Mastering Nginx: From Basics to Advanced Configuration and Optimization

I/O Model

Explanation of the I/O model used by web servers.

Nginx Overview

Nginx (engine X) was originally developed by a graduate of Moscow Bauman State Technical University for the Russian company rambler.ru. Development began in 2002, with the first public release on 4 Oct 2004 (v0.1.0). It offers both commercial and community editions; in March 2019 F5 Networks acquired the commercial version for $6.7 billion.

Nginx is a free, open‑source, high‑performance HTTP and reverse‑proxy server, also supporting mail proxy and generic TCP/UDP proxy. It solves the Apache C10K problem by using a different I/O model.

Other distributions based on Nginx include:

Tengine – an open‑source project started by Taobao in Dec 2011.

OpenResty – a high‑performance web platform based on Nginx and Lua.

# curl -I www.taobao.com
HTTP/1.1 301 Moved Permanently
Server: Tengine
Location: https://www.taobao.com/

# curl -I -A IE www.sohu.com
HTTP/1.1 307 Temporary Redirect
Server: nginx
Location: https://www.sohu.com/

# curl -I -A ie http://openresty.org/cn/
HTTP/1.1 200 OK
Server: OpenResty Edge 2

Basic Functions

Static resource web server (HTML, images, JS, CSS, etc.).

HTTP reverse‑proxy server.

FastCGI, uWSGI, SCGI reverse‑proxy for dynamic resources.

POP3/IMAP4 reverse‑proxy.

TCP/UDP request forwarding.

Modular design (non‑DSO) with optional dynamic module loading since v1.9.11.

Web‑service related features include virtual hosts, keep‑alive and pipelining, access logs with buffering, URL rewrite, path alias, IP/user access control, rate limiting, hot reload without interrupting workers, and Memcached GET interface.

Features

Modular design with good extensibility.

High reliability.

Hot deployment (configuration reload, version upgrade, log rotation) without downtime.

Low memory consumption (e.g., 2.5 MiB for 10 000 idle keep‑alive connections).

Event‑driven, asynchronous I/O, mmap, sendfile.

Architecture

Nginx uses a master/worker process model with no threads.

One master process: loads and parses configuration, manages workers, performs graceful upgrades.

One or more worker processes: handle and respond to client requests.

Cache‑related processes: cache loader (loads cache objects) and cache manager (manages cache objects).

Modules

Modules are highly modular; early versions lacked DSO support, added in v1.9.11.

Core module (built‑in, no extra compilation needed).

Standard modules, divided into three categories:

HTTP modules (prefix ngx_http_).

Mail modules (prefix ngx_mail_).

Stream modules (prefix ngx_stream_).

Third‑party modules such as ngx_google_perftools_module.

Installation

Methods:

Official YUM repository: http://nginx.org/packages/centos/7/x86_64/ EPEL repository: https://mirrors.aliyun.com/epel/7/x86_64/ Compile from source: download the tarball from the official site.

# wget http://nginx.org/download/nginx-1.18.0.tar.gz
# tar xf nginx-1.18.0.tar.gz
# yum install gcc pcre-devel openssl-devel zlib-devel
# useradd -r -s /sbin/nologin nginx
# ./configure --prefix=/apps/nginx \
    --conf-path=/apps/nginx/conf/nginx.conf \
    --error-log-path=/apps/nginx/log/nginx/error.log \
    --http-log-path=/apps/nginx/log/nginx/access.log \
    --pid-path=/var/run/nginx.pid \
    --lock-path=/var/run/nginx.lock \
    --user=nginx \
    --group=nginx \
    --with-http_ssl_module \
    --with-http_v2_module \
    --with-http_dav_module \
    --with-http_stub_status_module \
    --with-threads \
    --with-file-aio
# make -j 2 && make
# ln -s /apps/nginx/sbin/nginx /usr/sbin/nginx
# nginx   # start the service

Performance Optimization (Global)

worker_processes : set to auto or the number of CPU cores.

worker_cpu_affinity : bind workers to specific CPU cores to improve cache hit rate.

worker_priority : set nice value (default 19, range -20 to 20).

worker_rlimit_nofile : maximum number of open files per worker (should match ulimit -n, e.g., 65535).

events block settings such as worker_connections, use (epoll on Linux), accept_mutex, multi_accept.

daemon and master_process directives for debugging or container environments.

error_log level configuration (e.g., error, debug).

HTTP Protocol Configuration

Typical http block:

http {
    include       mime.types;
    default_type  application/octet-stream;
    charset       utf-8;
    # other includes and directives
}

Key directives:

mime.types inclusion and default_type for unknown MIME types.

tcp_nodelay and tcp_nopush for Nagle algorithm control.

sendfile to enable zero‑copy file transmission.

charset to set response character set.

server_tokens to show or hide Nginx version in responses.

server block for virtual hosts: listen, server_name, root, location directives.

location matching types (=, ^~, ~, ~*, prefix) and use of root vs alias.

try_files for fallback handling.

error_page to define custom error responses.

Example virtual host configuration:

server {
    listen 80;
    server_name www.example.com;
    root /data/site1/;
    location /images/ {
        root /opt/static;
    }
    location ~ \.(php|jsp|asp)$ {
        root /opt/dynamic;
    }
    error_page 404 /404.html;
}

For more details, see the original article at https://www.cnblogs.com/cnblogsfc/p/14303528.html .