Cara Setting Nginx Untuk Traffic Tinggi – Penjelasan Mendalam

Update 06/12/25 · Read 4 min

(Struktur artikel: internal architecture, tuning OS, tuning Nginx, tuning upstream, caching, cluster, anti-DDOS, observability, contoh config production)

Contents

1 🔥 1. Cara Kerja Internal Nginx (Menentukan Konfigurasi)
- 1.1 Model Event-Driven & Non-Blocking
- 1.2 Contoh Sederhana
2 🔧 2. Tuning Kernel Linux (WAJIB PADA TRAFFIC BESAR)
- 2.1 Parameter Penting:
3 ⚙️ 3. Tuning File Descriptor (ulimit)
4 🧱 4. Struktur Nginx Konfigurasi (High-Performance)
- 4.1 worker_processes
- 4.2 Setting Event
5 📁 5. HTTP Level Tuning (Detailed)
- 5.1 Penjelasan:
6 📦 6. Tuning Static Buffer
7 🔁 7. Reverse Proxy Yang Efisien (Backend Node/Go/PHP)
8 ⚡ 8. Load Balancing (High Availability)
- 8.1 Balancer:
9 📚 9. Cache (Membunuh Overhead Backend)
- 9.1 Define cache zone
- 9.2 Enable caching di route
10 🛡️ 10. Security & Anti-DoS (Advanced)
11 📈 11. Monitoring & Tuning Real Time
12 🔍 12. Testing Benchmark High Concurrency
- 12.1 Menggunakan wrk
13 🏆 13. Contoh Konfigurasi PRODUCTION HIGH-TRAFFIC (complete)
14 🎯 14. Kesimpulan Teknikal (Apa yang membedakan konfigurasi high-traffic?)

🔥 1. Cara Kerja Internal Nginx (Menentukan Konfigurasi)

Sebelum mengkonfigurasi Nginx, kita wajib mengerti bagaimana Nginx menangani ribuan koneksi.

Model Event-Driven & Non-Blocking

Nginx tidak membuat 1 thread per koneksi
Nginx memiliki 1 event loop per worker process
Event loop menangani ribuan koneksi sekaligus

Contoh Sederhana

Jika Anda punya server Nginx dengan:

4 CPU Core
worker_process = 4
worker_connections = 65,535

Maka kapasitas maksimum teoritis:

4 * 65535 = ~262.000 koneksi simultan

Dengan memory hanya ± 200–300 MB untuk 200k koneksi.

Kalau Apache?
200k koneksi → 200k thread → server mati.

🔧 2. Tuning Kernel Linux (WAJIB PADA TRAFFIC BESAR)

Edit:

/etc/sysctl.conf

Parameter Penting:

# Maks koneksi di backlog
net.core.somaxconn = 65535

# Maks paket network di queue
net.core.netdev_max_backlog = 65535

# Mempercepat handshake lengkap ketika ada spike traffic
net.ipv4.tcp_syn_retries = 2

# Buffer TCP lebih longgar
net.ipv4.tcp_max_syn_backlog = 4096

# Mengurangi TIME_WAIT (menghemat memory)
net.ipv4.tcp_fin_timeout = 15

# Reuse koneksi
net.ipv4.tcp_tw_reuse = 1

# Port range luas agar server tidak kehabisan port
net.ipv4.ip_local_port_range = 1024 65535

Apply:

sysctl -p

Ini wajib jika server Anda menerima >10.000 koneksi bersamaan.

⚙️ 3. Tuning File Descriptor (ulimit)

Koneksi socket = file.

Jika Anda punya 50.000 koneksi, maka dibutuhkan 50.000 FD.

Set:

ulimit -n 1000000

Systemd service:

LimitNOFILE=1000000

Kalau ini terabaikan, server akan “kehabisan FD” → crash.

🧱 4. Struktur Nginx Konfigurasi (High-Performance)

Mari bedah detail nginx.conf.

worker_processes

worker_processes auto;

Mengikuti jumlah CPU.

Kalau server punya 8 CPU, dia akan otomatis pakai 8 workers.

Setting Event

events {
    use epoll;           # sangat penting untuk Linux
    worker_connections 65535;
    multi_accept on;     # terima banyak koneksi per event loop
}

epoll = high performance kernel polling.
Tanpa ini, Anda hanya memakai mode default (kalah performa).

