High-flow site nginx and PHP-FPM configuration optimization (translation)

The experience of using Nginx with PHP for 7 years has taught us how to optimize nginx and PHP-FPM configurations for high-traffic sites.

Here are some tips and suggestions:

1. Switch TCP to UNIX domain sockets

UNIX domain sockets provide better performance (less data copying and context switching) than TCP sockets on the loopback interface.

But one thing to keep in mind: only programs running on the same server can access UNIX domain sockets (apparently no network support).

Upstream backend{    # UNIX domain sockets    server unix:/var/run/fastcgi.sock;    # TCP Sockets    # server 127.0.0.1:8080;}

2. Adjust the number of work processes

Modern computer hardware is multi-processor, Nginx can take advantage of multi-physical or virtual processor.

In most cases, your Web server will not be configured to handle a variety of tasks (such as serving as a Web server as well as a print server), you can configure Nginx to use all available processors, nginx working process is not multithreaded.

Run the following command to learn how many processors your machine has:

On Linux-

| grep processor

FreeBSD on-

| grep location

Set the value of work_processes in the nginx.conf file to the number of processor cores for the machine.

Also, increase the value of worker_connections (how many connections each processor core can handle), and set "multi_accept" to On, and use "Epoll" If you are using Linux:

# We have a coresworker_processes 16;# connections per workerevents{    worker_connections 4096;    Multi_accept on;}

3. Set Upstream load Balancing

In our experience, multiple upstream back ends on the same machine can deliver higher throughput compared to a single upstream back end.

For example, if you want to support a maximum of 1000 php-fpm child Processes (children), you can distribute the number evenly to two upstream back ends, each processing 500 php-fpm child processes:

Upstream backend {    server unix:/var/run/php5-fpm.sock1 weight=100 max_fails=5 fail_timeout=5;    Server Unix:/var/run/php5-fpm.sock2 weight=100 max_fails=5 fail_timeout=5;}

Here are the two process pools from php-fpm.conf:

<section name= "Pool" > <value name= "name" >www1</value> <value name= "Listen_address" >/var/run        /php5-fpm.sock1</value> <value name= "listen_options" > <value name= "Backlog" >-1</value> <value name= "owner" ></value> <value name= "group" ></value> <value name= "mode ">0666</value> </value> <value name=" user ">www</value> <value name=" group "&GT;WWW&L t;/value> <value name= "PM" > <value name= "style" >static</value> <value name= "Max_c Hildren ">500</value> </value> <value name=" Rlimit_files ">50000</value> <value name= "Rlimit_core" >0</value> <value name= "request_slowlog_timeout" >20s</value> <value name= " Slowlog ">/var/log/php-slow.log</value> <value name=" chroot "></value> <value name=" ChDir "& Gt;</value> <value NAMe= "Catch_workers_output" >no</value> <value name= "max_requests" >5000</value> <value name= " Allowed_clients ">127.0.0.1</value> <value name=" Environment "> <value name=" HOSTNAME "> $HOSTN ame</value> <value name= "PATH" >/usr/local/bin:/usr/bin:/bin</value> <value name= "TMP" &G t;/usr/tmp</value> <value name= "TMPDIR" >/usr/tmp</value> <value name= "TEMP" >/usr/tmp </value> <value name= "OSTYPE" > $OSTYPE </value> <value name= "MACHTYPE" > $MACHTYPE </v alue> <value name= "Malloc_check_" >2</value> </value></section><section name= "Pool" > <value name= "name" >www2</value> <value name= "Listen_address" >/var/run/php5-fpm.sock2</ value> <value name= "listen_options" > <value name= "Backlog" >-1</value> <value name    = "Owner" ></value>    <value name= "group" ></value> <value name= "mode" >0666</value> </value> <v Alue name= "User" >www</value> <value name= "group" >www</value> <value name= "PM" > &lt    ; value name= "style" >static</value> <value name= "Max_children" >500</value> </value> <value name= "Rlimit_files" >50000</value> <value name= "Rlimit_core" >0</value> <value name = "Request_slowlog_timeout" >20s</value> <value name= "Slowlog" >/var/log/php-slow.log</value> & Lt;value name= "chroot" ></value> <value name= "chdir" ></value> <value name= "Catch_workers_out Put ">no</value> <value name=" max_requests ">5000</value> <value name=" Allowed_clients ">        127.0.0.1</value> <value name= "Environment" > <value name= "HOSTNAME" > $HOSTNAME </value> <value name= "PATH" >/usr/local/bin:/usr/bin:/bin</value> <value name= "tmp" >/usr/tmp</value> <value name= "tmp DIR ">/usr/tmp</value> <value name=" TEMP ">/usr/tmp</value> <value name=" OSTYPE "> $O stype</value> <value name= "MACHTYPE" > $MACHTYPE </value> <value name= "Malloc_check_" >2 </value> </value></section>

4. Disabling Access log files

This is significant because log files on high-traffic sites involve a large number of IO operations that must be synchronized across all threads.

Access_log Off;log_not_found Off;error_log/var/log/nginx-error.log warn;

If you cannot close the access log file, you should at least use buffering:

Access_log/var/log/nginx/access.log main buffer=16k;

5. Enable gzip

Gzip on;gzip_disable "Msie6"; gzip_vary on;gzip_proxied any;gzip_comp_level 6;gzip_min_length 1100;gzip_buffers 8k; Gzip_http_version 1.1;gzip_types text/plain text/css application/json application/x-javascript text/xml application/ XML Application/xml+rss Text/javascript;

6. Caching of frequently accessed file-related information

Open_file_cache max=200000 inactive=20s;open_file_cache_valid 30s;open_file_cache_min_uses 2;open_file_cache_ Errors on;

7. Adjust the client timeout period

Client_max_body_size 500m;client_body_buffer_size 1m;client_body_timeout 15;client_header_timeout 15;keepalive_ Timeout 2 2;send_timeout 15;sendfile on;tcp_nopush on;tcp_nodelay on;

8. Adjust the output buffer size

Fastcgi_buffers 16k;fastcgi_buffer_size 128k;fastcgi_connect_timeout 3s;fastcgi_send_timeout 120s;fastcgi_read_ Timeout 120s;reset_timedout_connection on;server_names_hash_bucket_size 100;

9./etc/sysctl.conf Tuning

# Recycle Zombie connectionsnet.inet.tcp.fast_finwait2_recycle=1net.inet.tcp.maxtcptw=200000# Increase number of fileskern.maxfiles=65535kern.maxfilesperproc=16384# increase page share factor per processvm.pmap.pv_entry_max= 54272521vm.pmap.shpgperproc=20000# Increase number of connectionsvfs.vmiodirenable=1kern.ipc.somaxconn= 3240000net.inet.tcp.rfc1323=1net.inet.tcp.delayed_ack=0net.inet.tcp.restrict_rst=1kern.ipc.maxsockbuf= 2097152kern.ipc.shmmax=268435456# Host cachenet.inet.tcp.hostcache.hashsize= 4096net.inet.tcp.hostcache.cachelimit=131072net.inet.tcp.hostcache.bucketlimit=120# Increase Number of portsnet.inet.ip.portrange.first=2000net.inet.ip.portrange.last=100000net.inet.ip.portrange.hifirst= 2000net.inet.ip.portrange.hilast=100000kern.ipc.semvmx=131068# Disable Ping-flood attacksnet.inet.tcp.msl= 2000net.inet.icmp.bmcastecho=1net.inet.icmp.icmplim=1net.inet.tcp.blackhole=2net.inet.udp.blackhole=1

10. Monitoring

Continuous monitoring of the number of open connections, free memory, and waiting-state threads.

Set Alerts to notify you when thresholds are exceeded. You can build these alerts yourself, or use something like serverdensity.

Confirm that the Nginx stub_status module is installed. The module is not compiled into Nginx by default, so you may need to recompile the Nginx-

./configure--with-http_ssl_module--with-http_stub_status_module--WITHOUT-MAIL_POP3_MODULE--WITHOUT-MAIL_IMAP_ Module--without-mail_smtp_modulemake Install Batch=yes

High-flow site nginx and PHP-FPM configuration optimization (translation)