Upgrade to Pro — share decks privately, control downloads, hide ads and more …

nginxのパフォーマンスチューニング

 nginxのパフォーマンスチューニング

@shibuya.pm#17

Tatsuhiko Kubo

June 02, 2015
Tweet

More Decks by Tatsuhiko Kubo

Other Decks in Technology

Transcript

  1. nginxͷύϑΥʔϚϯενϡʔχϯά Tatsuhiko [email protected] Shibuya.pm#[email protected]/06/02

  2. @cubicdaiya / Tatsuhiko Kubo w 4PGUXBSF&OHJOFFSJO*OGSBTUSVDUVSF &OHJOFFSJOH!.FSDBSJ *OD w "VUIPSPGOHJOYCVJME

    w OHJOYSEQBSUZNPEVMFEFWFMPQFS w [email protected]@MJHIU [email protected]@VQTUSFBN FUDʜ w 'BWPSJUFT(P $ -VB OHJOY [email protected]
  3. ੲnginxͷಛूهࣄΛॻ͖·ͨ͠

  4. mozaic.fm#18ʹήετग़ԋ͠·ͨ͠ IUUQNP[BJDGN

  5. Agenda w OHJOYͷجຊతͳνϡʔχϯά w OHJOYͱIPͷϕϯνϚʔΫ w ߲໨ผνϡʔχϯά w H[JQѹॖ w

    όοϑΝϦϯά w )5514
  6. nginx.conf w σϑΥϧτͩͱอकతͳઃఆ͕ଟ͍ w ͋ΒΏΔ؀ڥͰಈ࡞͢ΔΑ͏ʹߟྀ͞ΕͯΔ w σΟϨΫςΟϒͨ͘͞Μ w [email protected]@NPEVMF͚ͩͰݸҎ্

  7. core functionality w [email protected] w ϫʔΧϓϩηε਺ w [email protected] w ϫʔΧຖͷ࠷େ઀ଓ਺

    w [email protected]@OPpMF w ϫʔΧϓϩηε͕PQFOͰ͖ΔGEͷ࠷େ਺
  8. σϑΥϧτ஋ [email protected] FWFOUT\ [email protected] ^ [email protected]@OPpMFͷσϑΥϧτ஋͸04ґଘ

  9. worker_processes w $16ͷίΞ਺Λ໨҆ʹ w BVUPʹ͢Δͱࣗಈతʹ$16ίΞ਺ͷϫʔΧʔϓ ϩηε͕ىಈ͢Δ w ઀ଓ਺ʹԠͯ͡େ͖͘͢Δ w $16ό΢ϯυʹͳΓͦ͏ͳΒ͞Βʹେ͖Ίʹ͢Δ

    w FH[email protected]@MJHIU [email protected]
  10. worker_connections w ௨ৗ͸਺ઍ ʙ Ͱे෼ w ສ୯ҐͰ΋͍͚ͦ͏͚ͩͲ΍ͬͨ͜ͱͳ͍ w [email protected]ͱηοτͰߟ͑Δ w

    ϓϩΩγઌͷ઀ଓ਺΋ؚ·ΕΔ఺ʹ஫ҙ
  11. worker_rlimit_nofile w ϫʔΧϓϩηε͕ΦʔϓϯͰ͖ΔGEͷ࠷େ਺ w [email protected]ΑΓ΋༏ઌ͞ΕΔͷͰ஫ҙ [email protected]@OPpMF

  12. νϡʔχϯάܥσΟϨΫςΟϒ(Ұ෦) w TFOEpMF w [email protected] w [email protected]@DBDIF w [email protected] w

    [email protected] w MJTUFO
  13. sendfile w TFOpMFγεςϜίʔϧͷ༗ޮԽ w σϑΥϧτͩͱແޮ TFOEpMFPO

  14. keepalive_timeout w ΫϥΠΞϯτͱͷΩʔϓΞϥΠϒ઀ଓͷ λΠϜΞ΢τ஋ [email protected]T

  15. open_file_cache w Ұ౓։͍ͨϑΝΠϧ৘ใΛΩϟογϡ w ϑΝΠϧͷGEɺαΠζɺߋ৽೔࣌ [email protected]@DBDIFNBYJOBDUJWFT

