分类目录归档:WEB服务

fredzneg与你一起对apache,nginx,squid,trafficserver学习相关知识及探讨!

Nginx模块GeoIP查询IP所在国家、城市,查询某个ip位置

地理位置数据在业务中有重要作用,这些数据可以用于向某些人群推广品牌、产品或服务,还有助于增强用户体验。
本文讲述仅通过配置Nginx加上GeoIP MaxMind数据库,就能获得用户IP地址的实际物理位置,而无需编写任何代码。
Nginx是一个开源的HTTP和IMAP/POP3代理服务器,主要用作Web服务器或反向代理服务器。Nginx的GeoIP模块(即ngx_http_geoip_module)使用了预编译的MaxMind数据库来设置变量,比如变量geoipcountrynamegeoip_country_code、变量$geoip_city等等,而这些值则取决于用户客户端的访问地址。

Nginx可配合GeoIP模块定位IP所在物理位置并做相应处理,支持多个条件匹配:

#http://www.haiyun.me
$geoip_country_code #国家代码2位,如CN
$geoip_country_code3 #国家代码3位,如CHN
$geoip_country_name #国家完整名称,如China
$geoip_region #所在地区
$geoip_city #所在城市,如BeiJing
$geoip_postal_code #邮政编码
$geoip_city_continent_code #所在洲,如AS
$geoip_latitude #纬度
$geoip_longitude #经度

编译安装Nginx并添加GeoIP模块:

yum install geoip-devel #安装GeoIP解析库
wget http://nginx.org/download/nginx-1.0.15.tar.gz
tar zxvf nginx-1.0.15.tar.gz
cd nginx-1.0.15
 ./configure --user=www --group=www --prefix=/usr/local/nginx --with-http_stub_status_module \
--with-http_ssl_module --with-http_gzip_static_module --with-ipv6 --with-http_geoip_module
make
make install

下载GeoIP城市国家数据库:

#http://www.haiyun.me
mkdir -p /usr/local/nginx/geoip
cd /usr/local/nginx/geoip
wget http://www.maxmind.com/download/geoip/database/GeoLiteCountry/GeoIP.dat.gz
wget http://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz
gunzip GeoIP.dat.gz
gunzip GeoLiteCity.dat.gz

编辑Nginx配置文件加载GeoIP数据库:

http
    [...]
geoip_country  /usr/local/nginx/geoip/GeoIP.dat; #国家数据库
geoip_city     /usr/local/nginx/geoip/GeoLiteCity.dat; #城市数据库
[...]

如需Nginx传递变量给PHP,编辑fastcgi_params添加:

fastcgi_param GEOIP_CITY_COUNTRY_CODE $geoip_city_country_code;
fastcgi_param GEOIP_CITY_COUNTRY_CODE3 $geoip_city_country_code3;
fastcgi_param GEOIP_CITY_COUNTRY_NAME $geoip_city_country_name;
fastcgi_param GEOIP_REGION $geoip_region;
fastcgi_param GEOIP_CITY $geoip_city;
fastcgi_param GEOIP_POSTAL_CODE $geoip_postal_code;
fastcgi_param GEOIP_CITY_CONTINENT_CODE $geoip_city_continent_code;
fastcgi_param GEOIP_LATITUDE $geoip_latitude;
fastcgi_param GEOIP_LONGITUDE $geoip_longitude;

应用示例,Nginx判断如果访问者IP所在国家为美国或中国,返回404错误

server
    [...]
                if ($geoip_country_code ~* (US|CN)) {
                #return 404;
                }
[...]

新建PHP程序测试GeoIP:

<html>
<head>
 <title>IP地址检测,我的IP地址是多少?</title>
 <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
</head>
<body>
<?php
    if (getenv(HTTP_X_FORWARDED_FOR)) {
        $pipaddress = getenv(HTTP_X_FORWARDED_FOR);
        $ipaddress = getenv(REMOTE_ADDR);
        echo "<br>您的代理IP地址是: ".$pipaddress. " (via $ipaddress) " ;
    } else {
        $ipaddress = getenv(REMOTE_ADDR);
        echo "<br>您的IP地址是 : $ipaddress";
    }
  $geoip_city_country_code = getenv(GEOIP_CITY_COUNTRY_CODE);
  $geoip_city_country_code3 = getenv(GEOIP_CITY_COUNTRY_CODE3);
  $geoip_city_country_name = getenv(GEOIP_CITY_COUNTRY_NAME);
  $geoip_region = getenv(GEOIP_REGION);
  $geoip_city = getenv(GEOIP_CITY);
  $geoip_postal_code = getenv(GEOIP_POSTAL_CODE);
  $geoip_city_continent_code = getenv(GEOIP_CITY_CONTINENT_CODE);
  $geoip_latitude = getenv(GEOIP_LATITUDE);
  $geoip_longitude = getenv(GEOIP_LONGITUDE);
  echo "<br>国家 : $geoip_city_country_name ( $geoip_city_country_code3 , $geoip_city_country_code ) ";
  echo "<br>地区 :  $geoip_region";
  echo "<br>城市 :  $geoip_city ";
  echo "<br>邮政编码 :  $geoip_postal_code";
  echo "<br>所在洲 :  $geoip_city_continent_code";
  echo "<br>纬度 :  $geoip_latitude ";
  echo "<br>经度 :   $geoip_longitude ";
 
?>
</body>
</html>

如果要查询某个IP属于哪个国家地区。

http://pecl.php.net/get/geoip-1.1.1.tgz

php需要增加这个扩展。

tar -zxvf geoip-1.1.1.tgz

cd geoip-1.1.1

/usr/local/php/bin/phpize  

./configure –with-php-config=/usr/local/php/bin/php-config 

make

make install

 vi /usr/local/php/etc/php.ini

增加extension=geoip.so

详细使用geoip扩展参考

http://php.net/manual/zh/book.geoip.php

PHP的性能演进(从PHP5.0到PHP7.1的性能速度全评测)

导读:PHP 是 Web 开发最常用的语言,每个大版本的更新都带来不少新特性和性能提升。特别是 PHP 7.0 的发布,带来 PHP
性能飞跃。本文作者对各个 PHP 版本进行了 CPU 性能基准测试,并且带来了PHP下个大版本的消息。本文中文版由高可用架构志愿者翻译。

自 1994 年 Rasmus Lerdorf 创建 PHP 以来, PHP 语言经历了许多改进,其中性能是开发人员在评估新版本时考虑的主要标准之一。

阅读这篇文章,可以了解从 PHP 5 到 7(包括 7.1)的性能提升,同时也将了解到即将加入到 PHP 8 的试验性的 JIT 分支版本的性能。

简介

本文将根据时间作出更新,增加更多信息和基准测试结果,包括尚未发布的新版本,以便更好地了解多年来 PHP 性能演变。如果您有更正或建议改进,请在文后留言。

自 1994 年 Rasmus Lerdorf 创建 PHP 以来, PHP 语言经历了激烈的演进。虽然第一版是一个简单的一人开发的
CGI 程序,Rasmus Lerdorf、Andi Gutmans 和 Zeev Suraski
加入了该语言的第三个版本的开发,并根本性重新设计。从那之后, PHP 开发组也创建并发展起来。

随着项目的发展,由于 PHP 3 天然的可扩展性, PHP 在核心和附加扩展开发的功能得到了蓬勃发展,如网络通信,解析,缓存和数据库支持。

语言本身也在发展,带来了一系列的改进。这包括支持面向对象的结构,例如类,接口, traits,闭包等。

对于许多开发人员来说,仅有新功能是不够的。随着语言越来越受欢迎, PHP 社区对于提供更好性能,可扩展性和更少内存使用的需求越来越强烈。

PHP 开发团队近 20 年来一直致力于解决这些需求,虽然 PHP 3 的引入大大提高了性能,但直到 Andi Gutmans 和 Zeev Suraski 引入 Zend Engine 并发布 PHP 4, PHP 的性能才开始变得正式起来。

2000 年推出的新的内存编译器和执行器模型大大提高了 PHP 的性能(提高了 5 倍甚至 10 倍),并首次被正式的 Web 应用程序和站点所使用。我们可以说,今天 PHP 的成果远远超出了任何人在 PHP 项目诞生时的期望。

PHP 的蓬勃发展增加了改善性能的欲望。幸运的是, Zend Engine 中设计的模型为持续优化性能提供了良好的基础。

虽然 PHP 5.0 没有带来实质性的性能提升,并且在某些情况下甚至比 PHP4 更慢,一个由 Dmitry Stogov
领导的团队在社区的大力帮助下已经在后续版本中不断优化语言,在 PHP 5.6 发布的时候,在大多数情况下,性能提升在 1.5x 和 3x 之间。

2015 年 12 月, PHP 7.0 取得了重大突破。 2016 年 12 月,7.1 版本也带来了一系列增强功能。

PHP 8 性能展望

这是一个前途光明的版本,目前正在开发当中,由 Zend 的 Dmitry Stogov 主导。虽然它是基于 PHP 7.1 版本基础,但实际版本号尚未定义,所以本文称这个版本为“试验 JIT”分支下。

关键功能 JIT(Just-In-Time)编译,是一种将代码转换为另一种字节码(比如运行它的机器 CPU 的本地代码)的技术。 JIT 可以使程序运行更快。

本文涵盖了几个基准测试的结果,从 PHP 5 的第一个版本到 PHP 的试验性 JIT 分支版本,PHP 5 之前的版本性能本文不作介绍。

在写这篇文章的时候,我们很难确定 PHP 8 之前是否会有另一个主要版本,比如 PHP 7.2。但是可以假设在 PHP 8 发布时,它已经包括当前试验版 JIT 分支的强大功能。

PHP 性能评估

本文只运行纯 CPU 任务脚本的基准测试(不需要I / O操作的任务例如访问文件,网络或数据库连接)。

使用的基准测试脚本如下所示:

  1. bench.php 可在PHP源代码的 php-src/Zend 目录
  2. micro_bench.php 也可以在 PHP 源代码发布的 php-src/Zend 目录中找到
  3. mandelbrot.php https://gist.githubusercontent.com/dstogov/12323ad13d3240aee8f1/raw/37fed3beb7e666b70e199bcf361af541b3c30d2d/b.php

基准脚本仅使用每个PHP主要版本的最新小版本运行。因此,测试的版本如下:

  1. 5.0.5
  2. 5.1.6
  3. 5.2.17
  4. 5.3.29
  5. 5.4.45
  6. 5.5.38
  7. 5.6.28
  8. 7.0.13
  9. 7.1.0
  10. PHP-JIT(JIT实验分支)

