Getting nginx right from the start saves hours of debugging later. In this comprehensive guide, we'll cover everything from initial setup to production-ready configuration, including microcaching and dynamic considerations.
Baseline Measurement
It's recommended to test this configuration in a staging environment before deploying to production. This helps identify potential compatibility issues and allows you to benchmark performance differences.
# Kernel tuning: /etc/sysctl.d/99-performance.conf
cat << 'EOF' | sudo tee /etc/sysctl.d/99-performance.conf
# Network performance
net.core.somaxconn = 65535
net.core.netdev_max_backlog = 65535
net.ipv4.tcp_max_syn_backlog = 65535
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_fin_timeout = 15
# Memory management
vm.swappiness = 10
vm.dirty_ratio = 15
vm.dirty_background_ratio = 5
# File descriptors
fs.file-max = 2097152
fs.nr_open = 2097152
EOF
sudo sysctl --system
Each line in the configuration serves a specific purpose. The comments explain the reasoning behind each setting, making it easier to customize for your specific use case.
- Enable automatic security updates for critical patches
- Keep your system packages updated regularly
- Review log files weekly for anomalies
- Test your backup restore procedure monthly
Kernel and OS Tuning
The nginx configuration requires careful attention to resource limits and security settings. On a VPS with limited resources, it's important to tune these parameters according to your available RAM and CPU cores.
# Benchmark before and after optimization
# CPU benchmark
sysbench cpu --cpu-max-prime=20000 run
# Memory benchmark
sysbench memory --memory-block-size=1M --memory-total-size=10G run
# Disk I/O benchmark
sysbench fileio --file-total-size=4G --file-test-mode=rndrw prepare
sysbench fileio --file-total-size=4G --file-test-mode=rndrw run
sysbench fileio --file-total-size=4G cleanup
These commands should be run as root or with sudo privileges. If you're using a non-root user, prefix each command with sudo.
Security Implications
When scaling this setup, consider vertical scaling (adding more RAM/CPU) first, as it's simpler to implement. Horizontal scaling adds complexity but may be necessary for high-traffic applications.
Next Steps
With nginx now set up and running, consider implementing monitoring to track performance metrics over time. Regularly review your configuration as your workload changes and scale resources accordingly.