nginxのパフォーマンスチューニング

5d74d743eabd2bf7d4d2f68b9d3c727d?s=47 Tatsuhiko Kubo
June 02, 2015
Technology
68
18k

 nginxのパフォーマンスチューニング

@shibuya.pm#17

5d74d743eabd2bf7d4d2f68b9d3c727d?s=128

Tatsuhiko Kubo

June 02, 2015
Tweet

Want more?

5d74d743eabd2bf7d4d2f68b9d3c727d?s=48 cubicdaiya
0
250
5d74d743eabd2bf7d4d2f68b9d3c727d?s=48 cubicdaiya
3
14k
5d74d743eabd2bf7d4d2f68b9d3c727d?s=48 cubicdaiya
4
2.5k
3ab1249be442027903e1180025340b3f?s=48 reverentgeek
2
180
A9a491b0fcbe0fbce3d64063a37add99?s=48 rmw
1
88
766b9746b59e6f09e280cd33cf4ed419?s=48 skipperchong
0
80
61857dafbd287b3027c4dcea9008ad3c?s=48 carmenhchung
5
170
06f8b41980eb4c577fa40c41d5030c19?s=48 keathley
5
170
C0390e8b11079f8761c0cd3274ed61cb?s=48 productmarketing
2
230
C35e01544a0dd94a2cf1619ee8a42ebb?s=48 clairelew
2
450
6bb82b13cda86d3b821fa44100335ddf?s=48 thoeni
1
120
B3ace07412a5178ea778e7eec161fc0a?s=48 jcasabona
4
200

Transcript

  1. 1.

    nginxͷύϑΥʔϚϯενϡʔχϯά Tatsuhiko Kubo@cubicdaiya Shibuya.pm#17@2015/06/02

  2. 2.

    @cubicdaiya / Tatsuhiko Kubo w 4PGUXBSF&OHJOFFSJO*OGSBTUSVDUVSF &OHJOFFSJOH!.FSDBSJ *OD w "VUIPSPGOHJOYCVJME

    w OHJOYSEQBSUZNPEVMFEFWFMPQFS w OHY@TNBMM@MJHIU OHY@EZOBNJD@VQTUSFBN FUDʜ w 'BWPSJUFT(P $ -VB OHJOY OHY@MVB
  3. 3.

    ੲnginxͷಛूهࣄΛॻ͖·ͨ͠

  4. 4.

    mozaic.fm#18ʹήετग़ԋ͠·ͨ͠ IUUQNP[BJDGN

  5. 5.

    Agenda w OHJOYͷجຊతͳνϡʔχϯά w OHJOYͱIPͷϕϯνϚʔΫ w ߲໨ผνϡʔχϯά w H[JQѹॖ w

    όοϑΝϦϯά w )5514
  6. 6.

    nginx.conf w σϑΥϧτͩͱอकతͳઃఆ͕ଟ͍ w ͋ΒΏΔ؀ڥͰಈ࡞͢ΔΑ͏ʹߟྀ͞ΕͯΔ w σΟϨΫςΟϒͨ͘͞Μ w OHY@DPSF@NPEVMF͚ͩͰݸҎ্

  7. 7.

    core functionality w XPSLFS@QSPDFTTFT w ϫʔΧϓϩηε਺ w XPSLFS@DPOOFDUJPOT w ϫʔΧຖͷ࠷େ઀ଓ਺

    w XPSLFS@SMJNJU@OPpMF w ϫʔΧϓϩηε͕PQFOͰ͖ΔGEͷ࠷େ਺
  8. 8.

