SlideShare uma empresa Scribd logo

ITB2019 NGINX Overview and Technical Aspects - Kevin Jones

Ortus Solutions, Corp
Ortus Solutions, Corp

I will be giving a brief overview of the history of NGINX along with an overview of the features and functionality in the project as it stands today. I will give some real use case of example of how NGINX can be used to solve problems and eliminate complexity within infrastructure. I will then dive into the future of the modern web and how NGINX is monitoring and leveraging industry changes to enhance the product for individuals and companies in the industry.

Tecnologia
1 de 46
Baixar para ler offline

 NGINX Overview and Technical Aspects Into The Box 2019
Introduction to NGINX and the Application Platform Getting Started! Examples NGINX Controller / Demo (if time persists) 1 2 3 4 Agenda Q&A5
Introduction
“I wanted people to use it, so I made it open source.” - Igor Sysoev, NGINX creator and founder
450 million Total sites running on NGINX and counting… Source: Netcraft March 2018 Web Server Survey
56% of the Top 100,000 most popular websites Source: : W3Techs Web Technology Survey137
High Performance Webserver and Reverse Proxy Web Server
#nginx #nginxconf8 Core NGINX (F/OSS) HTTP2 JSON Logging Stream Module (TCP… UDP) Multi Datagram UDP Support Thread Pools Dynamic Modules JavaScript Module for NGINX ECC Certificate Support Linux Enhancements The Developmental Pillars Continued commitment to Community and Enterprise… NGINX Plus All of Core Plus: DNS SRV Record Support JWT Support (Auth) ModSecurity 3.0 WAF Application Health Checks High Availability Support Configuration Sync Dynamic Reconfiguration (API) Key Value Store (API) Live Activity Monitoring (API) Cache Management (API)
Flawless Application Delivery for the Modern Web Load Balancer Content Cache WebServer Monitoring & Management Security Controls
About NGINX, Inc. • Founded in 2011, NGINX Plus first released in 2013 • VC-backed by enterprise software industry leaders • Offices in SF, London, Cork, Japan, Singapore, Sydney, and Moscow • 1,600+ commercial customers • 200+ employees
Our Customers
NGINX Application Platform A suite of technologies to develop and deliver digital experiences that span from legacy, monolithic apps to modern, microservices apps.
Today’s App Infrastructure Is Complex 13
NGINX Simplifies, Cuts Costs up to 80% 14
#nginx #nginxconf15 • Static Content (Web Server) • TCP/UDP Load Balancing (L4) • HTTP Load Balancing (L7) • Reverse Proxy (Advanced L7 Routing) • Security Controls • Media Delivery (VOD and Live Streaming) • HTTP Content Caching • Modularity (Extendable via Modules, Scripting) Complete Application Delivery Platform
Getting Started!
NGINX Installation: Debian/Ubuntu deb http://nginx.org/packages/mainline/OS/ CODENAME nginx deb-src http://nginx.org/packages/mainline/OS/ CODENAME nginx Create /etc/apt/sources.list.d/nginx.list with the following contents: • OS – ubuntu or debian depending on your distro • CODENAME: - jessie or stretch for debian - trusty, xenial, artful, or bionic for ubuntu $ wget http://nginx.org/keys/nginx_signing.key $ apt-key add nginx_signing.key $ apt-get update $ apt-get install –y nginx $ /etc/init.d/nginx start
NGINX Installation: CentOS/Red Hat [nginx] name=nginx repo baseurl=http://nginx.org/packages/mainline/OS/OSRELEASE/$basearch/ gpgcheck=0 enabled=1 Create /etc/yum.repos.d/nginx.repo with the following contents: • OS -- rhel or centos depending on your distro • OSRELEASE -- 6 or 7 for 6.x or 7.x versions, respectively $ yum –y install nginx $ systemctl enable nginx $ systemctl start nginx $ firewall-cmd --permanent --zone=public --add-port=80/tcp $ firewall-cmd --reload
NGINX Plus Installation • Visit cs.nginx.com/repo_setup • Select OS from drop down list • Instructions similar to OSS installation • Mostly just using a different repo and installing client certificate
Verifying Installation $ nginx -v nginx version: nginx/1.15.0 $ ps -ef | grep nginx root 1088 1 0 19:59 ? 00:00:00 nginx: master process /usr/sbin/nginx -c /etc/nginx/ nginx.conf nginx 1092 1088 0 19:59 ? 00:00:00 nginx: worker process
Verifying Installation
server { listen <parameters>; location <url> { ---------------- } } upstream { ------------------- } server { listen <parameters>; location <url> { ---------------- } } upstream { ------------------- } Key NGINX Files and Directories /etc/nginx/ ------------------------ -- ------------------------ -- http { ---------------------- include conf.d/ *.conf; } Global settings 
 (tunings, logs, etc) HTTP block nginx.conf virtualserver1.conf server { listen <parameters>; location <url> { ---------------- } } upstream { ------------------- } /etc/nginx/conf.d/ /var/log/nginx/ error.log access.log Important operational messages Record of each request (configurable) Listen for requests Rules to handle each request Optional: proxy to upstreams
Key NGINX Commands • nginx –h Display NGINX help menu • nginx –t Check if NGINX configuration is ok • nginx –s reload Check config is ok and gracefully reload NGINX processes • nginx –V Similar to –v, but with more detailed information • nginx –T Dump full NGINX configuration
Examples
Simple Virtual Server server { listen 80 default_server; server_name www.example.com; return 200 “Hello World!”; } • server defines the context for a virtual server • listen specifies IP/port NGINX should listen on. No IP means bind to all IPs on system • server_name specifies hostname of virtual server • return tells NGINX to respond directly to the request.
Basic Web Server Configuration server { listen 80 default_server; server_name www.example.com; location /web/ { root /usr/share/nginx/html; index index.html index.htm; } } • index: www.example.com -> /usr/share/nginx/html/index.html • root: www.example.com/i/file.txt -> /usr/share/nginx/html/i/file.txt • alias: www.example.com/i/file.txt -> /usr/share/nginx/html/file.txt • root specifies directory where files are stored • index defines files that will be used as an index
Basic Load Balancing Configuration upstream my_upstream { server server1.example.com; server server2.example.com; least_time; } server { location / { proxy_set_header Host $host; proxy_pass http://my_upstream; } } • upstream defines the load balancing pool • Default load balancing algorithm is round robin. Others available: • least_conn selects server with least amount of active connections • least_time factors in connection count and server response time. Available in NGINX Plus only. • proxy_pass links virtual server to upstream • By default NGINX rewrites Host header to name and port of proxied server. proxy_set_header overrides and passes through original client Host header.