📁 5. HTTP Level Tuning (Detailed)

http {
    sendfile on;              # Copy kernel level → efisien
    tcp_nopush on;            # Kumpulkan paket kirim sekaligus
    tcp_nodelay on;           # Jangan delay paket kecil (optimisasi paket)
    keepalive_timeout 15;     # Pastikan koneksi hidup secukupnya
    keepalive_requests 2000;  # Banyak request per keepalive
}

Penjelasan:

Setting	Efek
sendfile	I/O kernel direct, tidak lewat user space
tcp_nopush	Optimalisasi burst paket TCP
tcp_nodelay	Cepat mengirim respons kecil
keepalive_requests	Efisiensi CPU & latency

📦 6. Tuning Static Buffer

client_max_body_size       20m;
client_body_buffer_size    128k;
client_header_buffer_size  8k;
large_client_header_buffers 4 32k;

Kegunaan:

Mencegah buffering berlebihan
Mencegah DOS karena request header besar

READ : Nginx vs Apache: Mana yang Lebih Baik untuk Performa Tinggi?

🔁 7. Reverse Proxy Yang Efisien (Backend Node/Go/PHP)

location / {
    proxy_pass http://backend;
    proxy_http_version 1.1;

    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

    proxy_buffering on;
    proxy_buffer_size 128k;
    proxy_buffers 4 256k;
    proxy_busy_buffers_size 512k;

    proxy_read_timeout 60;
    proxy_send_timeout 60;
    proxy_connect_timeout 5;
}

⚡ 8. Load Balancing (High Availability)

upstream backend {
    least_conn;
    server 192.168.1.10 max_fails=3 fail_timeout=20s;
    server 192.168.1.11 max_fails=3 fail_timeout=20s;
    server 192.168.1.12 max_fails=3 fail_timeout=20s;
}

Balancer:

Algoritma	Fungsi
round_robin	rata-rata (default)
least_conn	terbaik untuk traffic tidak rata
ip_hash	untuk session based

Untuk aplikasi realtime → least_conn

📚 9. Cache (Membunuh Overhead Backend)

Define cache zone

proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=cache_zone:200m max_size=10g inactive=60m;

Enable caching di route

location /api/getdata {
    proxy_pass http://backend;
    proxy_cache cache_zone;
    proxy_cache_valid 200 1m;
    proxy_cache_lock on;
}

Efek:

Backend turun load sampai 90%
Response super cepat

🛡️ 10. Security & Anti-DoS (Advanced)

limit_conn_zone $binary_remote_addr zone=conn_ip:10m;
limit_conn conn_ip 50;

limit_req_zone $binary_remote_addr zone=req_ip:10m rate=20r/s;
limit_req zone=req_ip burst=40 nodelay;

Fungsi:

1 IP max 50 koneksi
1 IP max 20 request/s (burst 40)

Server tetap stabil meski kena serangan.

📈 11. Monitoring & Tuning Real Time

Tool recommended:

ngxtop (monitor HTTP stats real-time)
netdata (grafik lengkap)
prometheus + grafana (enterprise)

Hal yang wajib dipantau:

CPU load
RAM
Open FD
Latency P95 / P99
Error rate
Concurrency

🔍 12. Testing Benchmark High Concurrency

Menggunakan `wrk`

wrk -t12 -c20000 -d30s http://yourserver/

Parameter:

12 thread load tester
20.000 koneksi bersamaan
30 detik durasi

Ini yang dipakai industri untuk high performance test.

🏆 13. Contoh Konfigurasi PRODUCTION HIGH-TRAFFIC (complete)

worker_processes auto;

events {
    worker_connections 65535;
    use epoll;
    multi_accept on;
}

http {
    sendfile on;
    tcp_nopush on;
    tcp_nodelay on;

    keepalive_timeout 15;
    keepalive_requests 2000;

    client_max_body_size       20m;
    client_body_buffer_size    128k;
    client_header_buffer_size  8k;
    large_client_header_buffers 4 32k;

    proxy_buffering on;
    proxy_buffer_size 128k;
    proxy_buffers 4 256k;
    proxy_busy_buffers_size 512k;

    upstream backend {
        least_conn;
        server 192.168.1.10;
        server 192.168.1.11;
    }

    server {
        listen 80;

        location / {
            proxy_pass http://backend;
            proxy_http_version 1.1;
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        }
    }
}

🎯 14. Kesimpulan Teknikal (Apa yang membedakan konfigurasi high-traffic?)

Faktor TERPENTING:

Komponen	Dampak
Kernel tuning	tanpa ini bottleneck muncul
epoll	performa tinggi
worker_processes	memanfaatkan semua CPU
worker_connections	ribuan koneksi simultan
Reverse proxy	optimisasi backend
Caching	backend jadi ringan
Load balancing	skalabilitas horizontal
Rate limit	tahan serangan
Monitoring	menghindari downtime