当然,我想确定,我们在相同的基准上运行所有小版本,例如在 5.3.0 到 5.3.29 之间。结果是有说服力的:性能方面的主要增强不是由小版本带来的,而是主要版本号的变化,例如从 PHP 5.4 到 PHP 5.5,或从PHP 5.6 到 PHP 7。

小版本没有显示任何明显的性能改进。这意味着相同的脚本应该以相同的速度运行,无论您使用 PHP 5.4.0 还是 PHP 5.4.45。

您可以查看基准进程部分,详细说明主机系统的设置,各个基准的运行方式以及如何解释时序结果。

纯 CPU 基准测试结果

这部分给出了每个 PHP 版本的基准测试结果。

每个基准列显示 3 个值:

  • 时间: 执行时间,以秒和毫秒为单位
  • %rel, gain:相对于以前的版本收益的执行时间。 在下面的表格中,例如,%rel。 bench.php 和版本 5.3.29 的收益是 31.89%,意味着该脚本比 5.2.17 版本运行快 31.89%。
  • %abs, gain:与 PHP 5.0 相比脚本运行的收益。 如果你看看bench.php 和试验性的 JIT 分支的这个列的交集,你会注意到,对于这个特定的测试基准,PHP 8 比 PHP 5.0 快 41 倍以上。

纯CPU基准测试的结果如下所示:

CPU基准测试

CPU基准测试


(1)测试不能在 5.3 之前的版本上运行,因为它使用了尚未实现的对象功能。
(2)此列中的结果有点偏颇,因为基准需要至少 PHP 5.3 运行。把它们当成纯粹说明,因为他们不能与 PHP 5.0 性能进行比较。
(3)这是一个 mandelbrot.php 脚本的修改版本,它运行得太快,在 7.1.0 和试验 JIT 分支无法准确的统计时间,我们在脚本中运行计算 100 次而不是 1 次。

纯CPU测试曲线图

当然,这些都是纯 CPU 的基准测试。它们不涵盖 PHP 性能的所有方面,它们可能不代表真实情况。但是结果足够显著,足以说明几个方面的问题:

基于Nginx搭建http/rtmp/hls协议的MP4/FLV流媒体服务器

一.搭建nginx平台:
基本是基于网上资料一步步安装nginx搭建流媒体服务器 这篇博客来搭建。
我的ubuntu是14.04LTS。各种包的版本是:
nginx-1.9.9
nginx_mod_h264_streaming-2.2.7.tar.gz
openssl-0.9.8zh.tar.gz
pcre-8.12.tar.gz
zlib-1.2.7.tar.gz
为了支持rtmp,还下载了一个模块nginx-rtmp-module-master,没有版本的区别。
在安装过程中的注意事项:
1.上述无非是./configure make make install.
2.记住如果要修改nginx的./configure的话只用make无需install因为不是覆盖安装。
3.要在sbin的目录下检查./nginx -V 才能看到nginx的配置。
4.nginx在make的时候注意把objs里面的Makefile的权限改成a+w,并且将-Werror删掉,这样就不会把warning看成error来对待。修改makefile是在configure之后make之前。
二.测试http、rtmp、hls的功能
1.配置文件(仅支持http和rtmp)
user  www www;  ##管理用户

worker_processes 30;    ##后台进程

error_log  /usr/local/nginx/logs/error.log;

##nginx错误日志存放路径

pid        /usr/local/nginx/logs/nginx.pid;

events {

use epoll;

##轮训方式

worker_connections      65535;

##允许的最大连接数

}

http {

include       mime.types;

default_type  application/octet-stream;

log_format  main  ‘$remote_addr – $remote_user [$time_local] “$request” ‘

‘$status $body_bytes_sent “$http_referer” ‘

‘”$http_user_agent” “$http_x_forwarded_for”‘;

access_log  /usr/local/nginx/logs/access.log;

sendfile        on;

tcp_nopush     on;

#keepalive_timeout  0;

keepalive_timeout  65;

gzip on;
gzip_min_length 1000;
gzip_buffers 4 8k;
gzip_types text/plain;

server {

listen       80;

server_name  192.168.16.69;
#root html;
root /usr/local/nginx/html/flv_file;

#charset koi8-r;

limit_rate_after 5m;

limit_rate  512k;
index  index.html;
charset utf-8;

#   access_log  /usr/local/nginx/logs/host.access.log  main;

#    location / {

#    root   /usr/local/nginx/html/flv_file;

#            index  index.html;

# limit_rate_after 5m;

# limit_rate  512k;

#error_page  404              /404.html;

location ~ \.flv$ {
#     root /var/www/flv;
flv;
}

location ~ \.mp4$ {
#          root /var/www/mp4;
mp4;
}
}
}
rtmp {
server {
listen 1935;
chunk_size 4000;

# video on demand
application vod {
play /usr/local/nginx/html/flv_file;
}

# HLS
# HLS requires libavformat & should be configured as a separate
# NGINX module in addition to nginx-rtmp-module:
# ./configure … –add-module=/path/to/nginx-rtmp-module/hls …
# For HLS to work please create a directory in tmpfs (/tmp/app here)
# for the fragments. The directory contents is served via HTTP (see
# http{} section in config)
#
# Incoming stream must be in H264/AAC/MP3. For iPhones use baseline #H264
# profile (see ffmpeg example).
# This example creates RTMP stream from movie ready for HLS:
#
# ffmpeg -loglevel verbose -re -i movie.avi  -vcodec libx264
#    -vprofile baseline -acodec libmp3lame -ar 44100 -ac 1
#    -f flv rtmp://localhost:1935/hls/movie
#
# If you need to transcode live stream use ‘exec’ feature.
#
application hls {
hls on;
hls_path /usr/local/nginx/html/flv_file;
hls_fragment 10s;
}
}
}
2.配置文件(可支持http,rtmp,hls)

#filename:nginx.conf

#user  nobody;
worker_processes  1;

error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

pid        logs/nginx.pid;

events {
use epoll;
worker_connections  1024;
}

rtmp {
server {
listen 1935;
chunk_size 4000;

# video on demand
application vod {
play /usr/local/nginx/html/flv_file;
}

# HLS
# HLS requires libavformat & should be configured as a separate
# NGINX module in addition to nginx-rtmp-module:
# ./configure … –add-module=/path/to/nginx-rtmp-module/hls …
# For HLS to work please create a directory in tmpfs (/tmp/app here)
# for the fragments. The directory contents is served via HTTP (see
# http{} section in config)
#
# Incoming stream must be in H264/AAC/MP3. For iPhones use baseline #H264
# profile (see ffmpeg example).
# This example creates RTMP stream from movie ready for HLS:
#
# ffmpeg -loglevel verbose -re -i movie.avi  -vcodec libx264
#    -vprofile baseline -acodec libmp3lame -ar 44100 -ac 1
#    -f flv rtmp://localhost:1935/hls/movie
#
# If you need to transcode live stream use ‘exec’ feature.
#
application hls {
hls on;
hls_path /usr/local/nginx/html/flv_file;
hls_fragment 10s;
}
}
}

http {

include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
gzip on;

#log format

log_format  access  ‘$remote_addr – $remote_user [$time_local] “$request” ‘
‘$status $body_bytes_sent “$http_referer” ‘
‘”$http_user_agent” $http_x_forwarded_for’;

#定义一个名为addr的limit_zone,大小10M内存来存储session
limit_conn_zone $binary_remote_addr zone=addr:10m;

server {
listen 8080;
server_name localhost;

# HTTP can be used for accessing RTMP stats
# This URL provides RTMP statistics in XML
location /stat {
rtmp_stat all;
rtmp_stat_stylesheet stat.xsl;
}
location /stat.xsl {
root /home/nairely/Documents/nginxserver/nginx-rtmp-module-master;
}
location /control {
rtmp_control all;
}
location / {
root /home/nairely/Documents/nginxserver/nginx-rtmp-module-master/test/rtmp-publisher;
}
}

server {
listen 80;
server_name localhost;

location / {
root /usr/local/nginx/html/flv_file;
index index.html;
}

location ~ \.flv$ {
root /usr/local/nginx/html/flv_file;
flv;
limit_conn addr 20;
limit_rate 200k;
}
location ~ \.mp4$ {
root /usr/local/nginx/html/flv_file;
mp4;
limit_conn addr 20;
limit_rate 200k;
}

location /hls {
# Serve HLS fragments
alias /usr/local/nginx/html/flv_file;
}

access_log  logs/nginxflv_access.log access;
}
}

3.如果视频不能播放很有可能是权限的问题,设置成644. root(read and write),group(read only)user(read only)
4.nginx作为一个后台服务器,用户从html/flv_file的文件夹中取出视频用户点播。测试的播放器用的是vlc。
http的地址是http://192.168.16.46/yequ.flv
rtmp的地址是rtmp://192.168.16.46:1935/vod/yequ.flv
hls的地址是http://192.168.16.46/hls/sample.m3u8(在segment命令将output的URL设置为http://192.168.16.46/hls)将sample.m3u8文件放在html/flv_file文件夹下,当然这取决与segment语句在哪个地址下进行。
5.如何启动nginx:
cd /usr/local/nginx/sbin
./nginx -t 检查配置文件的语法问题
如果发现配置文件的路径不对
./nginx -c 路径
./nginx -s reload重新加载配置文件
killall -9 nginx 杀掉所有进程从头开始,如果遇到端口被占用的问题的话。
./nginx 启动,注意在杀掉进程之后一定要重新启动。
service nginx start
三.配置hls+ffmpeg的环境
在配置http和rtmp都比较简单。在搭建nginx平台的前提下就可以实现点播。配置hls出现的问题都比较简单。只是会花一段时间。
主要的配置还是根据这篇来的http://www.lc365.net/blog/b/31519/ 基于HTTP Live Streaming(HLS) 搭建在线点播系统
这些包实在太多了,我简直属于无聊的阶段。
1.faac的编译问题
http://zhidao.baidu.com/link?url=ASyVwiBE-01ox_O0QascgPdqNNRlXpHCfI6cXyg71JIboOK5MTj3NLfHUPC31HH5b0FiE3tbWUetUfKL29HAzzXu4q0p75Iveu05HPp_ST3

