Optimize System Parameters in CentOS to build high-availability LNMP WEB
Main reference:
Http://www.howtocn.org/nginx:%E9%85%8D%E7%BD% AE %E4%B8%80%E4%B8%AA%E9% AB %98%E6%80%A7%E8%83%BD%E7%9A%84nginx_fastcgi%E6%9C%8D%E5%8A%A1%E5%99%A8
I. Linux system parameter optimization
1. Configure the limit on the number of files opened in Linux. The default value is 1024.
Vim/etc/security/limits. conf open this file and add the following parameters at the bottom:
- * Soft nofile 65535
- * Hard nofile 65535
- * Soft nproc 65535
- * Hard nproc 65535
Because the write configuration file needs to be restarted, it must be executed on the terminal: ulimit-n 65535 to take effect temporarily.
2. Kernel Parameter Optimization instructions (for reference only ):
Net. ipv4.tcp _ max_tw_buckets = 6000
# Number of timewait instances. The default value is 180000.
Net. ipv4.ip _ local_port_range = 1024 65000
# Port range that can be opened by the system.
Net. ipv4.tcp _ tw_recycle = 1
# Enable timewait quick recovery.
Net. ipv4.tcp _ tw_reuse = 1
# Enable reuse. Allow TIME-WAIT sockets to be re-used for a New TCP connection.
Net. ipv4.tcp _ syncookies = 1
# Enable SYN Cookies. When a SYN wait queue overflow occurs, enable cookies for processing.
Net. core. somaxconn = 262144
# The backlog of the listen function in the web application will limit the net. core. somaxconn of the kernel parameter to 128 by default, while the NGX_LISTEN_BACKLOG defined by nginx is 511 by default, so it is necessary to adjust this value.
Net. core. netdev_max_backlog = 262144
# The maximum number of packets that can be sent to the queue when each network interface receives packets faster than the kernel processes these packets.
Net. ipv4.tcp _ max_orphans = 262144
# The maximum number of TCP sockets in the system is not associated with any user file handle. If this number is exceeded, the orphan connection is immediately reset and a warning is printed. This limit is only used to prevent simple DoS attacks. You cannot rely too much on it or artificially reduce the value. You should also increase this value (if the memory is increased ).
Net. ipv4.tcp _ max_syn_backlog = 262144
# The maximum number of connection requests that have not received confirmation from the client. For systems with 1024 MB of memory, the default value is 128, while for systems with small memory, the value is.
Net. ipv4.tcp _ timestamps = 0
# Timestamp can avoid serial number winding. A 1 Gbit/s link must have a previously used serial number. The timestamp allows the kernel to accept such "abnormal" packets. Disable it here.
Net. ipv4.tcp _ synack_retries = 1
# In order to open the peer connection, the kernel needs to send a SYN with an ACK that responds to the previous SYN. That is, the second handshake in the three-way handshake. This setting determines the number of SYN + ACK packets sent before the kernel disconnects.
Net. ipv4.tcp _ syn_retries = 1
# Number of SYN packets sent before the kernel disconnects the connection.
Net. ipv4.tcp _ fin_timeout = 1
# If the socket is disabled by the local end, this parameter determines the time it remains in the FIN-WAIT-2 state. The peer can make an error and never close the connection, or even become an unexpected machine. The default value is 60 seconds. 2.2 The kernel value is usually 180 seconds. You can follow this setting, but remember that even if your machine is a lightweight WEB server, there is also a risk of memory overflow due to a large number of dead sockets. The risk of FIN-WAIT-2 is smaller than that of FIN-WAIT-1, because it can only eat K of memory at most, however, they have a longer lifetime.
