Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
nginxのパフォーマンスチューニング
Search
Tatsuhiko Kubo
June 02, 2015
Technology
70
20k
nginxのパフォーマンスチューニング
@shibuya.pm#17
Tatsuhiko Kubo
June 02, 2015
Tweet
Share
More Decks by Tatsuhiko Kubo
See All by Tatsuhiko Kubo
Handling a tremendous amount of images with Fastly / Yamagoya Traverse 2020
cubicdaiya
2
1.5k
System Integration with Fastly
cubicdaiya
0
620
実例で学ぶ画像最適化集 with ImageFlux / ImageFlux meetup#2
cubicdaiya
4
19k
Software Engineer, Infrastructure
cubicdaiya
4
3.2k
High Performance Count Up!
cubicdaiya
0
360
ImageFluxを利用した画像配信の最適化 / ImageFlux meetup 201801
cubicdaiya
0
3k
Building high performance push notification server in Go
cubicdaiya
5
3.3k
メルカリのデータ分析基盤 / mercari data analysis infrastructure
cubicdaiya
11
12k
On-call Engineering
cubicdaiya
8
6.7k
Other Decks in Technology
See All in Technology
製造業からパッケージ製品まで、あらゆる領域をカバー!生成AIを利用したテストシナリオ生成 / 20250627 Suguru Ishii
shift_evolve
PRO
1
160
怖くない!はじめてのClaude Code
shinya337
0
300
あなたの声を届けよう! 女性エンジニア登壇の意義とアウトプット実践ガイド #wttjp / Call for Your Voice
kondoyuko
4
510
AI専用のリンターを作る #yumemi_patch
bengo4com
4
2k
Fabric + Databricks 2025.6 の最新情報ピックアップ
ryomaru0825
1
160
5min GuardDuty Extended Threat Detection EKS
takakuni
0
180
生成AI時代の開発組織・技術・プロセス 〜 ログラスの挑戦と考察 〜
itohiro73
1
370
本が全く読めなかった過去の自分へ
genshun9
0
710
ネットワーク保護はどう変わるのか?re:Inforce 2025最新アップデート解説
tokushun
0
150
登壇ネタの見つけ方 / How to find talk topics
pinkumohikan
5
590
Claude Code Actionを使ったコード品質改善の取り組み
potix2
PRO
6
2.6k
Connect 100+を支える技術
kanyamaguc
0
150
Featured
See All Featured
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
