NI
Uploaded byNGINX, Inc.
PPTX, PDF10,570 views

NGINX Installation and Tuning

This document outlines a webinar on nginx installation and tuning, detailing the installation process, system and software tuning, and benchmarking techniques. It highlights the functionalities of nginx, compares its open-source version with nginx plus, and provides practical commands for installation and tuning. The final emphasis is on installing from the official nginx repository and the importance of benchmarking for optimal performance.

Embed presentation

Downloaded 368 times
NGINX Installation and Tuning Introduced by Andrew Alexeev Presented by Owen Garrett Nginx, Inc.
About this webinar You’re ready to make your applications more responsive, scalable, fast and secure. Then it’s time to get started with NGINX. In this webinar, you will learn how to install NGINX from a package or from source onto a Linux host. We’ll then look at some common operating system tunings you could make to ensure your NGINX install is ready for prime time.
Agenda • Installing NGINX – Installation source, NGINX features • Tuning NGINX – Operating System tuning – NGINX software tuning • Benchmarking NGINX We’re covering a lot of material. Please feel free to take screenshots and read up afterwards.
BEFORE YOU INSTALL NGINX…
What can NGINX do for you? Internet N Web Server Serve content from disk Application Gateway FastCGI, uWSGI, Passenger… Proxy HTTP traffic Caching, Load Balancing… Application Acceleration SSL and SPDY termination Performance Monitoring High Availability Advanced Features: Bandwidth Management Content-based Routing Request Manipulation Response Rewriting Authentication Video Delivery Mail Proxy GeoLocation
Deployment Plan Determine the functionality you’ll need from NGINX: • Authentication • Proxy to API gateways • GZIP • GeoIP • etc. etc. Modules list at nginx.org
Three questions before installing NGINX 1. What functionality do you require? • Standard modules • NGINX Plus functionality • Optional NGINX and third-party modules 3. How do you want to install? • “Official” NGINX packages (nginx.org) • Build from Source • From Operating System repository • From Amazon AWS Marketplace 2. What branch do you want to track? • Mainline (1.7) • Stable (1.6) • Something older? http://nginx.com/blog/ngi nx-1-6-1-7-released/
Recommended Install 1. Standard modules (nginx.org) or NGINX Plus 2. Mainline (1.7) 3. Install from nginx.org or nginx-plus repository nginx.org builds do not include: • Modules with complex 3rd-party dependencies: • GeoIP, Image_Filter, Perl, XSLT • Modules that are part of NGINX Plus • Third-party modules e.g. Lua, Phusion Passenger http://nginx.com/products/technical-specs/
Difference between NGINX and NGINX Plus http://nginx.com/products/feature-matrix/ NGINX • High-performance, open source web server and accelerating proxy. • Community support through mailing lists on nginx.org, stackoverflow, subject experts etc. NGINX Plus • Adds Enterprise Load Balancing and Application Delivery features. • Full support and updates from NGINX Inc., the team who built and manage NGINX.
INSTALLING NGINX
Installation process $ wget http://nginx.org/keys/nginx_signing.key $ sudo apt-key add nginx_signing.key # cat > /etc/apt/sources.list.d/nginx.list deb http://nginx.org/packages/mainline/ubuntu/ trusty nginx deb-src http://nginx.org/packages/mainline/ubuntu/ trusty nginx # apt-get update # apt-cache policy nginx nginx: Installed: (none) Candidate: 1.7.0-1~trusty Version table: 1.7.0-1~trusty 0 500 http://nginx.org/packages/mainline/ubuntu/ trusty/nginx amd64 Packages 1.4.6-1ubuntu3 0 500 http://us.archive.ubuntu.com/ubuntu/ trusty/main amd64 Packages http://nginx.org/en/linux_packages.html#mainline
Verify that it is working # /etc/init.d/nginx status * nginx is running # /usr/sbin/nginx –v nginx version: nginx/1.7.0
TUNING NGINX #1: UNDERSTAND WHAT’S HAPPENING
Common tools • vmstat
Common tools • strace
Other tools • tcpdump / wireshark • Chrome dev tools • System log (dmesg –c)
TUNING NGINX: #2: TUNING THE OPERATING SYSTEM
Tuning the operating system • Basic tunables: – Backlog queue: limits number of pending connections – File descriptors: limit number of active connections – Ephemeral ports: limit number of upstream connections
Configuring Tunables - HOWTO • /proc: # echo "1" > /proc/sys/net/ipv4/tcp_syncookies • sysctl.conf: # vi /etc/sysctl.conf # Prevent against the common 'syn flood attack' net.ipv4.tcp_syncookies = 1 # sysctl –p
The Backlog Queue • What happens when a connection is received? – SYN / SYNACK [syn_backlog queue] or syncookie – ACK [listen backlog queue] / NGINX:accept() – net.ipv4.tcp_max_syn_backlog – net.ipv4.tcp_syncookies – net.core.somaxconn • NGINX: listen backlog=1024 – net.core.netdev_max_backlog
File Descriptors • What happens when a connection is processed? File descriptors are the key resource – estimate 2 per connection. – fs.file_max – /etc/security/limits.conf – worker_rlimit_nofile 200000;
Ephemeral Ports • What happens when NGINX proxies connections? Each TCP connection requires a unique 4-tuple: [src_ip:src_port, dst_ip:dst_port] Ephemeral port range and lifetime: – net.ipv4.ip_local_port_range – net.ipv4.tcp_fin_timeout
Keep checking kernel messages # dmesg -c # tail -f /var/log/kern.log
TUNING NGINX: #3: TUNING THE SOFTWARE
Tuning NGINX #1: You don’t need to “tune” very much #2: Don’t tune just for a benchmark #3: Use our Prof Services team to help
Common tunings worker_processes auto; – set to ‘auto’ or higher worker_connections – set to less than file descriptor count. accept_mutex: disable for busy services
The proxy should use keepalives Close TCP Connection (two-way handshake) Open TCP Connection (three-way handshake) Write HTTP request Read HTTP response Wait (timeout) NGINX or server closes the connection NGINX re-uses connection for another request server { listen 80; location / { proxy_pass http://backend; proxy_http_version 1.1; proxy_set_header Connection ""; } } upstream backend { server webserver1 max_conns=256; server webserver2 max_conns=256; queue 4096 timeout=15s; # maintain a maximum of 20 idle connections to each upstream server keepalive 20; }
BENCHMARKING NGINX
Why benchmark NGINX? 1. To find how fast NGINX can go 2. To tune NGINX for your workload 3. To find where the bottlenecks are 4. All of the above
IN CONCLUSION…
In conclusion: • Install from the nginx repo – NGINX or NGINX Plus • Basic tuning and configuration – dmesg / kern.log • Benchmark / stress test http://nginx.com/ • NGINX Professional Services and Training
https://speakerdeck.com/dctrwatson/c1m-and-nginx https://www.youtube.com/watch?v=yL4Q7D4ynxU https://gist.github.com/dctrwatson/0b3b52050254e273ff11