Basic Reverse Proxy Configuration server { location ~ ^(.+.php)(.*)$ { fastcgi_split_path_info ^(.+.php)(.*)$; # fastcgi_pass 127.0.0.1:9000; fastcgi_pass unix:/var/run/php7.0-fpm.sock; fastcgi_index index.php; include fastcgi_params; } } • Requires PHP FPM: apt-get install –y php7.0- fpm • Can also use PHP 5 • Similar directives available for uWSGI and SCGI. • Additional PHP FPM configuration may be required
Basic Caching Configuration proxy_cache_path /path/to/cache levels=1:2 keys_zone=my_cache:10m max_size=10g inactive=60m use_temp_path=off; server { location / { proxy_cache my_cache; proxy_set_header Host $host; proxy_pass http://my_upstream; } } • proxy_cache_path defines the parameters of the cache. • keys_zone defines the size of memory to store cache keys in. A 1 MB zone can store data for about 8,000 keys. • max_size sets upper limit of cache size. Optional. • inactive defines how long an object can stay in cache without being accessed. Default is 10 m. • proxy_cache enables caching for the context it is in
Basic SSL Configuration server { listen 80 default_server; server_name www.example.com; return 301 https:// $server_name$request_uri; } server { listen 443 ssl default_server; server_name www.example.com; ssl_certificate cert.crt; ssl_certificate_key cert.key; location / { root /usr/share/nginx/html; index index.html index.htm; } } • Force all traffic to SSL is good for security and SEO • Use Let’s Encrypt to get free SSL certificates, see: nginx.com/ blog/using-free-ssltls- certificates-from-lets- encrypt-with-nginx
Multiplexing Multiple Sites on One IP server { listen 80 default_server; server_name www.pizza.com; # ... } server { listen 80; server_name www.tacos.com; # ... } server { listen 80; server_name www.sushi.com; # ... } • NGINX can multiplex a single IP/ port using the Host: header. • default_server defines the virtual server to use if Host header is empty. It is best practice to have a default_server.
Layer 7 Request Routing server { # ... location /service1 { proxy_pass http://upstream1; } location /service2 { proxy_pass http://upstream2; } location /service3 { proxy_pass http://upstream3; } } • location blocks are used to do Layer 7 routing based on URL • Regex matching can also be used in location blocks
Modifications to main nginx.conf user nginx; worker_processes auto; # ... http { # ... keepalive_timeout 300s; keepalive_requests 100000; } • Set in main nginx.conf file • Default value for worker_processes varies on system and installation source • auto means to create one worker process per core. This is recommended for most deployments. • keepalive_timeout controls how long to keep idle connections to clients open. Default: 75s • keeplive_requests Max requests on a single client connection before its closed • keepalive_* can also be set per virtual server
HTTP/1.1 Keepalive to Upstreams upstream my_upstream { server server1.example.com; keepalive 32; } server { location / { proxy_set_header Host $host; proxy_http_version 1.1; proxy_set_header Connection ""; proxy_pass http://my_upstream; } } • keepalive enables TCP connection cache • By default NGINX uses HTTP/1.0 with Connection: Close • proxy_http_version upgrades connection to HTTP/1.1 • proxy_set_header enables keepalive by clearing Connection: Close HTTP header
SSL Session Caching server { listen 443 ssl default_server; server_name www.example.com; ssl_certificate cert.crt; ssl_certificate_key cert.key; ssl_session_cache shared:SSL:10m; ssl_session_timeout 10m; } • Improves SSL/TLS performance • 1 MB session cache can store about 4,000 sessions • Cache shared across all NGINX workers
HTTP2 / gRPC Proxying with SSL Termination server { listen 443 ssl http2; ssl_certificate server.crt; ssl_certificate_key server.key;      location / {         grpc_pass grpc://localhost: 50051;     } } • Configure SSL and HTTP/2 as usual • Go sample application needs to modified to point to NGINX IP Address and port.
d Active Health Checks upstream my_upstream { zone my_upstream 64k; server server1.example.com slow_start=30s; } server { # ... location /health { internal; health_check interval=5s uri=/test.php match=statusok; proxy_set_header HOST www.example.com; proxy_pass http://my_upstream; } match statusok { # Used for /test.php health check status 200; header Content-Type = text/html; body ~ "Server[0-9]+ is alive"; } • Polls /test.php every 5 seconds • If response is not 200, server marked as failed • If response body does not contain “ServerN is alive”, server marked as failed • Recovered/new servers will slowly ramp up traffic over 30 seconds • Exclusive to NGINX Plus
Sticky Cookie Session Persistence upstream my_upstream { server server1.example.com; server server2.example.com; sticky cookie name expires=1h domain=.example.com path=/; } • NGINX will insert a cookie using the specified name • expires defines how long the cookie is valid for. The default is for the cookie to expire at the end of the browser session. • domain specifies the domain the cookie is valid for. If not specified, domain field of cookie is left blank • path specifies the path the cookie is set for. If not specified, path field of cookie is left blank • Exclusive to NGINX Plus
NGINX Stub Status Module server { location /basic_status { stub_status; } } • Provides aggregated NGINX statistics • Access should be locked down so its not publically visible $ curl http://www.example.com/basic_status Active connections: 1 server accepts handled requests 7 7 7 Reading: 0 Writing: 1 Waiting: 0
NGINX Plus Extended Status • Provides detailed NGINX Plus statistics • Over 40+ additional metrics • JSON data output • Monitoring GUI also available, see demo.nginx.com • Exclusive to NGINX Plus server { listen 8080; location /api { api write=on; # Limit access to the API allow 10.0.0.0/8; deny all; } location = /dashboard.html { root /usr/share/nginx/html; }
NGINX Access Logs 192.168.179.1 - - [15/May/2017:16:36:25 -0700] "GET / HTTP/1.1" 200 612 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36" "-" 192.168.179.1 - - [15/May/2017:16:36:26 -0700] "GET /favicon.ico HTTP/1.1" 404 571 "http://fmemon-redhat.local/" “Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36" "-" 192.168.179.1 - - [15/May/2017:16:36:31 -0700] "GET /basic_status HTTP/1.1" 200 100 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36" "-" • Enabled by default, can be shut off by adding “access_log off” to improve performance • By default lists client IP, date, request , referrer, user agent, etc. Can add additional NGINX variables, see nginx.org/en/docs/varindex.html • Log format configurable with the log_format directive
NGINX Controller
Application Delivery Module for NGINX Controller 43
MORE INFORMATION AT NGINX.COM
Request on that page. nginx.com/developer-license
Kevin Jones kevin.jones@nginx.com Thank you for coming!!! nginx.com | @nginxinc @kevinjonescreates @kevinjonescreates @webopsx /kevin-jones-19b17b47

