Mercurial > hg > nginx-site
view xml/en/docs/ngx_core_module.xml @ 3081:eb5950986b11
Documented "pid off".
| author | Maxim Dounin <mdounin@mdounin.ru> |
|---|---|
| date | Tue, 14 May 2024 05:30:46 +0300 |
| parents | 0722b485010c |
| children |
line wrap: on
line source
<?xml version="1.0"?> <!-- Copyright (C) Igor Sysoev Copyright (C) Nginx, Inc. --> <!DOCTYPE module SYSTEM "../../../dtd/module.dtd"> <module name="Core functionality" link="/en/docs/ngx_core_module.html" lang="en" rev="28"> <section id="example" name="Example Configuration"> <para> <example> user www www; worker_processes 2; error_log /var/log/nginx-error.log info; events { use kqueue; worker_connections 2048; } ... </example> </para> </section> <section id="directives" name="Directives"> <directive name="accept_mutex"> <syntax><literal>on</literal> | <literal>off</literal></syntax> <default>off</default> <context>events</context> <para> If <literal>accept_mutex</literal> is enabled, worker processes will accept new connections by turn. Otherwise, all worker processes will be notified about new connections, and if volume of new connections is low, some of the worker processes may just waste system resources. <note> There is no need to enable <literal>accept_mutex</literal> on systems that support the <link doc="events.xml" id="epoll">EPOLLEXCLUSIVE</link> flag (1.11.3) or when using <link doc="http/ngx_http_core_module.xml" id="reuseport"/>. </note> <note> Prior to version 1.11.3, the default value was <literal>on</literal>. </note> </para> </directive> <directive name="accept_mutex_delay"> <syntax><value>time</value></syntax> <default>500ms</default> <context>events</context> <para> If <link id="accept_mutex"/> is enabled, specifies the maximum time during which a worker process will try to restart accepting new connections if another worker process is currently accepting new connections. </para> </directive> <directive name="daemon"> <syntax><literal>on</literal> | <literal>off</literal></syntax> <default>on</default> <context>main</context> <para> Determines whether nginx should become a daemon. Mainly used during development. </para> </directive> <directive name="debug_connection"> <syntax> <value>address</value> | <value>CIDR</value> | <literal>unix:</literal></syntax> <default/> <context>events</context> <para> Enables debugging log for selected client connections. Other connections will use logging level set by the <link id="error_log"/> directive. Debugged connections are specified by IPv4 or IPv6 (1.3.0, 1.2.1) address or network. A connection may also be specified using a hostname. For connections using UNIX-domain sockets (1.3.0, 1.2.1), debugging log is enabled by the “<literal>unix:</literal>” parameter. <example> events { debug_connection 127.0.0.1; debug_connection localhost; debug_connection 192.0.2.0/24; debug_connection ::1; debug_connection 2001:0db8::/32; debug_connection unix:; ... } </example> <note> For this directive to work, nginx needs to be built with <literal>--with-debug</literal>, see “<link doc="debugging_log.xml"/>”. </note> </para> </directive> <directive name="debug_points"> <syntax><literal>abort</literal> | <literal>stop</literal></syntax> <default/> <context>main</context> <para> This directive is used for debugging. </para> <para> When internal error is detected, e.g. the leak of sockets on restart of working processes, enabling <literal>debug_points</literal> leads to a core file creation (<literal>abort</literal>) or to stopping of a process (<literal>stop</literal>) for further analysis using a system debugger. </para> </directive> <directive name="env"> <syntax><value>variable</value>[=<value>value</value>]</syntax> <default>TZ</default> <context>main</context> <para> By default, nginx removes all environment variables inherited from its parent process except the TZ variable. This directive allows preserving some of the inherited variables, changing their values, or creating new environment variables. These variables are then: <list type="bullet"> <listitem> inherited during a <link doc="control.xml" id="upgrade">live upgrade</link> of an executable file; </listitem> <listitem> used by the <link doc="http/ngx_http_perl_module.xml">ngx_http_perl_module</link> module; </listitem> <listitem> used by worker processes. One should bear in mind that controlling system libraries in this way is not always possible as it is common for libraries to check variables only during initialization, well before they can be set using this directive. An exception from this