    σϑΥϧτ஋ XPSLFS@QSPDFTTFT FWFOUT\ XPSLFS@DPOOFDUJPOT ^ XPSLFS@SMJNJU@OPpMFͷσϑΥϧτ஋͸04ґଘ

  9. 9.

    worker_processes w $16ͷίΞ਺Λ໨҆ʹ w BVUPʹ͢Δͱࣗಈతʹ$16ίΞ਺ͷϫʔΧʔϓ ϩηε͕ىಈ͢Δ w ઀ଓ਺ʹԠͯ͡େ͖͘͢Δ w $16ό΢ϯυʹͳΓͦ͏ͳΒ͞Βʹେ͖Ίʹ͢Δ

    w FHOHY@TNBMM@MJHIU OHY@MVB
  10. 10.

    worker_connections w ௨ৗ͸਺ઍ ʙ Ͱे෼ w ສ୯ҐͰ΋͍͚ͦ͏͚ͩͲ΍ͬͨ͜ͱͳ͍ w XPSLFS@QSPDFTTFTͱηοτͰߟ͑Δ w

    ϓϩΩγઌͷ઀ଓ਺΋ؚ·ΕΔ఺ʹ஫ҙ
  11. 11.

    worker_rlimit_nofile w ϫʔΧϓϩηε͕ΦʔϓϯͰ͖ΔGEͷ࠷େ਺ w XPSLFS@DPOOFDUJPOTΑΓ΋༏ઌ͞ΕΔͷͰ஫ҙ XPSLFS@SMJNJU@OPpMF

  12. 12.

    νϡʔχϯάܥσΟϨΫςΟϒ(Ұ෦) w TFOEpMF w LFFQBMJWF@UJNFPVU w PQFO@pMF@DBDIF w UDQ@OPEFMBZ w

    UDQ@OPQVTI w MJTUFO
  13. 13.

    sendfile w TFOpMFγεςϜίʔϧͷ༗ޮԽ w σϑΥϧτͩͱແޮ TFOEpMFPO

  14. 14.

    keepalive_timeout w ΫϥΠΞϯτͱͷΩʔϓΞϥΠϒ઀ଓͷ λΠϜΞ΢τ஋ LFFQBMJWF@UJNFPVUT

  15. 15.

    open_file_cache w Ұ౓։͍ͨϑΝΠϧ৘ใΛΩϟογϡ w ϑΝΠϧͷGEɺαΠζɺߋ৽೔࣌ PQFO@pMF@DBDIFNBYJOBDUJWFT

  16. 16.

    tcp_nodelay w 5$1@/0%&-":Φϓγϣϯͷ༗ޮԽ w σϑΥϧτͰ༗ޮ w /BHMFΞϧΰϦζϜΛېࢭ UDQ@OPEFMBZPO

  17. 17.

    tcp_nopush w 5$1@/0164)Φϓγϣϯͷ༗ޮԽ w -JOVYͩͱ5$1@$03,Φϓγϣϯ w TFOEpMF༗ޮ࣌ͷΈར༻Մೳ UDQ@OPQVTIPO

  18. 18.

    TCP_NODELAYͱTCP_NOPUSH w ͜ͷೋͭ͸ຊདྷ૬൓͢Δಈ࡞Λ͢Δ w 5$1@/0%&-": w ύέοτΛͰ͖Δ͚ͩଈ࠲ʹૹ৴͢Δ w 5$1@/0164) w

    ύέοτΛͰ͖Δ͚ͩ·ͱΊͯૹ৴͢Δ w OHJOY͸྆ํ૊Έ߹ΘͤՄೳ ཁTFOEpMF  w ·ͣɺύέοτૹ৴Λ5$1@/0164)Ͱ஗Ԇͤ͞Δ 5$1@/0164)ΛPGG5$1@/0%&-":Ͱϑϥογϡ
  19. 19.

    listen ύϥϝʔλଟ͗͢

  20. 20.