2.在编译ffmpeg的时候发现x264notfound的解决方法
在x264的./configure –enable-static –enable-shared
–enable-visualize –system-libx264 –enable-gprof –enable-strip
–enable-pic –enable-debug
就是把所以的开关都打开。这简直是误打误撞。
3.m3u8configure的时候总是会遇到error的问题,可以看到这些错误都是什么东西过时的啥的,直接换ffmpeg。换ffmpeg版本到最新。ffmpeg-2.8.4
git clone https://github.com/johnf/m3u8-segmenter
cd m3u8-segmenter
然后configure的时候
gcc -Wall -g m3u8-segmenter.c -o segmenter -lavformat -lavcodec -lavutil
cp segmenter /usr/bin/
在html/flv_file路径下
ffmpeg -i /var/flvs/baluobu.flv  -f mpegts -acodec libmp3lame -ar
48000 -ab 128k -vcodec libx264 -b 96k -flags +loop -cmp +chroma
-partitions +parti4x4+partp8x8+partb8x8 -subq 5 -trellis 1 -refs 1
-coder 0 -me_range 16 -keyint_min 25 -sc_threshold 40 -i_qfactor 0.71
-bt 200k -maxrate 96k -bufsize 96k -rc_eq ‘blurCplx^(1-qComp)’ -qcomp
0.6 -qmin 10 -qmax 51 -qdiff 4 -level 30 -aspect 320:240 -g 30 -async 2
/var/app/baluobu/baluobu.ts
上述是把flv文件转换成ts文件
下面用segmenter命令将ts转换成10秒一个ts切片,segmenter_test是ts小切片的前缀,-u制定URL地址。
segmenter -i vp5.ts -d 10 -p segmenter_test -m vp5.m3u8 -u http://192.168.16.46/hls/
在segmenter的时候有一个红色的ignore,之前一直认为是一个error,我去才发现是一个不用管的东西,然后在vlc上用http://192.168.16.46/hls/vp5.m3u8放,其实类似一个直播的功能,播完了就没有ts文件了。
再来一次测试就得再来一遍ffmpeg和segmenter.
总结到这儿。

redis配置详解

##redis配置详解

# Redis configuration file example.
#
# Note that in order to read the configuration file, Redis must be
# started with the file path as first argument:
#
# ./redis-server /path/to/redis.conf

# Note on units: when memory size is needed, it is possible to specify
# it in the usual form of 1k 5GB 4M and so forth:
#
# 1k => 1000 bytes
# 1kb => 1024 bytes
# 1m => 1000000 bytes
# 1mb => 1024*1024 bytes
# 1g => 1000000000 bytes
# 1gb => 1024*1024*1024 bytes
#
# units are case insensitive so 1GB 1Gb 1gB are all the same.

################################## INCLUDES ###################################
################################## 包含     ###################################

# Include one or more other config files here.  This is useful if you
# have a standard template that goes to all Redis servers but also need
# to customize a few per-server settings.  Include files can include
# other files, so use this wisely.
#
# Notice option “include” won’t be rewritten by command “CONFIG REWRITE”
# from admin or Redis Sentinel. Since Redis always uses the last processed
# line as value of a configuration directive, you’d better put includes
# at the beginning of this file to avoid overwriting config change at runtime.
#
# If instead you are interested in using includes to override configuration
# options, it is better to use include as the last line.
#
# 假如说你有一个可用于所有的 redis server 的标准配置模板,
# 但针对某些 server 又需要一些个性化的设置,
# 你可以使用 include 来包含一些其他的配置文件,这对你来说是非常有用的。
#
# 但是要注意哦,include 是不能被 config rewrite 命令改写的
# 由于 redis 总是以最后的加工线作为一个配置指令值,所以你最好是把 include 放在这个文件的最前面,
# 以避免在运行时覆盖配置的改变,相反,你就把它放在后面
# include /path/to/local.conf
# include /path/to/other.conf

################################ GENERAL  #####################################
################################ 常用     #####################################

# By default Redis does not run as a daemon. Use ‘yes’ if you need it.
# Note that Redis will write a pid file in /var/run/redis.pid when daemonized.
# 默认情况下 redis 不是作为守护进程运行的,如果你想让它在后台运行,你就把它改成 yes。
# 当redis作为守护进程运行的时候,它会写一个 pid 到 /var/run/redis.pid 文件里面。
daemonize yes

# When running daemonized, Redis writes a pid file in /var/run/redis.pid by
# default. You can specify a custom pid file location here.
# 当 Redis 以守护进程的方式运行的时候,Redis 默认会把 pid 文件放在/var/run/redis.pid
# 可配置到其他地址,当运行多个 redis 服务时,需要指定不同的 pid 文件和端口
# 指定存储Redis进程号的文件路径
pidfile /var/run/redis.pid

# Accept connections on the specified port, default is 6379.
# If port 0 is specified Redis will not listen on a TCP socket.
# 端口,默认端口是6379,生产环境中建议更改端口号,安全性更高
# 如果你设为 0 ,redis 将不在 socket 上监听任何客户端连接。
port 9966

# TCP listen() backlog.
#
# In high requests-per-second environments you need an high backlog in order
# to avoid slow clients connections issues. Note that the Linux kernel
# will silently truncate it to the value of /proc/sys/net/core/somaxconn so
# make sure to raise both the value of somaxconn and tcp_max_syn_backlog
# in order to get the desired effect.
# TCP 监听的最大容纳数量
# 此参数确定了TCP连接中已完成队列(完成三次握手之后)的长度,
# 当系统并发量大并且客户端速度缓慢的时候,你需要把这个值调高以避免客户端连接缓慢的问题。
# Linux 内核会一声不响的把这个值缩小成 /proc/sys/net/core/somaxconn 对应的值,默认是511,而Linux的默认参数值是128。
# 所以可以将这二个参数一起参考设定,你以便达到你的预期。
#  
tcp-backlog 511

# By default Redis listens for connections from all the network interfaces
# available on the server. It is possible to listen to just one or multiple
# interfaces using the “bind” configuration directive, followed by one or
# more IP addresses.
#
# Examples:
#
# bind 192.168.1.100 10.0.0.1
# 有时候为了安全起见,redis一般都是监听127.0.0.1 但是有时候又有同网段能连接的需求,当然可以绑定0.0.0.0 用iptables来控制访问权限,或者设置redis访问密码来保证数据安全

# 不设置将处理所有请求,建议生产环境中设置,有个误区:bind是用来限制外网IP访问的,其实不是,限制外网ip访问可以通过iptables;如:-A INPUT -s 10.10.1.0/24 -p tcp -m state –state NEW -m tcp –dport 9966 -j ACCEPT ;
# 实际上,bind ip 绑定的是redis所在服务器网卡的ip,当然127.0.0.1也是可以的
#如果绑定一个外网ip,就会报错:Creating Server TCP listening socket xxx.xxx.xxx.xxx:9966: bind: Cannot assign requested address

# bind 127.0.0.1
bind 127.0.0.1 10.10.1.3

# 假设绑定是以上ip,使用 netstat -anp|grep 9966 会发现,这两个ip被bind,其中10.10.1.3是服务器网卡的ip
# tcp        0      0 10.10.1.3:9966         0.0.0.0:*                   LISTEN      11188/redis-server  
# tcp        0      0 127.0.0.1:9966         0.0.0.0:*                   LISTEN      11188/redis-server 

# Specify the path for the Unix socket that will be used to listen for
# incoming connections. There is no default, so Redis will not listen
# on a unix socket when not specified.
#
# unixsocket /tmp/redis.sock
# unixsocketperm 700

# Close the connection after a client is idle for N seconds (0 to disable)
# 客户端和Redis服务端的连接超时时间,默认是0,表示永不超时。
timeout 0

# TCP keepalive.
#
# If non-zero, use SO_KEEPALIVE to send TCP ACKs to clients in absence
# of communication. This is useful for two reasons:
#
# 1) Detect dead peers.
# 2) Take the connection alive from the point of view of network
#    equipment in the middle.
#
# On Linux, the specified value (in seconds) is the period used to send ACKs.
# Note that to close the connection the double of the time is needed.
# On other kernels the period depends on the kernel configuration.
#
# A reasonable value for this option is 60 seconds.

# tcp 心跳包。
#
# 如果设置为非零,则在与客户端缺乏通讯的时候使用 SO_KEEPALIVE 发送 tcp acks 给客户端。
# 这个之所有有用,主要由两个原因:
#
# 1) 防止死的 peers
# 2) Take the connection alive from the point of view of network
#    equipment in the middle.
#
# 推荐一个合理的值就是60秒
tcp-keepalive 0

# Specify the server verbosity level.
# This can be one of:
# debug (a lot of information, useful for development/testing)
# verbose (many rarely useful info, but not a mess like the debug level)
# notice (moderately verbose, what you want in production probably)
# warning (only very important / critical messages are logged)
# 日志记录等级,4个可选值debug,verbose,notice,warning
# 可以是下面的这些值:
# debug (适用于开发或测试阶段)
# verbose (many rarely useful info, but not a mess like the debug level)
# notice (适用于生产环境)
# warning (仅仅一些重要的消息被记录)
loglevel notice

# Specify the log file name. Also the empty string can be used to force
# Redis to log on the standard output. Note that if you use standard
# output for logging but daemonize, logs will be sent to /dev/null
#配置 log 文件地址,默认打印在命令行终端的窗口上,也可设为/dev/null屏蔽日志、
logfile “/data/logs/redis/redis.log”

# To enable logging to the system logger, just set ‘syslog-enabled’ to yes,
# and optionally update the other syslog parameters to suit your needs.
# 要想把日志记录到系统日志,就把它改成 yes,
# 也可以可选择性的更新其他的syslog 参数以达到你的要求
# syslog-enabled no

# Specify the syslog identity.
# 设置 syslog 的 identity。
# syslog-ident redis

# Specify the syslog facility. Must be USER or between LOCAL0-LOCAL7.
# syslog-facility local0

# Set the number of databases. The default database is DB 0, you can select
# a different one on a per-connection basis using SELECT <dbid> where
# dbid is a number between 0 and ‘databases’-1
# 可用的数据库数,默认值为16,默认数据库为0,数据库范围在0-(database-1)之间
databases 16

################################ SNAPSHOTTING  ################################
################################ 快照          ################################
#
# Save the DB on disk:
#
#   save <seconds> <changes>
#
#   Will save the DB if both the given number of seconds and the given
#   number of write operations against the DB occurred.
#
#   In the example below the behaviour will be to save:
#   after 900 sec (15 min) if at least 1 key changed
#   after 300 sec (5 min) if at least 10 keys changed
#   after 60 sec if at least 10000 keys changed
#
#   Note: you can disable saving completely by commenting out all “save” lines.
#
#   It is also possible to remove all the previously configured save
#   points by adding a save directive with a single empty string argument
#   like in the following example:
#
#   save “”
# 在 900 秒内最少有 1 个 key 被改动,或者 300 秒内最少有 10 个 key 被改动,又或者 60 秒内最少有 1000 个 key 被改动,以上三个条件随便满足一个,就触发一次保存操作。