is an above mentioned <link doc="control.xml" id="upgrade">live upgrade</link> of an executable file. </listitem> </list> </para> <para> The TZ variable is always inherited and available to the <link doc="http/ngx_http_perl_module.xml">ngx_http_perl_module</link> module, unless it is configured explicitly. </para> <para> Usage example: <example> env MALLOC_OPTIONS; env PERL5LIB=/data/site/modules; env OPENSSL_ALLOW_PROXY_CERTS=1; </example> </para> <para> <note> The NGINX environment variable is used internally by nginx and should not be set directly by the user. </note> </para> </directive> <directive name="error_log"> <syntax><value>file</value> [<value>level</value>]</syntax> <default>logs/error.log error</default> <context>main</context> <context>http</context> <context>mail</context> <context>stream</context> <context>server</context> <context>location</context> <para> Configures logging. Several logs can be specified on the same configuration level (1.5.2). If on the <literal>main</literal> configuration level writing a log to a file is not explicitly defined, the default file will be used. </para> <para> The first parameter defines a <value>file</value> that will store the log. <!-- If filename is not absolute, it is prefixed with the prefix path. --> The special value <literal>stderr</literal> selects the standard error file. Logging to <link doc="syslog.xml">syslog</link> can be configured by specifying the “<literal>syslog:</literal>” prefix. Logging to a <link doc="debugging_log.xml" id="memory">cyclic memory buffer</link> can be configured by specifying the “<literal>memory:</literal>” prefix and buffer <value>size</value>, and is generally used for debugging (1.7.11). </para> <para> The second parameter determines the <value>level</value> of logging, and can be one of the following: <literal>debug</literal>, <literal>info</literal>, <literal>notice</literal>, <literal>warn</literal>, <literal>error</literal>, <literal>crit</literal>, <literal>alert</literal>, or <literal>emerg</literal>. Log levels above are listed in the order of increasing severity. Setting a certain log level will cause all messages of the specified and more severe log levels to be logged. For example, the default level <literal>error</literal> will cause <literal>error</literal>, <literal>crit</literal>, <literal>alert</literal>, and <literal>emerg</literal> messages to be logged. If this parameter is omitted then <literal>error</literal> is used. <note> For <literal>debug</literal> logging to work, nginx needs to be built with <literal>--with-debug</literal>, see “<link doc="debugging_log.xml"/>”. </note> <note> The directive can be specified on the <literal>stream</literal> level starting from version 1.7.11, and on the <literal>mail</literal> level starting from version 1.9.0. </note> </para> </directive> <directive name="events"> <syntax block="yes"/> <default/> <context>main</context> <para> Provides the configuration file context in which the directives that affect connection processing are specified. </para> </directive> <directive name="include"> <syntax><value>file</value> | <value>mask</value></syntax> <default/> <context/> <para> Includes another <value>file</value>, or files matching the specified <value>mask</value>, into configuration. Included files should consist of syntactically correct directives and blocks. </para> <para> Usage example: <example> include mime.types; include vhosts/*.conf; </example> </para> </directive> <directive name="load_module"> <syntax><value>file</value></syntax> <default/> <context>main</context> <appeared-in>1.9.11</appeared-in> <para> Loads a dynamic module. </para> <para> Example: <example> load_module modules/ngx_mail_module.so; </example> </para> </directive> <directive name="lock_file"> <syntax><value>file</value></syntax> <default>logs/nginx.lock</default> <context>main</context> <para> nginx uses the locking mechanism to implement <link id="accept_mutex"/> and serialize access to shared memory. On most systems the locks are implemented using atomic operations, and this directive is ignored. On other systems the “lock file” mechanism is used. This directive specifies a prefix for the names of lock files. </para> </directive> <directive name="master_process"> <syntax><literal>on</literal> | <literal>off</literal></syntax> <default>on</default> <context>main</context> <para> Determines whether worker processes are started. This directive is intended for nginx developers. </para> </directive> <directive