    ύϑΥʔϚϯεʹӨڹ͢Δ ओͳlistenύϥϝʔλ w TQEZ41%:Λ༗ޮʹ͢Δ w CBDLMPH/MJTUFOͷόοΫϩά਺ w OFUDPSFTPNBYDPOO౳΋๨Εͣʹ w GBTUPQFO/5$1'BTU0QFO

    w SFVTFQPSU40@3&64&1035Λ༗ޮʹ͢Δ
  21. 21.

    nginxͱh2oͷϕϯνϚʔΫ w DYMBSHFPO&$ w IPBMQIB w OHJOY w XSLͰϕϯνϚʔΫ w

    XSLDUEIUUQ
  22. 22.

    h2o.conf(࠷దԽલ) MJTUFO IPTUT  QBUIT  pMFEJSVTSMPDBMOHJOYIUNM

  23. 23.

    h2o.conf(࠷దԽޙ) OVNUISFBET OVNOBNFSFTPMVUJPOUISFBET NBYDPOOFDUJPOT MJTUFO IPTUT  QBUIT  pMFEJSVTSMPDBMOHJOYIUNM

  24. 24.

    nginx.conf(࠷దԽલ) XPSLFS@QSPDFTTFT FWFOUT\ XPSLFS@DPOOFDUJPOT ^ IUUQ\ JODMVEFNJNFUZQFT EFGBVMU@UZQFBQQMJDBUJPOPDUFUTUSFBN BDDFTT@MPHPGG TFOEpMFPO

    LFFQBMJWF@UJNFPVU TFSWFS\ MJTUFO TFSWFS@OBNFMPDBMIPTU MPDBUJPO\ SPPUIUNM JOEFYJOEFYIUNMJOEFYIUN ^ ^ ^
  25. 25.

    nginx.conf(࠷దԽޙ) XPSLFS@QSPDFTTFT FWFOUT\ XPSLFS@DPOOFDUJPOT BDDFQU@NVUFY@EFMBZNT ^ IUUQ\ JODMVEFNJNFUZQFT EFGBVMU@UZQFBQQMJDBUJPOPDUFUTUSFBN BDDFTT@MPHPGG

    TFOEpMFPO PQFO@pMF@DBDIFNBYJOBDUJWFT UDQ@OPQVTIPO LFFQBMJWF@UJNFPVU TFSWFS\ MJTUFO TFSWFS@OBNFMPDBMIPTU MPDBUJPO\ SPPUIUNM JOEFYJOEFYIUNMJOEFYIUN ^ ^ ^
  26. 26.

    nginxͱh2oͷϕϯνϚʔΫ SFRT SFRTFD XSLDUEIUUQ

  27. 27.

    nginxͱgzipѹॖ w H[JQH[JQѹॖΛ༗ޮʹ͢Δ w H[JQ@UZQFTH[JQѹॖର৅ͷ$POUFOU5ZQF w H[JQ@DPNQ@MFWFMH[JQͷѹॖϨϕϧ w H[JQ@TUBUJDH[JQѹॖࡁΈϑΝΠϧͷ഑৴ w

    HVO[JQH[JQղౚ
  28. 28.

    gzipѹॖͷઃఆྫ H[JQPO H[JQ@DPNQ@MFWFM H[JQ@UZQFTUFYUDTT UFYUKBWBTDSJQU BQQMJDBUJPOKBWBTDSJQU BQQMJDBUJPOKTPO

  29. 29.

    nginxͱgzipѹॖ w ੩తίϯςϯπͷH[JQѹॖ͸ੵۃతʹ͢΂͖ w $16ͷΦʔόʔϔουΑΓ΋ωοτϫʔΫͷ ϨΠςϯγͷํ͕͸Δ͔ʹେ͖͍ w $16Ϧιʔεͷফඅྔ͕ແࢹͰ͖ͳ͍৔߹ w H[JQ@TUBUJDͰH[JQѹॖࡁΈϑΝΠϧΛ഑৴

  30. 30.

    gzip_staticͷઃఆྫ YYY DTTcKT H[͕ଘࡏͨ͠ΒͦΕΛͦͷ··഑৴ ΫϥΠΞϯτ͕H[JQѹॖΛαϙʔτ͍ͯ͠ͳ͍৔߹͸H[ϑΝΠϧΛల։ͯ͠഑৴ MPDBUJPOd = DTTcKT \ H[JQ@TUBUJDBMXBZT

    HVO[JQPO ^
  31. 31.

