8/9/2019 Nginx Performance Tuning

http://slidepdf.com/reader/full/nginx-performance-tuning 1/11

Nginx Performance Tuning: How to do it

9

Submitted by Sarath Pillai  on Tue, 12/24/21! " 1#:!1

Nginx i$ a well %nown web $er&er, and i$ ado'ted by many ma(or 'layer$ in the indu$try)

 The main rea$on for it$ fa$t ado'tion wa$ that it$ $o fa$t com'ared to other web $er&er$

*li%e +'ache) -a$ically nginx wa$ made to $ol&e a 'roblem that i$ %nown a$ c1%) .t

'erform$ much better than any other web $er&er$ in the mar%et out of the box for many).n thi$ article we will $ee how you can modify your nginx con0guration to gi&e it a boo$t

or $ay 'erformance tune nginx)

 

e will get in$ide the con0guration 'art a little later, co there are 3uite a few conce't$

that need$ to be under$tood 0r$t)

 

1% refer$ to the method of o'timiing networ% connection$ $o that it can handle

connection$ in the range of ten thou$and $imultaneou$ly) There i$ a &ery famou$ article

ex'laining thi$ in the below lin%)

 

Read: hat i$ c1% Problem

+'ache wor%$ in a bloc%ing ./5 model) .n layman term$ it mean$ that when a read/write

re3ue$t i$ i$$ued it bloc%$ other re3ue$t$ till that re3ue$t i$ com'leted) + be$t $olution to

thi$ 'roblem i$ to create $e'arate thread$/'roce$$e$ for each connection$) Thi$ i$ what

+'ache doe$)

 

 Apache works by using a dedicated thread per client with blocking I/O.

 

+lthough dedicated thread 'er connection$/re3ue$t by +'ache i$ a good method to $er&e

client$, it$ a memory con$uming a$ well a$ 'roce$$or con$uming method)

 

Its processor consuming, because for each request that hits the Apache server, the

server processor has to switch between dierent processes because each http requests

connections creates a new process/thread!

 

Related: Proce$$ admini$tration in 6inux

 

Now if 'erformance and re$ource utiliation i$ not at all a concern for you, then you can

go ahead with the thread 'er connection model of +'ache by u$ing an +'ache web

$er&er to $er&e re3ue$t$) -ut if you are concerned about both re$ource utiliation and

'erformance, then nginx model of e&ent dri&en architecture i$ the be$t to go ahead with)

 

8/9/2019 Nginx Performance Tuning

http://slidepdf.com/reader/full/nginx-performance-tuning 2/11

"gin# uses a single threaded non$blocking I/O mechnism to serve requests. As it uses

non$blocking I/O, one single process can server too many connection requests.

 

Related: Nginx and +'ache di7erence

 +$ e&erything i$ a 0le in linux, e&en networ% connection$ are 0le$ internaly) 8ach and

e&ery 'roce$$ ha$ it$ own $et of 0le de$cri'tor$ that need$ to be 'olled fre3uently to

identify which i$ one i$ ready to be read from or write to *8&en connection$ that an nginx

$er&er recei&e$ are maintained by the nginx 'roce$$ in the form of 0le de$cri'tor$ for the

life time of a connection)

 

+$ we di$cu$$ed before, nginx u$e$ a non"bloc%ing ./5 with a $ingle thread) Hence the

$ingle 'roce$$ mu$t identify which connection 0le i$ ready to be read or written to) 9or

thi$, the o'erating $y$tem ha$ three di7erent method$) They are mentioned below)

 

•

Select ethod• Poll ethod

• 8'oll ethod

 

;$ing both $elect and 'oll i$ not an e<cient way to identify which 0le de$cri'tor i$ ready)

-ecau$e both of the$e method are identical in what they doe$ *am not ca'able enough to

ex'lain you the di7erence between $elect and e'oll, if you are a 'rogrammer i will

recommend to go through the below lin% to learn more about $elect and 'oll)

 

Read: Select and Poll

%o ngin# can use either select or poll method to identify which &le&le descriptor! isready to be read or written to. 'ut both these methods are not e(cient enough when

there are too many number of connections. )or e#ample, if you want to serve say *++++

connections at a time. And only one of the them is ready to be read. o identify that one

&le descriptor to which is ready to be read, the process has to still scan through rest of

the ---- &le descriptors which is waste of resource!.

