nginxarchitecture
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
nginxarchitecture [2016/01/16 03:41] – [Nginx Request / Upload Max Body Size (client_max_body_size)] admin | nginxarchitecture [2022/10/29 16:15] (current) – external edit 127.0.0.1 | ||
---|---|---|---|
Line 1: | Line 1: | ||
- | ====== nginx architecture | + | ====== nginx with PHP-FPM |
refer: | refer: | ||
* http:// | * http:// | ||
Line 28: | Line 28: | ||
===== Optimize nginx configuration for performance and benchmark ===== | ===== Optimize nginx configuration for performance and benchmark ===== | ||
refer: | refer: | ||
+ | * http:// | ||
* http:// | * http:// | ||
* http:// | * http:// | ||
Line 42: | Line 43: | ||
events { | events { | ||
- | worker_connections | + | worker_connections |
multi_accept | multi_accept | ||
use | use | ||
Line 138: | Line 139: | ||
* benchmark load speed from other countries from http:// | * benchmark load speed from other countries from http:// | ||
=> with above benchmarch for static file ab -n 20 -c 4 http:// | => with above benchmarch for static file ab -n 20 -c 4 http:// | ||
+ | ===== PHP-FPM Config and Optimize ===== | ||
+ | refer: | ||
+ | * https:// | ||
+ | * https:// | ||
+ | |||
+ | **global** config for all pools:< | ||
+ | [global] | ||
+ | ; Error log file | ||
+ | ; If it's set to " | ||
+ | ; in a local file. | ||
+ | ; Note: the default prefix is / | ||
+ | ; Default Value: log/ | ||
+ | ;error_log = log/ | ||
+ | |||
+ | ; Log level | ||
+ | ; Possible Values: alert, error, warning, notice, debug | ||
+ | ; Default Value: notice | ||
+ | ;log_level = notice | ||
+ | |||
+ | ; The maximum number of processes FPM will fork. This has been design to control | ||
+ | ; the global number of processes when using dynamic PM within a lot of pools. | ||
+ | ; Use it with caution. | ||
+ | ; Note: A value of 0 indicates no limit | ||
+ | ; Default Value: 0 | ||
+ | ; process.max = 128 | ||
+ | </ | ||
+ | **pool** www config:< | ||
+ | ; Choose how the process manager will control the number of child processes. | ||
+ | ; Possible Values: | ||
+ | ; | ||
+ | ; | ||
+ | ; | ||
+ | ; | ||
+ | ; | ||
+ | ; be alive at the same time. | ||
+ | ; | ||
+ | ; | ||
+ | ; state (waiting to process). If the number | ||
+ | ; of ' | ||
+ | ; number then some children will be created. | ||
+ | ; | ||
+ | ; state (waiting to process). If the number | ||
+ | ; of ' | ||
+ | ; number then some children will be killed. | ||
+ | ; ondemand - no children are created at startup. Children will be forked when | ||
+ | ; new requests will connect. The following parameter are used: | ||
+ | ; | ||
+ | ; can be alive at the same time. | ||
+ | ; | ||
+ | ; an idle process will be killed. | ||
+ | </ | ||
+ | ==== PHP-FPM Global Configuration Tweaks ==== | ||
+ | Set up **emergency_restart_threshold, | ||
+ | emergency_restart_threshold 10 | ||
+ | emergency_restart_interval 1m | ||
+ | process_control_timeout 10s | ||
+ | </ | ||
+ | What this mean? So if **10 PHP-FPM child** processes exit with SIGSEGV or SIGBUS within 1 minute*then **PHP-FPM restart automatically**. This configuration also **sets 10 seconds time limit for child processes to wait for a reaction** on signals from master. | ||
+ | (In some case, the php-fpm child processes full memory and can't process the request, these configurations will automatically restart the php-fpm child processes) | ||
+ | ==== PHP-FPM Pools Configuration ==== | ||
+ | === Basic Config === | ||
+ | Default php-fpm will use pool **[www]** to configuration for all site. In advance, it’s possible to use **different pools** for different sites and **allocate resources very accurately** and even use **different users and groups for every pool**. Following is just example configuration files structure for PHP-FPM pools for three different sites (or actually three different part of same site):< | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | </ | ||
+ | Or config in php-fpm.conf< | ||
+ | ; Relative path can also be used. They will be prefixed by: | ||
+ | ; - the global prefix if it's been set (-p argument) | ||
+ | ; - /onec/php otherwise | ||
+ | ; | ||
+ | </ | ||
+ | Just example configurations for every pool: | ||
+ | * default pool [www](listen on port 9000)< | ||
+ | [www] | ||
+ | |||
+ | ; Per pool prefix | ||
+ | ; It only applies on the following directives: | ||
+ | ; - ' | ||
+ | ; - ' | ||
+ | ; - ' | ||
+ | ; - ' | ||