    zopfliͰ͞Βʹѹॖ w EFqBUFޓ׵ͷѹॖΞϧΰϦζϜπʔϧ w IUUQTHJUIVCDPNHPPHMF[PQqJ w [PQqJͰѹॖͨ͠΋ͷ͸HVO[JQՄೳ w ѹॖ཰͕ߴ͍෼ɺѹॖʹ͔͔Δ͕࣌ؒ௕͍ w

    ࣄલʹѹॖ͢ΔͷͰ໰୊ʹͳΒͳ͍
  32. 32.

    nginxͱόοϑΝϦϯά w DMJFOU@CPEZ@CVGGFS@TJ[F w QSPYZ@CVGGFS@TJ[F w QSPYZ@CVGGFST w QSPYZ@CVGGFSJOH w

    QSPYZ@SFRVFTU@CVGGFSJOH w FUDʜ
  33. 33.

    όοϑΝϦϯάͷOn/Off w QSPYZ@CVGGFSJOH EFGBVMUPO  w FHετϦʔϛϯά૬౰ͷॲཧΛ͢Δࡍʹ PGGʹ͢Δ͔ݕ౼ w QSPYZ@SFRVFTU@CVGGFSJOH

    EFGBVMUPO  w FHେ͖ͳϑΝΠϧͷΞοϓϩʔυ͕ൃੜ͢Δࡍ ʹPGGʹ͢Δ͔ݕ౼ ಛʹཧ༝͕ͳ͍ݶΓσϑΥϧτͰ0,
  34. 34.

    όοϑΝϦϯάͱI/O w OHJOYͷ֤όοϑΝͷαΠζ͸ൺֱతখ͞Ί w େମ਺,#ఔ౓ w όοϑΝ͕଍Γͳ͘ͳΔͱσΟεΫʹॻ͖ग़͢ w όοϑΝαΠζΛௐ੔PSUNQGTΛར༻

  35. 35.

    όοϑΝϦϯάͱtmpfs ϦΫΤετϘσΟͷॻ͖ग़͠ઌ DMJFOU@CPEZ@UFNQ@QBUIEFWTINDCU ϓϩΩγઌϨεϙϯεϘσΟͷॻ͖ग़͠ઌ QSPYZ@UFNQ@QBUIEFWTINQU ɾ ɾ ɾ

  36. 36.

    HTTPSؔ࿈ͷνϡʔχϯά w 5-44FTTJPO$BDIF w 5-44FTTJPO5JDLFUT w 0$414UBQMJOH w 41%: w

    0QUJNJ[JOHUIF5-4SFDPSETJ[F
  37. 37.

    TLS Session Cache w 5-4ϋϯυγΣΠΫͷηογϣϯΛαʔόʹ Ωϟογϡ w OHJOYͰ͸ڞ༗ϝϞϦ্ͷอଘ͞ΕΔ w ࣍ճͷ5-4ϋϯυγΣΠΫΛলུ

  38. 38.

    TLS Session Cache with nginx TTM@TFTTJPO@DBDIFTIBSFE44-N TTM@TFTTJPO@UJNFPVUN

  39. 39.

    TLS Session Tickets w ҉߸Խͨ͠ηογϣϯ νέοτ ΛΫϥΠΞϯτ ʹ౉͢ w νέοτΛݩʹ5-4ηογϣϯΛ࠶։

    w )5514αʔόෳ਺୆ͰηογϣϯΛڞ༗
  40. 40.

    TLS Session Tickets with nginx TTM@TFTTJPO@UJDLFUTPO TTM@TFTTJPO@UJDLFU@LFZFUDOHJOYTTMUJDLFULFZ

  41. 41.

    OCSP Stapling w 0$41ʹΑΔ44-ূ໌ॻͷࣦޮ֬ೝΛαʔόଆ ͰߦͬͯΩϟογϡ w ΫϥΠΞϯτଆͰ΍Δͱ5-4ϋϯυγΣΠΫ࣌ ʹϨΠςϯγൃੜ

  42. 42.