#    if(在60秒之内有10000个keys发生变化时){
#      进行镜像备份
#    }else if(在300秒之内有10个keys发生了变化){
#      进行镜像备份
#    }else if(在900秒之内有1个keys发生了变化){
#      进行镜像备份
#    }

save 900 1
save 300 10
save 60 10000

# By default Redis will stop accepting writes if RDB snapshots are enabled
# (at least one save point) and the latest background save failed.
# This will make the user aware (in a hard way) that data is not persisting
# on disk properly, otherwise chances are that no one will notice and some
#:/ disaster will happen.
#
# If the background saving process will start working again Redis will
# automatically allow writes again.
#
# However if you have setup your proper monitoring of the Redis server
# and persistence, you may want to disable this feature so that Redis will
# continue to work as usual even if there are problems with disk,
# permissions, and so forth.
# 默认情况下,如果 redis 最后一次的后台保存失败,redis 将停止接受写操作,
# 这样以一种强硬的方式让用户知道数据不能正确的持久化到磁盘,
# 否则就会没人注意到灾难的发生。
#
# 如果后台保存进程重新启动工作了,redis 也将自动的允许写操作。
#
# 然而你要是安装了靠谱的监控,你可能不希望 redis 这样做,那你就改成 no 好
stop-writes-on-bgsave-error yes

# Compress string objects using LZF when dump .rdb databases?
# For default that’s set to ‘yes’ as it’s almost always a win.
# If you want to save some CPU in the saving child set it to ‘no’ but
# the dataset will likely be bigger if you have compressible values or keys.
# 在进行备份时,是否进行压缩
# 是否在 dump .rdb 数据库的时候使用 LZF 压缩字符串
# 默认都设为 yes
# 如果你希望保存子进程节省点 cpu ,你就设置它为 no ,
# 不过这个数据集可能就会比较大
rdbcompression yes

# Since version 5 of RDB a CRC64 checksum is placed at the end of the file.
# This makes the format more resistant to corruption but there is a performance
# hit to pay (around 10%) when saving and loading RDB files, so you can disable it
# for maximum performances.
#
# RDB files created with checksum disabled have a checksum of zero that will
# tell the loading code to skip the check.    
# 读取和写入的时候是否支持CRC64校验,默认是开启的
rdbchecksum yes

# The filename where to dump the DB
# 备份文件的文件名
dbfilename dump.rdb

# The working directory.
#
# The DB will be written inside this directory, with the filename specified
# above using the ‘dbfilename’ configuration directive.
#
# The Append Only File will also be created inside this directory.
#
# Note that you must specify a directory here, not a file name.
# 数据库备份的文件放置的路径
# 路径跟文件名分开配置是因为 Redis 备份时,先会将当前数据库的状态写入到一个临时文件
# 等备份完成时,再把该临时文件替换为上面所指定的文件
# 而临时文件和上面所配置的备份文件都会放在这个指定的路径当中
# 默认值为 ./
dir /data/data/redis/

################################# REPLICATION #################################
################################# 主从复制    #################################
# Master-Slave replication. Use slaveof to make a Redis instance a copy of
# another Redis server. A few things to understand ASAP about Redis replication.
#
# 1) Redis replication is asynchronous, but you can configure a master to
#    stop accepting writes if it appears to be not connected with at least
#    a given number of slaves.
# 2) Redis slaves are able to perform a partial resynchronization with the
#    master if the replication link is lost for a relatively small amount of
#    time. You may want to configure the replication backlog size (see the next
#    sections of this file) with a sensible value depending on your needs.
# 3) Replication is automatic and does not need user intervention. After a
#    network partition slaves automatically try to reconnect to masters
#    and resynchronize with them.
#
# 设置该数据库为其他数据库的从数据库
# slaveof <masterip> <masterport> 当本机为从服务时,设置主服务的IP及端口
# slaveof <masterip> <masterport>

# If the master is password protected (using the “requirepass” configuration
# directive below) it is possible to tell the slave to authenticate before
# starting the replication synchronization process, otherwise the master will
# refuse the slave request.
#
# 指定与主数据库连接时需要的密码验证
# masterauth <master-password> 当本机为从服务时,设置访问master服务器的密码
# masterauth <master-password>

# When a slave loses its connection with the master, or when the replication
# is still in progress, the slave can act in two different ways:
#
# 1) if slave-serve-stale-data is set to ‘yes’ (the default) the slave will
#    still reply to client requests, possibly with out of date data, or the
#    data set may just be empty if this is the first synchronization.
#
# 2) if slave-serve-stale-data is set to ‘no’ the slave will reply with
#    an error “SYNC with master in progress” to all the kind of commands
#    but to INFO and SLAVEOF.
#
# 当slave服务器和master服务器失去连接后,或者当数据正在复制传输的时候,如果此参数值设置“yes”,slave服务器可以继续接受客户端的请求,否则,会返回给请求的客户端如下信息“SYNC with master in progress”,除了INFO,SLAVEOF这两个命令
slave-serve-stale-data yes

# You can configure a slave instance to accept writes or not. Writing against
# a slave instance may be useful to store some ephemeral data (because data
# written on a slave will be easily deleted after resync with the master) but
# may also cause problems if clients are writing to it because of a
# misconfiguration.
#
# Since Redis 2.6 by default slaves are read-only.
#
# Note: read only slaves are not designed to be exposed to untrusted clients
# on the internet. It’s just a protection layer against misuse of the instance.
# Still a read only slave exports by default all the administrative commands
# such as CONFIG, DEBUG, and so forth. To a limited extent you can improve
# security of read only slaves using ‘rename-command’ to shadow all the
# administrative / dangerous commands.
# 是否允许slave服务器节点只提供读服务
slave-read-only yes

# Replication SYNC strategy: disk or socket.
#
# ——————————————————-
# WARNING: DISKLESS REPLICATION IS EXPERIMENTAL CURRENTLY
# ——————————————————-
#
# New slaves and reconnecting slaves that are not able to continue the replication
# process just receiving differences, need to do what is called a “full
# synchronization”. An RDB file is transmitted from the master to the slaves.
# The transmission can happen in two different ways:
#
# 1) Disk-backed: The Redis master creates a new process that writes the RDB
#                 file on disk. Later the file is transferred by the parent
#                 process to the slaves incrementally.
# 2) Diskless: The Redis master creates a new process that directly writes the
#              RDB file to slave sockets, without touching the disk at all.
#
# With disk-backed replication, while the RDB file is generated, more slaves
# can be queued and served with the RDB file as soon as the current child producing
# the RDB file finishes its work. With diskless replication instead once
# the transfer starts, new slaves arriving will be queued and a new transfer
# will start when the current one terminates.
#
# When diskless replication is used, the master waits a configurable amount of
# time (in seconds) before starting the transfer in the hope that multiple slaves
# will arrive and the transfer can be parallelized.
#
# With slow disks and fast (large bandwidth) networks, diskless replication
# works better.
repl-diskless-sync no

# When diskless replication is enabled, it is possible to configure the delay
# the server waits in order to spawn the child that transfers the RDB via socket
# to the slaves.
#
# This is important since once the transfer starts, it is not possible to serve
# new slaves arriving, that will be queued for the next RDB transfer, so the server
# waits a delay in order to let more slaves arrive.
#
# The delay is specified in seconds, and by default is 5 seconds. To disable
# it entirely just set it to 0 seconds and the transfer will start ASAP.
repl-diskless-sync-delay 5

# Slaves send PINGs to server in a predefined interval. It’s possible to change
# this interval with the repl_ping_slave_period option. The default value is 10
# seconds.
#
# Slaves 在一个预定义的时间间隔内发送 ping 命令到 server 。
# 你可以改变这个时间间隔。默认为 10 秒。
# repl-ping-slave-period 10

# The following option sets the replication timeout for:
#
# 1) Bulk transfer I/O during SYNC, from the point of view of slave.
# 2) Master timeout from the point of view of slaves (data, pings).
# 3) Slave timeout from the point of view of masters (REPLCONF ACK pings).
#
# It is important to make sure that this value is greater than the value
# specified for repl-ping-slave-period otherwise a timeout will be detected
# every time there is low traffic between the master and the slave.
#
# 设置主从复制过期时间
# 这个值一定要比 repl-ping-slave-period 大
# repl-timeout 60

# Disable TCP_NODELAY on the slave socket after SYNC?
#
# If you select “yes” Redis will use a smaller number of TCP packets and
# less bandwidth to send data to slaves. But this can add a delay for
# the data to appear on the slave side, up to 40 milliseconds with
# Linux kernels using a default configuration.
#
# If you select “no” the delay for data to appear on the slave side will
# be reduced but more bandwidth will be used for replication.
#
# By default we optimize for low latency, but in very high traffic conditions
# or when the master and slaves are many hops away, turning this to “yes” may
# be a good idea.
# 指定向slave同步数据时,是否禁用socket的NO_DELAY选 项。若配置为“yes”,则禁用NO_DELAY,则TCP协议栈会合并小包统一发送,这样可以减少主从节点间的包数量并节省带宽,但会增加数据同步到 slave的时间。若配置为“no”,表明启用NO_DELAY,则TCP协议栈不会延迟小包的发送时机,这样数据同步的延时会减少,但需要更大的带宽。 通常情况下,应该配置为no以降低同步延时,但在主从节点间网络负载已经很高的情况下,可以配置为yes。
repl-disable-tcp-nodelay no

# Set the replication backlog size. The backlog is a buffer that accumulates
# slave data when slaves are disconnected for some time, so that when a slave
# wants to reconnect again, often a full resync is not needed, but a partial
# resync is enough, just passing the portion of data the slave missed while
# disconnected.
#
# The bigger the replication backlog, the longer the time the slave can be
# disconnected and later be able to perform a partial resynchronization.
#
# The backlog is only allocated once there is at least a slave connected.
#
# 设置主从复制容量大小。这个 backlog 是一个用来在 slaves 被断开连接时
# 存放 slave 数据的 buffer,所以当一个 slave 想要重新连接,通常不希望全部重新同步,
# 只是部分同步就够了,仅仅传递 slave 在断开连接时丢失的这部分数据。
#
# The biggest the replication backlog, the longer the time the slave can be
# disconnected and later be able to perform a partial resynchronization.
# 这个值越大,salve 可以断开连接的时间就越长。

