Hi
I have
http://nginx-win.ecsds.eu/ version 1.9.13.1
Windows server 2012r2 VDS with two 200% time cpu cores, 4 gb ram
php 7.0.4
opcache enabled, about 95% hit
Story is that when i start free test from loadimpact with 50 virtual users on site main page i have about 40% cpu used with php-cgi.exe..
Is that normal ? I tryed cgi cache. Its ok with it, but its very bad idea to use cgi cache with online shop..
What can i tune in that config ?
Thank you
worker_processes 1;
error_log logs/error.log;
#error_log D:/Server/nginx/logs/error.log;
events {
worker_connections 8192;
multi_accept on;
}
http {
#include /nginx/conf/naxsi_core.rules;
include mime.types;
default_type application/octet-stream;
tcp_nodelay on;
tcp_nopush on;
sendfile on;
server_names_hash_bucket_size 128;
map_hash_bucket_size 64;
reset_timedout_connection on;
send_timeout 5;
client_body_timeout 12;
client_header_timeout 12;
keepalive_timeout 30;
keepalive_requests 100;
server_tokens off;
#fastcgi_cache_path D:/Server/nginx_cache/ levels=1:2 keys_zone=ZONE1:250m inactive=60m;
#fastcgi_cache_key "$scheme$request_method$host$request_uri";
#fastcgi_cache_use_stale error timeout invalid_header http_500;
#fastcgi_ignore_headers Cache-Control Expires Set-Cookie;
open_file_cache max=200000 inactive=20s;
open_file_cache_valid 30s;
open_file_cache_min_uses 2;
open_file_cache_errors on;
server{
listen 80 default_server;
listen [::]:80 default_server;
# Redirect all HTTP requests to HTTPS with a 301 Moved Permanently response.
return 301 https://$host$request_uri;
}
server
{
listen 443 ssl http2;
listen [::]:443 ssl http2;
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
access_log off;
root D:/Server/htdocs/;
server_name 123123.ru;
index index.php;
gzip on;
gzip_vary on;
gzip_static off;
gzip_min_length 1024;
gzip_proxied expired no-cache no-store private auth;
gzip_comp_level 4;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript ;
gzip_disable "msie6";
ssl_certificate D:/Server/ssl/cert_chain.crt;
ssl_certificate_key D:/Server/ssl/key.key;
ssl_trusted_certificate D:/Server/ssl/COMODORSADomainValidationSecureServerCA.crt;
ssl_dhparam D:/Server/ssl/dhparams.pem; #openssl dhparam -out dhparams.pem 2048
ssl_session_timeout 1h;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
ssl_prefer_server_ciphers on;
ssl_ecdh_curve secp384r1;
ssl_session_cache shared:SSL:10m;
ssl_session_tickets off;
ssl_stapling on;
ssl_stapling_verify on;
resolver_timeout 5s;
add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
try_files $uri $uri/ /index.php?$query_string;
location ~ \.php$ {
root D:/Server/htdocs/;
fastcgi_pass 127.0.0.1:9123; # single backend process
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location /index.php {
include fastcgi_params;
fastcgi_pass 127.0.0.1:9123;
#fastcgi_pass myLoadBalancer;
}
# for install only
location /install.php {
include fastcgi_params;
fastcgi_pass 127.0.0.1:9123;
#fastcgi_pass myLoadBalancer;
}
location /api.php {
include fastcgi_params;
fastcgi_pass 127.0.0.1:9123;
#fastcgi_pass myLoadBalancer;
}
location ^~ /wa-data/protected/ {
#return 403;
#X-Accel-Redirect
internal;
}
location ~* ^/wa-(log|config|cache|system)/ {
return 403;