  16. tcp_nodelay w [email protected]/0%&-":Φϓγϣϯͷ༗ޮԽ w σϑΥϧτͰ༗ޮ w /BHMFΞϧΰϦζϜΛېࢭ [email protected]PO

  17. tcp_nopush w [email protected]/0164)Φϓγϣϯͷ༗ޮԽ w -JOVYͩͱ[email protected]$03,Φϓγϣϯ w TFOEpMF༗ޮ࣌ͷΈར༻Մೳ [email protected]PO

  18. TCP_NODELAYͱTCP_NOPUSH w ͜ͷೋͭ͸ຊདྷ૬൓͢Δಈ࡞Λ͢Δ w [email protected]/0%&-": w ύέοτΛͰ͖Δ͚ͩଈ࠲ʹૹ৴͢Δ w [email protected]/0164) w

    ύέοτΛͰ͖Δ͚ͩ·ͱΊͯૹ৴͢Δ w OHJOY͸྆ํ૊Έ߹ΘͤՄೳ ཁTFOEpMF  w ·ͣɺύέοτૹ৴Λ[email protected]/0164)Ͱ஗Ԇͤ͞Δ [email protected]/0164)ΛPGG[email protected]/0%&-":Ͱϑϥογϡ
  19. listen ύϥϝʔλଟ͗͢

  20. ύϑΥʔϚϯεʹӨڹ͢Δ ओͳlistenύϥϝʔλ w TQEZ41%:Λ༗ޮʹ͢Δ w CBDLMPH/MJTUFOͷόοΫϩά਺ w OFUDPSFTPNBYDPOO౳΋๨Εͣʹ w GBTUPQFO/5$1'BTU0QFO

    w SFVTFQPSU[email protected]&64&1035Λ༗ޮʹ͢Δ
  21. nginxͱh2oͷϕϯνϚʔΫ w DYMBSHFPO&$ w IPBMQIB w OHJOY w XSLͰϕϯνϚʔΫ w

    XSLDUEIUUQ
  22. h2o.conf(࠷దԽલ) MJTUFO IPTUT  QBUIT  pMFEJSVTSMPDBMOHJOYIUNM

  23. h2o.conf(࠷దԽޙ) OVNUISFBET OVNOBNFSFTPMVUJPOUISFBET NBYDPOOFDUJPOT MJTUFO IPTUT  QBUIT  pMFEJSVTSMPDBMOHJOYIUNM

  24. nginx.conf(࠷దԽલ) [email protected] FWFOUT\ [email protected] ^ IUUQ\ JODMVEFNJNFUZQFT [email protected]BQQMJDBUJPOPDUFUTUSFBN [email protected]PGG TFOEpMFPO

    [email protected] TFSWFS\ MJTUFO [email protected]MPDBMIPTU MPDBUJPO\ SPPUIUNM JOEFYJOEFYIUNMJOEFYIUN ^ ^ ^
  25. nginx.conf(࠷దԽޙ) [email protected] FWFOUT\ [email protected] [email protected]@EFMBZNT ^ IUUQ\ JODMVEFNJNFUZQFT [email protected]BQQMJDBUJPOPDUFUTUSFBN [email protected]PGG

    TFOEpMFPO [email protected]@DBDIFNBYJOBDUJWFT [email protected]PO [email protected] TFSWFS\ MJTUFO [email protected]MPDBMIPTU MPDBUJPO\ SPPUIUNM JOEFYJOEFYIUNMJOEFYIUN ^ ^ ^
  26. nginxͱh2oͷϕϯνϚʔΫ SFRT SFRTFD XSLDUEIUUQ

  27. nginxͱgzipѹॖ w H[JQH[JQѹॖΛ༗ޮʹ͢Δ w H[[email protected]H[JQѹॖର৅ͷ$POUFOU5ZQF w H[[email protected]@MFWFMH[JQͷѹॖϨϕϧ w H[[email protected]H[JQѹॖࡁΈϑΝΠϧͷ഑৴ w

    HVO[JQH[JQղౚ
  28. gzipѹॖͷઃఆྫ H[JQPO H[[email protected]@MFWFM H[[email protected]UFYUDTT UFYUKBWBTDSJQU BQQMJDBUJPOKBWBTDSJQU BQQMJDBUJPOKTPO

