Nginx Performance Optimization

Nginx performance optimization can be divided into two parts: optimization of the operating system and optimization of the team Nginx itself.

Optimization of the Linux system based on Nginx

1. Close Unnecessary services
Depending on the project requirements of your Linux server deployment, make the appropriate shutdown of unnecessary services or processes.

2. Optimize Write disk Operation
We guide, nginx each time access to a file, the Linux system will be his "access", that is, the access time to review the time a file was modified, you can use stat 文件名 the way to view, such as:

[[email protected] conf]# stat nginx.confFile:"nginx.conf"Size:2656Blocks:8IO Block:4096Normal fileDevice:ca01h/51713D Inode:660555Links:1Access:(0644/-rw-r--r--) Uid: (1001/UNKNOWN) Gid: (1001/UNKNOWN)Access:  -- One- -  -: to:05.221629056+0800Modify:  --Geneva- +  A: One:59.000000000+0800Change :  -- One- - Ten: -:10.421498579+0800[[email protected] conf]# 

Lists the time of the visit, so for a highly concurrent access system, these disk writes have a significant impact on the system, so turn off the feature.

/dev/sdb1  /dataext3  defaults 0  

Modify to the following configuration:

/dev/sdb1  /dataext3  defaults，noatime，nodiratime  0  

Then reboot the system to make it effective.

Or do not restart the system, you can use the Remount option to re-mount:

-->mount  -o  defaults，noatime，nodiratime  -o  remount  /dev/sdb1  /sdb-->mount  |  grep  sdb1/dev/sdb1  on  /sdb   type  ext3 (rw,noatime,nodiratime)

If it is a separately mounted partition or disk, you can execute the command directly:

-->mount  -o  defaults，noatime，nodiratime  /dev/sdb1  /sdb-->mount  |  grep  sdb1/dev/sdb1  on  /sdb   type  ext3 (rw,noatime,nodiratime)

3. Optimize Resource limits
Linux has a command for ulimit: the resources used to control shell programs for the resources used by the shell startup process, with the following syntax:

ulimit [-aHS][-c <core文件上限>][-d <数据节区大小>][-f <文件大小>][-m <内存大小>][-n <文件数目>][-p <缓冲区大小>][-s <堆叠大小>][-t <CPU时间>][-u <程序数目>][-v <虚拟内存大小>]

The parameters are:

-a displays the settings for the current resource limit. -c <core File Cap > set the maximum value of the core file in chunks. -d < data section size > Maximum value of the Program Data section, in kilobytes. -F < file size > The largest file the shell can create, in chunks. - H Set the hard limit for the resource, which is the limit set by the administrator. -m < memory size > Specifies the maximum amount of memory that can be used, in kilobytes. -N < number of files > specifies the maximum number of files that can be opened at the same time. -p < buffer size > Specifies the size of the pipe buffer  , in kilobytes. -s < stack size > specifies the upper limit of the stack, in kilobytes. - S Sets the elastic limit for the resource. -T <CPU time > Specifies the maximum CPU usage time in seconds. -u < number of programs > number of programs the user can open. -v < virtual memory size > Specifies the maximum amount of virtual memory that can be used, in kilobytes. 

Depending on the function of the parameter, you can use ulimit -a to enumerate the constraint information for the resource:

[Root@iZ94sni08orZ~]# Ulimit-acorefile size(blocks,-c)0Data segsize(Kbytes,-D) unlimitedscheduling priority (-e)0file size(blocks,-f) unlimitedpending signals (-i)3870MaxLockedMemory(Kbytes,-L) -Max Memory size(Kbytes,-m) unlimitedopen files (-N)65535Pipesize( +Bytes,-p)8POSIX message queues (bytes,-Q)819200Real-time priority (-R)0Stacksize(Kbytes,-s)10240CPU time (seconds,-t) unlimitedMaxUser processes (-u)3870VirtualMemory(Kbytes,-V) UnlimitedfileLocks (-X) unlimited[root@iZ94sni08orZ~]#

Is my CentOS7.0 information, and then use the command, to the system for Nginx optimization, you can use the following command to the resource of-N is unlimited, that is, the maximum value of the system: ulimit -n unlimited or ulimit -n 数目 to modify.

You can also modify the configuration file by modifying it as follows:

vim /etc/security/limits.conf

The file has only two lines, and the other is the comment content:

* soft nofile 65535* hard nofile 65535

Modify it to:

* soft nofile 65535* hard nofile 65535* soft nproc 65535* hard nproc 65535

After the above changes need to restart the dish after the effective.