More Related Content

PPTX
Nginx A High Performance Load Balancer, Web Server & Reverse Proxy
byAmit Aggarwal
 
PPTX
High Availability Content Caching with NGINX
byNGINX, Inc.
 
PPTX
Nginx
byDhrubaji Mandal ♛
 
PPTX
Introduction to NGINX web server
byMd Waresul Islam
 
PDF
NGINX: Basics and Best Practices EMEA
byNGINX, Inc.
 
PPTX
NGINX: Basics and Best Practices
byNGINX, Inc.
 
PPTX
NGINX: High Performance Load Balancing
byNGINX, Inc.
 
ODP
Introduction to Nginx
byKnoldus Inc.
 
Nginx A High Performance Load Balancer, Web Server & Reverse Proxy
byAmit Aggarwal
 
High Availability Content Caching with NGINX
byNGINX, Inc.
 
Nginx
byDhrubaji Mandal ♛
 
Introduction to NGINX web server
byMd Waresul Islam
 
NGINX: Basics and Best Practices EMEA
byNGINX, Inc.
 
NGINX: Basics and Best Practices
byNGINX, Inc.
 
NGINX: High Performance Load Balancing
byNGINX, Inc.
 
Introduction to Nginx
byKnoldus Inc.
 

What's hot

PPTX
NGINX: High Performance Load Balancing
byNGINX, Inc.
 
PPTX
Nginx
byGeeta Vinnakota
 
PPTX
NGINX: Basics & Best Practices - EMEA Broadcast
byNGINX, Inc.
 
