Web and Performance tuning

Performance Tuning for Nginx

1 Modify the core number of CPUs corresponding to the Nginx work process this is generally your CPU core number of twice times, founder is multiples, specific to several times to see the specific hardware configuration

2 Modifying the file descriptor 65536 ulimit-n Permanent effect can be changed/etc/sysctl.conf

3 Modifying the Linux kernel scheduling algorithm Epoll

4 Modifying the number of connections in theory is the number of worker processes * Number of connections However, Nginx's theoretical concurrency value is 65536, so ... You know

5 How much time to reach the amount of concurrency to cache, otherwise ... You know

6 (5) of this rule, the number of times that exceeds the number of concurrent

7 Regular checks on (5)

8 Setting the paged buffer

9 Setting the survival time this is the time when the Cline side opens browser The page does not shut down automatically

What else is nginx capable of?

Nginx can do the Web port forwarding and there is the reverse proxy

You can also do the direction of the agent software is what?

Nginx count a squid (no nginx so good, it can do just want to agent also can do echo agent, just reverse proxy function no other so powerful) calculate a varnish (specifically used to do the response agent) also counted a

What is a response agent, what is a forward proxy?

You can think of this is the client through the Internet to access the contents of the server, and at this time the service is in the internal network, not connected to the external network, so want to access the content of the server must be through the proxy software to achieve, How to implement the proxy service end is to point out who is his back-end server, and then the back-end server to know who is his proxy server, is such a child configuration.

Forward proxy you think you can't surf the internet, the agent helps you go online, and then you return the data to you

The reverse proxy is the same just, if he has no data, he will find the backend server to find the data and then to the client, if there is data directly back

What does CDN mean? CDN is a content distribution network. Why is CDN accelerating and can withstand some DDoS attacks? That's the rationale or the reverse proxy. The role of reverse proxy has two, one is that the server content of the alias is to impersonate the server to others forwarded content, the other is to play the role of security protection. How to say it can play a role in security protection? That is because he acts as a proxy for the server, if you attack the server, you really attack the person is the agent, so is not fair server, so this is the role of security protection.

The role of reverse proxy protects the site's security

The reverse proxy model has two models, which can be used as an alias for a content server or as a load balancer for a content server cluster

What are the advantages of Nginx port forwarding compared to other software?

Nginx can support a full regular expression and haproxy is also possible, just slightly weaker than nginx some, there is a LVS

The similarities and differences of each software:

In fact, these port forwarding software can also be called lb software or tools, because their existence is meant to solve a single point of failure and existence.

Nginx and Haproxy are working in the seven layer, Haproxy can also work in 4 layers, and LVS only work in four layers, LVS itself is used to do port forwarding.

Haproxy make up for Nginx session and cookie function, and work in the TCP protocol application software are supported, Nginx just support email and HTTP two, so say filter URL words with Nginx better, But to support the more complete TCP application software, or use haproxy, because the function of haproxy is not weaker than nginx in port forwarding with Nginx is comparable, or even better than nginx, just nginx this software function is too strong. Now it seems that the figure of LVs appears less Ah, that good now to say that LVS brings us what makes people happy function. LVS and Fastdfs are our own development, and now a lot of enterprises are already in use, the former name is called Chang Wensun (Dr.) The latter is called yuqing (CA).

Strong anti-load ability, because the LVS work way only distribution request nothing, if one of your node fails, then he still go back to his scheduling algorithm to send the request to the faulty one, although do load balancer inside is the strongest, but does not support regular expression and static and dynamic separation. So keepalive to help LVs ready, keepalive is a used to do high-availability software, at the same time with a health check mechanism attached to Nginx haproxy LVS three software advantages and disadvantages

Nginx works on layer seven, but only email and HTTP regular expressions are strongest, no cookies and session sessions, configuration type is simple (low)

Haproxy is to compensate for the shortcomings of Nginx, is also working on the seven layer, basically support all applications, support session sessions, support cookies, large load, support static and dynamic separation

LVS does not support static and dynamic separation and regular expression, but the load is the strongest, low configuration, working in four layers, because only do forwarding no traffic, so the impact on I/O is almost zero.

