nginx 설정 https + backlog + sysctl. conf

sysctl. conf 커 널 매개 변수 설명
/proc/sys/net/core/somaxconn 20480 #                     ,        。backlog      
/proc/sys/net/ipv4/tcp_max_syn_backlog #               ,            。           ,          。
/proc/sys/net/core/netdev_max_backlog #                            ,               。

nginx 설정

upstream js_sdk {
        #ip_hash;
        server ******* weight=1 max_fails=3 fail_timeout=10s;
        server ******* weight=1 max_fails=3 fail_timeout=10s;
        keepalive 1000;
}

server {
    listen 80 backlog=20480;
    listen 443 ssl backlog=20480;

    ssl_certificate      /etc/nginx/ssl/all-le.crt;
    ssl_certificate_key  /etc/nginx/ssl/all-le.key;
    #ssl_buffer_size 32k;
    ssl_session_timeout  10m;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2 SSLv3;
    ssl_prefer_server_ciphers on;
    ssl_ciphers   AES128-SHA:AES256-SHA:ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
    ssl_session_cache builtin:50000 shared:SSL:500m;

    server_name  ****** ;
    add_header Cache-Control "no-cache,max-age=0";
    if_modified_since off;
    access_log /var/log/nginx/cherry.le.com.a.log main;
    error_log /var/log/nginx/cherry.le.com.e.log;

    location = /favicon.ico {
            log_not_found off;
            log_subrequest off;
    }

    location / {
                proxy_http_version 1.1;
                proxy_set_header Connection "";
                proxy_set_header Host $host;
                proxy_pass              http://js_sdk;
                proxy_send_timeout    18000;
                proxy_read_timeout    18000;
                proxy_next_upstream     error timeout invalid_header http_500;
                proxy_connect_timeout 75;
    }

sysctl.conf
net.core.somaxconn = 20480 # backlog
net.core.netdev_max_backlog = 20480
net.ipv4.tcp_max_syn_backlog = 20480
net.ipv4.tcp_max_tw_buckets = 800000

좋은 웹페이지 즐겨찾기