}
location ~* ^/wa-data/public/contacts/photo/[0-9]+/ {
root /var/www/fw/;
access_log off;
expires 30d;
error_page 404 = @contacts_thumb;
}
location @contacts_thumb {
include fastcgi_params;
fastcgi_pass 127.0.0.1:9123;
#fastcgi_pass myLoadBalancer;
fastcgi_param SCRIPT_NAME /wa-data/public/contacts/photos/thumb.php;
fastcgi_param SCRIPT_FILENAME $document_root/wa-data/public/contacts/photos/thumb.php;
}
# photos app
location ~* ^/wa-data/public/photos/[0-9]+/ {
access_log off;
expires 30d;
error_page 404 = @photos_thumb;
}
location @photos_thumb {
include fastcgi_params;
fastcgi_pass 127.0.0.1:9123;
#fastcgi_pass myLoadBalancer;
fastcgi_param SCRIPT_NAME /wa-data/public/photos/thumb.php;
fastcgi_param SCRIPT_FILENAME $document_root/wa-data/public/photos/thumb.php;
}
# end photos app
# shop app
location ~* ^/wa-data/public/shop/products/[0-9]+/ {
access_log off;
expires 30d;
error_page 404 = @shop_thumb;
}
location @shop_thumb {
include fastcgi_params;
fastcgi_pass 127.0.0.1:9123;
#fastcgi_pass myLoadBalancer;
fastcgi_param SCRIPT_NAME /wa-data/public/shop/products/thumb.php;
fastcgi_param SCRIPT_NAME /wa-data/public/shop/products/thumb.php;
fastcgi_param SCRIPT_FILENAME $document_root/wa-data/public/shop/products/thumb.php;
}
# end shop app
# mailer app
location ~* ^/wa-data/public/mailer/files/[0-9]+/ {
access_log off;
error_page 404 = @mailer_file;
}
location @mailer_file {
include fastcgi_params;
fastcgi_pass 127.0.0.1:9123;
#fastcgi_pass myLoadBalancer;
fastcgi_param SCRIPT_NAME /wa-data/public/mailer/files/file.php;
fastcgi_param SCRIPT_FILENAME $document_root/wa-data/public/mailer/files/file.php;
}
# end mailer app
location ~* ^.+\.(js|css|jpg|jpeg|gif|png|svg|ttf|eot|otf|woff|woff2)$ {
access_log off;
expires 30d;
}
}
}
I have
http://nginx-win.ecsds.eu/ version 1.9.13.1
Windows server 2012r2 VDS with two 200% time cpu cores, 4 gb ram
php 7.0.4
opcache enabled, about 95% hit
Story is that when i start free test from loadimpact with 50 virtual users on site main page i have about 40% cpu used with php-cgi.exe..
Is that normal ? I tryed cgi cache. Its ok with it, but its very bad idea to use cgi cache with online shop..
What can i tune in that config ?
Thank you
worker_processes 1;
error_log logs/error.log;
#error_log D:/Server/nginx/logs/error.log;
events {
worker_connections 8192;
multi_accept on;
}
http {
#include /nginx/conf/naxsi_core.rules;
include mime.types;
default_type application/octet-stream;
tcp_nodelay on;
tcp_nopush on;
sendfile on;
server_names_hash_bucket_size 128;
map_hash_bucket_size 64;
reset_timedout_connection on;
send_timeout 5;
client_body_timeout 12;
client_header_timeout 12;
keepalive_timeout 30;
keepalive_requests 100;
server_tokens off;
#fastcgi_cache_path D:/Server/nginx_cache/ levels=1:2 keys_zone=ZONE1:250m inactive=60m;
#fastcgi_cache_key "$scheme$request_method$host$request_uri";
#fastcgi_cache_use_stale error timeout invalid_header http_500;
#fastcgi_ignore_headers Cache-Control Expires Set-Cookie;
open_file_cache max=200000 inactive=20s;
open_file_cache_valid 30s;
open_file_cache_min_uses 2;
open_file_cache_errors on;
server{
listen 80 default_server;
listen [::]:80 default_server;