  29. nginxͱgzipѹॖ w ੩తίϯςϯπͷH[JQѹॖ͸ੵۃతʹ͢΂͖ w $16ͷΦʔόʔϔουΑΓ΋ωοτϫʔΫͷ ϨΠςϯγͷํ͕͸Δ͔ʹେ͖͍ w $16Ϧιʔεͷফඅྔ͕ແࢹͰ͖ͳ͍৔߹ w H[[email protected]ͰH[JQѹॖࡁΈϑΝΠϧΛ഑৴

  30. gzip_staticͷઃఆྫ YYY DTTcKT H[͕ଘࡏͨ͠ΒͦΕΛͦͷ··഑৴ ΫϥΠΞϯτ͕H[JQѹॖΛαϙʔτ͍ͯ͠ͳ͍৔߹͸H[ϑΝΠϧΛల։ͯ͠഑৴ MPDBUJPOd = DTTcKT \ H[[email protected]BMXBZT

    HVO[JQPO ^
  31. zopfliͰ͞Βʹѹॖ w EFqBUFޓ׵ͷѹॖΞϧΰϦζϜπʔϧ w IUUQTHJUIVCDPNHPPHMF[PQqJ w [PQqJͰѹॖͨ͠΋ͷ͸HVO[JQՄೳ w ѹॖ཰͕ߴ͍෼ɺѹॖʹ͔͔Δ͕࣌ؒ௕͍ w

    ࣄલʹѹॖ͢ΔͷͰ໰୊ʹͳΒͳ͍
  32. nginxͱόοϑΝϦϯά w [email protected]@[email protected][F w [email protected]@TJ[F w [email protected] w [email protected] w

    [email protected]@CVGGFSJOH w FUDʜ
  33. όοϑΝϦϯάͷOn/Off w [email protected] EFGBVMUPO  w FHετϦʔϛϯά૬౰ͷॲཧΛ͢Δࡍʹ PGGʹ͢Δ͔ݕ౼ w [email protected]@CVGGFSJOH

    EFGBVMUPO  w FHେ͖ͳϑΝΠϧͷΞοϓϩʔυ͕ൃੜ͢Δࡍ ʹPGGʹ͢Δ͔ݕ౼ ಛʹཧ༝͕ͳ͍ݶΓσϑΥϧτͰ0,
  34. όοϑΝϦϯάͱI/O w OHJOYͷ֤όοϑΝͷαΠζ͸ൺֱతখ͞Ί w େମ਺,#ఔ౓ w όοϑΝ͕଍Γͳ͘ͳΔͱσΟεΫʹॻ͖ग़͢ w όοϑΝαΠζΛௐ੔PSUNQGTΛར༻

  35. όοϑΝϦϯάͱtmpfs ϦΫΤετϘσΟͷॻ͖ग़͠ઌ [email protected]@[email protected]EFWTINDCU ϓϩΩγઌϨεϙϯεϘσΟͷॻ͖ग़͠ઌ [email protected]@QBUIEFWTINQU ɾ ɾ ɾ

  36. HTTPSؔ࿈ͷνϡʔχϯά w 5-44FTTJPO$BDIF w 5-44FTTJPO5JDLFUT w 0$414UBQMJOH w 41%: w

    0QUJNJ[JOHUIF5-4SFDPSETJ[F
  37. TLS Session Cache w 5-4ϋϯυγΣΠΫͷηογϣϯΛαʔόʹ Ωϟογϡ w OHJOYͰ͸ڞ༗ϝϞϦ্ͷอଘ͞ΕΔ w ࣍ճͷ5-4ϋϯυγΣΠΫΛলུ

  38. TLS Session Cache with nginx [email protected]@DBDIFTIBSFE44-N [email protected]@UJNFPVUN

  39. TLS Session Tickets w ҉߸Խͨ͠ηογϣϯ νέοτ ΛΫϥΠΞϯτ ʹ౉͢ w νέοτΛݩʹ5-4ηογϣϯΛ࠶։

    w )5514αʔόෳ਺୆ͰηογϣϯΛڞ༗
  40. TLS Session Tickets with nginx [email protected]@UJDLFUTPO [email protected]@[email protected]FUDOHJOYTTMUJDLFULFZ