PPTX
Learn nginx in 90mins
byLarry Cai
 
PPT
Nginx internals
byliqiang xu
 
PPTX
Load Balancing and Scaling with NGINX
byNGINX, Inc.
 
PDF
Nginx Essential
byGong Haibing
 
PDF
Redis cluster
byiammutex
 
PDF
Ansible
byKamil Lelonek
 
PDF
Ansible
byVishal Yadav
 
PDF
Automation with ansible
byKhizer Naeem
 
PPTX
Apache Kafka Best Practices
byDataWorks Summit/Hadoop Summit
 
PPTX
5 things you didn't know nginx could do
bysarahnovotny
 
PPT
Monitoring using Prometheus and Grafana
byArvind Kumar G.S
 
PDF
[2018] 오픈스택 5년 운영의 경험
byNHN FORWARD
 
PPTX
Apache Kafka Security
byDataWorks Summit/Hadoop Summit
 
ODP
Introduction to Ansible
byKnoldus Inc.
 
PDF
[오픈소스컨설팅] Open Stack Ceph, Neutron, HA, Multi-Region
byJi-Woong Choi
 
PPTX
Hashicorp Vault ppt
byShrey Agarwal
 
PDF
Kubernetes Networking
byCJ Cullen
 
NGINX: High Performance Load Balancing
byNGINX, Inc.
 
Nginx
byGeeta Vinnakota
 
NGINX: Basics & Best Practices - EMEA Broadcast
byNGINX, Inc.
 
Learn nginx in 90mins
byLarry Cai
 
Nginx internals
byliqiang xu
 
Load Balancing and Scaling with NGINX
byNGINX, Inc.
 
Nginx Essential
byGong Haibing
 
Redis cluster
byiammutex
 
Ansible
byKamil Lelonek
 
Ansible
byVishal Yadav
 
Automation with ansible
byKhizer Naeem
 
Apache Kafka Best Practices
byDataWorks Summit/Hadoop Summit
 
5 things you didn't know nginx could do
bysarahnovotny
 
Monitoring using Prometheus and Grafana
byArvind Kumar G.S
 
[2018] 오픈스택 5년 운영의 경험
byNHN FORWARD
 
Apache Kafka Security
byDataWorks Summit/Hadoop Summit
 
Introduction to Ansible
byKnoldus Inc.
 
[오픈소스컨설팅] Open Stack Ceph, Neutron, HA, Multi-Region
byJi-Woong Choi
 
Hashicorp Vault ppt
byShrey Agarwal
 
Kubernetes Networking
byCJ Cullen
 

Viewers also liked

PPTX
NGINX High-performance Caching
byNGINX, Inc.
 
PDF
Nginx Internals
byJoshua Zhu
 
PPTX
Maximizing PHP Performance with NGINX
byNGINX, Inc.
 
PDF
Tuning TCP and NGINX on EC2
byChartbeat
 
PDF
How to secure your web applications with NGINX
byWallarm
 
PDF
How to monitor NGINX
byServer Density
 
PPTX
Video Streaming. NGINX RTMP in particular
byAnton Pinchuk
 
PDF
Naxsi, an open source WAF for Nginx
byPositive Hack Days
 
PDF
Monitoring Highly Dynamic and Distributed Systems with NGINX Amplify
byNGINX, Inc.
 
KEY
Nginx - Tips and Tricks.
byHarish S
 
ODP
When dynamic becomes static : the next step in web caching techniques
byWim Godden
 
ODP
When dynamic becomes static : the next step in web caching techniques
byWim Godden
 
PPT
Streaming, Content Delivery & Networks Dr Angus Hay Neotel
byguest22cb1ea7
 
PDF
Time-Series Monitoring Graphs with D3 & Rickshaw
byRichard Powell
 
PDF
Nginx
byGordon Forsythe
 
PPTX
HTTP/2: Ask Me Anything
byNGINX, Inc.
 
PPTX
WordPress + NGINX Best Practices with EasyEngine
byNGINX, Inc.
 
PDF
Fisl15 Streaming de vídeo ao vivo na globo.com
byLeandro Moreira
 
PPTX
What's New in HTTP/2
byNGINX, Inc.
 
PPT
Tuning 17 march
byBinan AL Halabi
 
NGINX High-performance Caching
byNGINX, Inc.
 
