ПРОЕКТЫ 


  АРХИВ 


Apache-Talk @lexa.ru 

Inet-Admins @info.east.ru 

Filmscanners @halftone.co.uk 

Security-alerts @yandex-team.ru 

nginx-ru @sysoev.ru 


  СТАТЬИ 


  ПЕРСОНАЛЬНОЕ 


  ПРОГРАММЫ 



ПИШИТЕ
ПИСЬМА












     АРХИВ :: nginx-ru
Nginx-ru mailing list archive (nginx-ru@sysoev.ru)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Прозрачное кэширование в n ginx


  • To: nginx-ru@xxxxxxxxx
  • Subject: Прозрачное кэширование в n ginx
  • From: "portos" <nginx-forum@xxxxxxxx>
  • Date: Fri, 29 Jul 2011 10:24:35 -0400
  • Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=mickey.jlkhosting.com; s=x; h=Date:Sender:From:Message-ID:Content-Transfer-Encoding:Content-Type:Subject:To; bh=8OiYaNkkMqPXPQyImNvgvPs5ED2HnIlF0MhpiiCQvGY=; b=qcCCwhemR5vsLhCRN0tF1tSnxAufSUx3l0MxFpJvzmsYShLtsg1ffsVZwf8QOCPl0g5pYz9dXXD6bvrFwMasXZ+WV16XBuoRPGgiiiVzIBW7gHSsgKyCpttHq+eRXP5b;

Всем привет. 
Собственно в чем проблема. При проверке
сайта утилитой 
ab -n 1000 -c 100 http://www.mysite.com/ - сайт мгновенно
падает и даже если выставить параметр -n
100 - ситуация та же. 
Нашел статью по решению этой проблемы:
http://habrahabr.ru/blogs/nginx/124684/ 
Все делаю как описано в статье. Вот мой
конфиг /etc/ngnix/sites-available/000-mysite.com

server {
        listen 192.168.1.1:80;
        server_name mysite.com www.mysite.com;
        
        location ~* ^/(webstat/|awstats|webmail/|myadmin/|manimg/|cgi-bin/) {
                proxy_pass http://192.168.1.1:8080;
                proxy_redirect http://mysite.com:8080/ /;
                proxy_set_header Host $host;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header X-Real-IP $remote_addr;
        }
        location / {
                proxy_pass http://192.168.1.1:8080;
                proxy_redirect http://mysite.com:8080/ /;
                proxy_set_header Host $host;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header X-Real-IP $remote_addr;
                
                proxy_cache cache;
                proxy_cache_valid 10m;
                proxy_cache_valid 404 1m;


        }
        location ~*
^.+\.(jpg|jpeg|gif|png|svg|js|css|mp3|ogg|mpe?g|avi|zip|gz|bz2?|rar)$ {
                root /srv/d_mysite/www/mysite.com/htdocs;
                access_log
/srv/d_mysite/www/mysite.com/logs/nginx-mysite.com-access.log;
                error_page 404 = @fallback;
        }
        location @fallback {
                proxy_pass http://192.168.1.1:8080;
                proxy_set_header Host $host;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header X-Real-IP $remote_addr;
        }
}

proxy_cache_path /var/lib/nginx/cache levels=1:2 keys_zone=cache:30m
max_size=1G;
proxy_temp_path /var/lib/nginx/proxy 1 2;
proxy_ignore_headers Expires Cache-Control;
proxy_cache_use_stale error timeout invalid_header http_502;
proxy_cache_bypass $cookie_session;
proxy_no_cache $cookie_session;

После рестарта ngnix я получаю сообщение
об ошибке:

Restarting nginx: nginx: [emerg] the size 31457280 of shared memory zone
"cache" conflicts with already declared size 0 in
/etc/nginx/sites-enabled/000-mysite.com:36
nginx: configuration file /etc/nginx/nginx.conf test failed

Вот сам файл  /etc/nginx/nginx.conf 

user www-data;
worker_processes 4;
pid /var/run/nginx.pid;

events {
        worker_connections 768;
        # multi_accept on;
}

http {

        ##
        # Basic Settings
        ##

        sendfile on;
        tcp_nopush on;
        tcp_nodelay on;
        keepalive_timeout 65;
        types_hash_max_size 2048;
        # server_tokens off;

        # server_names_hash_bucket_size 64;
        # server_name_in_redirect off;

        include /etc/nginx/mime.types;
        default_type application/octet-stream;

        ##
        # Logging Settings
        ##

        access_log /var/log/nginx/access.log;
        error_log /var/log/nginx/error.log;

        ##
        # Gzip Settings
        ##

        gzip on;
        gzip_disable "msie6";

        # gzip_vary on;
        # gzip_proxied any;
        # gzip_comp_level 6;
        # gzip_buffers 16 8k;
        # gzip_http_version 1.1;
        # gzip_types text/plain text/css application/json
application/x-javascript text/xml application/xml application/xml+rss
text/javascript;

        ##
        # Virtual Host Configs
        ##

        include /etc/nginx/conf.d/*.conf;
        include /etc/nginx/sites-enabled/*;
}


#mail {
#       # See sample authentication script at:
#       # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
# 
#       # auth_http localhost/auth.php;
#       # pop3_capabilities "TOP" "USER";
#       # imap_capabilities "IMAP4rev1" "UIDPLUS";
# 
#       server {
#               listen     localhost:110;
#               protocol   pop3;
#               proxy      on;
#       }
# 
#       server {
#               listen     localhost:143;
#               protocol   imap;
#               proxy      on;
#       }
#}

Версия ngnix 

nginx -V
nginx: nginx version: nginx/1.0.5
nginx: TLS SNI support enabled
nginx: configure arguments: --prefix=/etc/nginx
--conf-path=/etc/nginx/nginx.conf
--error-log-path=/var/log/nginx/error.log
--http-client-body-temp-path=/var/lib/nginx/body
--http-fastcgi-temp-path=/var/lib/nginx/fastcgi
--http-log-path=/var/log/nginx/access.log
--http-proxy-temp-path=/var/lib/nginx/proxy
--http-scgi-temp-path=/var/lib/nginx/scgi
--http-uwsgi-temp-path=/var/lib/nginx/uwsgi
--lock-path=/var/lock/nginx.lock --pid-path=/var/run/nginx.pid
--with-debug --with-http_addition_module --with-http_dav_module
--with-http_geoip_module --with-http_gzip_static_module
--with-http_image_filter_module --with-http_realip_module
--with-http_stub_status_module --with-http_ssl_module
--with-http_sub_module --with-http_xslt_module --with-ipv6
--with-sha1=/usr/include/openssl --with-md5=/usr/include/openssl
--with-mail --with-mail_ssl_module
--add-module=/build/buildd/nginx-1.0.5/debian/modules/nginx-echo
--add-module=/build/buildd/nginx-1.0.5/debian/modules/nginx-upstream-fair

apache2 -v   
Server version: Apache/2.2.14 (Ubuntu)

lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description:    Ubuntu 10.04.3 LTS
Release:        10.04
Codename:       lucid

Помогите решить этот вопрос. Или
возможно есть другой способ защиты от
такой "атаки"? 
Спасибо.

Posted at Nginx Forum: 
http://forum.nginx.org/read.php?21,213099,213099#msg-213099

_______________________________________________
nginx-ru mailing list
nginx-ru@xxxxxxxxx
http://mailman.nginx.org/mailman/listinfo/nginx-ru


 




Copyright © Lexa Software, 1996-2009.