 

+nother method other than the $elect and Poll i$ called a$ epoll come$ to re$cue here)

 Thi$ i$ only a&ailable in 6inux %ernel$ which are later than 2)#) 8'oll u$e$ an e<cient

mechani$m com'ared to 'oll and $elect)

 

If you have *++++ connections made to your server, and +++ among them are idle

connections. sing poll and select is not that e(cient because epoll will only give

importance to connections that are active. 0lease note the fact that all three select, poll

and epoll basically does the same thing, but using epoll is less cpu intensive when you

have to serve thousands of connections.

 =ou can modify your nginx con0guration 0le to u$e e'oll a$ $hown below) .f you are on

cento$ thi$ nginx con0guration 0le will be located at /etc/nginx/nginx.conf. Thi$ i$ done

in$ide an e&ent$ bloc% in the con0guration 0le)

 

>

8/9/2019 Nginx Performance Tuning

http://slidepdf.com/reader/full/nginx-performance-tuning 3/11

12!

e&ent$ ?  u$e e'oll@A

 

Now a$ di$cu$$ed earlier, nginx wor%$ on a non"bloc%ing $ingle 'roce$$ model) +lthough

we $ay $ingle 'roce$$, we can a$% our nginx to $tart multi'le wor%er 'roce$$) -a$ically it$

li%e if you ha&e two wor%er 'roce$$, each one will handle all the re3ue$t$) Thi$ $etting i$

normally con0gured de'ending u'on the number of P; core$ you ha&e on your $y$tem)

 =ou can 0nd the number of P; core$ on your $y$tem by u$ing either of the below

command$)

 

>

12!4B

CrootDwww EFG l$c'u+rchitecture: x#I#4P; o'"mode*$: !2"bit, #4"bit-yte 5rder: 6ittle 8ndianP;*$:

 

>

1 cat /'roc/c'uinfo

 

+m 3uite $ure that if you are on a 'roduction $er&er, you will be ha&ing multi'le c'u

core$) +$ $een from the l$c'u command out'ut, i ha&e 'roce$$or$, $o i will a$% nginx to

launch wor%er 'roce$$ that will be $er&ing re3ue$t$)

 

>

1 wor%erI'roce$$e$ @ 

+l$o you can alternati&ely con0gure nginx to do the (ob of identifying the number of core$

on your $er&er and launch wor%er 'roce$$e$ accordingly) Thi$ can be done by modifying

the wor%erI'roce$$e$ to auto a$ $hown below)

 

>

1 wor%erI'roce$$e$ auto@

 +nother im'ortant factor that we can modify in nginx i$ the maximum number of 0le$

that can be o'ened by our wor%er 'roce$$e$) +$ di$cu$$ed before, each and e&ery

connection i$ handled by creating 0le$ to identify them) Hence more the number of 0le$

that are allowed to be be created, wor%er$ can wor% with more connection$)

 

 There i$ a con0guration &alue that can be modi0ed in nginx to get thi$ done) .t$ alway$

good to $et thi$ &alue to a higher one if your $er&er i$ a &ery high tra<c one)

 

>

1 wor%erIrlimitIno0le 1@ 

8/9/2019 Nginx Performance Tuning

http://slidepdf.com/reader/full/nginx-performance-tuning 4/11

8&en if i $et wor%erI'roce$$ in my nginx)conf to or auto, it will end u' launching

wor%er 'roce$$e$) +ll the$e 'roce$$e$ are ready to $er&e connection$) -ut you can

further o'timie the$e wor%er 'roce$$ to ma%e them $er&er a$ many connection$ a$

'o$$ible)

