busyboy77

Moved to git repository: https://github.com/denji/nginx-tuning

NGINX Tuning For Best Performance

For this configuration you can use web server you like, i decided, because i work mostly with it to use nginx.

Generally, properly configured nginx can handle up to 400K to 500K requests per second (clustered), most what i saw is 50K to 80K (non-clustered) requests per second and 30% CPU load, course, this was 2 x Intel Xeon with HyperThreading enabled, but it can work without problem on slower machines.

You must understand that this config is used in testing environment and not in production so you will need to find a way to implement most of those features best possible for your servers.

RKE2 commands

Updated on May 29 to accommodate etcd container not having /bin/sh available anymore.

Install

curl -sL https://get.rke2.io | sh
systemctl daemon-reload
systemctl start rke2-server

echo " updating kernel settings"
cat << EOF >> /etc/sysctl.conf
# SWAP settings
vm.swappiness=0
vm.panic_on_oom=0
vm.overcommit_memory=1
kernel.panic=10
kernel.panic_on_oops=1
vm.max_map_count = 262144

k3s etcd commands

etcd

Setup etcdctl using the instructions at https://github.com/etcd-io/etcd/releases/tag/v3.4.13 (changed path to /usr/local/bin):

Note: if you want to match th etcdctl binaries with the embedded k3s etcd version, please run the curl command for getting the version first and adjust ETCD_VER below accordingly:

curl -L --cacert /var/lib/rancher/k3s/server/tls/etcd/server-ca.crt --cert /var/lib/rancher/k3s/server/tls/etcd/server-client.crt --key /var/lib/rancher/k3s/server/tls/etcd/server-client.key https://127.0.0.1:2379/version

	apiVersion: logging.banzaicloud.io/v1beta1
	kind: ClusterFlow
	metadata:
	name: archive
	spec:
	match:
	- select: {}
	outputRefs:
	- s3

	#!/usr/bin/env bash
	set -ex
	export TEST_CLUSTER_NAME=quick-test
	export CERT_MANAGER_VERSION=v1.3.1
	export KIND_IMAGE=kindest/node:v1.20.2

	# Create test cluster
	echo "Creating test cluster..."
	kind create cluster --name="$TEST_CLUSTER_NAME" --image="$KIND_IMAGE"
	until kubectl --timeout=120s wait --for=condition=Ready pods --all --namespace kube-system; do sleep 1; done

	apiVersion: v1
	kind: Secret
	metadata:
	name: index-template
	stringData:
	template: '{"index_patterns":["logstash-*"],"template":{"aliases":{"logstash":{}},"mappings":{"dynamic":"true","dynamic_date_formats":["strict_date_optional_time","yyyy/MM/dd HH:mm:ss Z\|\|yyyy/MM/dd Z"],"dynamic_templates":[]},"settings":{"index":{"lifecycle":{"name":"logstash_policy","rollover_alias":"logstash"},"number_of_shards":"1","number_of_replicas":"0"}}}}'

	#!/bin/bash
	#https://gist.github.com/davidedg/c29c478ee9c15a804a99cbd1de364647#file-userdata
	# Intended to run together with AMI amzn-ami-vpc-nat-hvm-*, with ASG min=max=desired=1
	# Tested with amzn-ami-vpc-nat-hvm-2018.03.0.20180811-x86_64-ebs (ami-0ea87e2bfa81ca08a)
	# Expected TAGS:
	# - Backend Subnets: Name=InternetNAT Values=AvailabilityZone ( eg: eu-west-1 ) where Frontend NAT Instance is (this allows for multiple NAT instances to serve differenze AZ subnets
	# - Backend Subnets + ASG: Name=Environment, Values=EnvironmentLabel ( eg: "production", "staging" ... ) (this allows for multiple environments in same VPC, served by different NAT instances)
	# - ASG: Name=EIP Values=EIP-allocation-id ( eg eipalloc-abcdef12 )
	PATH="/usr/sbin:/sbin:/usr/bin:/bin"
	function log { logger -t "NAT-instance" -- $1; }