Recomendados

NGINX 101 - now with more Docker
NGINX 101 - now with more DockerNGINX 101 - now with more Docker
NGINX 101 - now with more Docker
Sarah Novotny
 
Nagios Conference 2014 - Mike Weber - Expanding NRDS Capabilities on Linux Sy...
Nagios Conference 2014 - Mike Weber - Expanding NRDS Capabilities on Linux Sy...Nagios Conference 2014 - Mike Weber - Expanding NRDS Capabilities on Linux Sy...
Nagios Conference 2014 - Mike Weber - Expanding NRDS Capabilities on Linux Sy...
Nagios
 
Load Balancing Applications with NGINX in a CoreOS Cluster
Load Balancing Applications with NGINX in a CoreOS ClusterLoad Balancing Applications with NGINX in a CoreOS Cluster
Load Balancing Applications with NGINX in a CoreOS Cluster
Kevin Jones
 
Nginx Internals
Nginx InternalsNginx Internals
Nginx Internals
Joshua Zhu
 
Apache Camel: Jetty Component With Example
Apache Camel: Jetty Component With ExampleApache Camel: Jetty Component With Example
Apache Camel: Jetty Component With Example
Amit Aggarwal
 
Supercharging Content Delivery with Varnish
Supercharging Content Delivery with VarnishSupercharging Content Delivery with Varnish
Supercharging Content Delivery with Varnish
Samantha Quiñones
 
Montreal On Rails 5 : Rails deployment using : Nginx, Mongrel, Mongrel_cluste...
Montreal On Rails 5 : Rails deployment using : Nginx, Mongrel, Mongrel_cluste...Montreal On Rails 5 : Rails deployment using : Nginx, Mongrel, Mongrel_cluste...
Montreal On Rails 5 : Rails deployment using : Nginx, Mongrel, Mongrel_cluste...
addame
 
Ansible at work
Ansible at workAnsible at work
Ansible at work
Bas Meijer
 

Recomendados

NGINX 101 - now with more Docker
NGINX 101 - now with more DockerNGINX 101 - now with more Docker
NGINX 101 - now with more Docker
Sarah Novotny
 
Nagios Conference 2014 - Mike Weber - Expanding NRDS Capabilities on Linux Sy...
Nagios Conference 2014 - Mike Weber - Expanding NRDS Capabilities on Linux Sy...Nagios Conference 2014 - Mike Weber - Expanding NRDS Capabilities on Linux Sy...
Nagios Conference 2014 - Mike Weber - Expanding NRDS Capabilities on Linux Sy...
Nagios
 
Load Balancing Applications with NGINX in a CoreOS Cluster
Load Balancing Applications with NGINX in a CoreOS ClusterLoad Balancing Applications with NGINX in a CoreOS Cluster
Load Balancing Applications with NGINX in a CoreOS Cluster
Kevin Jones
 
Nginx Internals
Nginx InternalsNginx Internals
Nginx Internals
Joshua Zhu
 
Apache Camel: Jetty Component With Example
Apache Camel: Jetty Component With ExampleApache Camel: Jetty Component With Example
Apache Camel: Jetty Component With Example
Amit Aggarwal
 
Supercharging Content Delivery with Varnish
Supercharging Content Delivery with VarnishSupercharging Content Delivery with Varnish
Supercharging Content Delivery with Varnish
Samantha Quiñones
 
Montreal On Rails 5 : Rails deployment using : Nginx, Mongrel, Mongrel_cluste...
Montreal On Rails 5 : Rails deployment using : Nginx, Mongrel, Mongrel_cluste...Montreal On Rails 5 : Rails deployment using : Nginx, Mongrel, Mongrel_cluste...
Montreal On Rails 5 : Rails deployment using : Nginx, Mongrel, Mongrel_cluste...
addame
 
Ansible at work
Ansible at workAnsible at work
Ansible at work
Bas Meijer
 
Content Caching with NGINX and NGINX Plus
Content Caching with NGINX and NGINX PlusContent Caching with NGINX and NGINX Plus
Content Caching with NGINX and NGINX Plus
Kevin Jones
 
IT Automation with Ansible
IT Automation with AnsibleIT Automation with Ansible
IT Automation with Ansible
Rayed Alrashed
 
Running High Performance and Fault Tolerant Elasticsearch Clusters on Docker
Running High Performance and Fault Tolerant Elasticsearch Clusters on DockerRunning High Performance and Fault Tolerant Elasticsearch Clusters on Docker
Running High Performance and Fault Tolerant Elasticsearch Clusters on Docker
Sematext Group, Inc.
 