 

e can de0ne the maximum number of connection$ which can be $imultaniou$ly $er&edby a $ingle wor%er 'roce$$) The default i$ B12 connection$ if you dont $'ecify it) -ut you

can modify thi$ to acce't more connection$ 'er wor%er) Thi$ can be done a$ $hown

below)

 

>

12!4

e&ent$ ?  u$e e'oll@  wor%erIconnection$ 124@A

 

e al$o need to con0gure our wor%er 'roce$$e$ to acce't multi'le connection$ at one

time) Thi$ can be done by modifying the e&ent$ bloc% a$ $hown below)

 

>

12!4

B

e&ent$ ?  u$e e'oll@  wor%erIconnection$ 24@  multiIacce't on

A 

5ur 0nal con0guration after ma%ing the abo&e change$ mu$t loo% $omething li%e the

below)

 

>

12!4B#J

wor%erI'roce$$e$ auto@wor%erIrlimitIno0le 1@ e&ent$ ?  wor%erIconnection$ 124@  u$e e'oll@  multiIacce't on@A

 

%o now my ngin# web server is ready to serve around *-1 connections worker

 process 2 *+13 connections ! at one time.

Plea$e note the fact that we ha&e u$ed e&ent$ module in nginx to modify wor%er

connection$, u$e e'oll method, and multiIacce't) Thi$ i$ the rea$on why they are in$ide

e&ent$ bloc% *events 45 in the con0guration 0le) There i$ another module called htt',

which i$ the 'rimary module that you will be u$ing to de0ne htt' related $tu7)

8/9/2019 Nginx Performance Tuning

http://slidepdf.com/reader/full/nginx-performance-tuning 5/11

 

e wil be now modifying and adding few 'arameter$ in$ide the htt' module to $'eed u'

our nginx a little bit more)

 

5ne of the ma(or and re3uired feature of any web$er&er i$ logging) 6ogging will gi&e the

$er&er admini$trator an inde'th detail of the %ind of re3ue$t$ that are being $er&ed, andal$o it hel'$ for trouble$hooting) + web $er&er log can al$o be u$ed to ma%e a web

analytic$ becau$e log 0le$ contain the com'lete detail$ of the re3ue$t$) The$e detail$

include the $ource addre$$ of the re3ue$t, u$er agent *the brow$er u$ed by the client,

the re$ource re3ue$ted in the re3ue$t *or the url acce$$ed, de$tination addre$$, referral

url etc etc)

Related: entral 6ogging Ser&er in 6inux

 

+lthough logging i$ an im'ortant and re3uired feature, it doe$ a lot of ./5 o'eration on

the di$%) Plea$e dont forget the fact that each and e&ery re3ue$t i$ logged a$ $oon a$ it

hit$ the $er&er and $er&ed) 

 Thi$ mean$ for e&ery re3ue$t the web $er&er ha$ to 'roce$$ the log$ and add the

rele&ant detail$ to the log 0le *which add$ u' to 'roce$$ing a$ well a$ ./5 u$age)) .f the

web$ite that you ho$t i$ getting too much tra<c, then am $ure your web $er&er i$ ha&ing

a realy bad time logging it)

 

Hence turning o7 the log$ com'letely on the web $er&er can $a&e a lot of ./5 a$ well a$

P; 'ower) Thi$ become$ &ery handy when you are ha&ing a high tra<c web$ite) .n

nginx you can com'letely turn of logging by the following o'tion)

 

>

12!4B

htt' ?  include /etc/nginx/mime)ty'e$@  defaultIty'e a''lication/octet"$tream@  acce$$Ilog o7@A

 

acce$$Ilog o7 o'tion $hown in the abo&e htt' bloc% tell$ not to log re3ue$t$ that are

being 'roce$$ed by the $er&er)

hen you acce$$ a web$ite with a web brow$er, what really ha''en$ i$ that your brow$ere$tabli$he$ an HTTP connection with the target $er&er) The real o&erhead i$ the

beginning) hich mean$ the main time con$uming *although in $econd$, it matter$ when

'erformance i$ con$idered thing i$ to e$tabli$h the connection)

