Shulou(Shulou.com)06/02 Report--

The parameters that need to be optimized in the Nginx configuration file are the following:

Worker_processes 8

The number of Nginx profile processes can be specified according to the number of cpu, which is generally a multiple of it.

Worker_cpu_affinity 00000001 00000010 00000100 00001000 00010000 00100000 01000000 10000000

Specify a cpu for each process. In the example above, eight processes are assigned to eight cpu, or one process can be assigned to multiple cpu.

Worker_rlimit_nofile 102400

The maximum number of file descriptors opened by the Nginx process, consistent with the value of ulimit-n.

Use epoll

Use epoll's Icano model.

Worker_connections 102400

The maximum number of connections per process, theoretically the maximum number of connections per Nginx server is worker_processes*worker_connections.

Keepalive_timeout 60

Keepalive timeout.

Client_header_buffer_size 4k

The buffer size of the client request header can be set according to the system paging size, and the page size can be obtained by the command getconf PAGESIZE.

Open_file_cache max=102400 inactive=20s

Open files to specify caching, which is not enabled by default. Max specifies the number of caches, which is recommended to be the same as the number of open files. Inactive refers to how long a file has not been requested before deleting the cache.

Open_file_cache_valid 30s

This refers to how often the valid information in the cache is checked.

Open_file_cache_min_uses 1

The minimum number of times a file is used during the time of the inactive parameter in the open_file_cache directive. If this number is exceeded, the file descriptor is always opened in the cache. As in the example above, if a file is not used once in inactive time, it will be removed.

Optimization of kernel parameters:

Net.ipv4.tcp_max_tw_buckets = 6000

The number of timewait. The default is 180000.

Net.ipv4.ip_local_port_range = 1024 65000

The range of ports that the system is allowed to open.

Net.ipv4.tcp_tw_recycle = 1

Enable timewait fast recycling.

Net.ipv4.tcp_tw_reuse = 1

Turn on reuse. Allows TIME-WAIT sockets to be reused for new TCP connections.

Net.ipv4.tcp_syncookies = 1

Enable SYN Cookies, and when SYN waiting queue overflow occurs, enable cookies to handle it.

Net.core.somaxconn = 262144

The backlog of the listen function in the web application limits the net.core.somaxconn of our kernel parameters to 128 by default, while the NGX_LISTEN_BACKLOG defined by Nginx defaults to 511, so it is necessary to adjust this value.

Net.core.netdev_max_backlog = 262144

The maximum number of packets allowed to be sent to the queue when each network interface receives packets faster than the kernel processes them.

Net.ipv4.tcp_max_orphans = 262144

The maximum number of TCP sockets in the system that are not associated to any of the user file handles. If this number is exceeded, the orphan connection will be immediately reset and a warning message will be printed. This limit is only to prevent simple DoS × ×, do not rely too much on it or artificially reduce this value, but should increase this value (if you increase memory).

Net.ipv4.tcp_max_syn_backlog = 262144

The maximum value of recorded connection requests for which the client acknowledgement has not been received. For systems with 128 megabytes of memory, the default is 1024, and for systems with small memory, it is 128.

Net.ipv4.tcp_syn_retries = 1

The number of SYN packets sent before the kernel gives up establishing a connection.

Net.ipv4.tcp_timestamps = 0

The timestamp avoids the winding of serial numbers. A 1Gbps link is sure to encounter a sequence number that has been used before. Timestamps allow the kernel to accept such "abnormal" packets. It needs to be turned off here.

Net.ipv4.tcp_synack_retries = 1

To open a peer-to-peer connection, the kernel needs to send a SYN with an ACK that responds to the previous SYN. It is the second handshake in the so-called three-way handshake. This setting determines the number of SYN+ACK packets sent by the kernel before the connection is abandoned.

Net.ipv4.tcp_fin_timeout = 1

If the socket is closed by the local request, this parameter determines how long it remains in the FIN-WAIT-2 state. The peer can make an error and never close the connection, or even crash unexpectedly. The default value is 60 seconds. 2.2 the usual value of the kernel is 180s, you can press this setting, but keep in mind that even if your machine is a light WEB server, there is a risk of memory overflow due to a large number of dead sockets. FIN-WAIT- 2 is less dangerous than FIN-WAIT-1 because it can only eat up to 1.5K of memory, but they last longer.

Net.ipv4.tcp_keepalive_time = 30

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.