Tencent Kubernetes Engine
- Release Notes and Announcements
- Release Notes
- Announcements
- Security Vulnerability Fix Description
- Release Notes
- Kubernetes Version Maintenance
- Runtime Version Maintenance Description
- Product Introduction
- Quick Start
- TKE General Cluster Guide
- Purchase a TKE General Cluster
- Permission Management
- Controlling TKE cluster-level permissions
- TKE Kubernetes Object-level Permission Control
- Cluster Management
- Images
- Worker node introduction
- Normal Node Management
- Native Node Management
- Purchasing Native Nodes
- Supernode management
- Purchasing a Super Node
- Registered Node Management
- Memory Compression Instructions
- GPU Share
- qGPU Online/Offline Hybrid Deployment
- Kubernetes Object Management
- Workload
- Configuration
- Auto Scaling
- Service Management
- Ingress Management
- CLB Type Ingress
- API Gateway Type Ingress
- Storage Management
- Use File to Store CFS
- Use Cloud Disk CBS
- Add-On Management
- CBS-CSI Description
- Network Management
- GlobalRouter Mode
- VPC-CNI Mode
- Static IP Address Mode Instructions
- Cilium-Overlay Mode
- OPS Center
- Audit Management
- Event Management
- Log Management
- Using CRD to Configure Log Collection
- Backup Center
- TKE Serverless Cluster Guide
- Purchasing a TKE Serverless Cluster
- TKE Serverless Cluster Management
- Super Node Management
- Kubernetes Object Management
- OPS Center
- Log Collection
- Using a CRD to Configure Log Collection
- Audit Management
- Event Management
- TKE Registered Cluster Guide
- Registered Cluster Management
- Ops Guide
- TKE Insight
- TKE Scheduling
- Job Scheduling
- Native Node Dedicated Scheduler
- Cloud Native Service Guide
- Practical Tutorial
- Cluster
- Serverless Cluster
- Mastering Deep Learning in Serverless Cluster
- Scheduling
- Security
- Service Deployment
- Proper Use of Node Resources
- Network
- DNS
- Self-Built Nginx Ingress Practice Tutorial
- Logs
- Monitoring
- OPS
- DevOps
- Construction and Deployment of Jenkins Public Network Framework Appications based on TKE
- Auto Scaling
- KEDA
- Containerization
- Microservice
- Cost Management
- Hybrid Cloud
- Fault Handling
- Pod Status Exception and Handling
- Pod exception troubleshooter
- API Documentation
- Making API Requests
- Elastic Cluster APIs
- Resource Reserved Coupon APIs
- Cluster APIs
- Third-party Node APIs
- Network APIs
- Node APIs
- Node Pool APIs
- TKE Edge Cluster APIs
- Cloud Native Monitoring APIs
- Super Node APIs
- TKE API 2022-05-01
- Making API Requests
- Node Pool APIs
- FAQs
- TKE General Cluster
- TKE Serverless Cluster
- About OPS
- Service Agreement
- User Guide(Old)
DocumentationTencent Kubernetes EnginePractical TutorialNetworkSelf-Built Nginx Ingress Practice TutorialOptimization for High Concurrency Scenarios
Optimization for High Concurrency Scenarios
Last updated: 2024-08-12 17:48:23
Operation Scenarios
This document introduces how to configure and optimize Nginx Ingress for high concurrency scenarios.
Operation Guide
Increasing CLB Specifications and Bandwidth
High concurrency scenarios require high traffic throughput and forwarding performance of CLB. You can manually create a CLB in the CLB Console, select LCU-supported instance specifications, choose the model as needed, and increase the bandwidth limit (ensure the VPC is consistent with that of the TKE cluster).
After the CLB is created, configure Nginx Ingress to reuse this CLB as the traffic entry. For details, refer to Custom Definition CLB.
Tuning Kernel Parameters and Nginx Configuration
Optimize kernel parameters and Nginx configuration for high concurrency scenarios.
values.yaml configuration method:controller:extraInitContainers:- name: sysctlimage: busyboximagePullPolicy: IfNotPresentsecurityContext:privileged: truecommand:- sh- -c- |sysctl -w net.core.somaxconn=65535 # Increase connection queue to prevent queue overflow.sysctl -w net.ipv4.ip_local_port_range="1024 65535" # Expand the source port range to prevent port exhaustion.sysctl -w net.ipv4.tcp_tw_reuse=1 # Enable TIME_WAIT reuse to allow new connections after port exhaustion.sysctl -w fs.file-max=1048576 # Increase the file handle count to prevent connection overflow from exhausting file handles.config:# The number of requests that can be processed by a persistent connection between Nginx and the client is 100 by default. We recommend increasing this number in high-concurrency scenarios, but setting it too high may cause uneven load after Nginx Ingress scale-out.# Reference: https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#keep-alive-requestskeep-alive-requests: "1000"# The maximum number of idle persistent connections (not the maximum number of connections) between Nginx and the upstream is 320 by default. We recommend increasing this number in high-concurrency scenarios to prevent the frequent establishment of connections from significantly increasing the number of TIME_WAIT connections.# Reference: https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#upstream-keepalive-connectionsupstream-keepalive-connections: "2000"# The maximum number of connections that each worker process can open is 16384 by default.# Reference: https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#max-worker-connectionsmax-worker-connections: "65536"
Note:
Log Rotation
Nginx Ingress will print logs to the container's standard output by default, which will be managed automatically by the container during running. In high-concurrency scenarios, this may lead to high CPU occupancy.
The solution is to output Nginx Ingress logs to log files and use a sidecar to automatically rotate the log files, preventing the disk space from being filled up with logs.
values.yaml configuration method:controller:config:# Nginx logs are written to log files to avoid high CPU utilization under high concurrency.access-log-path: /var/log/nginx/nginx_access.logerror-log-path: /var/log/nginx/nginx_error.logextraVolumes:- name: log # Log mounting directory of the controlleremptyDir: {}extraVolumeMounts:- name: log # Log directory shared by the logrotate and controllermountPath: /var/log/nginxextraContainers: # Logrotate sidecar container for log rotation- name: logrotateimage: imroc/logrotate:latest # https://github.com/imroc/docker-logrotateimagePullPolicy: IfNotPresentenv:- name: LOGROTATE_FILE_PATTERN # Pattern of rotated log files, matching the log file path configured in Nginxvalue: "/var/log/nginx/nginx_*.log"- name: LOGROTATE_FILESIZE # Threshold of log file size for rotationvalue: "100M"- name: LOGROTATE_FILENUM # Number of rotations per log filevalue: "3"- name: CRON_EXPR # Crontab expression for periodic logrotate running, which is once every minutevalue: "*/1 * * * *"- name: CROND_LOGLEVEL # Crond log level, ranging from 0 to 8, the smaller the value, the more detailedvalue: "8"volumeMounts:- name: logmountPath: /var/log/nginx
Was this page helpful?
You can also Contact Sales or Submit a Ticket for help.
Yes
No