Project Konfigurasi Webserver dengan Jumlah Visitor yang Tinggi

Project Konfigurasi Webserver dengan Nginx + Https - ITLampung.Com - mungkin ini pengalaman yang bisa saya share kepada teman-teman followers ITLampung.Com

Diawal januari 2016 ada seorang teman menghubungi saya karena websitenya di suspend di tempat hosting yang dia sewa dan meminta bantuan untuk mencari solusinya karena aplikasi yang digunakan membuat server down, karena seluruh resource server terpakai. :ngerii.. dan memang aplikasi ini diakses oleh 1700member aktif yang login dan melakukan aktifitas didalamnya

Langsung saya order standard package VPS dengan kapasitas :
  • HDD 100GB
  • RAM 4GB
  • Processor 6 Core
Saya coba koordinasikan kepada pihak hosting untuk dibantu membackup seluruh data web dan database agar bisa didownload secara langsung.

Domain yang digunakan langsung saya rubah A record www dengan IP VPS yang baru.

System Operasi :
 root@serv-01:~# cat /etc/issue  
 Ubuntu 14.04.3 LTS \n \l  

 root@serv-01:~# uname -a
 Linux serv-01 3.19.0-25-generic #26~14.04.1-Ubuntu SMP Fri Jul 24 21:16:20 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux
 root@serv-01:~# 

Module PHP :
 root@serv-01:~# dpkg -l |grep php5-  
 ii php5-apcu              4.0.2-2build1            amd64    APC User Cache for PHP 5  
 ii php5-cgi              5.5.9+dfsg-1ubuntu4.14       amd64    server-side, HTML-embedded scripting language (CGI binary)  
 ii php5-cli              5.5.9+dfsg-1ubuntu4.14       amd64    command-line interpreter for the php5 scripting language  
 ii php5-common             5.5.9+dfsg-1ubuntu4.14       amd64    Common files for packages built from the php5 source  
 ii php5-curl              5.5.9+dfsg-1ubuntu4.14       amd64    CURL module for php5  
 ii php5-fpm              5.5.9+dfsg-1ubuntu4.14       amd64    server-side, HTML-embedded scripting language (FPM-CGI binary)  
 ii php5-gd               5.5.9+dfsg-1ubuntu4.14       amd64    GD module for php5  
 ii php5-gmp              5.5.9+dfsg-1ubuntu4.14       amd64    GMP module for php5  
 ii php5-imap              5.4.6-0ubuntu5           amd64    IMAP module for php5  
 ii php5-json              1.3.2-2build1            amd64    JSON module for php5  
 ii php5-mcrypt             5.4.6-0ubuntu5           amd64    MCrypt module for php5  
 ii php5-memcache            3.0.8-4build1            amd64    memcache extension module for PHP5  
 ii php5-mysql             5.5.9+dfsg-1ubuntu4.14       amd64    MySQL module for php5  
 ii php5-readline            5.5.9+dfsg-1ubuntu4.14       amd64    Readline module for php5  
 ii php5-tidy              5.5.9+dfsg-1ubuntu4.14       amd64    tidy module for php5  
 ii php5-xmlrpc             5.5.9+dfsg-1ubuntu4.14       amd64    XML-RPC module for php5  
 ii php5-xsl              5.5.9+dfsg-1ubuntu4.14       amd64    XSL module for php5  
 root@serv-01:~#

Web Server :
 root@serv-01:~# dpkg -l |grep apache2  
 ii apache2               2.4.7-1ubuntu4.9          amd64    Apache HTTP Server  
 ii apache2-bin             2.4.7-1ubuntu4.9          amd64    Apache HTTP Server (binary files and modules)  
 ii apache2-data            2.4.7-1ubuntu4.9          all     Apache HTTP Server (common files)  
 ii libapache2-mod-auth-mysql      4.3.9-13.1ubuntu3          amd64    Apache 2 module for MySQL authentication  
 ii libapache2-mod-php5         5.5.9+dfsg-1ubuntu4.14       amd64    server-side, HTML-embedded scripting language (Apache 2 module)   root@serv-01:~#