Net. ipv4.tcp _ keepalive_time = 30
# The frequency of keepalive messages sent by TCP when keepalive is in use. The default value is 2 hours.
3. A complete kernel Optimization Configuration (for reference only)
- Net. ipv4.ip _ forward = 0
- Net. ipv4.conf. default. rp_filter = 1
- Net. ipv4.conf. default. accept_source_route = 0
- Kernel. sysrq = 0
- Kernel. core_uses_pid = 1
- Net. ipv4.tcp _ syncookies = 1
- Kernel. msgmnb = 65536
- Kernel. msgmax = 65536
- Kernel. shmmax = 68719476736
- Kernel. shmall = 4294967296
- Net. ipv4.tcp _ max_tw_buckets = 6000
- Net. ipv4.tcp _ sack = 1
- Net. ipv4.tcp _ window_scaling = 1
- Net. ipv4.tcp _ rmem = 4096 87380 4194304
- Net. ipv4.tcp _ wmem = 4096 16384 4194304
- Net. core. wmem_default = 8388608
- Net. core. rmem_default = 8388608
- Net. core. rmem_max = 16777216
- Net. core. wmem_max = 16777216
- Net. core. netdev_max_backlog = 262144
- Net. core. somaxconn = 262144
- Net. ipv4.tcp _ max_orphans = 3276800
- Net. ipv4.tcp _ max_syn_backlog = 262144
- Net. ipv4.tcp _ timestamps = 0
- Net. ipv4.tcp _ synack_retries = 1
- Net. ipv4.tcp _ syn_retries = 1
- Net. ipv4.tcp _ tw_recycle = 1
- Net. ipv4.tcp _ tw_reuse = 1
- Net. ipv4.tcp _ mem = 94500000 915000000 927000000
- Net. ipv4.tcp _ fin_timeout = 1
- Net. ipv4.tcp _ keepalive_time = 30
- Net. ipv4.ip _ local_port_range = 1024 65000
Ii. Nginx configuration file Optimization
1. Restrictions on the number of opened files in Nginx Configuration
Worker_processes 12; this parameter is set based on the number of CPU cores.
Worker_rlimit_nofile 65535; # maximum number of file descriptors opened by the nginx Process
Use epoll; # use the I/O model of epoll.
Events {
Worker_connections 65535; # maximum number of connections allowed by each process
}
2. Nxing (reverse proxy) Main Parameter Optimization Configuration Template
Sendfile on;
Keepalive_timeout 65; # keepalive timeout
Client_header_buffer_size 4 k; the buffer size of the client request header
Open_file_cache max = 102400 inactive = 20 s; # This will specify the cache for opening the file, which is not enabled by default. max specifies the cache quantity. It is recommended that it be consistent with the number of opened files, inactive refers to the time after which a file is deleted after being requested.
Open_file_cache_valid 30 s; # This indicates how long it takes to check the cache's valid information.
Open_file_cache_min_uses 1;
# The minimum number of times files are used in the inactive parameter time in the open_file_cache command
Proxy_connect_timeout 65; specifies the timeout time for connecting to the backend FastCGI
Proxy_read_timeout 600; timeout for receiving FastCGI responses
Proxy_send_timeout 600; the timeout time for sending a request to FastCGI. This value refers to the timeout time for sending a request to FastCGI after two handshakes have been completed.
Proxy_buffer_size 64 k;
Proxy_buffers 4 32 k;
Proxy_busy_buffers_size 64 k;
Gzip on;
Gzip_min_length 1000;
Gzip_buffers 4 8 k;
Gzip_comp_level 3;
Gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml + rss text/javascript;
2. Nxing (PHP-FPM) Main Parameter Optimization Configuration Template
Sendfile on;
Keepalive_timeout 65; # keepalive timeout
Client_header_buffer_size 4 k; the buffer size of the client request header
Open_file_cache max = 102400 inactive = 20 s; # This will specify the cache for opening the file, which is not enabled by default. max specifies the cache quantity. It is recommended that it be consistent with the number of opened files, inactive refers to the time after which a file is deleted after being requested.
Open_file_cache_valid 30 s; # This indicates how long it takes to check the cache's valid information.
Open_file_cache_min_uses 1;
# The minimum number of times files are used in the inactive parameter time in the open_file_cache command
Large_client_header_buffers 4 32 k;
Fastcgi_connect_timeout 300;
Fastcgi_read_timeout 300;
Fastcgi_send_timeout 300;
Fastcgi_buffer_size 64 k;
Fastcgi_buffers 4 32 k;
Fastcgi_busy_buffers_size 64 k;
Fastcgi_temp_file_write_size 64 k;
Client_max_body_size 30 m;
Gzip on;
Gzip_min_length 1000;
Gzip_buffers 4 8 k;
Gzip_comp_level 3;
Gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml + rss text/javascript;
Iii. Parameters of the PHP-fpm configuration file
Reference: http://php.net/manual/zh/install.fpm.configuration.php
Modify parameters in the php-fpm.conf
Set the parameters based on the server memory and memory size (the memory occupied by each PHP process is between 11 mb and 15 MB)
Pm. max_children = 500 # Number of php-fpm processes enabled in static mode.
Pm. start_servers = 200 # Number of initial php-fpm processes in dynamic mode
Pm. min_spare_servers = 100 # minimum number of php-fpm processes in dynamic mode
Pm. max_spare_servers = 30 # maximum number of php-fpm processes in dynamic mode
Request_terminate_timeout = 60 s # set the maximum PHP Execution time
Emergency_restart_interval = 10 s # used to set the interval of smooth restart