 

6et$ ta%e an exam'le, where you are acce$$ing a new$ related web $ite, and you are

Ki''ing through di7erent url$ on the web$ite to ha&e a 3uic% o&er&iew of di7erent new$

content$) .magine a $ituation where your client brow$er ha$ to ma%e new htt'

connection$ to the $er&er for each ;L6 you are acce$$ing on the $ite) That will be a little

$low for the $ite &i$itor$) -ecau$e acce$$ing each url ha$ another o&erhead of

e$tabli$hing an HTTP connection 0r$t)

 

8/9/2019 Nginx Performance Tuning

http://slidepdf.com/reader/full/nginx-performance-tuning 6/11

HTTP &er$ion 1) im'lemented a feature called a$ %ee' ali&e connection$ to $ol&e thi$

o&erhead of creating a connection for each re3ue$t) Howe&er there i$ a timeout 'eriod

for thi$) .n $hort the web $er&er$ allow you to $'ecify the timeout 'eriod for which to

%ee' the connection$ ali&e, $o that a connection made during that inter&al doe$ not

re3uire to create a connection)

 In short connections are kept alive till the keep alive timeout you specify 

 

+nd belie&e me nginx i$ much better in handling large number of acti&e connection$,

com'ared to any other web $er&er$) .t claim$ that it can handle u'to 1 connection$

ali&e by only utiliing 2)B - of memory) So if you are u$ing nginx, go ahead and rai$e

your %ee' ali&e &alue to $omething higher li%e #B)

 

>

1 %ee'ali&eItimeout #B@

 

.f you are a 6inux u$er, then am $ure you mu$t ha&e heard about gi' com're$$ion) +nd

you might already %now the amount of com're$$ion le&el that can be achie&ed with gi'

for com're$$ing text content) =ou get com're$$ion rate in the range of M$) hich i$ a

&ery awe$ome com're$$ion le&el)

 

+ ma(or 'ortion of a web 'age i$ alway$ text content) The com'onent$ that ma%e a web

'age loo% good a$ well a$ enhance it$ functionalitie$ are al$o text content) +lthough they

are all code in di7erent language$ li%e html, SS and e&en a&aScri't *which the brow$er

%now$ to inter'ret at the end of the day they are text content)

Sending all data a$ it i$ o&er the wire to client$ i$ alway$ a bit $low) So each and e&ery

web $er&er $u''ort$ com're$$ion mechani$m to com're$$ the data that are being $ent

out to the client$) +l$o all modern web brow$er$ %now$ how to decom're$$ it)

 

8nabling com're$$ion can be &ery hel'ful to 'eo'le who are on $low networ%$ acce$$ing

your web$ite) 8nabling com're$$ion i$ not a tough ta$%) Similar to the 're&iou$ly $hown

o'tion$, com're$$ion and gi' o'tion i$ enabled in$ide the htt' bloc% $ection in

nginx)conf 0le)

 

.f you ha&e done com're$$ion with gi' tool in linux, then you mu$t be %nowing that it

ta%e$ a little bit of time to com're$$ the content de'ending u'on the $ie) +nd you might

al$o %now that if you increa$e the com're$$ion le&el, the end re$ult doe$ not ma%e anylarge $ub$tancial di7erence, but it will ta%e a little more time along with a little more P;

u$age)

 

Similarly while con0guring com're$$ion on our nginx web $er&er, we need to ta%e an

extra care of what to com're$$, when to com're$$, and the le&el of com're$$ion) +l$o we

need to ha&e a mechani$m where we can di$able com're$$ion for older web brow$er$

that doe$ not $u''ort thi$ feature)

 

So the 0r$t $te' i$ to enable com're$$ion) Thi$ can be done by adding the below

'arameter in$ide the htt' bloc%)

 >

8/9/2019 Nginx Performance Tuning

http://slidepdf.com/reader/full/nginx-performance-tuning 7/11

1 gi' on@

 

 The $econd $te' i$ to tell nginx, to only com're$$, when the $ie of the data being $ent i$

abo&e our $'eci0ed limit) Thi$ can be done a$ $hown below)

 

>

1 gi'IminIlength 2B#@

 

5<cial nginx web $ite de$cribe$ the abo&e min length 'arameter in a nice way) -elow i$

the de$cri'tion of the min length 'arameter from the o<cial nginx htt' module $ection)

 

6esponses shorter than this byte$length will not be compressed. 7ength is determined

from the 89ontent$7ength8 header.

