Master Nginx Performance: Worker Processes, CPU Affinity, and Tuning Guide

Worker Processes and CPU Affinity

Set worker_processes to the number of CPU cores or cores * 2. Use grep ^processor /proc/cpuinfo | wc -l to check core count. Example for 4 cores: worker_processes 4; Configure CPU affinity to bind each worker to a specific core, e.g. for 4 cores: worker_cpu_affinity 0001 0010 0100 1000; For 8 cores, use eight affinity masks; more than 8 workers rarely improve performance.

File Descriptor Limits

Increase the maximum open files per worker with: worker_rlimit_nofile 65535; Match the system ulimit -n value and adjust /etc/security/limits.conf:

* soft nofile 65535
* hard nofile 65535

Event Model

Use the efficient epoll model:

events {
    use epoll;
    worker_connections 65535;
    multi_accept on;
}

worker_connections

defines the maximum connections per worker; total connections equal worker_processes * worker_connections. multi_accept can be toggled based on load.

HTTP Optimizations

Enable high‑performance file transfer and TCP optimizations:

sendfile on;
 tcp_nopush on;

These settings improve throughput for static files.

Connection Timeouts

keepalive_timeout 60;
 tcp_nodelay on;
 client_header_buffer_size 4k;
 open_file_cache max=102400 inactive=20s;
 client_header_timeout 15;
 client_body_timeout 15;
 reset_timedout_connection on;
 send_timeout 15;
 server_tokens off;
 client_max_body_size 10m;

FastCGI Tuning

fastcgi_connect_timeout 600;
 fastcgi_send_timeout 600;
 fastcgi_read_timeout 600;
 fastcgi_buffer_size 64k;
 fastcgi_buffers 4 64k;
 fastcgi_busy_buffers_size 128k;
 fastcgi_temp_file_write_size 128k;
 fastcgi_temp_path /usr/local/nginx1.10/nginx_tmp;
 fastcgi_intercept_errors on;
 fastcgi_cache_path /usr/local/nginx1.10/fastcgi_cache levels=1:2 keys_zone=cache_fastcgi:128 max_size=10g;
 fastcgi_cache_valid 200 302 1h;
 fastcgi_cache_valid 301 1d;
 fastcgi_cache_valid any 1m;
 fastcgi_cache_key http://$host$request_uri;

Gzip Compression

gzip on;
 gzip_min_length 2k;
 gzip_buffers 4 32k;
 gzip_http_version 1.1;
 gzip_comp_level 6;
 gzip_types text/plain text/css text/javascript application/json application/javascript application/xml;
 gzip_vary on;
 gzip_proxied any;

Expires Caching

location ~* \.(ico|jpe?g|gif|png|bmp|swf|flv)$ {
    expires 30d;
    access_log off;
}
location ~* \.(js|css)$ {
    expires 7d;
    access_log off;
}

Anti‑Hotlinking

location ~* \.(jpg|gif|png|swf|flv|wma|wmv|asf|mp3|zip|rar)$ {
    valid_referers none blocked www.example.com example.com;
    if ($invalid_referer) { return 404; }
    access_log off;
}

Kernel Parameter Optimization

fs.file-max = 999999
net.ipv4.tcp_max_tw_buckets = 6000
net.ipv4.ip_local_port_range = 1024 65000
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_tw_reuse = 1
net.core.somaxconn = 40960
net.core.netdev_max_backlog = 262144
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_rmem = 10240 87380 12582912
net.ipv4.tcp_wmem = 10240 87380 12582912
net.core.rmem_default = 6291456
net.core.wmem_default = 6291456
net.core.rmem_max = 12582912
net.core.wmem_max = 12582912

Apply changes with sysctl -p.

System Open Files Limit

* soft nofile 65535
* hard nofile 65535
* soft noproc 65535
* hard noproc 65535

These settings raise the maximum number of simultaneously opened files, preventing "too many open files" errors under heavy load.