+ | ; - ' | ||
+ | ; - ' | ||
+ | ; - ' | ||
+ | ; When not set, the global prefix (or /onec/php) applies instead. | ||
+ | ; Note: This directive can also be relative to the global prefix. | ||
+ | ; Default Value: none | ||
+ | ;prefix = / | ||
+ | |||
+ | ; Unix user/group of processes | ||
+ | ; Note: The user is mandatory. If the group is not set, the default user's group | ||
+ | ; will be used. | ||
+ | user = nobody | ||
+ | group = nobody | ||
+ | |||
+ | ; The address on which to accept FastCGI requests. | ||
+ | ; Valid syntaxes are: | ||
+ | ; ' | ||
+ | ; a specific port; | ||
+ | ; ' | ||
+ | ; a specific port; | ||
+ | ; ' | ||
+ | ; specific port; | ||
+ | ; ' | ||
+ | ; (IPv6 and IPv4-mapped) on a specific port; | ||
+ | ; '/ | ||
+ | ; Note: This value is mandatory. | ||
+ | listen = 127.0.0.1: | ||
+ | |||
+ | </ | ||
+ | * / | ||
+ | [site] | ||
+ | listen = 127.0.0.1: | ||
+ | user = site | ||
+ | group = site | ||
+ | request_slowlog_timeout = 5s | ||
+ | slowlog = / | ||
+ | listen.allowed_clients = 127.0.0.1 | ||
+ | pm = dynamic | ||
+ | pm.max_children = 5 | ||
+ | pm.start_servers = 3 | ||
+ | pm.min_spare_servers = 2 | ||
+ | pm.max_spare_servers = 4 | ||
+ | pm.max_requests = 200 | ||
+ | listen.backlog = -1 | ||
+ | pm.status_path = /status | ||
+ | request_terminate_timeout = 120s | ||
+ | rlimit_files = 131072 | ||
+ | rlimit_core = unlimited | ||
+ | catch_workers_output = yes | ||
+ | env[HOSTNAME] = $HOSTNAME | ||
+ | env[TMP] = /tmp | ||
+ | env[TMPDIR] = /tmp | ||
+ | env[TEMP] = /tmp | ||
+ | </ | ||
+ | * / | ||
+ | [blog] | ||
+ | listen = 127.0.0.1: | ||
+ | user = blog | ||
+ | group = blog | ||
+ | request_slowlog_timeout = 5s | ||
+ | slowlog = / | ||
+ | listen.allowed_clients = 127.0.0.1 | ||
+ | pm = dynamic | ||
+ | pm.max_children = 4 | ||
+ | pm.start_servers = 2 | ||
+ | pm.min_spare_servers = 1 | ||
+ | pm.max_spare_servers = 3 | ||
+ | pm.max_requests = 200 | ||
+ | listen.backlog = -1 | ||
+ | pm.status_path = /status | ||
+ | request_terminate_timeout = 120s | ||
+ | rlimit_files = 131072 | ||
+ | rlimit_core = unlimited | ||
+ | catch_workers_output = yes | ||
+ | env[HOSTNAME] = $HOSTNAME | ||
+ | env[TMP] = /tmp | ||
+ | env[TMPDIR] = /tmp | ||
+ | env[TEMP] = /tmp | ||
+ | </ | ||
+ | * / | ||
+ | [forums] | ||
+ | listen = 127.0.0.1: | ||
+ | user = forums | ||
+ | group = forums | ||
+ | request_slowlog_timeout = 5s | ||
+ | slowlog = / | ||
+ | listen.allowed_clients = 127.0.0.1 | ||
+ | pm = dynamic | ||
+ | pm.max_children = 10 | ||
+ | pm.start_servers = 3 | ||
+ | pm.min_spare_servers = 2 | ||
+ | pm.max_spare_servers = 4 | ||
+ | pm.max_requests = 400 | ||
+ | listen.backlog = -1 | ||
+ | pm.status_path = /status | ||
+ | request_terminate_timeout = 120s | ||
+ | rlimit_files = 131072 | ||
+ | rlimit_core = unlimited | ||
+ | catch_workers_output = yes | ||
+ | env[HOSTNAME] = $HOSTNAME | ||
+ | env[TMP] = /tmp | ||
+ | env[TMPDIR] = /tmp | ||
+ | env[TEMP] = /tmp | ||
+ | </ | ||
+ | So this is just example howto configure multiple different size pools. | ||
+ | === Optimize config === | ||
+ | Example Config:< | ||
+ | process.max = 15 | ||
+ | pm.max_children = 100 | ||
+ | pm.start_servers = 10 | ||
+ | pm.min_spare_servers = 5 | ||
+ | pm.max_spare_servers = 15 | ||
+ | pm.max_requests = 1000 | ||
+ | </ | ||
+ | **process.max**: | ||
+ | |||
+ | The configuration variable **pm.max_children** controls the maximum amount of FPM processes that can ever run at the same time. This value can be calculate like this :< | ||
+ | pm.max_children = total RAM - (500MB) / average process memory | ||
+ | </ | ||
+ | * To find the average process memory:< | ||
+ | ps -ylC php-fpm --sort:rss | awk ' | ||
+ | </ | ||
+ | ps -ylC php-fpm --sort:rss | grep php-fpm | wc -l | ||
+ | </ | ||
+ | Avg Memory = Total Memory/ | ||
+ | </ | ||
+ | * Why **500MB** ? Depends **of what is running on your system**, but you want to keep memory for nginx (about 20MB), MySql and others services. | ||
+ | Other configs: | ||
+ | * **pm.start_servers**: | ||
+ | pm.start_servers = (pm.max_spare_servers + pm.min_spare_servers)/ | ||
+ | </ | ||
+ | * **pm.max_requests**: | ||
===== Nginx Security ===== | ===== Nginx Security ===== | ||
refer: | refer: | ||
* List nginx security issues: http:// | * List nginx security issues: http:// | ||
* http:// | * http:// |
nginxarchitecture.1452915691.txt.gz · Last modified: 2022/10/29 16:15 (external edit)