# repl-backlog-size 1mb

# After a master has no longer connected slaves for some time, the backlog
# will be freed. The following option configures the amount of seconds that
# need to elapse, starting from the time the last slave disconnected, for
# the backlog buffer to be freed.
#
# A value of 0 means to never release the backlog.
#
# 在某些时候,master 不再连接 slaves,backlog 将被释放。
# 如果设置为 0 ,意味着绝不释放 backlog 。
# repl-backlog-ttl 3600

# The slave priority is an integer number published by Redis in the INFO output.
# It is used by Redis Sentinel in order to select a slave to promote into a
# master if the master is no longer working correctly.
#
# A slave with a low priority number is considered better for promotion, so
# for instance if there are three slaves with priority 10, 100, 25 Sentinel will
# pick the one with priority 10, that is the lowest.
#
# However a special priority of 0 marks the slave as not able to perform the
# role of master, so a slave with priority of 0 will never be selected by
# Redis Sentinel for promotion.
#
# By default the priority is 100.
# 指定slave的优先级。在不只1个slave存在的部署环境下,当master宕机时,Redis
# Sentinel会将priority值最小的slave提升为master。
# 这个值越小,就越会被优先选中,需要注意的是,
# 若该配置项为0,则对应的slave永远不会自动提升为master。
slave-priority 100

# It is possible for a master to stop accepting writes if there are less than
# N slaves connected, having a lag less or equal than M seconds.
#
# The N slaves need to be in “online” state.
#
# The lag in seconds, that must be <= the specified value, is calculated from
# the last ping received from the slave, that is usually sent every second.
#
# This option does not GUARANTEE that N replicas will accept the write, but
# will limit the window of exposure for lost writes in case not enough slaves
# are available, to the specified number of seconds
#
# For example to require at least 3 slaves with a lag <= 10 seconds use:
#
# min-slaves-to-write 3
# min-slaves-max-lag 10
#
# Setting one or the other to 0 disables the feature.
#
# By default min-slaves-to-write is set to 0 (feature disabled) and
# min-slaves-max-lag is set to 10.

################################## SECURITY ###################################
################################## 安全     ###################################

# Require clients to issue AUTH <PASSWORD> before processing any other
# commands.  This might be useful in environments in which you do not trust
# others with access to the host running redis-server.
#
# This should stay commented out for backward compatibility and because most
# people do not need auth (e.g. they run their own servers).
#
# Warning: since Redis is pretty fast an outside user can try up to
# 150k passwords per second against a good box. This means that you should
# use a very strong password otherwise it will be very easy to break.
#
# 设置连接redis的密码
# redis速度相当快,一个外部用户在一秒钟进行150K次密码尝试,需指定强大的密码来防止暴力破解
requirepass set_enough_strong_passwd

# Command renaming.
#
# It is possible to change the name of dangerous commands in a shared
# environment. For instance the CONFIG command may be renamed into something
# hard to guess so that it will still be available for internal-use tools
# but not available for general clients.
#
# Example:
#
# rename-command CONFIG b840fc02d524045429941cc15f59e41cb7be6c52
#
# It is also possible to completely kill a command by renaming it into
# an empty string:
#
# rename-command CONFIG “”
#
# Please note that changing the name of commands that are logged into the
# AOF file or transmitted to slaves may cause problems.
# 重命名一些高危命令,用来禁止高危命令
rename-command FLUSHALL ZYzv6FOBdwflW2nX
rename-command CONFIG aI7zwm1GDzMMrEi
rename-command EVAL S9UHPKEpSvUJMM
rename-command FLUSHDB D60FPVDJuip7gy6l

################################### LIMITS ####################################
################################### 限制   ####################################

# Set the max number of connected clients at the same time. By default
# this limit is set to 10000 clients, however if the Redis server is not
# able to configure the process file limit to allow for the specified limit
# the max number of allowed clients is set to the current file limit
# minus 32 (as Redis reserves a few file descriptors for internal uses).
#
# Once the limit is reached Redis will close all the new connections sending
# an error ‘max number of clients reached’.
#
# 限制同时连接的客户数量,默认是10000
# 当连接数超过这个值时,redis 将不再接收其他连接请求,客户端尝试连接时将收到 error 信息
# maxclients 10000

# Don’t use more memory than the specified amount of bytes.
# When the memory limit is reached Redis will try to remove keys
# according to the eviction policy selected (see maxmemory-policy).
#
# If Redis can’t remove keys according to the policy, or if the policy is
# set to ‘noeviction’, Redis will start to reply with errors to commands
# that would use more memory, like SET, LPUSH, and so on, and will continue
# to reply to read-only commands like GET.
#
# This option is usually useful when using Redis as an LRU cache, or to set
# a hard memory limit for an instance (using the ‘noeviction’ policy).
#
# WARNING: If you have slaves attached to an instance with maxmemory on,
# the size of the output buffers needed to feed the slaves are subtracted
# from the used memory count, so that network problems / resyncs will
# not trigger a loop where keys are evicted, and in turn the output
# buffer of slaves is full with DELs of keys evicted triggering the deletion
# of more keys, and so forth until the database is completely emptied.
#
# In short… if you have slaves attached it is suggested that you set a lower
# limit for maxmemory so that there is some free RAM on the system for slave
# output buffers (but this is not needed if the policy is ‘noeviction’).
#
# 设置redis能够使用的最大内存。
# 达到最大内存设置后,Redis会先尝试清除已到期或即将到期的Key(设置过expire信息的key)
# 在删除时,按照过期时间进行删除,最早将要被过期的key将最先被删除
# 如果已到期或即将到期的key删光,仍进行set操作,那么将返回错误
# 此时redis将不再接收写请求,只接收get请求。
# maxmemory的设置比较适合于把redis当作于类似memcached 的缓存来使用
# maxmemory <bytes>

# MAXMEMORY POLICY: how Redis will select what to remove when maxmemory
# is reached. You can select among five behaviors:
#
# volatile-lru -> remove the key with an expire set using an LRU algorithm
# allkeys-lru -> remove any key according to the LRU algorithm
# volatile-random -> remove a random key with an expire set
# allkeys-random -> remove a random key, any key
# volatile-ttl -> remove the key with the nearest expire time (minor TTL)
# noeviction -> don’t expire at all, just return an error on write operations
#
# Note: with any of the above policies, Redis will return an error on write
#       operations, when there are no suitable keys for eviction.
#
#       At the date of writing these commands are: set setnx setex append
#       incr decr rpush lpush rpushx lpushx linsert lset rpoplpush sadd
#       sinter sinterstore sunion sunionstore sdiff sdiffstore zadd zincrby
#       zunionstore zinterstore hset hsetnx hmset hincrby incrby decrby
#       getset mset msetnx exec sort
#
# The default is:
#
# maxmemory-policy noeviction

# LRU and minimal TTL algorithms are not precise algorithms but approximated
# algorithms (in order to save memory), so you can tune it for speed or
# accuracy. For default Redis will check five keys and pick the one that was
# used less recently, you can change the sample size using the following
# configuration directive.
#
# The default of 5 produces good enough results. 10 Approximates very closely
# true LRU but costs a bit more CPU. 3 is very fast but not very accurate.
#
# maxmemory-samples 5

############################## APPEND ONLY MODE ###############################

# By default Redis asynchronously dumps the dataset on disk. This mode is
# good enough in many applications, but an issue with the Redis process or
# a power outage may result into a few minutes of writes lost (depending on
# the configured save points).
#
# The Append Only File is an alternative persistence mode that provides
# much better durability. For instance using the default data fsync policy
# (see later in the config file) Redis can lose just one second of writes in a
# dramatic event like a server power outage, or a single write if something
# wrong with the Redis process itself happens, but the operating system is
# still running correctly.
#
# AOF and RDB persistence can be enabled at the same time without problems.
# If the AOF is enabled on startup Redis will load the AOF, that is the file
# with the better durability guarantees.
#
# Please check http://redis.io/topics/persistence for more information.

# redis 默认每次更新操作后会在后台异步的把数据库镜像备份到磁盘,但该备份非常耗时,且备份不宜太频繁
# redis 同步数据文件是按上面save条件来同步的
# 如果发生诸如拉闸限电、拔插头等状况,那么将造成比较大范围的数据丢失
# 所以redis提供了另外一种更加高效的数据库备份及灾难恢复方式
# 开启append only 模式后,redis 将每一次写操作请求都追加到appendonly.aof 文件中
# redis重新启动时,会从该文件恢复出之前的状态。
# 但可能会造成 appendonly.aof 文件过大,所以redis支持BGREWRITEAOF 指令,对appendonly.aof重新整理,默认是不开启的。

appendonly no

# The name of the append only file (default: “appendonly.aof”)
# 默认为appendonly.aof。
appendfilename “appendonly.aof”

# The fsync() call tells the Operating System to actually write data on disk
# instead of waiting for more data in the output buffer. Some OS will really flush
# data on disk, some other OS will just try to do it ASAP.
#
# Redis supports three different modes:
#
# no: don’t fsync, just let the OS flush the data when it wants. Faster.
# always: fsync after every write to the append only log. Slow, Safest.
# everysec: fsync only one time every second. Compromise.
#
# The default is “everysec”, as that’s usually the right compromise between
# speed and data safety. It’s up to you to understand if you can relax this to
# “no” that will let the operating system flush the output buffer when
# it wants, for better performances (but if you can live with the idea of
# some data loss consider the default persistence mode that’s snapshotting),
# or on the contrary, use “always” that’s very slow but a bit safer than
# everysec.
#
# More details please check the following article:
# http://antirez.com/post/redis-persistence-demystified.html
#
# If unsure, use “everysec”.

