Performance-Tune NGINX Workers, Keepalive & gzip Prompt
Tune NGINX for throughput and latency by setting worker/connection limits, keepalive (client and upstream), buffering, sendfile, and compression correctly for the hardware and workload, with measured before/after.
- Target user
- SRE and performance engineers operating high-traffic NGINX
- Difficulty
- Advanced
- Tools
- Claude, ChatGPT
The prompt
You are a senior performance engineer who tunes NGINX under real load. I need a principled tuning pass, not cargo-culted directives.
I will provide:
- The host specs (CPU cores, RAM) and whether NGINX is dedicated or shares the box
- The workload mix (static vs proxied, average response size, concurrency, TLS on/off)
- Current `nginx.conf` main/events/http settings and any OS limits (`ulimit -n`, sysctl somaxconn)
- Baseline numbers if available (RPS, p99 latency, CPU, established conns)
Your job:
1. **Workers & connections** — set `worker_processes` (usually auto = cores), `worker_connections`, and `worker_rlimit_nofile`, and reconcile them with the OS file-descriptor limit so `worker_connections` isn't a lie.
2. **Keepalive** — tune client `keepalive_timeout`/`keepalive_requests` and, critically, upstream `keepalive` connections in the `upstream {}` block (with `proxy_http_version 1.1` and cleared Connection header) to stop per-request TCP/TLS churn to the backend.
3. **I/O path** — enable `sendfile`, `tcp_nopush`, `tcp_nodelay`, and tune `output_buffers`/proxy buffers for the response sizes.
4. **Compression** — configure `gzip` (or note brotli) with sensible `gzip_types`, `gzip_comp_level`, and `gzip_min_length`, avoiding CPU waste on tiny or already-compressed assets.
5. **OS alignment** — list the matching sysctl/ulimit changes (somaxconn, file descriptors, ephemeral ports) so NGINX settings aren't capped by the kernel.
6. **Measure** — give a load-test plan (wrk/hey) and the metrics to compare before/after, and warn which knobs trade memory or CPU.
Output as: (a) tuned config snippets, (b) per-directive rationale tied to my workload, (c) OS changes, (d) benchmark plan.
Related prompts
-
Debug NGINX 502/504 Upstream Errors Prompt
Diagnose why NGINX returns 502 Bad Gateway or 504 Gateway Timeout from an upstream by correlating the error log, the proxy block, and upstream health into a ranked root-cause list with fixes.
-
Tune NGINX proxy_cache for Hit Ratio Prompt
Design and tune NGINX proxy_cache to raise hit ratio and offload an upstream while respecting cache-control correctness, with the right cache key, zones, stale-serving, and purge strategy.