JavaScript :
 root@serv-01:~# dpkg -l |grep libjs  
 ii libjs-codemirror          2.23-1               all     JavaScript editor interface for code-like content  
 ii libjs-jquery            1.7.2+dfsg-2ubuntu1         all     JavaScript library for dynamic web applications  
 ii libjs-jquery-cookie         8-2                 all     jQuery cookie plugin  
 ii libjs-jquery-event-drag       8-2                 all     jQuery Event Drag  
 ii libjs-jquery-metadata        8-2                 all     jQuery plugin for parsing metadata from elements  
 ii libjs-jquery-mousewheel       8-2                 all     jQuery Mousewheel Plugin  
 ii libjs-jquery-tablesorter      8-2                 all     Flexible client-side table sorting  
 ii libjs-jquery-ui           1.10.1+dfsg-1            all     JavaScript UI library for dynamic web applications  
 ii libjs-underscore          1.4.4-2ubuntu1           all     JavaScript's functional programming helper library  
 ii libjson-c2:amd64          0.11-3ubuntu1.2           amd64    JSON manipulation library - shared library  
 ii libjson0:amd64           0.11-3ubuntu1.2           amd64    JSON manipulation library (transitional package)  

Ada beberapa kendala yang dialami saat menggunakan Apache2 :
  • CPU load disetiap core = full
  • RAM usage = full
Saya coba melakukan beberapa tuneup configurasi pada apache2 dan mysql, upgrade core dan ram namun hasilnya nihil, setelah googling sana sini, bahwa sangat percuma dan percuma melakukan tuneup pada server ketika CPU Load full, tanpa kita mencari tau penyebab (akar permasalahan kenapa seluruh core full 100%)

Mungkin ini yang dirasakan pihak Hosting, bahwa server mereka down gara-gara aplikasi ini, yang memakan seluruh resource server. Hihi... :D

Akhirnya saya coba putuskan untuk beralih menggunakan Nginx, dari beberapa pengalaman yang pernah menggunakannya, bahwa Webserver satu ini lebih baik dibandingkan dengan apache2 (sempet gak percaya, tapi gak ada salahnya dicoba dengan minim pengetahuan apa itu Nginx). :D


Lanjut.

2 Minggu mencoba cari tau apa itu nginx, sampai pada forum-forum yang ada di luar negeri dan dalam negeri coba untuk dijajaki, dan dari kesimpulan yang saya baca ada beberapa hal yang harus dilakukan.
  • Install Nginx dan php5-fpm
    • apt-get install nginx php5-fpm
  • Install SSL (Menggunakan Comodo)
    • Lebih secure dan lebih elegan jika diakses.

  • Tune file /etc/php5/fpm/pool.d/www.conf
    • Untuk menghindari terjadinya "Bad Gateway"
Konfigurasi Nginx.Conf
 http   
    {  
    ....  
     fastcgi_buffers 8 16k;  
     fastcgi_buffer_size 32k;  
     fastcgi_connect_timeout 300;  
     fastcgi_send_timeout 300;  
     fastcgi_read_timeout 300;  
    ....  
    ....  
     access_log off;  
     error_log /dev/null crit;  
    ....  
    ....  


Konfigurasi SSL Nginx /etc/nginx/site-enable/default
 server {  
     listen         80;  
     server_name       www.mydomain.com;  
     rewrite ^ https://$host$request_uri? permanent;  
     root /home/uswebsite/public_html/;  
     index index.html index.htm index.php index2.html index1.html index.nginx-debian.html;  
     location / {  
         try_files $uri $uri/ /index.html;  
     }  
     location ~ \.php$ {  
         try_files $uri =404;  
         fastcgi_pass unix:/var/run/php5-fpm.sock;  
         fastcgi_index index.php;  
         fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;  
         include fastcgi_params;      
     }  
 }  

 server {  
     listen         443 ssl;  
     server_name       www.mydomain.com;  
     ssl_certificate     /etc/nginx/ssl-dir/ssl-bundle.crt;  
     ssl_certificate_key   /etc/nginx/ssl-dir/mydomain.key;  

     #enables all versions of TLS, but not SSLv2 or 3 which are weak and now deprecated.  
     ssl_protocols TLSv1 TLSv1.1 TLSv1.2;  