4. Optimize Kernel TCP Options

Modify the kernel parameters, the file in /etc/sysctl.conf , contains content comments, can be read, the default content is:

# Kernel sysctl configuration file for Red Hat Linux## for binary values, 0 are disabled, 1 is enabled. See Sysctl (8) and# sysctl.conf (5) For more details.# Controls IP packet forwardingNet. IPV4. IP_forward =0# Controls Source Route verification# do not accept source routingNet. IPV4. conf. Default. Accept_source_route =0# Controls The System Request debugging functionality of the kernelKernel. SysRq=0# Controls Whether core dumps would append the PID to the core filename.# Useful for debugging multi-threaded applications.Kernel. Core_uses_pid =1# Controls the use of TCP syncookies# Disable NetFilter on bridges.Net. Bridge. Bridge-nf-Pager-ip6tables =0Net. Bridge. Bridge-nf-Pager-iptables =0Net. Bridge. Bridge-nf-Pager-arptables =0# Controls The default maxmimum size of a mesage queueKernel. MSGMNB=65536# Controls The maximum size of a message, in bytesKernel. Msgmax=65536# Controls The maximum shared segment size, in bytesKernel. Shmmax=68719476736# Controls The maximum number of shared memory segments, in pagesKernel. Shmall=4294967296Vm. Swappiness=0Net. IPV4. Neigh. Default. GC_stale_time= -Net. IPV4. conf. All. RP_filter=0Net. IPV4. conf. Default. RP_filter=0Net. IPV4. conf. Default. ARP_announce =2Net. IPV4. conf. All. ARP_announce=2Net. IPV4. TCP_max_tw_buckets = theNet. IPV4. TCP_syncookies =1Net. IPV4. TCP_max_syn_backlog =1024x768Net. IPV4. TCP_synack_retries =2Net. IPV4. conf. Lo. ARP_announce=2

Set the corresponding property to the following values, some modified, not added to:

Net. IPV4. TCP_max_tw_buckets =6000 #设置timewait的值, the default is 180000Net. IPV4.ip_local_port_range =1024x768 65000 #设置允许洗头膏打开的端口范围, the default is 32768-61000Net. IPV4. TCP_tw_recycle =1 #设置是否启用timewait快速回收, default is 0Net. IPV4. TCP_tw_reuse =1 #设置是否开启重新使用, which allows time-wait sockets to be re-used for new TCP connectionsNet. IPV4. TCP_syncookies =1 #设置是否开启SYN cookies, if enabled, then the SYN wait queue is one, then use Cookies to process, default to 0Net. Core_somaxconn =262144 #Net. Core_netdev_max_backlog =262144 #用于设置被传送到队列数据包的最大数目, queuing occurs when the network card accepts packets at a rate that is faster than the rate at which the kernel processes packets, and this parameter is used to set the size of the queueNet. IPV4. TCP_max_orphans =262144 #设置Linux能够处理不属于任何进程的套接字数量, that is, the process of dealing with orphansNet. IPV4. TCP_max_syn_backlog =262144 #用于记录尚未收到客户端确认信息的链接请求的最大值Net. IPV4. TCP_timestamps =0 #设置时间戳作为序列号, set to 0 to turn off the featureNet. IPV4. TCP_synack_retries =1 #设置SYN重试的次数, the default is 5, the second handshake in the TCP three handshake, the kernel needs to send a SYN that responds to the ACK of the previous SYN, that is, the number of times that the Wile opened the link and the kernel sent the syn. Reducing the value of this parameter helps avoid DDoS attacksNet. IPV4. TCP_syn_retries =1 #设置内核放弃建立链接之前发送SYN包的数量Net. IPV4. TCP_fin_timeout =1 #决定它包吃FIN The time of the-wait-2 stateNet. IPV4. TCP_keepalive_time = - #当启用该功能是, this parameter sets the frequency at which TCP sends keepalive messages

Optimized Nginx Server

1. Close the Access log
According to the corresponding needs, the corresponding module of logging, such as in the HTTP, server, location, these separate sections of the configuration of logging.

2, nginx server configuration optimization

Set in the configuration file of the server module:

worker_connections 65535keepalive_timeout 60client_header_buffer_size 8kworker_rlimit_nofile 65535

Of course, there are a lot of nginx optimization, the above simple learning record, I hope to help you.

Nginx Performance Optimization