Apache Optimization (linux)

Apache Performance Tuning

There are a number of things that can be done to improve the performance of Apache on a server:

1) Stop apache from doing DNS lookups: HostNameLookups off
2) Modify MaxClients as needed for the traffic. A higher number for more traffic. Also check out StartServers, MaxSpareServers, MinSpareServers, and MaxRequestsPerChild.
3) Comment out any module you don’t need from httpd.conf.
4) Set “AllowOverride none” in httpd.conf if .htaccess files aren’t required. This stops apache from looking in every directory for this file.
5) The fewer “DirectoryIndex” options, the better.
6) Use the mod_mmap_static module, which takes INFREQUENTLY CHANGED pages and places them in memory to avoid disk hits, serve them up faster, etc. By “infrequent”, they mean not frequent enough to bother you, because every time you add a new page or make a change you’ll have to restart Apache.
7) You can use the ext2 filesystem and set the noatime attribute. For one thing, ext3 filesystems are journaled filesystems, which means that every time a file is changed it updates some counter – an additional, time consuming step. Add to that the “noatime” attribute, which stops the OS from recording information in every inode of every file accessed regarding when it was accessed, and you will reap performance benefits.
8) recompile Apache on the machine it will be used on. This may be necessary for step 1 if mod_mmap_staic isn’t already compiled in.
9) change the TCP/IP settings for (recommended vals are in parentheses):
a. tcp_fin_timeout (180)
b. tcp_keepalive_time (7200)
c. tcp_window_scaling (1)
d. tcp_sack (1)
e. tcp_timestamps (1)
10) Recompile the kernel into a tight, fast, smaller binary. Compile the appropriate drivers directly into the kernel – this will take some thinking/trying to determine what to compile I and what to make a module.
11) Turn off or remove selinux from the server (not sure if disabling gives you the performance gains of outright removing) – more security always means slower systems. You can reasonably rely on the firewall and good sys-admin practices – other than removing selinux – to secure the system.
12) stop all non-critical processes. Don’t expect a miracle here, because sendmail, for example, doesn’t eat up hardly any resources just sitting there waiting for connections. It does increase the size process tree, which might become an issue on a slammed system.
13) for highly accessed, slammed systems, increase the ip_local_port_range parameter to “32768 61000” (requires restart of network)
14) Modify the bdflush parameter – this causes the system to wait a little longer between regular writes to disk from cache.