 

Now a$ we di$cu$$ed earlier, too much com're$$ion doe$ not ma%e a $ub$tantial

di7erence, but will only add u' to P; u$age) om're$$ion le&el i$ mentioned from a

$cale of 1 to M) e do need com're$$ion, but not at a higher le&el) -ecau$e e&en the

ba$ic gi' com're$$ion doe$ a 'retty nice (ob) So let$ %ee' the &alue of com're$$ion

le&el $omewhere between from ! to B *Oe'ending u'on your wi$h

 

>

1 gi'Icom'Ile&el !@

 

Now we need to tell our nginx web $er&er about the ty'e$ of data that need$ to be

com're$$ed) Thi$ i$ generally text content ranging from r$$, c$$, html, (a&a$cri't etc) Thi$

can be done by adding the following line)

 

>

1 gi'Ity'e$ text/'lain text/c$$ a''lication/($on a''lication/x"(a&a$cri't text/xml a''lication/xml a''li

 

So our 0nal htt' bloc% $ection will loo% $omething li%e the one $hown below) 

8/9/2019 Nginx Performance Tuning

http://slidepdf.com/reader/full/nginx-performance-tuning 8/11

>

12!4

B#JM111121!141B

htt' ? include /etc/nginx/mime)ty'e$@defaultIty'e a''lication/octet"$tream@

acce$$Ilog o7@%ee'ali&eItimeout #B@gi' on@ gi'IminIlength 2B#@ gi'Icom'Ile&el !@ gi'Ity'e$ text/'lain text/c$$ a''lication/($on a''lication/x"(a&a$cri't text/xml a''lication/xml a''l A

 

+nother a$'ect of nginx that can $ub$tantially im'ro&e 'erformance i$ to enable caching

for metadata) Plea$e note the fact that thi$ doe$ not enable caching for the content, but

it$ caching for metadata) Thi$ feature of nginx *which i$ again 'art of the htt' bloc%

$ection, i$ called a$ Open_le_cache) The 0r$t thing to do i$ to enable it)

 

>

1 o'enI0leIcache maxQ1 inacti&eQ!$@

 

Plea$e note the fact that there i$ no ON $witch for thi$, but there i$ an o7 $witch) -efore

we under$tand the abo&e con0guration 'arameter, let$ $ee what are the content$ that

will be cached with thi$)

 

• 5'en 9ile Oe$cri'tor$

• 9ile Oe$cri'tor modi0cation time, their $ie etc)

•

8rror $tatu$ li%e no 'ermi$$ion, no 0le etc 

 The 0r$t 'arameter, max=10000 tell$ nginx web $er&er to only cache thi$ many number

of entrie$) 5ld inacti&e entrie$ are automatically Ku$hed out) Plea$e note the fact that

the inactive $witch tell$ the time after which a cache entry will be remo&ed if inacti&e)

5ther o'enI0leIcache o'tion$ that need$ to be con0gured are mentioned below)

 

1) Ralidity of a cache entry *open_le_cache_valid)

2) inimum number of time$ the cache entry ha$ to be acce$$ed before

the inactive number of $econd$, $o that it $tay$ in cache

*open_le_cache_min_uses

8/9/2019 Nginx Performance Tuning

http://slidepdf.com/reader/full/nginx-performance-tuning 9/11

!) ache error$ while $earching a 0le *open_le_cache_eos

 

So our o'en 0le cache con0guration will loo% $omething li%e the below)

 

>

12!4

o'enI0leIcache maxQ1 inacti&eQ!$@o'enI0leIcacheI&alid #$@o'enI0leIcacheIminIu$e$ 2@o'enI0leIcacheIerror$ on@

