[ Send this article ]
Your message has been sent.
How would you like to send this article:
[ Save this article ]
Save this article to your account for easy access.
This article has been saved to your account.
Go to my account
This article has been emailed to your Kindle.
Send this article
Complete the form below to send this article, Nginx HTTP Server: Base Module Directives, to a friend (or to yourself). We will never share your details (or your friend's) with anyone. For more information, read our Privacy Policy.
by
Clement Nedelcu | July 2010 |
Open Source Web Development
It is a well-known fact that the market of web servers has a long-established leader: Apache. However recent surveys reveal the rise of a new competitor: Nginx, a lightweight HTTP server originating from Russia— pronounced "engine X". This article provides a first approach of the configuration architecture by studying the core module directives that have an impact on the overall server performance. We will understand the need for the various directives that will let you optimize your server for different traffic patterns and hardware setups.
In this article by Clément Nedelcu, author of the book Nginx HTTP Server, we will take a look at the base modules.
(For more resources on Nginx, see here.)
We are particularly more interested in answering two questions—what are base modules and what directives are made available.
What are base modules?
The base modules offer directives that allow you to define parameters of the basic functionality of Nginx. They cannot be disabled at compile time; as a result, the directives and blocks they offer are always available. Three base modules are distinguished:
- Core module: Essential features and directives such as process management and security
- Events module: It lets you configure the inner mechanisms of the networking capabilities
- Configuration module: Enables the inclusion mechanism
These modules offer a large range of directives; we will be detailing them individually with their syntaxes and default values.
Nginx process architecture
Before we start detailing the basic configuration directives, it's necessary to understand the process architecture, that is, how Nginx works behind the scenes. Although the application comes as a simple binary file, (apparently lightweight background process) the way it functions at runtime is rather intricate.
At the very moment of starting Nginx, one unique process exists in memory—the Master Process. It is launched with the current user and group permissions—usually root/root if the service is launched at boot time by an init script. The master process itself does not process any client request; instead, it spawns processes that do—the Worker Processes, which are affected to a customizable user and group. From the configuration file, you are able to define the amount of worker processes, the maximum connections per worker process, and more.
Core module directives
Below is the list of directives made available by the core module. Most of these directives must be placed at the root of the configuration file and can only be used once. However, some of them are valid in multiple contexts. If that is the case, the list of valid contexts is mentioned below the directive name.root of the configuration file and can only be used once.
|
Name and context |
Syntax and description |
|
daemon |
Accepted values: on or off Syntax: daemon on; Default value: on Enables or disables daemon mode. If you disable it, the program will not be started in the background; it will stay in the foreground when launched from the shell. |
|
debug_points |
Accepted values: stop or abort Syntax: debug_points stop; Default value: None. Activates debug points in Nginx. Use stop to interrupt the application when a debug point comes about in order to attach a debugger. Use abort to abort the debug point and create a core dump file. To disable this option, simply do not use the directive. |
|
env |
Syntax: env MY_VARIABLE; env MY_VARIABLE=my_value; Lets you (re)define environment variables. |
|
error_log Context: main, http, server, and location |
Syntax: error_log /file/path level; Default value: logs/error.log error. Where level is one of the following values: debug, info, notice, warn, error, and crit (from most to least detailed: debug provides frequent log entries, crit only reports critical errors). Enables error logging at different levels: Application, HTTP server, virtual host, and virtual host directory. By redirecting the log output to /dev/null, you can disable error logging. Use the following directive at the root of the configuration file: error_log /dev/null crit; |
|
lock_file |
Syntax: File path lock_file logs/nginx.lock; Default value: Defined at compile time Use a lock file for mutual exclusion. Disabled by default, unless you enabled it at compile time. |
|
log_not_found Context: main, http, server, and location |
Accepted values: on or off log_not_found on; Default value: on Enables or disables logging of 404 not found HTTP errors. If your logs get filled with 404 errors due to missing favicon.ico or robots.txt files, you might want to turn this off. |
|
master_process |
Accepted values: on or off master_process on; Default value: on If enabled, Nginx will start multiple processes: A main process (the master process) and worker processes. If disabled, Nginx works with a unique process. This directive should be used for testing purposes only as it disables the master process-clients thus cannot connect to your server. |
|
pid |
Syntax: File path pid logs/nginx.pid; Default value: Defined at compile time. Path of the pid file for the Nginx daemon. The default value can be configured at compile time. |
|
ssl_engine |
Syntax: Character string ssl_engine enginename; Default value: None Where enginename is the name of an available hardware SSL accelerator on your system. To check for available hardware SSL accelerators, run this command from the shell: openssl engine -t |
|
thread_stack_size |
Syntax: Numeric (size) thread_stack_size 1m; Default value: None Defines the size of thread stack; please refer to the worker_threads directive below |
|
timer_resolution |
Syntax: Numeric (time) timer_resolution 100ms; Default value: None Controls the interval between system calls to gettimeofday() to synchronize the internal clock. If this value is not specified, the clock is refreshed after each kernel event notification. |