Squid proxy-configuration-guide
Squid proxy-configuration-guideSquid proxy-configuration-guide
Squid proxy-configuration-guide
jasembo
 
10 Million hits a day with WordPress using a $15 VPS
10 Million hits a day with WordPress using a $15 VPS10 Million hits a day with WordPress using a $15 VPS
10 Million hits a day with WordPress using a $15 VPS
Paolo Tonin
 
[MathWorks] Versioning Infrastructure
[MathWorks] Versioning Infrastructure[MathWorks] Versioning Infrastructure
[MathWorks] Versioning Infrastructure
Perforce
 
Failsafe Mechanism for Yahoo Homepage
Failsafe Mechanism for Yahoo HomepageFailsafe Mechanism for Yahoo Homepage
Failsafe Mechanism for Yahoo Homepage
Kit Chan
 
WE18_Performance_Up.ppt
WE18_Performance_Up.pptWE18_Performance_Up.ppt
WE18_Performance_Up.ppt
webhostingguy
 
Replacing Squid with ATS
Replacing Squid with ATSReplacing Squid with ATS
Replacing Squid with ATS
Kit Chan
 
CoreOS: Control Your Fleet
CoreOS: Control Your FleetCoreOS: Control Your Fleet
CoreOS: Control Your Fleet
Matthew Jones
 
Automating Network Infrastructure : Ansible
Automating Network Infrastructure : AnsibleAutomating Network Infrastructure : Ansible
Automating Network Infrastructure : Ansible
Bangladesh Network Operators Group
 
Squid Server
Squid ServerSquid Server
Squid Server
Sumant Garg
 
Integrated Cache on Netscaler
Integrated Cache on NetscalerIntegrated Cache on Netscaler
Integrated Cache on Netscaler
Mark Hillick
 
Unity Makes Strength
Unity Makes StrengthUnity Makes Strength
Unity Makes Strength
Xavier Mertens
 
Managing Your Cisco Datacenter Network with Ansible
Managing Your Cisco Datacenter Network with AnsibleManaging Your Cisco Datacenter Network with Ansible
Managing Your Cisco Datacenter Network with Ansible
fmaccioni
 
Fake IT, until you make IT
Fake IT, until you make ITFake IT, until you make IT
Fake IT, until you make IT
Bas Meijer
 
Trevor McDonald - Nagios XI Under The Hood
Trevor McDonald - Nagios XI Under The HoodTrevor McDonald - Nagios XI Under The Hood
Trevor McDonald - Nagios XI Under The Hood
Nagios
 
Combining Real-time and Batch Analytics with NoSQL, Storm and Hadoop - NoSQL ...
Combining Real-time and Batch Analytics with NoSQL, Storm and Hadoop - NoSQL ...Combining Real-time and Batch Analytics with NoSQL, Storm and Hadoop - NoSQL ...
Combining Real-time and Batch Analytics with NoSQL, Storm and Hadoop - NoSQL ...
Aerospike
 
Hadoop on ec2
Hadoop on ec2Hadoop on ec2
Hadoop on ec2
Mark Kerzner
 
Python Deployment with Fabric
Python Deployment with FabricPython Deployment with Fabric
Python Deployment with Fabric
andymccurdy
 
NGINX: Basics & Best Practices - EMEA Broadcast
NGINX: Basics & Best Practices - EMEA BroadcastNGINX: Basics & Best Practices - EMEA Broadcast
NGINX: Basics & Best Practices - EMEA Broadcast
NGINX, Inc.
 
NGINX ADC: Basics and Best Practices – EMEA
NGINX ADC: Basics and Best Practices – EMEANGINX ADC: Basics and Best Practices – EMEA
NGINX ADC: Basics and Best Practices – EMEA
NGINX, Inc.
 

Mais conteúdo relacionado

Mais procurados

Squid proxy-configuration-guide
Squid proxy-configuration-guideSquid proxy-configuration-guide
Squid proxy-configuration-guide
jasembo
 
[MathWorks] Versioning Infrastructure
[MathWorks] Versioning Infrastructure[MathWorks] Versioning Infrastructure
[MathWorks] Versioning Infrastructure
Perforce
 
WE18_Performance_Up.ppt
WE18_Performance_Up.pptWE18_Performance_Up.ppt
WE18_Performance_Up.ppt
webhostingguy
 
Combining Real-time and Batch Analytics with NoSQL, Storm and Hadoop - NoSQL ...
Combining Real-time and Batch Analytics with NoSQL, Storm and Hadoop - NoSQL ...Combining Real-time and Batch Analytics with NoSQL, Storm and Hadoop - NoSQL ...
Combining Real-time and Batch Analytics with NoSQL, Storm and Hadoop - NoSQL ...
Aerospike
 
Python Deployment with Fabric
Python Deployment with FabricPython Deployment with Fabric
Python Deployment with Fabric
andymccurdy
 

Mais procurados (20)

Content Caching with NGINX and NGINX Plus
Content Caching with NGINX and NGINX PlusContent Caching with NGINX and NGINX Plus
Content Caching with NGINX and NGINX Plus
 
IT Automation with Ansible
IT Automation with AnsibleIT Automation with Ansible
IT Automation with Ansible
 
Running High Performance and Fault Tolerant Elasticsearch Clusters on Docker
Running High Performance and Fault Tolerant Elasticsearch Clusters on DockerRunning High Performance and Fault Tolerant Elasticsearch Clusters on Docker
Running High Performance and Fault Tolerant Elasticsearch Clusters on Docker
 
Squid proxy-configuration-guide
Squid proxy-configuration-guideSquid proxy-configuration-guide
Squid proxy-configuration-guide
 
10 Million hits a day with WordPress using a $15 VPS
10 Million hits a day with WordPress using a $15 VPS10 Million hits a day with WordPress using a $15 VPS
10 Million hits a day with WordPress using a $15 VPS
 
[MathWorks] Versioning Infrastructure
[MathWorks] Versioning Infrastructure[MathWorks] Versioning Infrastructure
[MathWorks] Versioning Infrastructure
 
Failsafe Mechanism for Yahoo Homepage
Failsafe Mechanism for Yahoo HomepageFailsafe Mechanism for Yahoo Homepage
Failsafe Mechanism for Yahoo Homepage
 
WE18_Performance_Up.ppt
WE18_Performance_Up.pptWE18_Performance_Up.ppt
WE18_Performance_Up.ppt
 
Replacing Squid with ATS
Replacing Squid with ATSReplacing Squid with ATS
Replacing Squid with ATS
 
CoreOS: Control Your Fleet
CoreOS: Control Your FleetCoreOS: Control Your Fleet
CoreOS: Control Your Fleet
 
Automating Network Infrastructure : Ansible
Automating Network Infrastructure : AnsibleAutomating Network Infrastructure : Ansible
Automating Network Infrastructure : Ansible
 
Squid Server
Squid ServerSquid Server
Squid Server
 
Integrated Cache on Netscaler
Integrated Cache on NetscalerIntegrated Cache on Netscaler
Integrated Cache on Netscaler
 
Unity Makes Strength
Unity Makes StrengthUnity Makes Strength
Unity Makes Strength
 
Managing Your Cisco Datacenter Network with Ansible
Managing Your Cisco Datacenter Network with AnsibleManaging Your Cisco Datacenter Network with Ansible
Managing Your Cisco Datacenter Network with Ansible
 
Fake IT, until you make IT
Fake IT, until you make ITFake IT, until you make IT
Fake IT, until you make IT
 
Trevor McDonald - Nagios XI Under The Hood
Trevor McDonald - Nagios XI Under The HoodTrevor McDonald - Nagios XI Under The Hood
Trevor McDonald - Nagios XI Under The Hood
 
Combining Real-time and Batch Analytics with NoSQL, Storm and Hadoop - NoSQL ...
Combining Real-time and Batch Analytics with NoSQL, Storm and Hadoop - NoSQL ...Combining Real-time and Batch Analytics with NoSQL, Storm and Hadoop - NoSQL ...
Combining Real-time and Batch Analytics with NoSQL, Storm and Hadoop - NoSQL ...
 