Nginx Internals
byJoshua Zhu
 
Maximizing PHP Performance with NGINX
byNGINX, Inc.
 
Tuning TCP and NGINX on EC2
byChartbeat
 
How to secure your web applications with NGINX
byWallarm
 
How to monitor NGINX
byServer Density
 
Video Streaming. NGINX RTMP in particular
byAnton Pinchuk
 
Naxsi, an open source WAF for Nginx
byPositive Hack Days
 
Monitoring Highly Dynamic and Distributed Systems with NGINX Amplify
byNGINX, Inc.
 
Nginx - Tips and Tricks.
byHarish S
 
When dynamic becomes static : the next step in web caching techniques
byWim Godden
 
When dynamic becomes static : the next step in web caching techniques
byWim Godden
 
Streaming, Content Delivery & Networks Dr Angus Hay Neotel
byguest22cb1ea7
 
Time-Series Monitoring Graphs with D3 & Rickshaw
byRichard Powell
 
Nginx
byGordon Forsythe
 
HTTP/2: Ask Me Anything
byNGINX, Inc.
 
WordPress + NGINX Best Practices with EasyEngine
byNGINX, Inc.
 
Fisl15 Streaming de vídeo ao vivo na globo.com
byLeandro Moreira
 
What's New in HTTP/2
byNGINX, Inc.
 
Tuning 17 march
byBinan AL Halabi
 

Similar to NGINX Installation and Tuning

PDF
NGINX ADC: Basics and Best Practices
byNGINX, Inc.
 
PDF
NGINX ADC: Basics and Best Practices – EMEA
byNGINX, Inc.
 
PDF
ITB2019 NGINX Overview and Technical Aspects - Kevin Jones
byOrtus Solutions, Corp
 
PPTX
NGINX Basics: Ask Me Anything – EMEA
byNGINX, Inc.
 
PPTX
NGINX 101 - now with more Docker
bysarahnovotny
 
PPTX
NGINX 101 - now with more Docker
bySarah Novotny
 
PPTX
NGINX: Back to Basics – APCJ
byNGINX, Inc.
 
PPTX
What's New in NGINX Plus R7?
byNGINX, Inc.
 
PPTX
5 things you didn't know nginx could do velocity
bysarahnovotny
 
PDF
tuning-nginx-for-high-performance-nick-shadrin.pdf
bytrihang02122018
 
PPTX
Installing and Configuring NGINX Open Source
byNGINX, Inc.
 
PDF
How to Install NGINX on CentOS 10 (Step-by-Step Guide).pdf
byGreen Webpage
 
PDF
How to Get Started With NGINX
byNGINX, Inc.
 
PPTX
Basics of NGINX
bySquash Apps Pvt Ltd
 
PPTX
NGINX Basics and Best Practices Workshop
byNGINX, Inc.
 
PDF
NGINX: The Past, Present and Future of the Modern Web
byKevin Jones
 
PDF
ITB2017 - Nginx ppf intothebox_2017
byOrtus Solutions, Corp
 
PPTX
Load Balancing Container with Nginx
byKumar Mayank
 
PDF
NginX - good practices, tips and advanced techniques
byClaudio Borges
 
PDF
NGINX.conf 2016 - Fail in order to succeed ! Designing Microservices for fail...
byDragos Dascalita Haut
 
NGINX ADC: Basics and Best Practices
byNGINX, Inc.
 
NGINX ADC: Basics and Best Practices – EMEA
byNGINX, Inc.
 
ITB2019 NGINX Overview and Technical Aspects - Kevin Jones
byOrtus Solutions, Corp
 
NGINX Basics: Ask Me Anything – EMEA
byNGINX, Inc.
 
NGINX 101 - now with more Docker
bysarahnovotny
 
NGINX 101 - now with more Docker
bySarah Novotny
 
NGINX: Back to Basics – APCJ
byNGINX, Inc.
 
What's New in NGINX Plus R7?
byNGINX, Inc.
 
5 things you didn't know nginx could do velocity
bysarahnovotny
 
tuning-nginx-for-high-performance-nick-shadrin.pdf
bytrihang02122018
 
Installing and Configuring NGINX Open Source
byNGINX, Inc.
 
How to Install NGINX on CentOS 10 (Step-by-Step Guide).pdf
byGreen Webpage
 
How to Get Started With NGINX
byNGINX, Inc.
 