# 设置对 appendonly.aof 文件进行同步的频率,有三种选择always、everysec、no,默认是everysec表示每秒同步一次。
# always 表示每次有写操作都进行同步,everysec 表示对写操作进行累积,每秒同步一次。
# no表示等操作系统进行数据缓存同步到磁盘,都进行同步,everysec 表示对写操作进行累积,每秒同步一次
# appendfsync always
# appendfsync everysec
# appendfsync no

# When the AOF fsync policy is set to always or everysec, and a background
# saving process (a background save or AOF log background rewriting) is
# performing a lot of I/O against the disk, in some Linux configurations
# Redis may block too long on the fsync() call. Note that there is no fix for
# this currently, as even performing fsync in a different thread will block
# our synchronous write(2) call.
#
# In order to mitigate this problem it’s possible to use the following option
# that will prevent fsync() from being called in the main process while a
# BGSAVE or BGREWRITEAOF is in progress.
#
# This means that while another child is saving, the durability of Redis is
# the same as “appendfsync none”. In practical terms, this means that it is
# possible to lose up to 30 seconds of log in the worst scenario (with the
# default Linux settings).
#
# If you have latency problems turn this to “yes”. Otherwise leave it as
# “no” that is the safest pick from the point of view of durability.
# 指定是否在后台aof文件rewrite期间调用fsync,默认为no,表示要调用fsync(无论后台是否有子进程在刷盘)。Redis在后台写RDB文件或重写afo文件期间会存在大量磁盘IO,此时,在某些linux系统中,调用fsync可能会阻塞。
no-appendfsync-on-rewrite yes

# Automatic rewrite of the append only file.
# Redis is able to automatically rewrite the log file implicitly calling
# BGREWRITEAOF when the AOF log size grows by the specified percentage.
#
# This is how it works: Redis remembers the size of the AOF file after the
# latest rewrite (if no rewrite has happened since the restart, the size of
# the AOF at startup is used).
#
# This base size is compared to the current size. If the current size is
# bigger than the specified percentage, the rewrite is triggered. Also
# you need to specify a minimal size for the AOF file to be rewritten, this
# is useful to avoid rewriting the AOF file even if the percentage increase
# is reached but it is still pretty small.
#
# Specify a percentage of zero in order to disable the automatic AOF
# rewrite feature.
# 指定Redis重写aof文件的条件,默认为100,表示与上次rewrite的aof文件大小相比,当前aof文件增长量超过上次afo文件大小的100%时,就会触发background rewrite。若配置为0,则会禁用自动rewrite
auto-aof-rewrite-percentage 100

# 指定触发rewrite的aof文件大小。若aof文件小于该值,即使当前文件的增量比例达到auto-aof-rewrite-percentage的配置值,也不会触发自动rewrite。即这两个配置项同时满足时,才会触发rewrite。
auto-aof-rewrite-min-size 64mb

# An AOF file may be found to be truncated at the end during the Redis
# startup process, when the AOF data gets loaded back into memory.
# This may happen when the system where Redis is running
# crashes, especially when an ext4 filesystem is mounted without the
# data=ordered option (however this can’t happen when Redis itself
# crashes or aborts but the operating system still works correctly).
#
# Redis can either exit with an error when this happens, or load as much
# data as possible (the default now) and start if the AOF file is found
# to be truncated at the end. The following option controls this behavior.
#
# If aof-load-truncated is set to yes, a truncated AOF file is loaded and
# the Redis server starts emitting a log to inform the user of the event.
# Otherwise if the option is set to no, the server aborts with an error
# and refuses to start. When the option is set to no, the user requires
# to fix the AOF file using the “redis-check-aof” utility before to restart
# the server.
#
# Note that if the AOF file will be found to be corrupted in the middle
# the server will still exit with an error. This option only applies when
# Redis will try to read more data from the AOF file but not enough bytes
# will be found.
aof-load-truncated yes

################################ LUA SCRIPTING  ###############################

# Max execution time of a Lua script in milliseconds.
#
# If the maximum execution time is reached Redis will log that a script is
# still in execution after the maximum allowed time and will start to
# reply to queries with an error.
#
# When a long running script exceeds the maximum execution time only the
# SCRIPT KILL and SHUTDOWN NOSAVE commands are available. The first can be
# used to stop a script that did not yet called write commands. The second
# is the only way to shut down the server in the case a write command was
# already issued by the script but the user doesn’t want to wait for the natural
# termination of the script.
#
# Set it to 0 or a negative value for unlimited execution without warnings.
# 一个Lua脚本最长的执行时间,单位为毫秒,如果为0或负数表示无限执行时间,默认为5000
lua-time-limit 5000

################################ REDIS CLUSTER  ###############################
#
# ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
# WARNING EXPERIMENTAL: Redis Cluster is considered to be stable code, however
# in order to mark it as “mature” we need to wait for a non trivial percentage
# of users to deploy it in production.
# ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
#
# Normal Redis instances can’t be part of a Redis Cluster; only nodes that are
# started as cluster nodes can. In order to start a Redis instance as a
# cluster node enable the cluster support uncommenting the following:
#
# cluster-enabled yes

# Every cluster node has a cluster configuration file. This file is not
# intended to be edited by hand. It is created and updated by Redis nodes.
# Every Redis Cluster node requires a different cluster configuration file.
# Make sure that instances running in the same system do not have
# overlapping cluster configuration file names.
#
# cluster-config-file nodes-6379.conf

# Cluster node timeout is the amount of milliseconds a node must be unreachable
# for it to be considered in failure state.
# Most other internal time limits are multiple of the node timeout.
#
# cluster-node-timeout 15000

# A slave of a failing master will avoid to start a failover if its data
# looks too old.
#
# There is no simple way for a slave to actually have a exact measure of
# its “data age”, so the following two checks are performed:
#
# 1) If there are multiple slaves able to failover, they exchange messages
#    in order to try to give an advantage to the slave with the best
#    replication offset (more data from the master processed).
#    Slaves will try to get their rank by offset, and apply to the start
#    of the failover a delay proportional to their rank.
#
# 2) Every single slave computes the time of the last interaction with
#    its master. This can be the last ping or command received (if the master
#    is still in the “connected” state), or the time that elapsed since the
#    disconnection with the master (if the replication link is currently down).
#    If the last interaction is too old, the slave will not try to failover
#    at all.
#
# The point “2” can be tuned by user. Specifically a slave will not perform
# the failover if, since the last interaction with the master, the time
# elapsed is greater than:
#
#   (node-timeout * slave-validity-factor) + repl-ping-slave-period
#
# So for example if node-timeout is 30 seconds, and the slave-validity-factor
# is 10, and assuming a default repl-ping-slave-period of 10 seconds, the
# slave will not try to failover if it was not able to talk with the master
# for longer than 310 seconds.
#
# A large slave-validity-factor may allow slaves with too old data to failover
# a master, while a too small value may prevent the cluster from being able to
# elect a slave at all.
#
# For maximum availability, it is possible to set the slave-validity-factor
# to a value of 0, which means, that slaves will always try to failover the
# master regardless of the last time they interacted with the master.
# (However they’ll always try to apply a delay proportional to their
# offset rank).
#
# Zero is the only value able to guarantee that when all the partitions heal
# the cluster will always be able to continue.
#
# cluster-slave-validity-factor 10

# Cluster slaves are able to migrate to orphaned masters, that are masters
# that are left without working slaves. This improves the cluster ability
# to resist to failures as otherwise an orphaned master can’t be failed over
# in case of failure if it has no working slaves.
#
# Slaves migrate to orphaned masters only if there are still at least a
# given number of other working slaves for their old master. This number
# is the “migration barrier”. A migration barrier of 1 means that a slave
# will migrate only if there is at least 1 other working slave for its master
# and so forth. It usually reflects the number of slaves you want for every
# master in your cluster.
#
# Default is 1 (slaves migrate only if their masters remain with at least
# one slave). To disable migration just set it to a very large value.
# A value of 0 can be set but is useful only for debugging and dangerous
# in production.
#
# cluster-migration-barrier 1

# By default Redis Cluster nodes stop accepting queries if they detect there
# is at least an hash slot uncovered (no available node is serving it).
# This way if the cluster is partially down (for example a range of hash slots
# are no longer covered) all the cluster becomes, eventually, unavailable.
# It automatically returns available as soon as all the slots are covered again.
#
# However sometimes you want the subset of the cluster which is working,
# to continue to accept queries for the part of the key space that is still
# covered. In order to do so, just set the cluster-require-full-coverage
# option to no.
#
# cluster-require-full-coverage yes

# In order to setup your cluster make sure to read the documentation
# available at http://redis.io web site.

################################## SLOW LOG ###################################

# The Redis Slow Log is a system to log queries that exceeded a specified
# execution time. The execution time does not include the I/O operations
# like talking with the client, sending the reply and so forth,
# but just the time needed to actually execute the command (this is the only
# stage of command execution where the thread is blocked and can not serve
# other requests in the meantime).
#
# You can configure the slow log with two parameters: one tells Redis
# what is the execution time, in microseconds, to exceed in order for the
# command to get logged, and the other parameter is the length of the
# slow log. When a new command is logged the oldest one is removed from the
# queue of logged commands.

# The following time is expressed in microseconds, so 1000000 is equivalent
# to one second. Note that a negative number disables the slow log, while
# a value of zero forces the logging of every command.
slowlog-log-slower-than 10000

# There is no limit to this length. Just be aware that it will consume memory.
# You can reclaim memory used by the slow log with SLOWLOG RESET.
slowlog-max-len 128

################################ LATENCY MONITOR ##############################

# The Redis latency monitoring subsystem samples different operations
# at runtime in order to collect data related to possible sources of
# latency of a Redis instance.
#
# Via the LATENCY command this information is available to the user that can
# print graphs and obtain reports.
#
# The system only logs operations that were performed in a time equal or
# greater than the amount of milliseconds specified via the
# latency-monitor-threshold configuration directive. When its value is set
# to zero, the latency monitor is turned off.
#
# By default latency monitoring is disabled since it is mostly not needed
# if you don’t have latency issues, and collecting data has a performance
# impact, that while very small, can be measured under big load. Latency
# monitoring can easily be enabled at runtime using the command
# “CONFIG SET latency-monitor-threshold <milliseconds>” if needed.
latency-monitor-threshold 0

############################# EVENT NOTIFICATION ##############################

# Redis can notify Pub/Sub clients about events happening in the key space.
# This feature is documented at http://redis.io/topics/notifications
#
# For instance if keyspace events notification is enabled, and a client
# performs a DEL operation on key “foo” stored in the Database 0, two
# messages will be published via Pub/Sub:
#
# PUBLISH __keyspace@0__:foo del
# PUBLISH __keyevent@0__:del foo
#
# It is possible to select the events that Redis will notify among a set
# of classes. Every class is identified by a single character:
#
#  K     Keyspace events, published with __keyspace@<db>__ prefix.
#  E     Keyevent events, published with __keyevent@<db>__ prefix.
#  g     Generic commands (non-type specific) like DEL, EXPIRE, RENAME, …
#  $     String commands
#  l     List commands
#  s     Set commands
#  h     Hash commands
#  z     Sorted set commands
#  x     Expired events (events generated every time a key expires)
#  e     Evicted events (events generated when a key is evicted for maxmemory)
#  A     Alias for g$lshzxe, so that the “AKE” string means all the events.
#
#  The “notify-keyspace-events” takes as argument a string that is composed
#  of zero or multiple characters. The empty string means that notifications
#  are disabled.
#
#  Example: to enable list and generic events, from the point of view of the
#           event name, use:
#
#  notify-keyspace-events Elg
#
#  Example 2: to get the stream of the expired keys subscribing to channel
#             name __keyevent@0__:expired use:
#
#  notify-keyspace-events Ex
#
#  By default all notifications are disabled because most users don’t need
#  this feature and the feature has some overhead. Note that if you don’t
#  specify at least one of K or E, no events will be delivered.
notify-keyspace-events “”

