Date post: | 15-Jul-2015 |
Category: |
Software |
Upload: | codemotion |
View: | 198 times |
Download: | 1 times |
there's this russian server nginx. all the porn sites use it. it must be decent.
— Jonathan VanascoJV
JV http://www.destructuring.net/2006/10/09/nginx/
http://w3techs.com/technologies/cross/web_server/ranking
http://news.netcraft.com/archives/2015/03/19/march-2015-web-server-survey.html
http://news.netcraft.com/archives/2015/03/19/march-2015-web-server-survey.html
nginx is a lightweight event-driven reverse proxy for web and mail services.
— http://nginx.org
ApacheTHREAD / PROCESS-ORIENTED
SPAWN A PROCESS FOR EACH CONNECTION (1MB+ RAM)
APACHE 2.4 MULTI-PROCESS MODE REDUCES RAM USAGE
Problem200KB RESPONSE
MILLISECONDS TO GENERATE OR RETRIEVE10S TO TRANSMIT AT 160KBPS (20KB/S)
1000 CONNECTIONS !
Event-drivenSINGLE NONBLOCKING THREAD
ONE PROCESS PER CORE — NODE.JS, REDIS,...
STABLE MEMORY USAGE, NO CONTEXT SWITCHES
Event-driven1. Receive request
2. Trigger events in a process3. Process handles events and returns output
http://en.wikipedia.org/wiki/Reactor_pattern
http://www.aosabook.org/en/nginx.html#fig.nginx.arch
https://mozilla.github.io/server-side-tls/ssl-config-generator/
server { listen 443 ssl;
ssl_certificate /path/to/signed_cert_plus_intermediates; ssl_certificate_key /path/to/private_key; ssl_session_timeout 5m; ssl_session_cache shared:SSL:50m;
# Better Perfect Forward Secrecy, generate: openssl dhparam 2048 ssl_dhparam /path/to/dhparam.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256: ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384: DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256: kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256: ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA: ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384: ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA: DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256: DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA: DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384: AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES: CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK: !aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA'; ssl_prefer_server_ciphers on;
# HSTS: 15768000 seconds = 6 months add_header Strict-Transport-Security max-age=15768000;
# OCSP Stapling resolver 8.8.8.8 8.8.4.4; ssl_stapling on; ssl_stapling_verify on; ssl_trusted_certificate /path/to/root_CA_cert_plus_intermediates;
....}
!
USEhttps://mozilla.github.io/server-side-tls/ssl-config-generator/
https://www.ssllabs.com/ssltest/
upstream backend_hosts { server host0.example.com; server host1.example.com; server 10.10.10.10;}
server { listen 80; server_name example.com;
location / { proxy_pass http://backend_hosts; }}
location / { proxy_set_header HOST $host; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://backend_hosts;}
location ~* \.php$ { fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_pass unix:/var/run/php-fpm.sock; fastcgi_index index.php; include fastcgi.conf; fastcgi_read_timeout 120;}
http { split_clients "${remote_addr}" $designtest { 10% ".first"; 10% ".second"; * ""; }
server { listen 80; server_name example.com; index index${designtest}.html; }}
location ~* ^.+.(htm|html|jpg|jpeg|gif|png|ico|css| zip|tgz|gz|rar|bz2|doc|xls|exe|pdf| ppt|txt|tar|mid|midi|wav|bmp|rtf|js)$ { access_log off; expires max;}
nginx does those six things, and it does five of them 50 times faster than
Apache.— Chris LeaCL
CL http://maisonbisson.com/post/12249/chris-lea-on-nginx-and-wordpress/
$ ab -n 25000 -c 10 http://188.226.151.84/codemotion_intro.png
...
Server Software: nginx/1.4.6Server Hostname: 188.226.151.84Server Port: 80
Document Path: /codemotion_intro.pngDocument Length: 2461 bytes
Concurrency Level: 10Time taken for tests: 7.734 secondsComplete requests: 25000Failed requests: 0Total transferred: 67575000 bytesHTML transferred: 61525000 bytesRequests per second: 3232.56 [#/sec] (mean)Time per request: 3.094 [ms] (mean)Time per request: 0.309 [ms] (mean, across all concurrent requests)Transfer rate: 8532.82 [Kbytes/sec] received
...
Benchmarking 178.62.213.21 (be patient)Completed 2500 requestsCompleted 5000 requestsCompleted 7500 requestsCompleted 10000 requestsCompleted 12500 requestsCompleted 15000 requestsCompleted 17500 requestsCompleted 20000 requestsCompleted 22500 requestsapr_socket_recv: Connection reset by peer (104)Total of 24847 requests completed
ab -n 2500 -c 10 -l http://188.226.151.84/info.php
Concurrency Level: 10Time taken for tests: 4.920 secondsComplete requests: 2500Failed requests: 0Total transferred: 164667204 bytesHTML transferred: 164252204 bytesRequests per second: 508.18 [#/sec] (mean)Time per request: 19.678 [ms] (mean)Time per request: 1.968 [ms] (mean, across all concurrent requests)Transfer rate: 32687.80 [Kbytes/sec] received
Questions?NOW OR @XERAA
HTTPS://SPEAKERDECK.COM/XERAA/
FeedbackHTTPS://JOIND.IN/14161HTTPS://JOIND.IN/EVENT/CODEMOTION-ROME-2015
IMAGE CREDITRome https://flic.kr/p/j9Lmu
Vienna https://flic.kr/p/4enYGHDatabase https://flic.kr/p/6QVfAK
Paper https://flic.kr/p/7Ahvn1Engine https://flic.kr/p/hD3SY4
X https://flic.kr/p/9vMs2Kiss https://flic.kr/p/z8Phh
Branches https://flic.kr/p/aDgLJx
Crowd https://flic.kr/p/Wd54ULaunch https://flic.kr/p/kjkJ5NLicense https://flic.kr/p/nxAfZ
Release https://flic.kr/p/4rDBEKLightweight https://flic.kr/p/6h98Li
Apache https://flic.kr/p/8m9Mf1Flow https://flic.kr/p/a5A3e1
Simultaneous https://flic.kr/p/easM1tSpeed https://flic.kr/p/afEu4oBlock https://flic.kr/p/8szrqe
Eierlegende Wollmilchsau https://flic.kr/p/GzQTT
Taipei https://flic.kr/p/4hi1jBTerminator https://flic.kr/p/6hDYBK
Load https://flic.kr/p/mhuXC5Balance https://flic.kr/p/bpeZXt
Huge https://flic.kr/p/p8tTGEBetween https://flic.kr/p/cXHXH3Dynamic https://flic.kr/p/qzpdr9
Two https://flic.kr/p/9JpzfzFixed https://flic.kr/p/21CsBVWord https://flic.kr/p/913FL2
Different https://flic.kr/p/aUwPzp
Access https://flic.kr/p/KA324Sad https://flic.kr/p/9g5Gg8
Ocean https://flic.kr/p/fQ3pxXBench https://flic.kr/p/kbpHr3Vanilla https://flic.kr/p/b4iChr
PHP https://flic.kr/p/4o1dFfTest https://flic.kr/p/adiTK3