Basics of NGINX
bySquash Apps Pvt Ltd
 
NGINX Basics and Best Practices Workshop
byNGINX, Inc.
 
NGINX: The Past, Present and Future of the Modern Web
byKevin Jones
 
ITB2017 - Nginx ppf intothebox_2017
byOrtus Solutions, Corp
 
Load Balancing Container with Nginx
byKumar Mayank
 
NginX - good practices, tips and advanced techniques
byClaudio Borges
 
NGINX.conf 2016 - Fail in order to succeed ! Designing Microservices for fail...
byDragos Dascalita Haut
 

More from NGINX, Inc.

PDF
【NGINXセミナー】 Ingressを使ってマイクロサービスの運用を楽にする方法
byNGINX, Inc.
 
PDF
【NGINXセミナー】 NGINXのWAFとは?その使い方と設定方法 解説セミナー
byNGINX, Inc.
 
PDF
【NGINXセミナー】API ゲートウェイとしてのNGINX Plus活用方法
byNGINX, Inc.
 
PPTX
Get Hands-On with NGINX and QUIC+HTTP/3
byNGINX, Inc.
 
PPTX
Managing Kubernetes Cost and Performance with NGINX & Kubecost
byNGINX, Inc.
 
PDF
Manage Microservices Chaos and Complexity with Observability
byNGINX, Inc.
 
PDF
Accelerate Microservices Deployments with Automation
byNGINX, Inc.
 
PDF
Unit 2: Microservices Secrets Management 101
byNGINX, Inc.
 
PDF
Unit 1: Apply the Twelve-Factor App to Microservices Architectures
byNGINX, Inc.
 
PDF
NGINX基本セミナー(セキュリティ編)~NGINXでセキュアなプラットフォームを実現する方法!
byNGINX, Inc.
 
PDF
Easily View, Manage, and Scale Your App Security with F5 NGINX
byNGINX, Inc.
 
PDF
NGINXセミナー(基本編)~いまさら聞けないNGINXコンフィグなど基本がわかる!
byNGINX, Inc.
 
PDF
Keep Ahead of Evolving Cyberattacks with OPSWAT and F5 NGINX
byNGINX, Inc.
 
PPTX
Install and Configure NGINX Unit, the Universal Application, Web, and Proxy S...
byNGINX, Inc.
 
PPTX
Protecting Apps from Hacks in Kubernetes with NGINX
byNGINX, Inc.
 
PPTX
NGINX Kubernetes API
byNGINX, Inc.
 
PPTX
Successfully Implement Your API Strategy with NGINX
byNGINX, Inc.
 
PPTX
Shift Left for More Secure Apps with F5 NGINX
byNGINX, Inc.
 
PPTX
How to Avoid the Top 5 NGINX Configuration Mistakes.pptx
byNGINX, Inc.
 
PDF
Kubernetes環境で実現するWebアプリケーションセキュリティ
byNGINX, Inc.
 
【NGINXセミナー】 Ingressを使ってマイクロサービスの運用を楽にする方法
byNGINX, Inc.
 
【NGINXセミナー】 NGINXのWAFとは?その使い方と設定方法 解説セミナー
byNGINX, Inc.
 
【NGINXセミナー】API ゲートウェイとしてのNGINX Plus活用方法
byNGINX, Inc.
 
Get Hands-On with NGINX and QUIC+HTTP/3
byNGINX, Inc.
 
Managing Kubernetes Cost and Performance with NGINX & Kubecost
byNGINX, Inc.
 
Manage Microservices Chaos and Complexity with Observability
byNGINX, Inc.
 
Accelerate Microservices Deployments with Automation
byNGINX, Inc.
 
Unit 2: Microservices Secrets Management 101
byNGINX, Inc.
 
Unit 1: Apply the Twelve-Factor App to Microservices Architectures
byNGINX, Inc.
 
NGINX基本セミナー(セキュリティ編)~NGINXでセキュアなプラットフォームを実現する方法!
byNGINX, Inc.
 
Easily View, Manage, and Scale Your App Security with F5 NGINX
byNGINX, Inc.
 
NGINXセミナー(基本編)~いまさら聞けないNGINXコンフィグなど基本がわかる!
byNGINX, Inc.
 
Keep Ahead of Evolving Cyberattacks with OPSWAT and F5 NGINX
byNGINX, Inc.
 