There are several working modes of LVS.

LVS-DR: What does that mean? That is, if the client sends a request, the data will not go directly to the Realserver, but first to the LVs hand, and LVs in his so-called Dr work mode and scheduling algorithm to call a realserver to direct the packet response to the client, without the data to the LVS. This is where the load balancer is not the same as the forward and reverse proxies.

Lvs-nat: That is, the network address translation, this is also with the above Dr Some similar, just a little different his mode of work changed, be repaid what kind of, it is this: when the client sent a request, He will be based on his scheduling algorithm and work mode to a call Realserver response to the client, and before the response, Realserver and LVs some things to complete before the completion of this is called the NAT work Mode "project", What is the Realserver and LVs going to do, there will be a lot of things to do? No in fact the principle is also very simple, with the network layer of the ARP protocol, just here is the client IP and port first converted to realserver IP and port, so after doing this thing of course to open the gateway route, that Gateway route is casually refers to it? NO, the gateway route is to refer to the LVS IP, because it (LVS) gives you the response data, so the designated gateway IP is it. The work on the realserver has been done, then the LVS do not configure anything, but the working mode of the LVS is realserver after the data turned back, is to go to the LVs hand, LVs Love did not give the data directly to the client, Instead of the previous client request to the IP and port to the VIP (virtual IP), the start of the client request data is not the first ClientIP and port to realserver IP and port to go with the realserver to the data, This time to return the data to the client, but also to go through with the realserver to the same data, but the return data do the action is not the same, the action of the return data is changed to Realserver IP and port to VIP (virtual IP), do not know this explanation you understand, This NAT mode really wants to be a positive and negative agent.

lvs-TUN: that is the way of the tunnel. Unlike Nat, he doesn't have to rewrite the client's IP and port address. What is that? That is to encapsulate the client's packet into a package called Iptun, which is equivalent to two times the package, and then the package through his working mode and scheduling algorithm to decide to call that a realserver directly to the client response

Its detailed workflow should be such a client to send a request, and then the Lvs-tun mode of operation of the client sent over the packet through two times encapsulated into the IP Tun packet, and then through the scheduling algorithm sent to the Realserver node,  The Realserver node is sent directly to the client after unpacking. That's it, it's finished.

Performance tuning for MySQL

1 disabling NUMA

2 Modifying the kernel's scheduling algorithm deadline

3 Modifying the startup script

4 File Descriptor

What is Fastdfs

FASTDFS architecture has at least client tracker storage These three components, the text for the technical aspects of speaking it, as long as can understand, is good expression. So sometimes the pursuit of perfection is not wrong, but to learn to use in what way

Want to fully understand Fastdfs this thing first you need to know it originally designed to be based on C (client)/S (server) mode.

It's a little bit like this. FTP Service, FTP This service is also based on the C/S architecture

Fastdfs is a distributed file system, what is its characteristic? What is a distributed file system? In fact, can be distributed in the Computer network node, of course, can also be in the local, but now mostly biased to the network, so generally speaking fastdfs is that he can be in the computer network nodes have multiple connections. If you remember the first NFS thing that was presented by Sun, you understand that Fastdfs is no more difficult. So what is NFS? NFS is a network file system, which is used to share storage, but the way it is shared is in a directory (or the folder or the warehouse is possible) to share the way, and similar to him is also called iSCSI, this is also used to do sharing, The only way to share this is to take a disk share to the outside. There is also a samba is used to share the directory, in fact, the configuration of these services are similar, such as Nfs,iscsi,samba,mysql read and write separation, MySQL master and slave, almost all of this. General will have who is my from, I can let who share my resources, designate who is the sharer, who is to enjoy my resources, and what Port Ah, almost the configuration is like that. Therefore, the operational dimension of the configuration is not much difficult.

Why to share, when we need to share ah, in fact, this you can through our now a lot of examples to facilitate management ah, to achieve resource sharing, convenient and quick? As long as there is a network you want to give me the things you do not have to pass the USB drive to transmit is not.

This article is from the "12556565" blog, please be sure to keep this source http://12566565.blog.51cto.com/12556565/1915327

Web and Performance tuning