 

.f you ha&e a &ery high tra<c web $ite with nginx, $etting the abo&e o'en 0le cache

'arameter$ 'ro'erly can really boo$t the 'erformance)

 

+lthough we did $ee the %ee' ali&e $tu7 in nginx, there are yet few more 'arameter$ that

i$ &ery hel'ful in $'eci0ng the number of connection$ to be %e't ali&e from a client) +l$o

we ha&e few more o'tion$ to clo$e connection$ when the client doe$ not re$'ond)

 

 The 0r$t one i$ to limit the total number of re3ue$t$ that can be $er&ed through a %ee'

ali&e connection) The default &alue if not mentioned i$ 1 *which mean$ a client can

ma%e 1 $ucce$$full re3ue$t in$ide one %ee' ali&e connection)) 8&en that i$ too high for

one client, if you want you can increa$e thi$ &alue to $omething li%e 2 or $omething) Thi$ can be done a$ $hown below)

 

>

1 %ee'ali&eIre3ue$t$ 2@

 

ee'ing connection$ o'en for a client which i$ not re$'onding i$ not a good idea, it$

alway$ better to clo$e that connection and free u' memory a$$ociated with it) Thi$ can

be done a$ $hown below) 

>

1 re$etItimedoutIconnection on@

 

+nother nice o'tion that need$ to enabled for fa$ter tc' data tran$fer i$ $end0le) There i$

an excellent article from techre'ublic, that ex'lain$ the entire $tu7 in detail)

 

8/9/2019 Nginx Performance Tuning

http://slidepdf.com/reader/full/nginx-performance-tuning 10/11

Read: hat i$ $end0le* and how i$ it u$eful 

 Thi$ o'tion can be enabled in nginx a$ $hown below)

 

>

12

$end0le on@tc'Ino'u$h on@

 

tcp_nopush o'tion will ma%e nginx to $end all header 0le$ in a $ingle 'ac%et rather than

$e'erate 'ac%et$)

 

So our 0nal nginx)conf 0le will loo% $omething li%e the below $hown one)

 

>

12!4B#

JM111121!141B1#1J11M

221222!242B

wor%erI'roce$$e$ auto@wor%erIrlimitIno0le 1@e&ent$ ?  u$e e'oll@  wor%erIconnection$ 124@  multiIacce't on

Ahtt' ?  include /etc/nginx/mime)ty'e$@  defaultIty'e a''lication/octet"$tream@  acce$$Ilog o7@  %ee'ali&eItimeout #B@  %ee'ali&eIre3ue$t$ 2@  re$etItimedoutIconnection on@  $end0le on@  tc'Ino'u$h on@  gi' on@  gi'IminIlength 2B#@  gi'Icom'Ile&el !@

  gi'Ity'e$ text/'lain text/c$$ a''lication/($on a''lication/x"(a&a$cri't text/xml a''lication/xml a  o'enI0leIcache maxQ1 inacti&eQ!$@  o'enI0leIcacheI&alid #$@  o'enI0leIcacheIminIu$e$ 2@  o'enI0leIcacheIerror$ on@A

 

5nce you ha&e con0gured the re3uired change$ to im'ro&e the $'eed, i would $ugge$t to

do a web $er&er 'erformance te$t, with +- tool or any other tool to con0rm it$ $er&ingthe 'ur'o$e)

8/9/2019 Nginx Performance Tuning

http://slidepdf.com/reader/full/nginx-performance-tuning 11/11

 

Read: How to do web $er&er 'erformance te$t

 

Plea$e let me %now if thi$ article wa$ hel'ful) There are more number of o'tion$ in nginx,

i will $urely u'date thi$ article from time to time, a$ i 0nd or learn $omething new about

thi$) +l$o 'lea$e do not forget to 'oint out any wrong or incorrect information if any i$

're$ent in thi$ article through comment$ *a$ thi$ will hel' u$ a$ well a$ our reader$