45
7.5k
[RailsConf 2023] Rails as a piece of cake
palkan
55
5.6k
Building Adaptive Systems
keathley
43
2.6k
Fireside Chat
paigeccino
37
3.5k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
229
22k
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
53
2.8k
The Power of CSS Pseudo Elements
geoffreycrofte
77
5.8k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
32
2.4k
A Tale of Four Properties
chriscoyier
160
23k
Rebuilding a faster, lazier Slack
samanthasiow
82
9.1k
Save Time (by Creating Custom Rails Generators)
garrettdimon
PRO
31
1.3k
Build The Right Thing And Hit Your Dates
maggiecrowley
36
2.8k
Transcript
nginxͷύϑΥʔϚϯενϡʔχϯά Tatsuhiko Kubo@cubicdaiya Shibuya.pm#17@2015/06/02
@cubicdaiya / Tatsuhiko Kubo w 4PGUXBSF&OHJOFFSJO*OGSBTUSVDUVSF &OHJOFFSJOH!.FSDBSJ *OD w "VUIPSPGOHJOYCVJME
w OHJOYSEQBSUZNPEVMFEFWFMPQFS w OHY@TNBMM@MJHIU OHY@EZOBNJD@VQTUSFBN FUDʜ w 'BWPSJUFT(P $ -VB OHJOY OHY@MVB
ੲnginxͷಛूهࣄΛॻ͖·ͨ͠
mozaic.fm#18ʹήετग़ԋ͠·ͨ͠ IUUQNP[BJDGN
Agenda w OHJOYͷجຊతͳνϡʔχϯά w OHJOYͱIPͷϕϯνϚʔΫ w ߲ผνϡʔχϯά w H[JQѹॖ w
όοϑΝϦϯά w )5514
nginx.conf w σϑΥϧτͩͱอकతͳઃఆ͕ଟ͍ w ͋ΒΏΔڥͰಈ࡞͢ΔΑ͏ʹߟྀ͞ΕͯΔ w σΟϨΫςΟϒͨ͘͞Μ w OHY@DPSF@NPEVMF͚ͩͰݸҎ্
core functionality w XPSLFS@QSPDFTTFT w ϫʔΧϓϩηε w XPSLFS@DPOOFDUJPOT w ϫʔΧຖͷ࠷େଓ
w XPSLFS@SMJNJU@OPpMF w ϫʔΧϓϩηε͕PQFOͰ͖ΔGEͷ࠷େ
σϑΥϧτ XPSLFS@QSPDFTTFT FWFOUT\ XPSLFS@DPOOFDUJPOT ^ XPSLFS@SMJNJU@OPpMFͷσϑΥϧτ04ґଘ
worker_processes w $16ͷίΞΛ҆ʹ w BVUPʹ͢Δͱࣗಈతʹ$16ίΞͷϫʔΧʔϓ ϩηε͕ىಈ͢Δ w ଓʹԠͯ͡େ͖͘͢Δ w $16όϯυʹͳΓͦ͏ͳΒ͞Βʹେ͖Ίʹ͢Δ
w FHOHY@TNBMM@MJHIU OHY@MVB
worker_connections w ௨ৗઍ ʙ Ͱे w ສ୯ҐͰ͍͚ͦ͏͚ͩͲͬͨ͜ͱͳ͍ w XPSLFS@QSPDFTTFTͱηοτͰߟ͑Δ w
ϓϩΩγઌͷଓؚ·ΕΔʹҙ