    OCSP Stapling with nginx TTM@TUBQMJOHPO TTM@TUBQMJOH@WFSJGZPO TTM@USVTUFE@DFSUJpDBUFFUDOHJOYTTMDFSUDSU SFTPMWFSYYYYYYYYYYYYWBMJET SFTPMWFS@UJNFPVUT

  43. 43.

    SPDY with nginx MJTUFOTTMTQEZ

  44. 44.

    Optimizing the TLS-record size w 5-4Ͱ͸ҰఆαΠζຖʹ௨৴಺༰Λ҉߸Խ͢Δ ௨শ 5-4SFDPSE  w

    TTM@CVGGFS@TJ[F EFGBVMUL  w ,#ͩͱେ͖͗ͯ͢৽ن5$1઀ଓ࣌ͷ355͕૿Ճ w Ұൠతͳ8FCαΠτͳΒখ͍͞΄͏͕͍͍ w 55'# 5JNF5P'JSTU#ZUF վળʹޮՌ͋Γ TTM@CVGGFS@TJ[FL
  45. 45.

    ·ͱΊ w OHJOY͸ύϑΥʔϚϯεʹӨڹ͢ΔσΟϨΫςΟϒ ͕ͨ͘͞Μ͋Δ w σϑΥϧτઃఆ͸ׂͱอकత ແޮͳ΋ͷ΋ଟ͍  w H[JQѹॖ͸ੵۃతʹ

    w όοϑΝͷαΠζͱϑΝΠϧ*0ͷؔ܎ʹ஫ҙ w )5514͸͍Ζ͍Ζͱ࠷దԽ߲໨͋Δ
  46. 46.

    ࢀߟจݙ / URL w OHJOYEPDVNFOUBUJPO w IUUQOHJOYPSHFOEPDT w 4FDVSJUZ4FSWFS4JEF5-4 w

    IUUQTXJLJNP[JMMBPSH4FDVSJUZ4FSWFS@4JEF@5-4 w 44-5-4҉߸ઃఆΨΠυϥΠϯ w IUUQXXXJQBHPKQTFDVSJUZWVMOTTM@DSZQU@DPOpHIUNM w 0QUJNJ[JOH/(*/95-45JNF5P'JSTU#ZUF 55'#  w IUUQTXXXJHWJUBDPNPQUJNJ[JOHOHJOYUMTUJNFUPpSTUCZUF
  47. 47.

    ࢀߟจݙ / URL w /(*/9015*.*;"5*0/6/%&345"/%*/( 4&/%'*-& 5$1@/0%&-":"/%5$1@/0164) w IUUQTUOFUOHJOYPQUJNJ[BUJPOVOEFSTUBOEJOHTFOEpMFUDQ@OPEFMBZBOE UDQ@OPQVTIIUNM

    w զʑ͸ͲͷΑ͏ʹͯ҆͠શͳ)5514௨৴Λఏڙ͢Ε͹ྑ͍͔ w IUUQRJJUBDPNIBSVLBTBOJUFNTGFGCBCBDBGG w )JHI1FSGPSNBODF#SPXTFS/FUXPSLJOH w 0`3FJMMZ *MZB(SJHPSJL
  48. 48.

    w OHJOYͷύϥϝʔλνϡʔχϯάͱIP w IUUQRJJUBDPNDVCJDEBJZBJUFNTEDFDCF w OHJOYύϑΥʔϚϯενϡʔχϯάʙ੩తίϯςϯπ഑৴ฤʙ w IUUQRJJUBDPNDVCJDEBJZBJUFNTCBBCEEE w OHJOYͷϦΫΤετϘσΟͷόοϑΝϦϯάʹؔ͢Δ໰୊ͱͦͷվળࡦ

    w IUUQRJJUBDPNDVCJDEBJZBJUFNTGFFE ࢀߟจݙ / URL
  49. 49.

    ࠷ޙʹએ఻

  50. 50.

    YAPC::Asia Tokyo2015 ͷτʔΫʹԠื͠·ͨ͠ IUUQZBQDBTJBPSHUBMLTIPXBGGFBGCCEDB ࣮ફOHJOYϞδϡʔϧ։ൃʙ$ͱ-VBʙ