|
user |
Syntax: user username groupname; user username; Default value: Defined at compile time. If still undefined, the user and group of the Nginx master process are used. Lets you define the user account and optionally the user group used for starting the Nginx worker processes. |
|
worker_threads |
Syntax: Numeric worker_threads 8; Default value: None Defines the amount of threads per worker process. Warning! Threads are disabled by default. The author stated that "the code is currently broken". |
|
worker_cpu_affinity |
Syntax: worker_cpu_affinity 1000 0100 0010 0001; worker_cpu_affinity 10 10 01 01; worker_cpu_affinity; Default value: None This directive works in conjunction with worker_processes. It lets you affect worker processes to CPU cores. There are as many series of digit blocks as worker processes; there are as many digits in a block as your CPU has cores. If you configure Nginx to use three worker processes, there are three blocks of digits. For a dual-core CPU, each block has two digits. worker_cpu_affinity 01 01 10; The first block (01) indicates that the first worker process should be affected to the second core. The second block (01) indicates that the second worker process should be affected to the second core. The third block (10) indicates that the third worker process should be affected to the first core. Note that affinity is only recommended for multi-core CPUs, not for processors with hyper-treading or similar technologies. |
|
worker_priority |
Syntax: Numeric worker_priority 0; Default value: 0 Defines the priority of the worker processes, from -20 (highest) to 19 (lowest). The default value is 0. Note that kernel processes run at priority level -5, so it's not recommended that you set the priority to -5 or less. |
|
worker_processes |
Syntax: Numeric worker_processes 4; Default value: 1 Defines the amount of worker processes. Nginx offers to separate the treatment of requests into multiple processes. The default value is 1, but it's recommended to increase this value if your CPU has more than one core. Besides, if a process gets blocked due to slow I/O operations, incoming requests can be delegated to the other worker processes. |
|
worker_rlimit_core |
Syntax: Numeric (size) worker_rlimit_core 100m; Default value: None Defines the size of core files per worker process. |
|
worker_rlimit_nofile |
Syntax: Numeric worker_rlimit_nofile 10000; Default value: None Defines the amount of files a worker process may use simultaneously. |
|
worker_rlimit_sigpending |
Syntax: Numeric worker_rlimit_sigpending 10000; Default value: None Defines the amount of signals that can be queued per user (user ID of the calling process). If the queue is full, signals are ignored past this limit. |
|
working_directory |
Syntax: Directory path working_directory /usr/local/nginx/; Default value: The prefi x switch defined at compile time. Working directory used for worker processes; only used to define the location of core files. The worker process user account (user directive) must have write permissions on this folder in order to be able to write core files. |
(For more resources on Nginx, see here.)
Events module
The Events module comes with directives that allow you to configure network mechanisms. Some of the parameters have an important impact on the application's performance.
All of the directives listed below must be placed in the events block, which is located at the root of the configuration file:
user nginx nginx;
master_process on;
worker_processes 4;
events {
worker_connections 1024;
use epoll;
}
[...]
These directives cannot be placed elsewhere (if you do so, the configuration test will fail).
|
Directive name |
Syntax and description |
|
accept_mutex |
Accepted values: on or off accept_mutex on; Default value: on Enables or disables the use of an accept mutex (mutual exclusion) to open listening sockets. |
|
accept_mutex_delay |
Syntax: Numeric (time) accept_mutex_delay 500ms; Default value: 500 milliseconds Defines the amount of time a worker process should wait before trying to acquire the resource again. This value is not used if the accept_mutex directive is set to off. |
|
connections |
Replaced by worker_connections. This directive is now deprecated. |
|
debug_connection |
Syntax: IP address or CIDR block. debug_connection 172.63.155.21; debug_connection 172.63.155.0/24; Default value: None. Writes detailed logs for clients matching this IP address or address block. The debug information is stored in the file specified with the error_log directive, enabled with the debug level. Note: Nginx must be compiled with the --debug switch in order to enable this feature. |
|
multi_accept |
Syntax: on or off multi_accept off; Default value: off Defines whether or not Nginx should accept all incoming connections from the listening queue at once. |
|
use |
Accepted values: /dev/poll, epoll, eventport, kqueue, rtsig, or select use kqueue; Default value: Defined at compile time Selects the event model among the available ones (the ones that you enabled at compile time), though Nginx automatically selects the most appropriate one. The supported models are:
|
|
worker_connections |
Syntax: Numeric worker_connections 1024; Default value: None Defines the amount of connections that a worker process may treat simultaneously. |
Configuration module
The Nginx Configuration module is a simple module enabling file inclusions with the include directive. The directive can be inserted anywhere in the configuration file and accepts a single parameter—the file's path.
include /file/path.conf;
include sites/*.conf;
Note that if you do not specify an absolute path, the file path is relative to the configuration directory. By default, include sites/example.conf will include the following file:
/usr/local/nginx/conf/sites/example.conf.
Summary
In this article, we took a look at the Core module directives, the Nginx process architecture, the Events module, and the Configuration module.
Further resources on this subject:
- Configuring Apache and Nginx [article]
About the Author :
Clement Nedelcu
Clement Nedelcu is the technical administrator of the GBATEMP NETWORK and a computer science teacher at Jiangsu University of Science and Technology in Zhenjiang, China. He also works as technology consultant, specialized in web and Microsoft .NET development as well as Linux server administration.
Post new comment