02:53:49 [alert] 13576#0: accept() failed (24: Too many open files)


原因很简单:Nginx无法打开那么多的文件句柄,一方面是因为我没有配置Nginx能够打开的最大文件数;另一方面是因为Ubuntu 20.4操作系统本身对打开的最大文件句柄数有限制,我同样没有配置操作系统的最大文件句柄数。所以说,不全是Nginx的锅!


[root@binghe150 ~]# ulimit -n



[alert] 13576#0: accept() failed (24: Too many open files)

5.2 Nginx临时增大连接数


ulimit -n 655350

同时修改nginx.conf , 添加如下配置项。

worker_rlimit_nofile 655350; 

注意:上述配置需要与error_log同级别。这样就可以解决Nginx连接过多的问题,Nginx就可以支持高并发(这里需要配置Nginx)。另外, ulimit -n还会影响到MYSQL的并发连接数。把它提高,也可以提高MySQL的并发。注意:用 ulimit -n 655350 修改只对当前的shell有效,退出后失效。

5.3 Nginx 永久增大连接数


vim /etc/security/limits.conf


* soft nofile 655360
* hard nofile 655360

保存并退出vim编辑器。其中:星号代表全局, soft为软件,hard为硬件,nofile为这里指可打开的文件句柄数。

最后,需要注意的是:要使 limits.conf 文件配置生效,必须要确保 pam_limits.so 文件被加入到启动文件中。查看 /etc/pam.d/login 文件中是否存在如下配置。不存在,则需要添加上述配置项。

session required /lib64/security/pam_limits.so

5.4 Nginx优化总结



5.5 Nginx优化下的生产环境压测试验结果

root@ubuntu:/etc/nginx# ab -c 2000 -n 10000
This is ApacheBench, Version 2.3 <$Revision: 1807734 $>
Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/
Licensed to The Apache Software Foundation, http://www.apache.org/

Benchmarking (be patient)
Completed 1000 requests
Completed 2000 requests
Completed 3000 requests
Completed 4000 requests
Completed 5000 requests
Completed 6000 requests
Completed 7000 requests
Completed 8000 requests
Completed 9000 requests
Completed 10000 requests
Finished 10000 requests

Server Software:
Server Hostname:
Server Port:            80

Document Path:          /index.html
Document Length:        0 bytes

Concurrency Level:      2000
Time taken for tests:   0.783 seconds
Complete requests:      10000
Failed requests:        9952
   (Connect: 0, Receive: 0, Length: 7392, Exceptions: 2560)
Non-2xx responses:      7440
Total transferred:      2507280 bytes
HTML transferred:       1324320 bytes
Requests per second:    12766.24 [#/sec] (mean)
Time per request:       156.663 [ms] (mean)
Time per request:       0.078 [ms] (mean, across all concurrent requests)
Transfer rate:          3125.83 [Kbytes/sec] received

Connection Times (ms)
              min  mean[+/-sd] median   max
Connect:        0   66  14.9     67      95
Processing:    30   74  19.2     77     122
Waiting:        0   43  27.6     54     101
Total:         93  140  12.1    141     163

Percentage of the requests served within a certain time (ms)
  50%    141
  66%    147
  75%    149
  80%    150
  90%    153
  95%    156
  98%    161
  99%    162
 100%    163 (longest request)
root@ubuntu:/etc/nginx# ab -c 20000 -n 100000
This is ApacheBench, Version 2.3 <$Revision: 1807734 $>
Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/
Licensed to The Apache Software Foundation, http://www.apache.org/

Benchmarking (be patient)
Completed 10000 requests
Completed 20000 requests
Completed 30000 requests
Completed 40000 requests
Completed 50000 requests
Completed 60000 requests
Completed 70000 requests
Completed 80000 requests
Completed 90000 requests
Completed 100000 requests
Finished 100000 requests

Server Software:
Server Hostname:
Server Port:            80

Document Path:          /index.html
Document Length:        0 bytes

Concurrency Level:      20000
Time taken for tests:   56.537 seconds
Complete requests:      100000
Failed requests:        99839
   (Connect: 0, Receive: 0, Length: 12499, Exceptions: 87340)
Non-2xx responses:      12499
Total transferred:      4212163 bytes
HTML transferred:       2224822 bytes
Requests per second:    1768.75 [#/sec] (mean)
Time per request:       11307.399 [ms] (mean)
Time per request:       0.565 [ms] (mean, across all concurrent requests)
Transfer rate:          72.76 [Kbytes/sec] received

Connection Times (ms)
              min  mean[+/-sd] median   max
Connect:      273 7456 3218.9   8366   11155
Processing:    99 2761 3066.8    694   11195
Waiting:        0  379 1603.1      0   10953
Total:       6381 10217 2645.7  10197   21013

Percentage of the requests served within a certain time (ms)
  50%  10197
  66%  11118
  75%  11231
  80%  11422
  90%  11455
  95%  16615
  98%  20414
  99%  20810
 100%  21013 (longest request)
root@ubuntu:/etc/nginx# ab -c 30000 -n 100000
ab: Invalid Concurrency [Range 0..20000]
Usage: ab [options] [http[s]://]hostname[:port]/path