############################### ADVANCED CONFIG ###############################

# Hashes are encoded using a memory efficient data structure when they have a
# small number of entries, and the biggest entry does not exceed a given
# threshold. These thresholds can be configured using the following directives.
# 当hash中包含超过指定元素个数并且最大的元素没有超过临界时,
# hash将以一种特殊的编码方式(大大减少内存使用)来存储,这里可以设置这两个临界值
hash-max-ziplist-entries 512
hash-max-ziplist-value 64

# Similarly to hashes, small lists are also encoded in a special way in order
# to save a lot of space. The special representation is only used when
# you are under the following limits:
# list数据类型多少节点以下会采用去指针的紧凑存储格式。
# list数据类型节点值大小小于多少字节会采用紧凑存储格式。
list-max-ziplist-entries 512
list-max-ziplist-value 64

# Sets have a special encoding in just one case: when a set is composed
# of just strings that happen to be integers in radix 10 in the range
# of 64 bit signed integers.
# The following configuration setting sets the limit in the size of the
# set in order to use this special memory saving encoding.
# set数据类型内部数据如果全部是数值型,且包含多少节点以下会采用紧凑格式存储。
set-max-intset-entries 512

# Similarly to hashes and lists, sorted sets are also specially encoded in
# order to save a lot of space. This encoding is only used when the length and
# elements of a sorted set are below the following limits:

# zsort数据类型多少节点以下会采用去指针的紧凑存储格式。
# zsort数据类型节点值大小小于多少字节会采用紧凑存储格式。
zset-max-ziplist-entries 128
zset-max-ziplist-value 64

# HyperLogLog sparse representation bytes limit. The limit includes the
# 16 bytes header. When an HyperLogLog using the sparse representation crosses
# this limit, it is converted into the dense representation.
#
# A value greater than 16000 is totally useless, since at that point the
# dense representation is more memory efficient.
#
# The suggested value is ~ 3000 in order to have the benefits of
# the space efficient encoding without slowing down too much PFADD,
# which is O(N) with the sparse encoding. The value can be raised to
# ~ 10000 when CPU is not a concern, but space is, and the data set is
# composed of many HyperLogLogs with cardinality in the 0 – 15000 range.
hll-sparse-max-bytes 3000

# Active rehashing uses 1 millisecond every 100 milliseconds of CPU time in
# order to help rehashing the main Redis hash table (the one mapping top-level
# keys to values). The hash table implementation Redis uses (see dict.c)
# performs a lazy rehashing: the more operation you run into a hash table
# that is rehashing, the more rehashing “steps” are performed, so if the
# server is idle the rehashing is never complete and some more memory is used
# by the hash table.
#
# The default is to use this millisecond 10 times every second in order to
# actively rehash the main dictionaries, freeing memory when possible.
#
# If unsure:
# use “activerehashing no” if you have hard latency requirements and it is
# not a good thing in your environment that Redis can reply from time to time
# to queries with 2 milliseconds delay.
#
# use “activerehashing yes” if you don’t have such hard requirements but
# want to free memory asap when possible.

# Redis将在每100毫秒时使用1毫秒的CPU时间来对redis的hash表进行重新hash,可以降低内存的使用
# 当你的使用场景中,有非常严格的实时性需要,不能够接受Redis时不时的对请求有2毫秒的延迟的话,把这项配置为no。
# 如果没有这么严格的实时性要求,可以设置为yes,以便能够尽可能快的释放内存
activerehashing yes

# The client output buffer limits can be used to force disconnection of clients
# that are not reading data from the server fast enough for some reason (a
# common reason is that a Pub/Sub client can’t consume messages as fast as the
# publisher can produce them).
#
# The limit can be set differently for the three different classes of clients:
#
# normal -> normal clients including MONITOR clients
# slave  -> slave clients
# pubsub -> clients subscribed to at least one pubsub channel or pattern
#
# The syntax of every client-output-buffer-limit directive is the following:
#
# client-output-buffer-limit <class> <hard limit> <soft limit> <soft seconds>
#
# A client is immediately disconnected once the hard limit is reached, or if
# the soft limit is reached and remains reached for the specified number of
# seconds (continuously).
# So for instance if the hard limit is 32 megabytes and the soft limit is
# 16 megabytes / 10 seconds, the client will get disconnected immediately
# if the size of the output buffers reach 32 megabytes, but will also get
# disconnected if the client reaches 16 megabytes and continuously overcomes
# the limit for 10 seconds.
#
# By default normal clients are not limited because they don’t receive data
# without asking (in a push way), but just after a request, so only
# asynchronous clients may create a scenario where data is requested faster
# than it can read.
#
# Instead there is a default limit for pubsub and slave clients, since
# subscribers and slaves receive data in a push fashion.
#
# Both the hard or the soft limit can be disabled by setting them to zero.
client-output-buffer-limit normal 0 0 0
client-output-buffer-limit slave 256mb 64mb 60
client-output-buffer-limit pubsub 32mb 8mb 60

# Redis calls an internal function to perform many background tasks, like
# closing connections of clients in timeout, purging expired keys that are
# never requested, and so forth.
#
# Not all tasks are performed with the same frequency, but Redis checks for
# tasks to perform according to the specified “hz” value.
#
# By default “hz” is set to 10. Raising the value will use more CPU when
# Redis is idle, but at the same time will make Redis more responsive when
# there are many keys expiring at the same time, and timeouts may be
# handled with more precision.
#
# The range is between 1 and 500, however a value over 100 is usually not
# a good idea. Most users should use the default of 10 and raise this up to
# 100 only in environments where very low latency is required.
hz 10

# When a child rewrites the AOF file, if the following option is enabled
# the file will be fsync-ed every 32 MB of data generated. This is useful
# in order to commit the file to the disk more incrementally and avoid
# big latency spikes.
# aof rewrite过程中,是否采取增量文件同步策略,默认为“yes”。 rewrite过程中,每32M数据进行一次文件同步,这样可以减少aof大文件写入对磁盘的操作次数
aof-rewrite-incremental-fsync yes

# redis数据存储
redis的存储分为内存存储、磁盘存储和log文件三部分,配置文件中有三个参数对其进行配置。
save seconds updates,save配置,指出在多长时间内,有多少次更新操作,就将数据同步到数据文件。可多个条件配合,默认配置了三个条件。
appendonly yes/no ,appendonly配置,指出是否在每次更新操作后进行日志记录,如果不开启,可能会在断电时导致一段时间内的数据丢失。因为redis本身同步数据文件是按上面的save条件来同步的,所以有的数据会在一段时间内只存在于内存中。
appendfsync no/always/everysec ,appendfsync配置,no表示等操作系统进行数据缓存同步到磁盘,always表示每次更新操作后手动调用fsync()将数据写到磁盘,everysec表示每秒同步一次。

php增加经纬度地址编码geohash扩展

geohash

php geohash extension (php geohash 扩展)

geohash简介:

geohash是一种地址编码,它能把二维的经纬度编码成一维的字符串。

geohash有以下几个特点:

首先,geohash用一个字符串表示经度和纬度两个坐标。某些情况下无法在两列上同时应用索引 (例如MySQL 4之前的版本,Google App Engine的数据层等),利用geohash,只需在一列上应用索引即可。

其次,geohash表示的并不是一个点,而是一个矩形区域。比如编码wx4g0ec19,它表示的是一个矩形区域。 使用者可以发布地址编码,既能表明自己位于北海公园附近,又不至于暴露自己的精确坐标,有助于隐私保护。

第三,编码的前缀可以表示更大的区域。例如wx4g0ec1,它的前缀wx4g0e表示包含编码wx4g0ec1在内的更大范围。
这个特性可以用于附近地点搜索。首先根据用户当前坐标计算geohash(例如wx4g0ec1)然后取其前缀进行查询 (SELECT * FROM
place WHERE geohash LIKE ‘wx4g0e%’),即可查询附近的所有地点。Geohash比直接用经纬度的高效很多。

编译

git clone https://github.com/shenzhe/geohash.git

执行:
/usr/local/php/bin/phpize
./configure --with-php-config=/usr/local/php/bin/php-config
make
make install

然后把 geohash.so 加入到php.ini中 

方法

/**
 *  $latitude    //纬度
 *  $longitude   //经度
 *  $precision   //精密度, 默认是12
 *  返回 $precision 长度的 string 
 */
geohash_encode($latitude, $longitude, $precision=12);  



/**
 *  $hash    //geohash_encode后的值
 *  返回 array // Array
 *					(
 *					    [latitude] => 39.416916975752
 *					    [longitude] => 100.92223992571
 *					    [north] => 39.416917059571
 *					    [east] => 100.92224009335
 *					    [south] => 100.92223992571
 *					    [west] => 100.92223975807
 *					)
 */
geohash_decode($hash);

/**
 *  $hash    //geohash_encode后的值
 *  返回 在$hash 8个方向的hash值 (顺序:N, NE, E, SE, S, SW, W, NW)
 *  
 *		  NW N NE
 *		    \|/
 *		  W - - E
 *		    /|\
 *		  SW S SE
 * 
 */
geohash_neighbors($hash);

/**
 *  $precision    //精密度
 *  返回 数组,array("width"=>12.0, "height"=>12.0) 
 *  表示矩形的宽和高
 */
geohash_dimension($precision); 

nginx 根据IP进行灰度发布

灰度发布,简单来说,就是根据各种条件,让一部分用户使用旧版本,另一部分用户使用新版本。

nginx 的语法本身可以看作是一门小型的编程语言,通过简单的编程,可以轻松实现基于IP的灰度发布。

需求:搭建准生产环境,供开发人员/运维在线上做最后的调整。如果OK,直接用rsync推送至生产环境。

条件:办公室网络出口有固定IP

解决办法:

nginx 负载均衡器判断客户端IP地址,

如果是办公室IP,则反向代理到准生产环境;

如果不是,则反向代理到生产环境。

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
upstream prod {
    server 192.168.1.10;
    server 192.168.1.11;
}
upstream pre-prod {
    server 192.168.1.100;
}
server {
    listen 80;
    access_log /var/log/nginx/access.log main;
    set $web_backend prod;
    if ($remote_addr ~ "123.123.123.123") {
        set $web_backend pre-prod;
    }
    location / {
        proxy_pass http://$web_backend;
        include proxy.conf;
    }
}

同理,也可以根据不同的IP,设置不同的网站根目录,达到相同的目的。

1
2
3
4
5
6
7
8
9
10
11
server {
    listen 80;
    access_log /var/log/nginx/access.log main;
    set $rootdir "/var/www/html";
    if ($remote_addr ~ "123.123.123.123") {
        set $rootdir "/var/www/test";
    }
    location / {
        root $rootdir;
    }
}

同理,还可以利用geoip做基于地理位置的灰度发布,不详细介绍。

nginx强制使用https访问(http跳转到https)

nginx的497状态码

error code 497

[html] view plain copy

 print?