  41. OCSP Stapling w 0$41ʹΑΔ44-ূ໌ॻͷࣦޮ֬ೝΛαʔόଆ ͰߦͬͯΩϟογϡ w ΫϥΠΞϯτଆͰ΍Δͱ5-4ϋϯυγΣΠΫ࣌ ʹϨΠςϯγൃੜ

  42. OCSP Stapling with nginx [email protected]PO [email protected]@WFSJGZPO [email protected]@DFSUJpDBUFFUDOHJOYTTMDFSUDSU SFTPMWFSYYYYYYYYYYYYWBMJET [email protected]T

  43. SPDY with nginx MJTUFOTTMTQEZ

  44. Optimizing the TLS-record size w 5-4Ͱ͸ҰఆαΠζຖʹ௨৴಺༰Λ҉߸Խ͢Δ ௨শ 5-4SFDPSE  w

    [email protected]@TJ[F EFGBVMUL  w ,#ͩͱେ͖͗ͯ͢৽ن5$1઀ଓ࣌ͷ355͕૿Ճ w Ұൠతͳ8FCαΠτͳΒখ͍͞΄͏͕͍͍ w 55'# 5JNF5P'JSTU#ZUF վળʹޮՌ͋Γ [email protected]@TJ[FL
  45. ·ͱΊ w OHJOY͸ύϑΥʔϚϯεʹӨڹ͢ΔσΟϨΫςΟϒ ͕ͨ͘͞Μ͋Δ w σϑΥϧτઃఆ͸ׂͱอकత ແޮͳ΋ͷ΋ଟ͍  w H[JQѹॖ͸ੵۃతʹ

    w όοϑΝͷαΠζͱϑΝΠϧ*0ͷؔ܎ʹ஫ҙ w )5514͸͍Ζ͍Ζͱ࠷దԽ߲໨͋Δ
  46. ࢀߟจݙ / URL w OHJOYEPDVNFOUBUJPO w IUUQOHJOYPSHFOEPDT w 4FDVSJUZ4FSWFS4JEF5-4 w

    IUUQTXJLJNP[JMMBPSH4FDVSJUZ[email protected]@5-4 w 44-5-4҉߸ઃఆΨΠυϥΠϯ w IUUQXXXJQBHPKQTFDVSJUZWVMO[email protected]@DPOpHIUNM w 0QUJNJ[JOH/(*/95-45JNF5P'JSTU#ZUF 55'#  w IUUQTXXXJHWJUBDPNPQUJNJ[JOHOHJOYUMTUJNFUPpSTUCZUF
  47. ࢀߟจݙ / URL w /(*/9015*.*;"5*0/6/%&345"/%*/( 4&/%'*-& [email protected]/0%&-":"/%[email protected]/0164) w IUUQTUOFUOHJOYPQUJNJ[BUJPOVOEFSTUBOEJOHTFOEpMF[email protected]BOE [email protected]IUNM

    w զʑ͸ͲͷΑ͏ʹͯ҆͠શͳ)5514௨৴Λఏڙ͢Ε͹ྑ͍͔ w IUUQRJJUBDPNIBSVLBTBOJUFNTGFGCBCBDBGG w )JHI1FSGPSNBODF#SPXTFS/FUXPSLJOH w 0`3FJMMZ *MZB(SJHPSJL
  48. w OHJOYͷύϥϝʔλνϡʔχϯάͱIP w IUUQRJJUBDPNDVCJDEBJZBJUFNTEDFDCF w OHJOYύϑΥʔϚϯενϡʔχϯάʙ੩తίϯςϯπ഑৴ฤʙ w IUUQRJJUBDPNDVCJDEBJZBJUFNTCBBCEEE w OHJOYͷϦΫΤετϘσΟͷόοϑΝϦϯάʹؔ͢Δ໰୊ͱͦͷվળࡦ

    w IUUQRJJUBDPNDVCJDEBJZBJUFNTGFFE ࢀߟจݙ / URL
  49. ࠷ޙʹએ఻

  50. YAPC::Asia Tokyo2015 ͷτʔΫʹԠื͠·ͨ͠ IUUQZBQDBTJBPSHUBMLTIPXBGGFBGCCEDB ࣮ફOHJOYϞδϡʔϧ։ൃʙ$ͱ-VBʙ