worker_rlimit_nofile w ϫʔΧϓϩηε͕ΦʔϓϯͰ͖ΔGEͷ࠷େ w XPSLFS@DPOOFDUJPOTΑΓ༏ઌ͞ΕΔͷͰҙ XPSLFS@SMJNJU@OPpMF
νϡʔχϯάܥσΟϨΫςΟϒ(Ұ෦) w TFOEpMF w LFFQBMJWF@UJNFPVU w PQFO@pMF@DBDIF w UDQ@OPEFMBZ w
UDQ@OPQVTI w MJTUFO
sendfile w TFOpMFγεςϜίʔϧͷ༗ޮԽ w σϑΥϧτͩͱແޮ TFOEpMFPO
keepalive_timeout w ΫϥΠΞϯτͱͷΩʔϓΞϥΠϒଓͷ λΠϜΞτ LFFQBMJWF@UJNFPVUT
open_file_cache w Ұ։͍ͨϑΝΠϧใΛΩϟογϡ w ϑΝΠϧͷGEɺαΠζɺߋ৽࣌ PQFO@pMF@DBDIFNBYJOBDUJWFT
tcp_nodelay w 5$1@/0%&-":Φϓγϣϯͷ༗ޮԽ w σϑΥϧτͰ༗ޮ w /BHMFΞϧΰϦζϜΛېࢭ UDQ@OPEFMBZPO
tcp_nopush w 5$1@/0164)Φϓγϣϯͷ༗ޮԽ w -JOVYͩͱ5$1@$03,Φϓγϣϯ w TFOEpMF༗ޮ࣌ͷΈར༻Մೳ UDQ@OPQVTIPO
TCP_NODELAYͱTCP_NOPUSH w ͜ͷೋͭຊདྷ૬͢Δಈ࡞Λ͢Δ w 5$1@/0%&-": w ύέοτΛͰ͖Δ͚ͩଈ࠲ʹૹ৴͢Δ w 5$1@/0164) w
ύέοτΛͰ͖Δ͚ͩ·ͱΊͯૹ৴͢Δ w OHJOY྆ํΈ߹ΘͤՄೳ ཁTFOEpMF w ·ͣɺύέοτૹ৴Λ5$1@/0164)ͰԆͤ͞Δ 5$1@/0164)ΛPGG5$1@/0%&-":Ͱϑϥογϡ
listen ύϥϝʔλଟ͗͢
ύϑΥʔϚϯεʹӨڹ͢Δ ओͳlistenύϥϝʔλ w TQEZ41%:Λ༗ޮʹ͢Δ w CBDLMPH/MJTUFOͷόοΫϩά w OFUDPSFTPNBYDPOOΕͣʹ w GBTUPQFO/5$1'BTU0QFO
w SFVTFQPSU40@3&64&1035Λ༗ޮʹ͢Δ
nginxͱh2oͷϕϯνϚʔΫ w DYMBSHFPO&$ w IPBMQIB w OHJOY w XSLͰϕϯνϚʔΫ w
XSLDUEIUUQ
h2o.conf(࠷దԽલ) MJTUFO IPTUT QBUIT pMFEJSVTSMPDBMOHJOYIUNM
h2o.conf(࠷దԽޙ) OVNUISFBET OVNOBNFSFTPMVUJPOUISFBET NBYDPOOFDUJPOT MJTUFO IPTUT QBUIT pMFEJSVTSMPDBMOHJOYIUNM
nginx.conf(࠷దԽલ) XPSLFS@QSPDFTTFT FWFOUT\ XPSLFS@DPOOFDUJPOT ^ IUUQ\ JODMVEFNJNFUZQFT EFGBVMU@UZQFBQQMJDBUJPOPDUFUTUSFBN BDDFTT@MPHPGG TFOEpMFPO
LFFQBMJWF@UJNFPVU TFSWFS\ MJTUFO TFSWFS@OBNFMPDBMIPTU MPDBUJPO\ SPPUIUNM JOEFYJOEFYIUNMJOEFYIUN ^ ^ ^
nginx.conf(࠷దԽޙ) XPSLFS@QSPDFTTFT FWFOUT\ XPSLFS@DPOOFDUJPOT BDDFQU@NVUFY@EFMBZNT ^ IUUQ\ JODMVEFNJNFUZQFT EFGBVMU@UZQFBQQMJDBUJPOPDUFUTUSFBN BDDFTT@MPHPGG