Hadoop on ec2
Hadoop on ec2Hadoop on ec2
Hadoop on ec2
 
Python Deployment with Fabric
Python Deployment with FabricPython Deployment with Fabric
Python Deployment with Fabric
 

Semelhante a ITB2019 NGINX Overview and Technical Aspects - Kevin Jones

NGINX ADC: Basics and Best Practices – EMEA
NGINX ADC: Basics and Best Practices – EMEANGINX ADC: Basics and Best Practices – EMEA
NGINX ADC: Basics and Best Practices – EMEA
NGINX, Inc.
 
NGINX ADC: Basics and Best Practices
NGINX ADC: Basics and Best PracticesNGINX ADC: Basics and Best Practices
NGINX ADC: Basics and Best Practices
NGINX, Inc.
 
What’s New in NGINX Plus R16?
What’s New in NGINX Plus R16?What’s New in NGINX Plus R16?
What’s New in NGINX Plus R16?
NGINX, Inc.
 
What’s New in NGINX Plus R16? – EMEA
What’s New in NGINX Plus R16? – EMEAWhat’s New in NGINX Plus R16? – EMEA
What’s New in NGINX Plus R16? – EMEA
NGINX, Inc.
 
High Availability Content Caching with NGINX
High Availability Content Caching with NGINXHigh Availability Content Caching with NGINX
High Availability Content Caching with NGINX
NGINX, Inc.
 
NGINX: High Performance Load Balancing
NGINX: High Performance Load BalancingNGINX: High Performance Load Balancing
NGINX: High Performance Load Balancing
NGINX, Inc.
 

Semelhante a ITB2019 NGINX Overview and Technical Aspects - Kevin Jones (20)

NGINX: Basics & Best Practices - EMEA Broadcast
NGINX: Basics & Best Practices - EMEA BroadcastNGINX: Basics & Best Practices - EMEA Broadcast
NGINX: Basics & Best Practices - EMEA Broadcast
 
NGINX ADC: Basics and Best Practices – EMEA
NGINX ADC: Basics and Best Practices – EMEANGINX ADC: Basics and Best Practices – EMEA
NGINX ADC: Basics and Best Practices – EMEA
 
NGINX ADC: Basics and Best Practices
NGINX ADC: Basics and Best PracticesNGINX ADC: Basics and Best Practices
NGINX ADC: Basics and Best Practices
 
NGINX 101 - now with more Docker
NGINX 101 - now with more DockerNGINX 101 - now with more Docker
NGINX 101 - now with more Docker
 
Nginx A High Performance Load Balancer, Web Server & Reverse Proxy
Nginx A High Performance Load Balancer, Web Server & Reverse ProxyNginx A High Performance Load Balancer, Web Server & Reverse Proxy
Nginx A High Performance Load Balancer, Web Server & Reverse Proxy
 
NGINX: Basics and Best Practices EMEA
NGINX: Basics and Best Practices EMEANGINX: Basics and Best Practices EMEA
NGINX: Basics and Best Practices EMEA
 
NGINX: Basics and Best Practices
NGINX: Basics and Best PracticesNGINX: Basics and Best Practices
NGINX: Basics and Best Practices
 
What’s New in NGINX Plus R16?
What’s New in NGINX Plus R16?What’s New in NGINX Plus R16?
What’s New in NGINX Plus R16?
 
NGINX Installation and Tuning
NGINX Installation and TuningNGINX Installation and Tuning
NGINX Installation and Tuning
 
What’s New in NGINX Plus R16? – EMEA
What’s New in NGINX Plus R16? – EMEAWhat’s New in NGINX Plus R16? – EMEA
What’s New in NGINX Plus R16? – EMEA
 
Making Spinnaker Go @ Stitch Fix
Making Spinnaker Go @ Stitch FixMaking Spinnaker Go @ Stitch Fix
Making Spinnaker Go @ Stitch Fix
 
High Availability Content Caching with NGINX
High Availability Content Caching with NGINXHigh Availability Content Caching with NGINX
High Availability Content Caching with NGINX
 
NGINX: High Performance Load Balancing
NGINX: High Performance Load BalancingNGINX: High Performance Load Balancing
NGINX: High Performance Load Balancing
 
NGiNX, VHOSTS & SSL (let's encrypt)
NGiNX, VHOSTS & SSL (let's encrypt)NGiNX, VHOSTS & SSL (let's encrypt)
NGiNX, VHOSTS & SSL (let's encrypt)
 
High Availability Content Caching with NGINX
High Availability Content Caching with NGINXHigh Availability Content Caching with NGINX
High Availability Content Caching with NGINX
 
NGINX: High Performance Load Balancing
NGINX: High Performance Load BalancingNGINX: High Performance Load Balancing
NGINX: High Performance Load Balancing
 
5 things you didn't know nginx could do velocity
5 things you didn't know nginx could do velocity5 things you didn't know nginx could do velocity
5 things you didn't know nginx could do velocity
 
App Deployment on Cloud
App Deployment on CloudApp Deployment on Cloud
App Deployment on Cloud
 
What's new in NGINX Plus R19
What's new in NGINX Plus R19What's new in NGINX Plus R19
What's new in NGINX Plus R19
 
Nginx Deep Dive Kubernetes Ingress
Nginx Deep Dive Kubernetes IngressNginx Deep Dive Kubernetes Ingress
Nginx Deep Dive Kubernetes Ingress
 

