我在ubuntu 14.04上使用Nginx版本1.6.2
我试图在配置文件中输入limit_conn和limit_req,引用nginx documentation.
Nginx在没有limit_conn和limit_req选项的情况下运行良好.
以下是带有日志消息的Nginx配置的测试用例.
我不知道我的代码有什么问题.
案例1 – 完整配置
http {
...
include /etc/Nginx/sites-enabled/*;
...
limit_conn_zone $binary_remote_addr zone=conn_limit_per_ip:10m;
limit_req_zone $binary_remote_addr zone=req_limit_per_ip:10m rate=5r/s;
...
}
/etc/Nginx/sites-enabled/service.conf
server {
...
location / {
limit_conn conn_limit_per_ip 30;
limit_req zone=req_limit_per_ip burst=5 nodelay;
...
}
...
}
日志消息
unkNown limit_req_zone "req_limit_per_ip" in /etc/Nginx/sites-enabled/service.conf
http {
...
include /etc/Nginx/sites-enabled/*;
...
limit_conn_zone $binary_remote_addr zone=conn_limit_per_ip:10m;
limit_req_zone $binary_remote_addr zone=req_limit_per_ip:10m rate=5r/s;
...
}
/etc/Nginx/sites-enabled/service.conf
server {
...
location / {
limit_conn conn_limit_per_ip 30;
...
}
...
}
日志消息
the size 10485760 of shared memory zone "conn_limit_per_ip" conflicts with already declared size 0 in /etc/Nginx/Nginx.conf
http {
...
include /etc/Nginx/sites-enabled/*;
...
limit_conn_zone $binary_remote_addr zone=conn_limit_per_ip:10m;
limit_req_zone $binary_remote_addr zone=req_limit_per_ip:10m rate=5r/s;
...
}
/etc/Nginx/sites-enabled/service.conf
server {
...
location / {
limit_req zone=req_limit_per_ip burst=5 nodelay;
...
}
...
}
日志消息
unkNown limit_req_zone "req_limit_per_ip" in /etc/Nginx/sites-enabled/service.conf
http {
...
include /etc/Nginx/sites-enabled/*;
...
limit_conn_zone $binary_remote_addr zone=conn_limit_per_ip:10m;
limit_req_zone $binary_remote_addr zone=req_limit_per_ip:10m rate=5r/s;
...
}
/etc/Nginx/sites-enabled/service.conf
server {
...
location / {
...
}
...
}
日志消息
[OK] - Nginx reloaded well
情况5 – 删除limit_req_zone和limit_req
http {
...
include /etc/Nginx/sites-enabled/*;
...
limit_conn_zone $binary_remote_addr zone=conn_limit_per_ip:10m;
...
}
/etc/Nginx/sites-enabled/service.conf
server {
...
location / {
limit_conn conn_limit_per_ip 30;
...
}
...
}
日志消息
the size 10485760 of shared memory zone "conn_limit_per_ip" conflicts with already declared size 0 in /etc/Nginx/Nginx.conf
案例6 – 删除limit_conn_zone和limit_conn
http {
...
include /etc/Nginx/sites-enabled/*;
...
limit_req_zone $binary_remote_addr zone=req_limit_per_ip:10m rate=5r/s;
...
}
/etc/Nginx/sites-enabled/service.conf
server {
...
location / {
limit_req zone=req_limit_per_ip burst=5 nodelay;
...
}
...
}
日志消息
unkNown limit_req_zone "req_limit_per_ip" in /etc/Nginx/sites-enabled/service.conf
将/etc/Nginx/sites-enabled/service.conf合并到/etc/Nginx/Nginx.conf中.换句话说,删除service.conf文件并在Nginx.conf文件的http块中粘贴服务器块.这是代码.
http {
..
limit_req_zone $binary_remote_addr zone=req_limit_per_ip:10m rate=2r/s;
limit_conn_zone $binary_remote_addr zone=conn_limit_per_ip:10m;
..
server {
..
location / {
limit_req zone=req_limit_per_ip burst=5 nodelay;
limit_conn conn_limit_per_ip 30;
}
..
}
}
变量的含义和测试
> limit_req_zone $binary_remote_addr zone = req_limit_per_ip:10m rate = 2r / s limit_req zone = req_limit_per_ip burst = 5 nodelay
>将共享内存设置为10MB
>限制每个IP的请求如下
>将最大请求设置为以爆发秒为单位的速率*突发
>例如,在这种情况下,最大值是5秒内的10(= 2 * 5)个请求
>使用nodelay选项:Nginx将返回503响应并且不处理过多的请求
>没有nodelay选项:Nginx会等待(没有503响应)并处理过多的请求,但有一些延迟
> limit_conn_zone $binary_remote_addr zone = conn_limit_per_ip:10m limit_conn conn_limit_per_ip 30
>将共享内存设置为10MB
>在这种情况下,将每个IP的连接限制为30
>请注意,普通浏览器会进行2~8个连接,SPDY协议会分割每个连接
>如果连接超过此值,Nginx将返回503响应