Install and Configure NGINX Unit, the Universal Application, Web, and Proxy S...
byNGINX, Inc.
 
Protecting Apps from Hacks in Kubernetes with NGINX
byNGINX, Inc.
 
NGINX Kubernetes API
byNGINX, Inc.
 
Successfully Implement Your API Strategy with NGINX
byNGINX, Inc.
 
Shift Left for More Secure Apps with F5 NGINX
byNGINX, Inc.
 
How to Avoid the Top 5 NGINX Configuration Mistakes.pptx
byNGINX, Inc.
 
Kubernetes環境で実現するWebアプリケーションセキュリティ
byNGINX, Inc.
 

Recently uploaded

PDF
Track Phone Location via Number (2026)_ What Actually Works, What’s a Scam, a...
byEmily Woods
 
PDF
Rustici Software: eLearning standards in the age of AI
byRustici Software
 
PDF
Post-Hackathon-Learnings-Maximizing-Impact-Beyond-the-Event.pdf
byishantyadav1111
 
PDF
Adapt.com Seed Fundraising Deck | The AI Computer for Business
byashley459565
 
PDF
Writing GPU-Ready AI Models in Pure Java with Babylon
byAna-Maria Mihalceanu
 
PDF
Mount File Systems using UUID and Label - RHCSA (RH134).pdf
byLinuxCert Guru
 
PDF
OpenCharacter AI Reviews: Features, Plans, and Best Alternative
byOpenCharacter AI
 
PDF
Startup Formation Collapses While Acquisition Activity Hits New High!
byMemoori
 
PPTX
Introduction to Artificial Intelligence (AI).pptx
byammar414783
 
PDF
How to build hackthon projects from ZERO!
byishantyadav1111
 
PDF
Poročilo odbora CIS (CH08873) za leto 2025 na letni skupščini IEEE Slovenija ...
byUniversity of Maribor
 
PPTX
TechSprint WinterHack — Top 10 Teams Pitching Session we are excited for pit...
bybajpaitusharoffon678
 
PPTX
TechSprint (SJBIT) 2025-26 Hackathon Winners & Awards Ceremony
bysuhasspgdg
 
PDF
What Is the Azure AI Foundry and Why Does It Matter for Enterprises?
byjohncarterjn
 
PDF
From DeFi POC to Production MVP - A 12-16 Week Blueprint.pdf
byniahiggins21
 
PPTX
2026 SCORM Troubleshooting Rustici + dominKnow.pptx
byRustici Software
 
PDF
The Emergence of Empathic XR: AWE Asia 2026 keynote
byMark Billinghurst
 
PDF
The Manifesto for AI-enabled Governance !
byYannis Charalabidis
 
PDF
Safer’s Picks: The 5 FME Transformers You Didn’t Know You Needed
bySafe Software
 
PDF
CI CD Observability, Metrics and DORA - Shifting Left and Cleaning Up! - Febr...
byPeter Souter
 
Track Phone Location via Number (2026)_ What Actually Works, What’s a Scam, a...
byEmily Woods
 
Rustici Software: eLearning standards in the age of AI
byRustici Software
 
Post-Hackathon-Learnings-Maximizing-Impact-Beyond-the-Event.pdf
byishantyadav1111
 
Adapt.com Seed Fundraising Deck | The AI Computer for Business
byashley459565
 
Writing GPU-Ready AI Models in Pure Java with Babylon
byAna-Maria Mihalceanu
 
Mount File Systems using UUID and Label - RHCSA (RH134).pdf
byLinuxCert Guru
 
OpenCharacter AI Reviews: Features, Plans, and Best Alternative
byOpenCharacter AI
 
Startup Formation Collapses While Acquisition Activity Hits New High!
byMemoori
 
Introduction to Artificial Intelligence (AI).pptx
byammar414783
 
How to build hackthon projects from ZERO!
byishantyadav1111
 
Poročilo odbora CIS (CH08873) za leto 2025 na letni skupščini IEEE Slovenija ...
byUniversity of Maribor
 
TechSprint WinterHack — Top 10 Teams Pitching Session we are excited for pit...
bybajpaitusharoffon678
 
TechSprint (SJBIT) 2025-26 Hackathon Winners & Awards Ceremony
bysuhasspgdg
 
What Is the Azure AI Foundry and Why Does It Matter for Enterprises?
byjohncarterjn
 