Mais de Ortus Solutions, Corp

BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
Ortus Solutions, Corp
 
Luis Majano The Battlefield ORM
Luis Majano The Battlefield ORMLuis Majano The Battlefield ORM
Luis Majano The Battlefield ORM
Ortus Solutions, Corp
 
Daniel Garcia ContentBox: CFSummit 2023
Daniel Garcia ContentBox: CFSummit 2023Daniel Garcia ContentBox: CFSummit 2023
Daniel Garcia ContentBox: CFSummit 2023
Ortus Solutions, Corp
 
ITB_2023_Relationships_are_Hard_Data_modeling_with_NoSQL_Curt_Gratz.pdf
ITB_2023_Relationships_are_Hard_Data_modeling_with_NoSQL_Curt_Gratz.pdfITB_2023_Relationships_are_Hard_Data_modeling_with_NoSQL_Curt_Gratz.pdf
ITB_2023_Relationships_are_Hard_Data_modeling_with_NoSQL_Curt_Gratz.pdf
Ortus Solutions, Corp
 
ITB_2023_Practical_AI_with_OpenAI_-_Grant_Copley_.pdf
ITB_2023_Practical_AI_with_OpenAI_-_Grant_Copley_.pdfITB_2023_Practical_AI_with_OpenAI_-_Grant_Copley_.pdf
ITB_2023_Practical_AI_with_OpenAI_-_Grant_Copley_.pdf
Ortus Solutions, Corp
 
ITB_2023_When_Your_Applications_Work_As_a_Team_Nathaniel_Francis.pdf
ITB_2023_When_Your_Applications_Work_As_a_Team_Nathaniel_Francis.pdfITB_2023_When_Your_Applications_Work_As_a_Team_Nathaniel_Francis.pdf
ITB_2023_When_Your_Applications_Work_As_a_Team_Nathaniel_Francis.pdf
Ortus Solutions, Corp
 
ITB_2023_Faster_Apps_That_Wont_Get_Crushed_Brian_Klaas.pdf
ITB_2023_Faster_Apps_That_Wont_Get_Crushed_Brian_Klaas.pdfITB_2023_Faster_Apps_That_Wont_Get_Crushed_Brian_Klaas.pdf
ITB_2023_Faster_Apps_That_Wont_Get_Crushed_Brian_Klaas.pdf
Ortus Solutions, Corp
 
ITB_2023_Chatgpt_Box_Scott_Steinbeck.pdf
ITB_2023_Chatgpt_Box_Scott_Steinbeck.pdfITB_2023_Chatgpt_Box_Scott_Steinbeck.pdf
ITB_2023_Chatgpt_Box_Scott_Steinbeck.pdf
Ortus Solutions, Corp
 

Mais de Ortus Solutions, Corp (20)

BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
 
Ortus Government.pdf
Ortus Government.pdfOrtus Government.pdf
Ortus Government.pdf
 
Luis Majano The Battlefield ORM
Luis Majano The Battlefield ORMLuis Majano The Battlefield ORM
Luis Majano The Battlefield ORM
 
Brad Wood - CommandBox CLI
Brad Wood - CommandBox CLI Brad Wood - CommandBox CLI
Brad Wood - CommandBox CLI
 
Secure your Secrets and Settings in ColdFusion
Secure your Secrets and Settings in ColdFusionSecure your Secrets and Settings in ColdFusion
Secure your Secrets and Settings in ColdFusion
 
Daniel Garcia ContentBox: CFSummit 2023
Daniel Garcia ContentBox: CFSummit 2023Daniel Garcia ContentBox: CFSummit 2023
Daniel Garcia ContentBox: CFSummit 2023
 
ITB_2023_Human-Friendly_Scheduled_Tasks_Giancarlo_Gomez.pdf
ITB_2023_Human-Friendly_Scheduled_Tasks_Giancarlo_Gomez.pdfITB_2023_Human-Friendly_Scheduled_Tasks_Giancarlo_Gomez.pdf
ITB_2023_Human-Friendly_Scheduled_Tasks_Giancarlo_Gomez.pdf
 
ITB_2023_CommandBox_Multi-Server_-_Brad_Wood.pdf
ITB_2023_CommandBox_Multi-Server_-_Brad_Wood.pdfITB_2023_CommandBox_Multi-Server_-_Brad_Wood.pdf
ITB_2023_CommandBox_Multi-Server_-_Brad_Wood.pdf
 
ITB_2023_The_Many_Layers_of_OAuth_Keith_Casey_.pdf
ITB_2023_The_Many_Layers_of_OAuth_Keith_Casey_.pdfITB_2023_The_Many_Layers_of_OAuth_Keith_Casey_.pdf
ITB_2023_The_Many_Layers_of_OAuth_Keith_Casey_.pdf
 
ITB_2023_Relationships_are_Hard_Data_modeling_with_NoSQL_Curt_Gratz.pdf
ITB_2023_Relationships_are_Hard_Data_modeling_with_NoSQL_Curt_Gratz.pdfITB_2023_Relationships_are_Hard_Data_modeling_with_NoSQL_Curt_Gratz.pdf
ITB_2023_Relationships_are_Hard_Data_modeling_with_NoSQL_Curt_Gratz.pdf
 
ITB_2023_Extend_your_contentbox_apps_with_custom_modules_Javier_Quintero.pdf
ITB_2023_Extend_your_contentbox_apps_with_custom_modules_Javier_Quintero.pdfITB_2023_Extend_your_contentbox_apps_with_custom_modules_Javier_Quintero.pdf
ITB_2023_Extend_your_contentbox_apps_with_custom_modules_Javier_Quintero.pdf
 
ITB_2023_25_Most_Dangerous_Software_Weaknesses_Pete_Freitag.pdf
ITB_2023_25_Most_Dangerous_Software_Weaknesses_Pete_Freitag.pdfITB_2023_25_Most_Dangerous_Software_Weaknesses_Pete_Freitag.pdf
ITB_2023_25_Most_Dangerous_Software_Weaknesses_Pete_Freitag.pdf
 
ITB_2023_CBWire_v3_Grant_Copley.pdf
ITB_2023_CBWire_v3_Grant_Copley.pdfITB_2023_CBWire_v3_Grant_Copley.pdf
ITB_2023_CBWire_v3_Grant_Copley.pdf
 
ITB_2023_Practical_AI_with_OpenAI_-_Grant_Copley_.pdf
ITB_2023_Practical_AI_with_OpenAI_-_Grant_Copley_.pdfITB_2023_Practical_AI_with_OpenAI_-_Grant_Copley_.pdf
ITB_2023_Practical_AI_with_OpenAI_-_Grant_Copley_.pdf
 
ITB_2023_When_Your_Applications_Work_As_a_Team_Nathaniel_Francis.pdf
ITB_2023_When_Your_Applications_Work_As_a_Team_Nathaniel_Francis.pdfITB_2023_When_Your_Applications_Work_As_a_Team_Nathaniel_Francis.pdf
ITB_2023_When_Your_Applications_Work_As_a_Team_Nathaniel_Francis.pdf
 
ITB_2023_Faster_Apps_That_Wont_Get_Crushed_Brian_Klaas.pdf
ITB_2023_Faster_Apps_That_Wont_Get_Crushed_Brian_Klaas.pdfITB_2023_Faster_Apps_That_Wont_Get_Crushed_Brian_Klaas.pdf
ITB_2023_Faster_Apps_That_Wont_Get_Crushed_Brian_Klaas.pdf
 
ITB_2023_Chatgpt_Box_Scott_Steinbeck.pdf
ITB_2023_Chatgpt_Box_Scott_Steinbeck.pdfITB_2023_Chatgpt_Box_Scott_Steinbeck.pdf
ITB_2023_Chatgpt_Box_Scott_Steinbeck.pdf
 
ITB_2023_CommandBox_Task_Runners_Brad_Wood.pdf
ITB_2023_CommandBox_Task_Runners_Brad_Wood.pdfITB_2023_CommandBox_Task_Runners_Brad_Wood.pdf
ITB_2023_CommandBox_Task_Runners_Brad_Wood.pdf
 
ITB_2023_Create_as_many_web_sites_or_web_apps_as_you_want_George_Murphy.pdf
ITB_2023_Create_as_many_web_sites_or_web_apps_as_you_want_George_Murphy.pdfITB_2023_Create_as_many_web_sites_or_web_apps_as_you_want_George_Murphy.pdf
ITB_2023_Create_as_many_web_sites_or_web_apps_as_you_want_George_Murphy.pdf
 
ITB2023 Developing for Performance - Denard Springle.pdf
ITB2023 Developing for Performance - Denard Springle.pdfITB2023 Developing for Performance - Denard Springle.pdf
ITB2023 Developing for Performance - Denard Springle.pdf
 

Último

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 

Último (20)