# Redirect all HTTP requests to HTTPS with a 301 Moved Permanently response.
return 301 https://$host$request_uri;
}
server
{
listen 443 ssl http2;
listen [::]:443 ssl http2;
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
access_log off;
root D:/Server/htdocs/;
server_name 123123.ru;
index index.php;
gzip on;
gzip_vary on;
gzip_static off;
gzip_min_length 1024;
gzip_proxied expired no-cache no-store private auth;
gzip_comp_level 4;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript ;
gzip_disable "msie6";
ssl_certificate D:/Server/ssl/cert_chain.crt;
ssl_certificate_key D:/Server/ssl/key.key;
ssl_trusted_certificate D:/Server/ssl/COMODORSADomainValidationSecureServerCA.crt;
ssl_dhparam D:/Server/ssl/dhparams.pem; #openssl dhparam -out dhparams.pem 2048
ssl_session_timeout 1h;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
ssl_prefer_server_ciphers on;
ssl_ecdh_curve secp384r1;
ssl_session_cache shared:SSL:10m;
ssl_session_tickets off;
ssl_stapling on;
ssl_stapling_verify on;
resolver_timeout 5s;
add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
try_files $uri $uri/ /index.php?$query_string;
location ~ \.php$ {
root D:/Server/htdocs/;
fastcgi_pass 127.0.0.1:9123; # single backend process
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location /index.php {
include fastcgi_params;
fastcgi_pass 127.0.0.1:9123;
#fastcgi_pass myLoadBalancer;
}
# for install only
location /install.php {
include fastcgi_params;
fastcgi_pass 127.0.0.1:9123;
#fastcgi_pass myLoadBalancer;
}
location /api.php {
include fastcgi_params;
fastcgi_pass 127.0.0.1:9123;
#fastcgi_pass myLoadBalancer;
}
location ^~ /wa-data/protected/ {
#return 403;
#X-Accel-Redirect
internal;
}
location ~* ^/wa-(log|config|cache|system)/ {
return 403;
}
location ~* ^/wa-data/public/contacts/photo/[0-9]+/ {
root /var/www/fw/;
access_log off;
expires 30d;
error_page 404 = @contacts_thumb;
}
location @contacts_thumb {
include fastcgi_params;
fastcgi_pass 127.0.0.1:9123;
#fastcgi_pass myLoadBalancer;
fastcgi_param SCRIPT_NAME /wa-data/public/contacts/photos/thumb.php;
fastcgi_param SCRIPT_FILENAME $document_root/wa-data/public/contacts/photos/thumb.php;
}
# photos app
location ~* ^/wa-data/public/photos/[0-9]+/ {
access_log off;
expires 30d;
error_page 404 = @photos_thumb;
}
location @photos_thumb {
include fastcgi_params;
fastcgi_pass 127.0.0.1:9123;
#fastcgi_pass myLoadBalancer;
fastcgi_param SCRIPT_NAME /wa-data/public/photos/thumb.php;
fastcgi_param SCRIPT_FILENAME $document_root/wa-data/public/photos/thumb.php;
}
# end photos app
# shop app
location ~* ^/wa-data/public/shop/products/[0-9]+/ {
access_log off;
expires 30d;
error_page 404 = @shop_thumb;
}
location @shop_thumb {
include fastcgi_params;
fastcgi_pass 127.0.0.1:9123;
#fastcgi_pass myLoadBalancer;
fastcgi_param SCRIPT_NAME /wa-data/public/shop/products/thumb.php;
fastcgi_param SCRIPT_NAME /wa-data/public/shop/products/thumb.php;
fastcgi_param SCRIPT_FILENAME $document_root/wa-data/public/shop/products/thumb.php;
}
# end shop app
# mailer app
location ~* ^/wa-data/public/mailer/files/[0-9]+/ {
access_log off;
error_page 404 = @mailer_file;
}
location @mailer_file {
include fastcgi_params;
fastcgi_pass 127.0.0.1:9123;
#fastcgi_pass myLoadBalancer;
fastcgi_param SCRIPT_NAME /wa-data/public/mailer/files/file.php;
fastcgi_param SCRIPT_FILENAME $document_root/wa-data/public/mailer/files/file.php;
}
# end mailer app
location ~* ^.+\.(js|css|jpg|jpeg|gif|png|svg|ttf|eot|otf|woff|woff2)$ {
access_log off;
expires 30d;
}
}
}