If you plan to run a Netdata public on the internet, you will get the most performance out of it by following these rules:
1. run behind nginx
The internal web server is optimized to provide the best experience with few clients connected to it. Normally a web browser will make 4-6 concurrent connections to a web server, so that it can send requests in parallel. To best serve a single client, Netdata spawns a thread for each connection it receives (so 4-6 threads per connected web browser).
If you plan to have your Netdata public on the internet, this strategy wastes resources. It provides a lock-free environment so each thread is autonomous to serve the browser, but it does not scale well. Running Netdata behind nginx, idle connections to Netdata can be reused, thus improving significantly the performance of Netdata.
In the following nginx configuration we do the following:
- allow nginx to maintain up to 1024 idle connections to Netdata (so Netdata will have up to 1024 threads waiting for requests)
- allow nginx to compress the responses of Netdata (later we will disable gzip compression at Netdata)
- we disable wordpress pingback attacks and allow only GET, HEAD and OPTIONS requests.
/etc/netdata/netdata.conf and set these config options:
[global].bind socket to IP = 127.0.0.1makes Netdata listen only for requests from localhost (nginx).
[global].access log = nonedisables the access.log of Netdata. It is not needed since Netdata only listens for requests on 127.0.0.1 and thus only nginx can access it. nginx has its own access.log for your record.
[global].disconnect idle web clients after seconds = 3600will kill inactive web threads after an hour of inactivity.
[global].enable web responses gzip compression = nodisables gzip compression at Netdata (nginx will compress the responses).
2. increase open files limit (non-systemd)
By default Linux limits open file descriptors per process to 1024. This means that less than half of this number of client connections can be accepted by both nginx and Netdata. To increase them, create 2 new files:
/etc/security/limits.d/nginx.conf, with these contents:
/etc/security/limits.d/netdata.conf, with these contents:
and to activate them, run:
2b. increase open files limit (systemd)
Thanks to @leleobhz, this is what you need to raise the limits using systemd:
This is based on https://ma.ttias.be/increase-open-files-limit-in-mariadb-on-centos-7-with-systemd/ and here worked as following:
- Create the folders in /etc:
- Create limits.conf in each folder as following:
- Reload systemd daemon list and restart services:
You can check limits with following commands:
View of the files: