Centos 服务器Nginx优化

1.查看当前centos的cpu 信息及内存信息

[root@localhost ~]# cat /proc/cpuinfo |grep "name" |cut -f2 -d: |uniq -c
8 Intel(R) Xeon(R) CPU E7-4809 v4 @ 2.10GHz
[root@localhost ~]# cat /proc/cpuinfo | grep "physical"| sort |uniq -c
8 address sizes : 42 bits physical, 48 bits virtual
4 physical id : 0
4 physical id : 1
[root@localhost ~]# getconf LONG_BIT
64
[root@localhost ~]# cat /proc/cpuinfo
processor : 0
vendor_id : GenuineIntel
cpu family : 6
model : 79
model name : Intel(R) Xeon(R) CPU E7-4809 v4 @ 2.10GHz
stepping : 1
microcode : 0xb00001f
cpu MHz : 2094.952
cache size : 20480 KB
physical id : 0
siblings : 4
core id : 0
cpu cores : 4
apicid : 0
initial apicid : 0
fpu : yes
fpu_exception : yes
cpuid level : 20
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts mmx fxsr sse sse2 ss ht syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon pebs bts nopl xtopology tsc_reliable nonstop_tsc aperfmperf eagerfpu pni pclmulqdq ssse3 fma cx16 pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm abm 3dnowprefetch epb invpcid_single fsgsbase tsc_adjust bmi1 hle avx2 smep bmi2 invpcid rtm rdseed adx smap xsaveopt dtherm arat pln pts
bogomips : 4189.90
clflush size : 64
cache_alignment : 64
address sizes : 42 bits physical, 48 bits virtual
power management:

2.nginx CPU优化

服务器四核配置如下:

worker_processes  4;
worker_cpu_affinity 0001 0010 0100 1000;

八核如下:

worker_processes 8;
worker_cpu_affinity 00000001 00000010 00000100 00001000 00010000 00100000 01000000 1000000;

重启服务:

systemctl restart nginx

查看状态

systemctl status nginx.service

3.nginx 文件数优化 见 ulimit优化

worker_rlimit_nofile 65535;

4.Nginx事件处理模型
events {
use epoll;
worker_connections 65535;
multi_accept on;
}

Centos7 处理服务器端口

1.查看防火墙状态
firewall-cmd --state
2.查看防火墙是否开机自启
systemctl is-enabled firewalld.service;echo $?
3.开启防火墙
systemctl start firewalld.service
4.关闭防火墙
systemctl stop firewalld.service
5.防火墙设置开机自启
systemctl enable firewalld.service
6.防火墙重启
systemctl restart firewalld.service

7.开启防火墙端口
开端口命令:firewall-cmd --zone=public --add-port=80/tcp --permanent

然后重启防火墙:systemctl restart firewalld.service

检验防火墙是否开启
netstat -ntlp
firewall-cmd --list-ports

8.查看已经开启的端口信息
firewall-cmd --zone=public --list-ports