TFOEpMFPO PQFO@pMF@DBDIFNBYJOBDUJWFT UDQ@OPQVTIPO LFFQBMJWF@UJNFPVU TFSWFS\ MJTUFO TFSWFS@OBNFMPDBMIPTU MPDBUJPO\ SPPUIUNM JOEFYJOEFYIUNMJOEFYIUN ^ ^ ^
nginxͱh2oͷϕϯνϚʔΫ SFRT SFRTFD XSLDUEIUUQ
nginxͱgzipѹॖ w H[JQH[JQѹॖΛ༗ޮʹ͢Δ w H[JQ@UZQFTH[JQѹॖରͷ$POUFOU5ZQF w H[JQ@DPNQ@MFWFMH[JQͷѹॖϨϕϧ w H[JQ@TUBUJDH[JQѹॖࡁΈϑΝΠϧͷ৴ w
HVO[JQH[JQղౚ
gzipѹॖͷઃఆྫ H[JQPO H[JQ@DPNQ@MFWFM H[JQ@UZQFTUFYUDTT UFYUKBWBTDSJQU BQQMJDBUJPOKBWBTDSJQU BQQMJDBUJPOKTPO
nginxͱgzipѹॖ w ੩తίϯςϯπͷH[JQѹॖੵۃతʹ͖͢ w $16ͷΦʔόʔϔουΑΓωοτϫʔΫͷ ϨΠςϯγͷํ͕Δ͔ʹେ͖͍ w $16Ϧιʔεͷফඅྔ͕ແࢹͰ͖ͳ͍߹ w H[JQ@TUBUJDͰH[JQѹॖࡁΈϑΝΠϧΛ৴
gzip_staticͷઃఆྫ YYY DTTcKT H[͕ଘࡏͨ͠ΒͦΕΛͦͷ··৴ ΫϥΠΞϯτ͕H[JQѹॖΛαϙʔτ͍ͯ͠ͳ͍߹H[ϑΝΠϧΛల։ͯ͠৴ MPDBUJPOd = DTTcKT \ H[JQ@TUBUJDBMXBZT
HVO[JQPO ^
zopfliͰ͞Βʹѹॖ w EFqBUFޓͷѹॖΞϧΰϦζϜπʔϧ w IUUQTHJUIVCDPNHPPHMF[PQqJ w [PQqJͰѹॖͨ͠ͷHVO[JQՄೳ w ѹॖ͕ߴ͍ɺѹॖʹ͔͔Δ͕͍࣌ؒ w
ࣄલʹѹॖ͢ΔͷͰʹͳΒͳ͍
nginxͱόοϑΝϦϯά w DMJFOU@CPEZ@CVGGFS@TJ[F w QSPYZ@CVGGFS@TJ[F w QSPYZ@CVGGFST w QSPYZ@CVGGFSJOH w
QSPYZ@SFRVFTU@CVGGFSJOH w FUDʜ
όοϑΝϦϯάͷOn/Off w QSPYZ@CVGGFSJOH EFGBVMUPO w FHετϦʔϛϯά૬ͷॲཧΛ͢Δࡍʹ PGGʹ͢Δ͔ݕ౼ w QSPYZ@SFRVFTU@CVGGFSJOH
EFGBVMUPO w FHେ͖ͳϑΝΠϧͷΞοϓϩʔυ͕ൃੜ͢Δࡍ ʹPGGʹ͢Δ͔ݕ౼ ಛʹཧ༝͕ͳ͍ݶΓσϑΥϧτͰ0,
όοϑΝϦϯάͱI/O w OHJOYͷ֤όοϑΝͷαΠζൺֱతখ͞Ί w େମ,#ఔ w όοϑΝ͕Γͳ͘ͳΔͱσΟεΫʹॻ͖ग़͢ w όοϑΝαΠζΛௐPSUNQGTΛར༻
όοϑΝϦϯάͱtmpfs ϦΫΤετϘσΟͷॻ͖ग़͠ઌ DMJFOU@CPEZ@UFNQ@QBUIEFWTINDCU ϓϩΩγઌϨεϙϯεϘσΟͷॻ͖ग़͠ઌ QSPYZ@UFNQ@QBUIEFWTINQU ɾ ɾ ɾ
HTTPSؔ࿈ͷνϡʔχϯά w 5-44FTTJPO$BDIF w 5-44FTTJPO5JDLFUT w 0$414UBQMJOH w 41%: w
0QUJNJ[JOHUIF5-4SFDPSETJ[F
TLS Session Cache w 5-4ϋϯυγΣΠΫͷηογϣϯΛαʔόʹ Ωϟογϡ w OHJOYͰڞ༗ϝϞϦ্ͷอଘ͞ΕΔ w ࣍ճͷ5-4ϋϯυγΣΠΫΛলུ
TLS Session Cache with nginx TTM@TFTTJPO@DBDIFTIBSFE44-N TTM@TFTTJPO@UJNFPVUN
TLS Session Tickets w ҉߸Խͨ͠ηογϣϯ νέοτ ΛΫϥΠΞϯτ ʹ͢ w νέοτΛݩʹ5-4ηογϣϯΛ࠶։