  1. 497 – normal request was sent to HTTPS  

解释:当此虚拟站点只允许https访问时,当用http访问时nginx会报出497错误码

思路

利用error_page命令将497状态码的链接重定向到https://test.com这个域名上

配置

[html] view plain copy

 print?

  1. server {  
  2.     listen       192.168.1.11:443;  #ssl端口  
  3.     listen       192.168.1.11:80;   #用户习惯用http访问,加上80,后面通过497状态码让它自动跳到443端口  
  4.     server_name  test.com;  
  5.     #为一个server{……}开启ssl支持  
  6.     ssl                  on;  
  7.     #指定PEM格式的证书文件   
  8.     ssl_certificate      /etc/nginx/test.pem;   
  9.     #指定PEM格式的私钥文件  
  10.     ssl_certificate_key  /etc/nginx/test.key;  
  11.       
  12.     #让http请求重定向到https请求   
  13.     error_page 497  https://$host$uri?$args;  
  14. }  

PHP中设置时区3方法小结

今天发现一段PHP代码中的时间判断语句出了点问题,研究了一下发现问题出在PHP的时区设置上,PHP所取的时间默认是格林威治标准时间,所以和北京时间相差8小时

找到原因后,在网上搜索到了一些关于PHP的时区设置方法: 



1、修改php.ini,在php.ini中找到data.timezone =去掉它前面的;号,然后设置data.timezone = “Asia/Shanghai”;即可。 



2、在程序PHP 5以上版本的程序代码中使用函数ini_set(‘date.timezone’,’Asia/Shanghai’);或者date_default_timezone_set(‘Asia/Shanghai’); 



一些常用的时区标识符说明: 



Asia/Shanghai – 上海 

Asia/Chongqing – 重庆 

Asia/Urumqi – 乌鲁木齐 

Asia/Hong_Kong – 香港 

Asia/Macao – 澳门 

Asia/Taipei – 台北 

Asia/Singapore – 新加坡 





函数设置时区方法: 

复制代码代码如下:

<?php 
function_exists(date_default_timezone_set);//在这他总是返回1,这函数是判断这里面的字符是不是一个定义了的函数名 
date_default_timezone_set(“Etc/GMT”);//这是格林威治标准时间,得到的时间和默认时区是一样的 
date_default_timezone_set(“Etc/GMT+8”);//这里比林威治标准时间慢8小时 
date_default_timezone_set(“Etc/GMT-8”);//这里比林威治标准时间快8小时 
date_default_timezone_set(‘PRC’); //设置中国时区 
?> 





函数ini_set()设置时区: 

可以在文件开头加入 ini_set(‘date.timezone’,’Asia/Shanghai’); // ‘Asia/Shanghai’ 为上海时区 



手动修改php.ini设置 
打开php找到date.timezone = “PRC” 如有去掉前面的分号,没有的话手动添加! 



以下是一些资料补充:



装上PHP5后你会发现这样的问题 

$atime=date(“Y-m-d H:i:s”); 

echo $atime; 

?> 

输出:2006-05-16 06:36:06 

现在几点了?/我的是14:36 

这是为什么捏? 

原因是假如你不在程序或配置文件中设置你的服务器当地时区的话 

PHP所取的时间是格林威治标准时间,所以和你当地的时间会有出入 

格林威治标准时间和北京时间大概差8个小时左右 那么我们如何避免时间误差呢? 

我们一起来看看解决方法: 

在页头使用date_default_timezone_set()设置我的默认时区为北京时间 

复制代码代码如下:

<? 
date_default_timezone_set(‘PRC’); 
echo date(‘Y-m-d H:i:s’); 
?> 



时间和服务器当前时间一样了! 

另外附date_default_timezone_set用法如下: 

———————————————————————————— 

date_default_timezone_set 

(PHP 5 >= 5.1.0RC1) 

date_default_timezone_set — 设定用于一个脚本中所有日期时间函数的默认时区 

说明 

bool date_default_timezone_set ( string timezone_identifier ) 

date_default_timezone_set() 设定用于所有日期时间函数的默认时区。 

注: 自 PHP 5.1.0 起(此版本日期时间函数被重写了),如果时区不合法则每个对日期时间函数的调用都会产生一条 E_NOTICE 级别的错误信息。 

参数 

timezone_identifier 

时区标识符,例如 UTC 或 Europe/Lisbon 

返回值 

本函数永远返回 TRUE(即使 timezone_identifier 参数不合法)。 

————————————————————————————- 

或者修改 php.ini 中 date.timezone 值 

date.timezone = PRC 



装上PHP5后你会发现这样的问题 

$atime=date(“Y-m-d H:i:s”); 

echo $atime; 

?> 

输出:2006-05-16 06:36:06 

现在几点了?/我的是14:36 

这是为什么捏? 

原因是假如你不在程序或配置文件中设置你的服务器当地时区的话 

PHP所取的时间是格林威治标准时间,所以和你当地的时间会有出入 

格林威治标准时间和北京时间大概差8个小时左右 那么我们如何避免时间误差呢? 

我们一起来看看解决方法: 

在页头使用date_default_timezone_set()设置我的默认时区为北京时间 

复制代码代码如下:

<? 
date_default_timezone_set(‘PRC’); 
echo date(‘Y-m-d H:i:s’); 
?> 



时间和服务器当前时间一样了! 

另外附date_default_timezone_set用法如下: 

———————————————————————————— 

date_default_timezone_set 

(PHP 5 >= 5.1.0RC1) 

date_default_timezone_set — 设定用于一个脚本中所有日期时间函数的默认时区 

说明 

bool date_default_timezone_set ( string timezone_identifier ) 

date_default_timezone_set() 设定用于所有日期时间函数的默认时区。 

注: 自 PHP 5.1.0 起(此版本日期时间函数被重写了),如果时区不合法则每个对日期时间函数的调用都会产生一条 E_NOTICE 级别的错误信息。 

参数 

timezone_identifier 

时区标识符,例如 UTC 或 Europe/Lisbon 

返回值 

本函数永远返回 TRUE(即使 timezone_identifier 参数不合法)。 

————————————————————————————- 

或者修改 php.ini 中 date.timezone 值 

date.timezone = PRC

修改值参考php官网给的:http://php.net/manual/zh/timezones.php

当然如果是apache还可以

修改.htaccess文件有两种办法,下面的两条语句只要有一条即可

php_value date.timezone Asia/Shanghai
SetEnv TZ Asia/Shanghai

nginx当访问的文件和目录不存在时,重定向或反向代理

1.当访问的文件和目录不存在时,重定向到某个html文件
if( !-e $request_filename )
{
    rewrite ^/(.*)$ index.html last;  

}

或者:

#当URL符合^\/(api)规则时,跳转到http://127.0.0.1:9178,即在upstream中配置的那个值

 location / {
          #默认跳转到http://127.0.0.1:9000
          proxy_pass http://127.0.0.1:9000;

        }


location ~ ^\/(api){
proxy_pass http://api;
proxy_set_header X-Real-IP $remote_addr;
client_max_body_size 100m;
}

如对图片实现找不图片请求其他服务器:
                location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
                        {
                                proxy_set_header Host apph.zhidekan.me;
                                proxy_set_header X-Real-IP $remote_addr;
                                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                                if (!-e $request_filename) {
                                #proxy_cache_key $host$uri$is_args$args;
                                proxy_pass http://apph;
                                #proxy_pass_header Set-Cookie; 
                        }
                                expires      30d;
                        }

其中:upstream.conf 
upstream apph{
  ip_hash;
  server 10.13.40.48:80  max_fails=2 fail_timeout=60s;  
  #server 127.0.0.1:80  max_fails=2 fail_timeout=60s;  
}


pathinfo配置全局生效的原因

pathinfo配置全局生效的原因后,发现部分目录转发其他服务器代理不能生效,访问的路径还是走pathinfo路径。分析原因,原来是在是否进入要加入一个location / 匹配,否则全部都会到pathinfo。比如我的www.dnsdizhi.com/mptest/public/xxx 变成请求www.dnsdizhi.com/mptest/public/index.php/xxxx

location ~ /mptest/public/ {

        proxy_next_upstream http_502 http_504 error timeout invalid_header;
        #proxy_cache tmpcache;
        #proxy_cache_valid  200 304 1m;
        proxy_cache_key $host$uri$is_args$args;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_pass http://jingchang-api;
        proxy_pass_header Set-Cookie; 
        expires 10m;
}

                location ~ [^/]\.php(/|$)
                        {
                                # comment try_files $uri =404; to enable pathinfo
                                try_files $uri =404;
                                fastcgi_pass  unix:/tmp/php-cgi.sock;
                                fastcgi_index index.php;
                                include fastcgi.conf;
                                set $path_info “”;
                                set $real_script_name $fastcgi_script_name;
                                if ($fastcgi_script_name ~ “^(.+?\.php)(/.+)$”) {
                                set $real_script_name $1;
                                set $path_info $2;
                                }
                                fastcgi_param SCRIPT_FILENAME $document_root$real_script_name;
                                fastcgi_param SCRIPT_NAME $real_script_name;
                                fastcgi_param PATH_INFO $path_info;
                        }

                location ~ .*\.(php|php5)?$
                        {
                                try_files $uri =404;
                                fastcgi_pass  unix:/tmp/php-cgi.sock;
                                fastcgi_index index.php;
                                include fastcgi.conf;
                                fastcgi_read_timeout 300; 
                        }

                location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
                        {
                                expires      30d;
                        }

                location ~ .*\.(js|css)?$
                        {
                                expires      12h;
                        }

location / {   
                if (!-e $request_filename)
                        {
                        rewrite ^(.*)$ /index.php/$1 last;
                        break;
                        }
}