Get the most out of your Centmin Mod LEMP stack
Become a Member

Beta Branch update Nginx optional kTLS routines in 123.09beta01

Discussion in 'Centmin Mod Github Commits' started by eva2000, Feb 28, 2022.

  1. eva2000

    eva2000 Administrator Staff Member

    54,384
    12,198
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,763
    Local Time:
    11:58 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    update Nginx optional kTLS routines in 123.09beta01

    - various fixes in Nginx configuration routines to support optional Nginx Kernel TLS as outlined at https://www.nginx.com/blog/improving-nginx-performance-with-kernel-tls/. The routines only take care of Nginx side kTLS support, end user would still need to manually install a newer Linux 5.x kernel reboot server and enable kTLS on the system
    - unfortunately current testing on CentOS 7 with Linux 5.16 Kernel hasn't shown any benefits when compiled with required OpenSSL 3.0.1 compared to without Nginx kTLS/OpenSSL 3.0.1 using default OpenSSL 1.1.1. So not much use to enable it other than for revising regression testing in future. Note OpenSSL 3.0.1 seems to have less performance than default Centmin Mod Nginx built OpenSSL 1.1.1 already so that might contribute to it.

    Continue reading...


    123.09beta01 branch
     
  2. rdan

    rdan Well-Known Member

    5,444
    1,408
    113
    May 25, 2014
    Ratings:
    +2,201
    Local Time:
    9:58 AM
    Mainline
    10.2
  3. rdan

    rdan Well-Known Member

    5,444
    1,408
    113
    May 25, 2014
    Ratings:
    +2,201
    Local Time:
    9:58 AM
    Mainline
    10.2
    So to test this, I need to add:
    NGINX_KTLS='y'
     
  4. rdan

    rdan Well-Known Member

    5,444
    1,408
    113
    May 25, 2014
    Ratings:
    +2,201
    Local Time:
    9:58 AM
    Mainline
    10.2
    Is it intended that config:
    isn't added automatically?
     
  5. eva2000

    eva2000 Administrator Staff Member

    54,384
    12,198
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,763
    Local Time:
    11:58 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Yes it's manually added right now.