From 262b19346e4eb55e945bb627c28a5421a3d5d5b1 Mon Sep 17 00:00:00 2001 From: Alex Vandiver Date: Thu, 23 Mar 2023 21:39:15 +0000 Subject: [PATCH] puppet: Decrease default nginx worker_connections. Increasing worker_connections has a memory cost, unlike the rest of the changes in 1c76036c61d8; setting it to 1 million caused nginx to consume several GB of memory. Reduce the default down to 10k, and allow deploys to configure it up if necessary. `worker_rlimit_nofile` is left at 1M, since it has no impact on memory consumption. --- docs/production/deployment.md | 10 ++++++++++ puppet/zulip/manifests/nginx.pp | 1 + puppet/zulip/templates/nginx.conf.template.erb | 2 +- 3 files changed, 12 insertions(+), 1 deletion(-) diff --git a/docs/production/deployment.md b/docs/production/deployment.md index 529692bc25..f761c03a06 100644 --- a/docs/production/deployment.md +++ b/docs/production/deployment.md @@ -726,6 +726,16 @@ SSL/TLS termination. Set to the port number if you [prefer to listen on a port other than 443](#using-an-alternate-port). +#### `nginx_worker_connections` + +Adjust the [`worker_connections`][nginx_worker_connections] setting in +the nginx server. This defaults to 10000; increasing it allows more +concurrent connections per CPU core, at the cost of more memory +consumed by NGINX. This number, times the number of CPU cores, should +be more than twice the concurrent number of users. + +[nginx_worker_connections]: http://nginx.org/en/docs/ngx_core_module.html#worker_connections + #### `queue_workers_multiprocess` By default, Zulip automatically detects whether the system has enough diff --git a/puppet/zulip/manifests/nginx.pp b/puppet/zulip/manifests/nginx.pp index 84d6d9caa0..d2743fb2f6 100644 --- a/puppet/zulip/manifests/nginx.pp +++ b/puppet/zulip/manifests/nginx.pp @@ -44,6 +44,7 @@ class zulip::nginx { } else { $ca_crt = '/etc/pki/tls/certs/ca-bundle.crt' } + $worker_connections = zulipconf('application_server', 'nginx_worker_connections', 10000) file { '/etc/nginx/nginx.conf': ensure => file, require => Package[$zulip::common::nginx, 'ca-certificates'], diff --git a/puppet/zulip/templates/nginx.conf.template.erb b/puppet/zulip/templates/nginx.conf.template.erb index f9d38ba950..239394a713 100644 --- a/puppet/zulip/templates/nginx.conf.template.erb +++ b/puppet/zulip/templates/nginx.conf.template.erb @@ -6,7 +6,7 @@ include /etc/nginx/modules-enabled/*.conf; worker_rlimit_nofile 1000000; events { - worker_connections 1000000; + worker_connections <%= @worker_connections %>; use epoll;