一、调整Worker进程与连接数(核心并发处理)
auto(自动检测),确保Nginx充分利用CPU资源。例如:worker_processes auto;。worker_rlimit_nofile调整系统文件描述符限制),例如:events { worker_connections 10240; }。epoll(高性能事件驱动模型),无需额外配置,但需确认events块中无冲突设置。二、启用高效传输与缓存(减少延迟与负载)
sendfile实现零拷贝文件传输(减少CPU拷贝开销),配合tcp_nopush(仅在sendfile开启时有效,优化数据包发送)和tcp_nodelay(禁用Nagle算法,减少小数据包延迟):sendfile on; tcp_nopush on; tcp_nodelay on;。expires)和Cache-Control头,减少重复请求:location ~* \.(jpg|jpeg|png|gif|css|js)$ { expires 30d; add_header Cache-Control "public"; }。proxy_cache缓存响应,降低后端服务器负载:proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=my_cache:10m inactive=60m; server { location /api/ { proxy_cache my_cache; proxy_pass http://backend; proxy_cache_valid 200 10m; } }。三、启用HTTP/2与SSL优化(提升传输效率)
http2,利用多路复用减少连接开销:server { listen 443 ssl http2; }。TLS_AES_128_GCM_SHA256),并开启会话缓存(减少SSL握手时间):ssl_protocols TLSv1.2 TLSv1.3; ssl_ciphers HIGH:!aNULL:!MD5; ssl_session_cache shared:SSL:10m; ssl_session_timeout 10m;。四、负载均衡与连接复用(分散压力)
upstream模块将请求分发到多个后端服务器,选择合适的算法(如least_conn针对长连接场景):upstream backend { least_conn; server backend1.example.com; server backend2.example.com; }。keepalive,减少TCP连接建立的开销:proxy_http_version 1.1; proxy_set_header Connection ""; keepalive 32;。五、压缩与日志优化(减少资源消耗)
gzip on; gzip_types text/plain text/css application/json application/javascript text/xml;。access_log off; # 静态资源关闭 access_log /var/log/nginx/access.log combined buffer=32k flush=300s; # 动态请求缓冲。六、系统层面优化(支撑高并发)
/etc/security/limits.conf,增加Nginx进程的文件描述符限制(避免“Too many open files”错误):* soft nofile 65535; * hard nofile 65535;。/etc/sysctl.conf优化TCP连接处理(如增大连接队列、启用TIME_WAIT复用):net.core.somaxconn = 65535; net.ipv4.tcp_max_syn_backlog = 65535; net.ipv4.tcp_tw_reuse = 1;。