From DeFi POC to Production MVP - A 12-16 Week Blueprint.pdf
byniahiggins21
 
2026 SCORM Troubleshooting Rustici + dominKnow.pptx
byRustici Software
 
The Emergence of Empathic XR: AWE Asia 2026 keynote
byMark Billinghurst
 
The Manifesto for AI-enabled Governance !
byYannis Charalabidis
 
Safer’s Picks: The 5 FME Transformers You Didn’t Know You Needed
bySafe Software
 
CI CD Observability, Metrics and DORA - Shifting Left and Cleaning Up! - Febr...
byPeter Souter
 

NGINX Installation and Tuning

  • 1.
    NGINX Installation and Tuning Introduced by Andrew Alexeev Presented by Owen Garrett Nginx, Inc.
  • 2.
    About this webinar You’re ready to make your applications more responsive, scalable, fast and secure. Then it’s time to get started with NGINX. In this webinar, you will learn how to install NGINX from a package or from source onto a Linux host. We’ll then look at some common operating system tunings you could make to ensure your NGINX install is ready for prime time.
  • 3.
    Agenda • InstallingNGINX – Installation source, NGINX features • Tuning NGINX – Operating System tuning – NGINX software tuning • Benchmarking NGINX We’re covering a lot of material. Please feel free to take screenshots and read up afterwards.
  • 4.
  • 5.
    What can NGINXdo for you? Internet N Web Server Serve content from disk Application Gateway FastCGI, uWSGI, Passenger… Proxy HTTP traffic Caching, Load Balancing… Application Acceleration SSL and SPDY termination Performance Monitoring High Availability Advanced Features: Bandwidth Management Content-based Routing Request Manipulation Response Rewriting Authentication Video Delivery Mail Proxy GeoLocation
  • 6.
    Deployment Plan Determinethe functionality you’ll need from NGINX: • Authentication • Proxy to API gateways • GZIP • GeoIP • etc. etc. Modules list at nginx.org
  • 7.
    Three questions beforeinstalling NGINX 1. What functionality do you require? • Standard modules • NGINX Plus functionality • Optional NGINX and third-party modules 3. How do you want to install? • “Official” NGINX packages (nginx.org) • Build from Source • From Operating System repository • From Amazon AWS Marketplace 2. What branch do you want to track? • Mainline (1.7) • Stable (1.6) • Something older? http://nginx.com/blog/ngi nx-1-6-1-7-released/
  • 8.
    Recommended Install 1.Standard modules (nginx.org) or NGINX Plus 2. Mainline (1.7) 3. Install from nginx.org or nginx-plus repository nginx.org builds do not include: • Modules with complex 3rd-party dependencies: • GeoIP, Image_Filter, Perl, XSLT • Modules that are part of NGINX Plus • Third-party modules e.g. Lua, Phusion Passenger http://nginx.com/products/technical-specs/
  • 9.
    Difference between NGINXand NGINX Plus http://nginx.com/products/feature-matrix/ NGINX • High-performance, open source web server and accelerating proxy. • Community support through mailing lists on nginx.org, stackoverflow, subject experts etc. NGINX Plus • Adds Enterprise Load Balancing and Application Delivery features. • Full support and updates from NGINX Inc., the team who built and manage NGINX.
  • 10.
  • 11.
    Installation process $wget http://nginx.org/keys/nginx_signing.key $ sudo apt-key add nginx_signing.key # cat > /etc/apt/sources.list.d/nginx.list deb http://nginx.org/packages/mainline/ubuntu/ trusty nginx deb-src http://nginx.org/packages/mainline/ubuntu/ trusty nginx # apt-get update # apt-cache policy nginx nginx: Installed: (none) Candidate: 1.7.0-1~trusty Version table: 1.7.0-1~trusty 0 500 http://nginx.org/packages/mainline/ubuntu/ trusty/nginx amd64 Packages 1.4.6-1ubuntu3 0 500 http://us.archive.ubuntu.com/ubuntu/ trusty/main amd64 Packages http://nginx.org/en/linux_packages.html#mainline
  • 12.
    Verify that itis working # /etc/init.d/nginx status * nginx is running # /usr/sbin/nginx –v nginx version: nginx/1.7.0
  • 13.
    TUNING NGINX #1:UNDERSTAND WHAT’S HAPPENING
  • 14.
  • 15.
  • 16.
    Other tools •tcpdump / wireshark • Chrome dev tools • System log (dmesg –c)
