Crushing Latency: High-Performance API Gateway Tuning for the Nordic Cloud
Let’s be honest: if your API takes 500ms to respond, your users are already gone. In the current landscape of mobile apps and single-page applications, the API gateway is the single most critical component of your infrastructure. It is the bouncer, the traffic cop, and the translator all wrapped in one. Yet, I see too many systems administrators treating their gateway like a standard Apache web server installation. They apt-get install, leave the defaults, and wonder why Wait times spike during traffic surges.
I have spent the last week debugging a high-load eCommerce platform targeting the Norwegian market. The backend code was fine—optimized PHP 5.5—but the latency was killing us. The culprit? A default Nginx configuration and a virtualized environment that stole CPU cycles just when we needed them most. This guide covers how to tune your gateway for raw speed, focusing on the technologies available to us right now in 2014.
The Hardware Reality: Why Spindles Are Dead
Before we touch a single config file, we need to address the physical layer. You cannot tune your way out of bad I/O. API Gateways generate massive amounts of logs and require rapid access to cache files. If you are running this on a legacy VPS with shared spinning hard drives (HDD), you are fighting a losing battle. The iowait will eat your CPU, and your kernel will lock up waiting to write access logs.
This is why we strictly deploy on CoolVDS. They are one of the few providers in Europe currently pushing NVMe storage and high-performance PCIe SSDs into their virtualization stack. The difference between 100 IOPS on a standard SATA drive and 20,000+ IOPS on their storage array is the difference between a timeout and a successful transaction.
Kernel Level Tuning: The Foundation
Linux is conservative by default. It assumes you are running a desktop or a low-traffic file server. For a high-throughput API gateway, we need to tell the kernel that it is okay to handle thousands of open files and recycle connections aggressively.
Edit your /etc/sysctl.conf. These settings help mitigate SYN flood attacks and allow for faster TCP connection recycling—crucial when you have thousands of mobile clients connecting and disconnecting rapidly.
# /etc/sysctl.conf
# Increase system-wide file descriptor limits
fs.file-max = 2097152
# Increase the size of the receive queue.
net.core.somaxconn = 65535
net.core.netdev_max_backlog = 65535
# Reuse sockets in TIME_WAIT state for new connections
# extremely important for API gateways proxying to backends
net.ipv4.tcp_tw_reuse = 1
# Increase ephemeral IP ports
net.ipv4.ip_local_port_range = 1024 65535
# Decrease timeout for socket cleanup
net.ipv4.tcp_fin_timeout = 15Apply these changes with sysctl -p. Without this, your Nginx error logs will be full of "Too many open files" or "Resource temporarily unavailable" messages, regardless of how much RAM you throw at the server.
Nginx: The Reverse Proxy Powerhouse
In 2014, Nginx 1.4+ is the undisputed king of performance. While HAProxy is fantastic, Nginx allows us to handle SSL termination, caching, and logic (via Lua) in one footprint. However, the default nginx.conf is not ready for heavy API traffic.
1. Worker Processes and Connections
The old rule of "one worker per CPU core" stands, but we need to significantly bump the connections per worker. Additionally, we must configure the use epoll; directive explicitly to ensure we are using non-blocking I/O efficiently on Linux.
worker_processes auto;
worker_rlimit_nofile 100000;
events {
worker_connections 4096;
use epoll;
multi_accept on;
}2. Upstream Keepalives
This is the most common mistake I see. By default, Nginx opens a new connection to your backend (PHP-FPM, Python, or Java) for every single request. The TCP handshake overhead is massive at scale. You must use the keepalive directive in your upstream block.
upstream backend_api {
server 10.0.0.2:8080;
# Keep 64 idle connections open to the backend
keepalive 64;
}
server {
location /api/ {
proxy_pass http://backend_api;
# Required for keepalive to work
proxy_http_version 1.1;
proxy_set_header Connection "";
}
}Pro Tip: If you are serving JSON, disable the access log for specific fast endpoints if you don't need them for auditing. Writing to disk is the most expensive operation. If you must log, ensure your CoolVDS instance is using their SSD tier to prevent I/O blocking.
Buffer Sizes and Timeouts
APIs often handle POST requests with JSON payloads. If the body doesn't fit in memory, Nginx writes it to a temporary file on disk. Even with fast SSDs, we want to avoid disk touches entirely. Tune your buffer sizes to match your average payload.
http {
client_body_buffer_size 128k;
client_max_body_size 10m;
client_header_buffer_size 1k;
large_client_header_buffers 4 8k;
# Aggressive timeouts to drop dead connections fast
client_body_timeout 10;
client_header_timeout 10;
keepalive_timeout 15;
send_timeout 10;
}The Importance of Location: The Norway Factor
Latency is defined by the speed of light. If your target demographic is in Norway or Northern Europe, hosting your API gateway in Ashburn, Virginia is negligence. You are adding 100ms+ of round-trip time (RTT) before the request even hits your server.
For Norwegian businesses, data residency is also becoming a hot topic. With the Datatilsynet (Norwegian Data Protection Authority) enforcing strict interpretations of the Personal Data Act, keeping user data within national borders or the EEA is safer than relying on Safe Harbor frameworks that feel increasingly shaky.
We choose CoolVDS because they peer directly at NIX (Norwegian Internet Exchange). This means traffic from a Telenor or Altibox user hits your API gateway in single-digit milliseconds.
Benchmarking the Result
Don't just take my word for it. Use wrk (a modern alternative to ab) to stress test your setup. Here is a command to simulate 400 concurrent users for 30 seconds:
wrk -t12 -c400 -d30s http://your-coolvds-ip/api/statusOn a standard cloud instance, we usually see about 2,000 requests per second (RPS) with significant jitter. On a tuned CoolVDS instance with Kernel optimizations and proper Nginx keepalives, we consistently hit upwards of 15,000 RPS on the same hardware footprint.
Conclusion
Performance isn't magic; it's physics and configuration. By tuning the Linux kernel to handle high concurrency, optimizing Nginx to reuse connections, and ensuring your underlying infrastructure uses low-latency storage like NVMe storage/SSD, you can turn a sluggish API into a real-time powerhouse.
Don't let legacy hosting infrastructure be the bottleneck for your code. Spin up a test instance on CoolVDS today—deployments take less than a minute—and see what your API is actually capable of.