     #Disables all weak ciphers  
     ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDH  
 E-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384  
 :AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";  

     ssl_prefer_server_ciphers on;  
     root /home/uswebsite/public_html/;  
     index index.html index.htm index.php index2.html index1.html index.nginx-debian.html;  
     location / {  
         try_files $uri $uri/ /index.html;  
     }  
     location ~ \.php$ {  
         try_files $uri =404;  
         fastcgi_pass unix:/var/run/php5-fpm.sock;  
         fastcgi_index index.php;  
         fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;  
         include fastcgi_params;      
     }  
 }  

Tune file /etc/php5/fpm/pool.d/www.conf
 ; The number of child processes to be created when pm is set to 'static' and the  
 ; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'.  
 ; This value sets the limit on the number of simultaneous requests that will be  
 ; served. Equivalent to the ApacheMaxClients directive with mpm_prefork.  
 ; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP  
 ; CGI. The below defaults are based on a server without much resources. Don't  
 ; forget to tweak pm.* to fit your needs.  
 ; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand'  
 ; Note: This value is mandatory.  
 pm.max_children = 16  
 ; The number of child processes created on startup.  
 ; Note: Used only when pm is set to 'dynamic'  
 ; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2  
 pm.start_servers = 2  
 ; The desired minimum number of idle server processes.  
 ; Note: Used only when pm is set to 'dynamic'  
 ; Note: Mandatory when pm is set to 'dynamic'  
 pm.min_spare_servers = 1  
 ; The desired maximum number of idle server processes.  
 ; Note: Used only when pm is set to 'dynamic'  
 ; Note: Mandatory when pm is set to 'dynamic'  
 pm.max_spare_servers = 3  
 ; The number of seconds after which an idle process will be killed.  
 ; Note: Used only when pm is set to 'ondemand'  
 ; Default Value: 10s  
 pm.process_idle_timeout = 3s;  
 ; The number of requests each child process should execute before respawning.  
 ; This can be useful to work around memory leaks in 3rd party libraries. For  
 ; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.  
 ; Default Value: 0  
 pm.max_requests = 500  

Hasil Akhir 

Penggunaan memory yang kecil dan penggunaan core yang sangat stabil, lebih responsif , dan sangat terlihat jelas perbedaannya, recomended banget.

Kedepan Nginx akan selalu saya gunakan dan pelajari lebih dalam, mengingat server-server berita/forum yang sudah ribuan visitornya menggunakan aplikasi ini sebagai web server andalan mereka.

Contoh detik.com
 aziz@Aziz:~$ telnet detik.com 80  
 Trying 203.190.241.43...  
 Connected to detik.com.  
 Escape character is '^]'.  
 ehlo  
 HTTP/1.1 400 Bad Request  
 Server: nginx/id17  
 Date: Sun, 14 Feb 2016 09:19:01 GMT  
 Content-Type: text/html  
 Content-Length: 171  
 Connection: close  
 <html>  
 <head><title>400 Bad Request</title></head>  
 <body bgcolor="white">  
 <center><h1>400 Bad Request</h1></center>  
 <hr><center>nginx/id17</center>  
 </body>  
 </html>  
 Connection closed by foreign host.  
 aziz@Aziz:~$   

Contoh kaskus.co.id
 aziz@Aziz:~$ telnet kaskus.co.id 80  
 Trying 103.6.117.2...  
 Connected to kaskus.co.id.  
 Escape character is '^]'.  
 ehlo  
 HTTP/1.1 400 Bad Request  
 Server: nginx  
 Date: Sun, 14 Feb 2016 09:21:10 GMT  
 Content-Type: text/html  
 Content-Length: 166  
 Connection: close  
 <html>  
 <head><title>400 Bad Request</title></head>  
 <body bgcolor="white">  
 <center><h1>400 Bad Request</h1></center>  
 <hr><center>nginx</center>  
 </body>  
 </html>  
 Connection closed by foreign host.  
 aziz@Aziz:~$   

Penggunaan Core dan RAM yang cukup stabil
Nginx,..? kerennss....!!!

Subscribe to receive free email updates:

1 Response to "Project Konfigurasi Webserver dengan Jumlah Visitor yang Tinggi"

Tinggalkan jejak agan dihalaman komentar dibawah ini.. Jangan lupa :)

- ITLampung.Com