BestHub
Sign in
Operations 18 min read

Master Nginx Performance: Worker Processes, CPU Affinity, and Tuning Guide

This guide explains how to optimize Nginx by configuring worker processes, CPU affinity, file descriptor limits, event handling, efficient file transfer, connection timeouts, FastCGI, gzip compression, caching, anti‑hotlinking, kernel parameters and system limits for high‑traffic web services.

Linux Cloud Computing Practice
Linux Cloud Computing Practice
Linux Cloud Computing Practice
Master Nginx Performance: Worker Processes, CPU Affinity, and Tuning Guide

1. Nginx Worker Processes

Nginx typically sets worker_processes to the number of CPU cores or cores × 2. You can discover the core count with top -1 or grep ^processor /proc/cpuinfo | wc -l.

worker_processes 4;

2. Nginx CPU Affinity

Bind each worker to a specific CPU core to improve cache locality.

worker_processes 4;
worker_cpu_affinity 0001 0010 0100 1000;

For an 8‑core server:

worker_processes 8;
worker_cpu_affinity 00000001 00000010 00000100 00001000 00010000 00100000 01000000 10000000;

More than eight workers rarely improve performance and may reduce stability.

3. Maximum Open Files

worker_rlimit_nofile 65535;

This directive should match the system ulimit -n value; otherwise Nginx may run out of file descriptors.

4. Event Handling Model

events {
    use epoll;
    worker_connections 65535;
    multi_accept on;
}

Using epoll provides high efficiency. worker_connections defines the maximum connections per worker; the total possible connections equal worker_processes × worker_connections. multi_accept controls whether a worker accepts as many pending connections as possible after a notification.

5. Efficient File Transfer

http {
    include mime.types;
    default_type application/octet-stream;
    sendfile on;
    tcp_nopush on;
}
sendfile

enables zero‑copy file transmission; tcp_nopush reduces packet fragmentation when sendfile is on.

6. Connection Timeout Settings

keepalive_timeout 60;
 tcp_nodelay on;
 client_header_buffer_size 4k;
 open_file_cache max=102400 inactive=20s;
 open_file_cache_valid 30s;
 open_file_cache_min_uses 1;
 client_header_timeout 15;
 client_body_timeout 15;
 reset_timedout_connection on;
 send_timeout 15;
 server_tokens off;
 client_max_body_size 10m;

These directives protect server resources, control idle connections, and fine‑tune caching of opened files.

7. FastCGI Tuning

fastcgi_connect_timeout 600;
fastcgi_send_timeout 600;
fastcgi_read_timeout 600;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 128k;
fastcgi_temp_path /usr/local/nginx1.10/nginx_tmp;
fastcgi_intercept_errors on;
fastcgi_cache_path /usr/local/nginx1.10/fastcgi_cache levels=1:2 keys_zone=cache_fastcgi:128m inactive=1d max_size=10g;
fastcgi_cache_key http://$host$request_uri;
fastcgi_cache_valid 200 302 1h;
fastcgi_cache_valid 301 1d;
fastcgi_cache_valid any 1m;
fastcgi_cache_min_uses 1;
fastcgi_pass 127.0.0.1:9000;

Proper buffer sizes and cache settings reduce CPU load and prevent 502 errors.

8. Gzip Compression

gzip on;
 gzip_min_length 2k;
 gzip_buffers 4 32k;
 gzip_http_version 1.1;
 gzip_comp_level 6;
 gzip_types text/plain text/css text/javascript application/json application/javascript application/xml;
 gzip_vary on;
 gzip_proxied any;

Gzip saves bandwidth but consumes CPU; compress only text‑based assets.

9. Expires Caching

Cache static assets to reduce bandwidth and improve user experience.

location ~* \.(ico|jpe?g|gif|png|bmp|swf|flv)$ {
    expires 30d;
    access_log off;
}
location ~* \.(js|css)$ {
    expires 7d;
    access_log off;
}

10. Anti‑Hotlinking

location ~* \.(jpg|gif|png|swf|flv|wma|wmv|asf|mp3|mmf|zip|rar)$ {
    valid_referers none blocked www.example.com example.com;
    if ($invalid_referer) {
        return 404;
    }
    access_log off;
}

11. Kernel Parameter Optimization

fs.file-max = 999999
net.ipv4.tcp_max_tw_buckets = 6000
net.ipv4.ip_local_port_range = 1024 65000
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_keepalive_time = 30
net.ipv4.tcp_syncookies = 1
net.core.somaxconn = 40960
net.core.netdev_max_backlog = 262144
net.ipv4.tcp_max_syn_backlog = 262144
net.ipv4.tcp_rmem = 10240 87380 12582912
net.ipv4.tcp_wmem = 10240 87380 12582912
net.core.rmem_default = 6291456
net.core.wmem_default = 6291456
net.core.rmem_max = 12582912
net.core.wmem_max = 12582912

Apply with sysctl -p.

12. System Open Files Limit

Default ulimit -n is 1024, which is insufficient for high‑traffic servers.

# Increase limits in /etc/security/limits.conf
* soft nofile 65535
* hard nofile 65535
* soft noproc 65535
* hard noproc 65535

After editing, re‑login or restart services for the new limits to take effect.

Performance TuningLinux
Linux Cloud Computing Practice
Written by

Linux Cloud Computing Practice

Welcome to Linux Cloud Computing Practice. We offer high-quality articles on Linux, cloud computing, DevOps, networking and related topics. Dive in and start your Linux cloud computing journey!

0 followers
Reader feedback

How this landed with the community

Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.

Sign in to comment