  • 17.
    TUNING NGINX: #2:TUNING THE OPERATING SYSTEM
  • 18.
    Tuning the operatingsystem • Basic tunables: – Backlog queue: limits number of pending connections – File descriptors: limit number of active connections – Ephemeral ports: limit number of upstream connections
  • 19.
    Configuring Tunables -HOWTO • /proc: # echo "1" > /proc/sys/net/ipv4/tcp_syncookies • sysctl.conf: # vi /etc/sysctl.conf # Prevent against the common 'syn flood attack' net.ipv4.tcp_syncookies = 1 # sysctl –p
  • 20.
    The Backlog Queue • What happens when a connection is received? – SYN / SYNACK [syn_backlog queue] or syncookie – ACK [listen backlog queue] / NGINX:accept() – net.ipv4.tcp_max_syn_backlog – net.ipv4.tcp_syncookies – net.core.somaxconn • NGINX: listen backlog=1024 – net.core.netdev_max_backlog
  • 21.
    File Descriptors •What happens when a connection is processed? File descriptors are the key resource – estimate 2 per connection. – fs.file_max – /etc/security/limits.conf – worker_rlimit_nofile 200000;
  • 22.
    Ephemeral Ports •What happens when NGINX proxies connections? Each TCP connection requires a unique 4-tuple: [src_ip:src_port, dst_ip:dst_port] Ephemeral port range and lifetime: – net.ipv4.ip_local_port_range – net.ipv4.tcp_fin_timeout
  • 23.
    Keep checking kernelmessages # dmesg -c # tail -f /var/log/kern.log
  • 24.
    TUNING NGINX: #3:TUNING THE SOFTWARE
  • 25.
    Tuning NGINX #1:You don’t need to “tune” very much #2: Don’t tune just for a benchmark #3: Use our Prof Services team to help
  • 26.
    Common tunings worker_processesauto; – set to ‘auto’ or higher worker_connections – set to less than file descriptor count. accept_mutex: disable for busy services
  • 27.
    The proxy shoulduse keepalives Close TCP Connection (two-way handshake) Open TCP Connection (three-way handshake) Write HTTP request Read HTTP response Wait (timeout) NGINX or server closes the connection NGINX re-uses connection for another request server { listen 80; location / { proxy_pass http://backend; proxy_http_version 1.1; proxy_set_header Connection ""; } } upstream backend { server webserver1 max_conns=256; server webserver2 max_conns=256; queue 4096 timeout=15s; # maintain a maximum of 20 idle connections to each upstream server keepalive 20; }
  • 28.
  • 29.
    Why benchmark NGINX? 1. To find how fast NGINX can go 2. To tune NGINX for your workload 3. To find where the bottlenecks are 4. All of the above
  • 30.
  • 31.
    In conclusion: •Install from the nginx repo – NGINX or NGINX Plus • Basic tuning and configuration – dmesg / kern.log • Benchmark / stress test http://nginx.com/ • NGINX Professional Services and Training
  • 33.

Editor's Notes

  • #6 Does a lot of things… can sit at the center of your web infrastructure… worthwhile building a deployment plan
  • #7 Deployment plan will identify how many, where they are installed, what features are needed and will help to construct the configuration
  • #12 It’s a mess…. When I run apt-cache search nginx on Ubuntu14.04 with the nginx repo, I get 30 hits, 14 of which are nginx installation candidates. Only two of these are the ‘official’ nginx binaries
  • #27 accept_mutex; is on by default, should be off to reduce delay in accepts worker_processes; always auto. default 1. large amounts of diskio - set to larger than number of CPUs. e.g. consider wa column in vmstat, but be aware of other workloads on host keepalive_timeout; 75 seconds (check tcp keepalive) keepalive; (keepalive connection cache) how many sim conns can backend support? worker_connections - must be less than number of open files per process. will see message in error log if exceeded “worker_connections are not enough”. Should be a little less than number of fds per process
  • #28 Config in blue is nginx plus only
  • #30 Answer – to stress-test to determine where the problems are and address them with additional tuning where possible. You can’t rely on benchmark results to indicate real-world performance