name="multi_accept"> <syntax><literal>on</literal> | <literal>off</literal></syntax> <default>off</default> <context>events</context> <para> If <literal>multi_accept</literal> is disabled, a worker process will accept one new connection at a time. Otherwise, a worker process will accept all new connections at a time. <note> The directive is ignored if <link doc="events.xml" id="kqueue"/> connection processing method is used, because it reports the number of new connections waiting to be accepted. </note> </para> </directive> <directive name="pcre_jit"> <syntax><literal>on</literal> | <literal>off</literal></syntax> <default>off</default> <context>main</context> <appeared-in>1.1.12</appeared-in> <para> Enables or disables the use of “just-in-time compilation” (PCRE JIT) for the regular expressions known by the time of configuration parsing. </para> <para> PCRE JIT can speed up processing of regular expressions significantly. <note> The JIT is available in PCRE libraries starting from version 8.20 built with the <literal>--enable-jit</literal> configuration parameter. When the PCRE library is built with nginx (<literal>--with-pcre=</literal>), the JIT support is enabled via the <literal>--with-pcre-jit</literal> configuration parameter. </note> </para> </directive> <directive name="pid"> <syntax><value>file</value> | <literal>off</literal></syntax> <default>logs/nginx.pid</default> <context>main</context> <para> Defines a <value>file</value> that will store the process ID of the main process. The <literal>off</literal> parameter (1.27.0) disables writing a PID file. </para> </directive> <directive name="ssl_engine"> <syntax><value>device</value></syntax> <default/> <context>main</context> <para> Defines the name of the hardware SSL accelerator. </para> </directive> <directive name="thread_pool"> <syntax> <value>name</value> <literal>threads</literal>=<value>number</value> [<literal>max_queue</literal>=<value>number</value>]</syntax> <default>default threads=32 max_queue=65536</default> <context>main</context> <appeared-in>1.7.11</appeared-in> <para> Defines the <value>name</value> and parameters of a thread pool used for multi-threaded reading and sending of files <link doc="http/ngx_http_core_module.xml" id="aio">without blocking</link> worker processes. </para> <para> The <literal>threads</literal> parameter defines the number of threads in the pool. </para> <para> In the event that all threads in the pool are busy, a new task will wait in the queue. The <literal>max_queue</literal> parameter limits the number of tasks allowed to be waiting in the queue. By default, up to 65536 tasks can wait in the queue. When the queue overflows, the task is completed with an error. </para> </directive> <directive name="timer_resolution"> <syntax><value>interval</value></syntax> <default/> <context>main</context> <para> Reduces timer resolution in worker processes, thus reducing the number of <c-func>gettimeofday</c-func> system calls made. By default, <c-func>gettimeofday</c-func> is called each time a kernel event is received. With reduced resolution, <c-func>gettimeofday</c-func> is only called once per specified <value>interval</value>. </para> <para> Example: <example> timer_resolution 100ms; </example> </para> <para> Internal implementation of the interval depends on the method used: <list type="bullet"> <listitem> the <c-def>EVFILT_TIMER</c-def> filter if <literal>kqueue</literal> is used; </listitem> <listitem> <c-func>timer_create</c-func> if <literal>eventport</literal> is used; </listitem> <listitem> <c-func>setitimer</c-func> otherwise. </listitem> </list> </para> </directive> <directive name="use"> <syntax><value>method</value></syntax> <default/> <context>events</context> <para> Specifies the <link doc="events.xml">connection processing</link> <value>method</value> to use. There is normally no need to specify it explicitly, because nginx will by default use the most efficient method. </para> </directive> <directive name="user"> <syntax><value>user</value> [<value>group</value>]</syntax> <default>nobody nobody</default> <context>main</context> <para> Defines <value>user</value> and <value>group</value> credentials used by worker processes. If <value>group</value> is omitted, a group whose name equals that of <value>user</value> is used. </para> </directive> <directive name="worker_aio_requests"> <syntax><value>number</value></syntax> <default>32</default> <context>events</context> <appeared-in>1.1.4</appeared-in> <appeared-in>1.0.7</appeared-in> <para> When using <link