我使用 Nginx 就像使用 cdn 一样。
我的服务器在 hetzner 上保证 1 Gbit 带宽。Intel Xeon E5-1650 v2 Hexa Core 128 GB DDR3 ECC 2× 240 GB SATA3 数据中心系列 SSD。平均负载为 0.04。可用内存 116gb。ubuntu 服务器 16.04.3 LTS。nginx 版本:nginx/1.13.8
我不明白为什么 nginx http2 很慢。请查看屏幕截图:https://vgy.me/75FMVO.jpg
stub_status
Active connections: 1020
server accepts handled requests
1733491 1733491 19208056
Reading: 0 Writing: 275 Waiting: 741
这是我的服务器配置
server {
listen 80 default_server;
listen [::]:80 default_server;
listen 443 ssl default_server http2;
listen [::]:443 ssl default_server http2;
set $cors '';
if ($http_origin ~ '^https?://(localhost|www\.example\.com|www\.example2\.com)') {
set $cors 'true';
}
server_name cdn.example.com;
#ssl on;
ssl_certificate /etc/nginx/ssl/cdn_example_com_bundle.crt;
ssl_certificate_key /etc/nginx/ssl/cdn_example_com.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_session_cache shared:SSL:20m;
ssl_session_timeout 60m;
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/nginx/ssl/dhparam.pem;
ssl_ciphers EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:EDH+aRSA:HIGH:!aNULL:!eNULL:!LOW:!RC4:!3DES:!MD5:!EXP:!PSK:!SRP:!SEED:!DSS:!CAMELLIA;
ssl_stapling on;
ssl_stapling_verify on;
#ssl_trusted_certificate /etc/nginx/ssl/cdn_example_com_bundle.crt;
resolver 8.8.8.8 8.8.4.4;
index /index.html;
error_page 404 /index.html;
location ~* \.(gif|jpg|jpeg|png|js|css|pdf|woff|ttf|woff2|eot|svg)$ {
if ($cors = 'true') {
add_header 'Access-Control-Allow-Origin' "$http_origin" always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With' always;
add_header 'Strict-Transport-Security' 'max-age=31536000' always;
# required to be able to read Authorization header in frontend
#add_header 'Access-Control-Expose-Headers' 'Authorization' always;
}
if ($request_method = 'OPTIONS') {
# Tell client that this pre-flight info is valid for 20 days
add_header 'Access-Control-Max-Age' 1728000;
add_header 'Content-Type' 'text/plain charset=UTF-8';
add_header 'Content-Length' 0;
return 204;
}
expires max;
root /var/www/html;
try_files $uri $uri/ @s3;
}
location @s3 {
expires max;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://www.example.com;
proxy_ignore_headers X-Accel-Expires Expires Cache-Control;
proxy_store /var/www/html$uri;
proxy_store_access user:rw group:rw all:r;
}
}
nginx.conf
user www-data;
worker_processes auto;
worker_rlimit_nofile 100000;
pid /run/nginx.pid;
events {
worker_connections 4000;
use epoll;
multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 30;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
#access_log /var/log/nginx/access.log;
access_log off;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}