PM2 & Nginx: High-Performance Node.js

Introduction : The "Ferrari in First Gear" Problem

Imagine buying a Ferrari and never shifting out of first gear. You have the power, but you aren't using it. This is exactly what happens when you run a Node.js application on a high-end Dedicated Server using the default settings. Node.js is Single-Threaded. This means if you buy a powerful 32-Core Server from ServerMO and run your app using node app.js, it will use only 1 CPU core. The other 31 cores sit idle, doing absolutely nothing, while your users experience slow load times during traffic spikes.

This guide changes that. We will show you how to deploy a Production-Ready Node.js environment that:

• Unlocks 100% of your CPU using PM2 Cluster Mode.
• Handles high traffic efficiently with Nginx.
• Secures your data with free SSL.

Prerequisites

Before we begin, ensure you have:

• A Dedicated Server or high-performance VPS (Ubuntu 20.04/22.04 or AlmaLinux).
• Root Access (SSH).
• A valid Domain Name pointing to your server IP.

Step 1: Install Node.js the "Right" Way (Using NVM)

Most tutorials tell you to run apt install nodejs. Don't do this. The default system repositories often contain outdated, unsupported versions of Node.js. Instead, we will use NVM (Node Version Manager). This allows you to install the latest Long-Term Support (LTS) version and switch versions easily without permission errors.

1. Update your system:
   sudo apt update && sudo apt upgrade -y
2. Install NVM: Use the official install script (this works on both Ubuntu and AlmaLinux):
   curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.7/install.sh | bash
3. Install Node.js LTS (Long Term Support): This installs the latest stable version recommended for production.
   nvm install --lts
4. Verify the installation: Check if Node is running correctly.
   node -v
   npm -v
   (You should see a version like v20.x.x or v22.x.x)

Step 2: Unlock the Beast with PM2 Clustering

This is the most critical step. We are going to install PM2 (Process Manager 2), but we won't just use it to keep the app alive. We will use it to load balance traffic across every CPU core your server has.

1. Install PM2 Globally:
   npm install -g pm2


2. The Standard Way (Don't do this): If you run pm2 start app.js, PM2 starts one instance of your app.
   • On a 32-Core server, 1 core works and 31 cores sleep.
   • Performance: Low.


3. The High-Performance Way (Do this): We use the Cluster Mode flag (-i). Run this command inside your application folder:
   pm2 start app.js -i max
   What just happened?
   • The -i max flag tells PM2 to detect the number of available CPU cores.
   • It automatically spawns one instance of your app per core.
   • If you have 8 cores, you now have 8 app instances running simultaneously.
   • PM2 automatically load balances incoming traffic between these instances.


4. Verify the Cluster: Run this command to see your CPU utilization:
   pm2 list
   You should see multiple instances (e.g., app-0, app-1, app-2...) all with status online.


5. Zero-Downtime Reloads: When you update your code, don't stop the server. Use reload to restart instances one by one, keeping your site online:
   pm2 reload all


6. Make it Permanent (Startup Script): If your dedicated server reboots, your app needs to start automatically.
   pm2 startup
   Copy and paste the command PM2 displays in your terminal. Then, save the current list:
   pm2 save

Step 3: Configuring Nginx as a High-Speed Reverse Proxy

Your app is running on Port 3000, but users shouldn't type yourdomain.com:3000. They should just type yourdomain.com. We will use Nginx to handle incoming traffic on Port 80, compress it for speed, and forward it to your Node.js cluster.

1. Install Nginx:
   sudo apt install nginx -y


2. Create a Configuration File: Don't edit the default file. Create a new one for your domain.
   sudo nano /etc/nginx/sites-available/yourdomain.com


3. The Optimized Configuration (Copy & Paste): This config does more than just forward traffic. It enables Gzip Compression (for faster loading) and supports WebSockets (real-time features).
   Replace yourdomain.com with your actual domain name.
   server { listen 80; server_name yourdomain.com www.yourdomain.com; gzip on; gzip_types text/plain application/xml; location / { proxy_pass http://127.0.0.1:3000; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; proxy_set_header Host $host; } }


4. Enable the Site: Create a symbolic link to the sites-enabled folder:
   sudo ln -s /etc/nginx/sites-available/yourdomain.com /etc/nginx/sites-enabled/


5. Test & Restart: Always check for syntax errors before restarting.
   sudo nginx -t
   If you see "Syntax OK", restart Nginx:
   sudo systemctl restart nginx
   Now, visit http://yourdomain.com. You should see your Node.js app running perfectly!

Step 4: The Iron Dome (Firewall Security)

Right now, your Node.js app is exposed on Port 3000. Hackers love open ports. We need to close everything and only allow traffic through Nginx (Port 80/443) and SSH (Port 22).

1. Install UFW (Uncomplicated Firewall): Most Ubuntu servers have this pre-installed.
   sudo apt install ufw
2. Allow SSH (Critical Step): Warning: If you skip this, you will lock yourself out of the server!
   sudo ufw allow ssh
3. Enable the Firewall:
   sudo ufw enable
   Press y and hit Enter.
4. Verify: Check the status. You should see that Port 3000 is not listed (which means it's blocked from the outside world).
   sudo ufw status

Step 5: Free SSL with Certbot (HTTPS)

Google ranks secure sites higher. We will use Let's Encrypt to get a free SSL certificate that auto-renews.

1. Install Certbot:
   sudo apt install certbot python3-certbot-nginx -y
2. Get the Certificate: Run this command and follow the instructions (Enter email, Agree to Terms).
   sudo certbot --nginx -d yourdomain.com -d www.yourdomain.com
3. Automatic Renewal : Certbot automatically adds a timer to renew your certificate before it expires. You don't need to do anything else!