doc="http/ngx_http_core_module.xml" id="aio"/> with the <link doc="../docs/events.xml" id="epoll"/> connection processing method, sets the maximum <value>number</value> of outstanding asynchronous I/O operations for a single worker process. </para> </directive> <directive name="worker_connections"> <syntax><value>number</value></syntax> <default>512</default> <context>events</context> <para> Sets the maximum number of simultaneous connections that can be opened by a worker process. </para> <para> It should be kept in mind that this number includes all connections (e.g. connections with proxied servers, among others), not only connections with clients. Another consideration is that the actual number of simultaneous connections cannot exceed the current limit on the maximum number of open files, which can be changed by <link id="worker_rlimit_nofile"/>. </para> </directive> <directive name="worker_cpu_affinity"> <syntax><value>cpumask</value> ...</syntax> <syntax><literal>auto</literal> [<value>cpumask</value>]</syntax> <default/> <context>main</context> <para> Binds worker processes to the sets of CPUs. Each CPU set is represented by a bitmask of allowed CPUs. There should be a separate set defined for each of the worker processes. By default, worker processes are not bound to any specific CPUs. </para> <para> For example, <example> worker_processes 4; worker_cpu_affinity 0001 0010 0100 1000; </example> binds each worker process to a separate CPU, while <example> worker_processes 2; worker_cpu_affinity 0101 1010; </example> binds the first worker process to CPU0/CPU2, and the second worker process to CPU1/CPU3. The second example is suitable for hyper-threading. </para> <para> The special value <literal>auto</literal> (1.9.10) allows binding worker processes automatically to available CPUs: <example> worker_processes auto; worker_cpu_affinity auto; </example> The optional mask parameter can be used to limit the CPUs available for automatic binding: <example> worker_cpu_affinity auto 01010101; </example> </para> <para> <note> The directive is only available on FreeBSD and Linux. </note> </para> </directive> <directive name="worker_priority"> <syntax><value>number</value></syntax> <default>0</default> <context>main</context> <para> Defines the scheduling priority for worker processes like it is done by the <command>nice</command> command: a negative <value>number</value> means higher priority. Allowed range normally varies from -20 to 20. </para> <para> Example: <example> worker_priority -10; </example> </para> </directive> <directive name="worker_processes"> <syntax><value>number</value> | <literal>auto</literal></syntax> <default>1</default> <context>main</context> <para> Defines the number of worker processes. </para> <para> The optimal value depends on many factors including (but not limited to) the number of CPU cores, the number of hard disk drives that store data, and load pattern. When one is in doubt, setting it to the number of available CPU cores would be a good start (the value “<literal>auto</literal>” will try to autodetect it). <note> The <literal>auto</literal> parameter is supported starting from versions 1.3.8 and 1.2.5. </note> </para> </directive> <directive name="worker_rlimit_core"> <syntax><value>size</value></syntax> <default/> <context>main</context> <para> Changes the limit on the largest size of a core file (<c-def>RLIMIT_CORE</c-def>) for worker processes. Used to increase the limit without restarting the main process. </para> </directive> <directive name="worker_rlimit_nofile"> <syntax><value>number</value></syntax> <default/> <context>main</context> <para> Changes the limit on the maximum number of open files (<c-def>RLIMIT_NOFILE</c-def>) for worker processes. Used to increase the limit without restarting the main process. </para> </directive> <directive name="worker_shutdown_timeout"> <syntax><value>time</value></syntax> <default/> <context>main</context> <appeared-in>1.11.11</appeared-in> <para> Configures a timeout for a graceful shutdown of worker processes. When the <value>time</value> expires, nginx will try to close all the connections currently open to facilitate shutdown. </para> </directive> <directive name="working_directory"> <syntax><value>directory</value></syntax> <default/> <context>main</context> <para> Defines the current working directory for a worker process. It is primarily used when writing a core-file, in which case a worker process should have write permission for the specified directory. </para> </directive> </section> </module>