Nginx:如何设置’limit_conn’和’limit_req’?

前端之家收集整理的这篇文章主要介绍了Nginx:如何设置’limit_conn’和’limit_req’?前端之家小编觉得挺不错的,现在分享给大家,也给大家做个参考。

我在ubuntu 14.04上使用Nginx版本1.6.2

我试图在配置文件中输入limit_conn和limit_req,引用nginx documentation.

Nginx在没有limit_conn和limit_req选项的情况下运行良好.

以下是带有日志消息的Nginx配置的测试用例.

我不知道我的代码有什么问题.

案例1 – 完整配置

/etc/Nginx/Nginx.conf

http {
    ...
    include /etc/Nginx/sites-enabled/*;
    ...
    limit_conn_zone $binary_remote_addr zone=conn_limit_per_ip:10m;
    limit_req_zone $binary_remote_addr zone=req_limit_per_ip:10m rate=5r/s;
    ...
}

/etc/Nginx/sites-enabled/service.conf

server {
    ...
    location / {
        limit_conn conn_limit_per_ip 30;
        limit_req zone=req_limit_per_ip burst=5 nodelay;
        ...
    }        
    ...
}

日志消息

unknown limit_req_zone "req_limit_per_ip" in /etc/Nginx/sites-enabled/service.conf

情况2 – 从启用站点配置文件删除limit_req

/etc/Nginx/Nginx.conf

http {
    ...
    include /etc/Nginx/sites-enabled/*;
    ...
    limit_conn_zone $binary_remote_addr zone=conn_limit_per_ip:10m;
    limit_req_zone $binary_remote_addr zone=req_limit_per_ip:10m rate=5r/s;
    ...
}

/etc/Nginx/sites-enabled/service.conf

server {
    ...
    location / {
        limit_conn conn_limit_per_ip 30;
        ...
    }        
    ...
}

日志消息

the size 10485760 of shared memory zone "conn_limit_per_ip" conflicts with already declared size 0 in /etc/Nginx/Nginx.conf

案例3 – 从启用站点配置文件删除limit_conn

/etc/Nginx/Nginx.conf

http {
    ...
    include /etc/Nginx/sites-enabled/*;
    ...
    limit_conn_zone $binary_remote_addr zone=conn_limit_per_ip:10m;
    limit_req_zone $binary_remote_addr zone=req_limit_per_ip:10m rate=5r/s;
    ...
}

/etc/Nginx/sites-enabled/service.conf

server {
    ...
    location / {
        limit_req zone=req_limit_per_ip burst=5 nodelay;
        ...
    }        
    ...
}

日志消息

unknown limit_req_zone "req_limit_per_ip" in /etc/Nginx/sites-enabled/service.conf

案例4 – 从启用站点配置文件删除所有内容

/etc/Nginx/Nginx.conf

http {
    ...
    include /etc/Nginx/sites-enabled/*;
    ...
    limit_conn_zone $binary_remote_addr zone=conn_limit_per_ip:10m;
    limit_req_zone $binary_remote_addr zone=req_limit_per_ip:10m rate=5r/s;
    ...
}

/etc/Nginx/sites-enabled/service.conf

server {
    ...
    location / {
        ...
    }        
    ...
}

日志消息

[OK] - Nginx reloaded well

情况5 – 删除limit_req_zone和limit_req

/etc/Nginx/Nginx.conf

http {
    ...
    include /etc/Nginx/sites-enabled/*;
    ...
    limit_conn_zone $binary_remote_addr zone=conn_limit_per_ip:10m;
    ...
}

/etc/Nginx/sites-enabled/service.conf

server {
    ...
    location / {
        limit_conn conn_limit_per_ip 30;
        ...
    }        
    ...
}

日志消息

the size 10485760 of shared memory zone "conn_limit_per_ip" conflicts with already declared size 0 in /etc/Nginx/Nginx.conf

案例6 – 删除limit_conn_zone和limit_conn

/etc/Nginx/Nginx.conf

http {
    ...
    include /etc/Nginx/sites-enabled/*;
    ...
    limit_req_zone $binary_remote_addr zone=req_limit_per_ip:10m rate=5r/s;
    ...
}

/etc/Nginx/sites-enabled/service.conf

server {
    ...
    location / {
        limit_req zone=req_limit_per_ip burst=5 nodelay;
        ...
    }        
    ...
}

日志消息

unknown limit_req_zone "req_limit_per_ip" in /etc/Nginx/sites-enabled/service.conf
最佳答案

将/etc/Nginx/sites-enabled/service.conf合并到/etc/Nginx/Nginx.conf中.换句话说,删除service.conf文件并在Nginx.conf文件的http块中粘贴服务器块.这是代码.

/etc/Nginx/Nginx.conf

http {

    ..

    limit_req_zone $binary_remote_addr zone=req_limit_per_ip:10m rate=2r/s;
    limit_conn_zone $binary_remote_addr zone=conn_limit_per_ip:10m;

    ..

    server {

        ..

        location / {
            limit_req zone=req_limit_per_ip burst=5 nodelay;
            limit_conn conn_limit_per_ip 30;
        }

        ..
    }
}

变量的含义和测试

> limit_req_zone $binary_remote_addr zone = req_limit_per_ip:10m rate = 2r / s limit_req zone = req_limit_per_ip burst = 5 nodelay

>将共享内存设置为10MB
>限制每个IP的请求如下
>将最大请求设置为以爆发秒为单位的速率*突发
>例如,在这种情况下,最大值是5秒内的10(= 2 * 5)个请求
>使用nodelay选项:Nginx将返回503响应并且不处理过多的请求
>没有nodelay选项:Nginx会等待(没有503响应)并处理过多的请求,但有一些延迟

> limit_conn_zone $binary_remote_addr zone = conn_limit_per_ip:10m limit_conn conn_limit_per_ip 30

>将共享内存设置为10MB
>在这种情况下,将每个IP的连接限制为30
>请注意,普通浏览器会进行2~8个连接,SPDY协议会分割每个连接
>如果连接超过此值,Nginx将返回503响应

猜你在找的Nginx相关文章