w )5514αʔόෳͰηογϣϯΛڞ༗
TLS Session Tickets with nginx TTM@TFTTJPO@UJDLFUTPO TTM@TFTTJPO@UJDLFU@LFZFUDOHJOYTTMUJDLFULFZ
OCSP Stapling w 0$41ʹΑΔ44-ূ໌ॻͷࣦޮ֬ೝΛαʔόଆ ͰߦͬͯΩϟογϡ w ΫϥΠΞϯτଆͰΔͱ5-4ϋϯυγΣΠΫ࣌ ʹϨΠςϯγൃੜ
OCSP Stapling with nginx TTM@TUBQMJOHPO TTM@TUBQMJOH@WFSJGZPO TTM@USVTUFE@DFSUJpDBUFFUDOHJOYTTMDFSUDSU SFTPMWFSYYYYYYYYYYYYWBMJET SFTPMWFS@UJNFPVUT
SPDY with nginx MJTUFOTTMTQEZ
Optimizing the TLS-record size w 5-4ͰҰఆαΠζຖʹ௨৴༰Λ҉߸Խ͢Δ ௨শ 5-4SFDPSE w
TTM@CVGGFS@TJ[F EFGBVMUL w ,#ͩͱେ͖͗ͯ͢৽ن5$1ଓ࣌ͷ355͕૿Ճ w Ұൠతͳ8FCαΠτͳΒখ͍͞΄͏͕͍͍ w 55'# 5JNF5P'JSTU#ZUF վળʹޮՌ͋Γ TTM@CVGGFS@TJ[FL
·ͱΊ w OHJOYύϑΥʔϚϯεʹӨڹ͢ΔσΟϨΫςΟϒ ͕ͨ͘͞Μ͋Δ w σϑΥϧτઃఆׂͱอकత ແޮͳͷଟ͍ w H[JQѹॖੵۃతʹ
w όοϑΝͷαΠζͱϑΝΠϧ*0ͷؔʹҙ w )5514͍Ζ͍Ζͱ࠷దԽ߲͋Δ
ࢀߟจݙ / URL w OHJOYEPDVNFOUBUJPO w IUUQOHJOYPSHFOEPDT w 4FDVSJUZ4FSWFS4JEF5-4 w
IUUQTXJLJNP[JMMBPSH4FDVSJUZ4FSWFS@4JEF@5-4 w 44-5-4҉߸ઃఆΨΠυϥΠϯ w IUUQXXXJQBHPKQTFDVSJUZWVMOTTM@DSZQU@DPOpHIUNM w 0QUJNJ[JOH/(*/95-45JNF5P'JSTU#ZUF 55'# w IUUQTXXXJHWJUBDPNPQUJNJ[JOHOHJOYUMTUJNFUPpSTUCZUF
ࢀߟจݙ / URL w /(*/9015*.*;"5*0/6/%&345"/%*/( 4&/%'*-& 5$1@/0%&-":"/%5$1@/0164) w IUUQTUOFUOHJOYPQUJNJ[BUJPOVOEFSTUBOEJOHTFOEpMFUDQ@OPEFMBZBOE UDQ@OPQVTIIUNM
w զʑͲͷΑ͏ʹͯ҆͠શͳ)5514௨৴Λఏڙ͢Εྑ͍͔ w IUUQRJJUBDPNIBSVLBTBOJUFNTGFGCBCBDBGG w )JHI1FSGPSNBODF#SPXTFS/FUXPSLJOH w 0`3FJMMZ *MZB(SJHPSJL
w OHJOYͷύϥϝʔλνϡʔχϯάͱIP w IUUQRJJUBDPNDVCJDEBJZBJUFNTEDFDCF w OHJOYύϑΥʔϚϯενϡʔχϯάʙ੩తίϯςϯπ৴ฤʙ w IUUQRJJUBDPNDVCJDEBJZBJUFNTCBBCEEE w OHJOYͷϦΫΤετϘσΟͷόοϑΝϦϯάʹؔ͢Δͱͦͷվળࡦ
w IUUQRJJUBDPNDVCJDEBJZBJUFNTGFFE ࢀߟจݙ / URL
࠷ޙʹએ
YAPC::Asia Tokyo2015 ͷτʔΫʹԠื͠·ͨ͠ IUUQZBQDBTJBPSHUBMLTIPXBGGFBGCCEDB ࣮ફOHJOYϞδϡʔϧ։ൃʙ$ͱ-VBʙ