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 

ITB2019 NGINX Overview and Technical Aspects - Kevin Jones

  • 1. 
 NGINX Overview and Technical Aspects Into The Box 2019
  • 2. Introduction to NGINX and the Application Platform Getting Started! Examples NGINX Controller / Demo (if time persists) 1 2 3 4 Agenda Q&A5
  • 4. “I wanted people to use it, so I made it open source.” - Igor Sysoev, NGINX creator and founder
  • 5. 450 million Total sites running on NGINX and counting… Source: Netcraft March 2018 Web Server Survey
  • 6. 56% of the Top 100,000 most popular websites Source: : W3Techs Web Technology Survey137
  • 7. High Performance Webserver and Reverse Proxy Web Server
  • 8. #nginx #nginxconf8 Core NGINX (F/OSS) HTTP2 JSON Logging Stream Module (TCP… UDP) Multi Datagram UDP Support Thread Pools Dynamic Modules JavaScript Module for NGINX ECC Certificate Support Linux Enhancements The Developmental Pillars Continued commitment to Community and Enterprise… NGINX Plus All of Core Plus: DNS SRV Record Support JWT Support (Auth) ModSecurity 3.0 WAF Application Health Checks High Availability Support Configuration Sync Dynamic Reconfiguration (API) Key Value Store (API) Live Activity Monitoring (API) Cache Management (API)
  • 9. Flawless Application Delivery for the Modern Web Load Balancer Content Cache WebServer Monitoring & Management Security Controls
  • 10. About NGINX, Inc. • Founded in 2011, NGINX Plus first released in 2013 • VC-backed by enterprise software industry leaders • Offices in SF, London, Cork, Japan, Singapore, Sydney, and Moscow • 1,600+ commercial customers • 200+ employees
  • 12. NGINX Application Platform A suite of technologies to develop and deliver digital experiences that span from legacy, monolithic apps to modern, microservices apps.
  • 14. NGINX Simplifies, Cuts Costs up to 80% 14
  • 15. #nginx #nginxconf15 • Static Content (Web Server) • TCP/UDP Load Balancing (L4) • HTTP Load Balancing (L7) • Reverse Proxy (Advanced L7 Routing) • Security Controls • Media Delivery (VOD and Live Streaming) • HTTP Content Caching • Modularity (Extendable via Modules, Scripting) Complete Application Delivery Platform
  • 17. NGINX Installation: Debian/Ubuntu deb http://nginx.org/packages/mainline/OS/ CODENAME nginx deb-src http://nginx.org/packages/mainline/OS/ CODENAME nginx Create /etc/apt/sources.list.d/nginx.list with the following contents: • OS – ubuntu or debian depending on your distro • CODENAME: - jessie or stretch for debian - trusty, xenial, artful, or bionic for ubuntu $ wget http://nginx.org/keys/nginx_signing.key $ apt-key add nginx_signing.key $ apt-get update $ apt-get install –y nginx $ /etc/init.d/nginx start
  • 18. NGINX Installation: CentOS/Red Hat [nginx] name=nginx repo baseurl=http://nginx.org/packages/mainline/OS/OSRELEASE/$basearch/ gpgcheck=0 enabled=1 Create /etc/yum.repos.d/nginx.repo with the following contents: • OS -- rhel or centos depending on your distro • OSRELEASE -- 6 or 7 for 6.x or 7.x versions, respectively $ yum –y install nginx $ systemctl enable nginx $ systemctl start nginx $ firewall-cmd --permanent --zone=public --add-port=80/tcp $ firewall-cmd --reload
  • 19. NGINX Plus Installation • Visit cs.nginx.com/repo_setup • Select OS from drop down list • Instructions similar to OSS installation • Mostly just using a different repo and installing client certificate
  • 20. Verifying Installation $ nginx -v nginx version: nginx/1.15.0 $ ps -ef | grep nginx root 1088 1 0 19:59 ? 00:00:00 nginx: master process /usr/sbin/nginx -c /etc/nginx/ nginx.conf nginx 1092 1088 0 19:59 ? 00:00:00 nginx: worker process
  • 22. server { listen <parameters>; location <url> { ---------------- } } upstream { ------------------- } server { listen <parameters>; location <url> { ---------------- } } upstream { ------------------- } Key NGINX Files and Directories /etc/nginx/ ------------------------ -- ------------------------ -- http { ---------------------- include conf.d/ *.conf; } Global settings 
 (tunings, logs, etc) HTTP block nginx.conf virtualserver1.conf server { listen <parameters>; location <url> { ---------------- } } upstream { ------------------- } /etc/nginx/conf.d/ /var/log/nginx/ error.log access.log Important operational messages Record of each request (configurable) Listen for requests Rules to handle each request Optional: proxy to upstreams
  • 23. Key NGINX Commands • nginx –h Display NGINX help menu • nginx –t Check if NGINX configuration is ok • nginx –s reload Check config is ok and gracefully reload NGINX processes • nginx –V Similar to –v, but with more detailed information • nginx –T Dump full NGINX configuration
  • 25. Simple Virtual Server server { listen 80 default_server; server_name www.example.com; return 200 “Hello World!”; } • server defines the context for a virtual server • listen specifies IP/port NGINX should listen on. No IP means bind to all IPs on system • server_name specifies hostname of virtual server • return tells NGINX to respond directly to the request.
  • 26. Basic Web Server Configuration server { listen 80 default_server; server_name www.example.com; location /web/ { root /usr/share/nginx/html; index index.html index.htm; } } • index: www.example.com -> /usr/share/nginx/html/index.html • root: www.example.com/i/file.txt -> /usr/share/nginx/html/i/file.txt • alias: www.example.com/i/file.txt -> /usr/share/nginx/html/file.txt • root specifies directory where files are stored • index defines files that will be used as an index
  • 27. Basic Load Balancing Configuration upstream my_upstream { server server1.example.com; server server2.example.com; least_time; } server { location / { proxy_set_header Host $host; proxy_pass http://my_upstream; } } • upstream defines the load balancing pool • Default load balancing algorithm is round robin. Others available: • least_conn selects server with least amount of active connections • least_time factors in connection count and server response time. Available in NGINX Plus only. • proxy_pass links virtual server to upstream • By default NGINX rewrites Host header to name and port of proxied server. proxy_set_header overrides and passes through original client Host header.
  • 28. Basic Reverse Proxy Configuration server { location ~ ^(.+.php)(.*)$ { fastcgi_split_path_info ^(.+.php)(.*)$; # fastcgi_pass 127.0.0.1:9000; fastcgi_pass unix:/var/run/php7.0-fpm.sock; fastcgi_index index.php; include fastcgi_params; } } • Requires PHP FPM: apt-get install –y php7.0- fpm • Can also use PHP 5 • Similar directives available for uWSGI and SCGI. • Additional PHP FPM configuration may be required
  • 29. Basic Caching Configuration proxy_cache_path /path/to/cache levels=1:2 keys_zone=my_cache:10m max_size=10g inactive=60m use_temp_path=off; server { location / { proxy_cache my_cache; proxy_set_header Host $host; proxy_pass http://my_upstream; } } • proxy_cache_path defines the parameters of the cache. • keys_zone defines the size of memory to store cache keys in. A 1 MB zone can store data for about 8,000 keys. • max_size sets upper limit of cache size. Optional. • inactive defines how long an object can stay in cache without being accessed. Default is 10 m. • proxy_cache enables caching for the context it is in
  • 30. Basic SSL Configuration server { listen 80 default_server; server_name www.example.com; return 301 https:// $server_name$request_uri; } server { listen 443 ssl default_server; server_name www.example.com; ssl_certificate cert.crt; ssl_certificate_key cert.key; location / { root /usr/share/nginx/html; index index.html index.htm; } } • Force all traffic to SSL is good for security and SEO • Use Let’s Encrypt to get free SSL certificates, see: nginx.com/ blog/using-free-ssltls- certificates-from-lets- encrypt-with-nginx
  • 31. Multiplexing Multiple Sites on One IP server { listen 80 default_server; server_name www.pizza.com; # ... } server { listen 80; server_name www.tacos.com; # ... } server { listen 80; server_name www.sushi.com; # ... } • NGINX can multiplex a single IP/ port using the Host: header. • default_server defines the virtual server to use if Host header is empty. It is best practice to have a default_server.
  • 32. Layer 7 Request Routing server { # ... location /service1 { proxy_pass http://upstream1; } location /service2 { proxy_pass http://upstream2; } location /service3 { proxy_pass http://upstream3; } } • location blocks are used to do Layer 7 routing based on URL • Regex matching can also be used in location blocks
  • 33. Modifications to main nginx.conf user nginx; worker_processes auto; # ... http { # ... keepalive_timeout 300s; keepalive_requests 100000; } • Set in main nginx.conf file • Default value for worker_processes varies on system and installation source • auto means to create one worker process per core. This is recommended for most deployments. • keepalive_timeout controls how long to keep idle connections to clients open. Default: 75s • keeplive_requests Max requests on a single client connection before its closed • keepalive_* can also be set per virtual server
  • 34. HTTP/1.1 Keepalive to Upstreams upstream my_upstream { server server1.example.com; keepalive 32; } server { location / { proxy_set_header Host $host; proxy_http_version 1.1; proxy_set_header Connection ""; proxy_pass http://my_upstream; } } • keepalive enables TCP connection cache • By default NGINX uses HTTP/1.0 with Connection: Close • proxy_http_version upgrades connection to HTTP/1.1 • proxy_set_header enables keepalive by clearing Connection: Close HTTP header
  • 35. SSL Session Caching server { listen 443 ssl default_server; server_name www.example.com; ssl_certificate cert.crt; ssl_certificate_key cert.key; ssl_session_cache shared:SSL:10m; ssl_session_timeout 10m; } • Improves SSL/TLS performance • 1 MB session cache can store about 4,000 sessions • Cache shared across all NGINX workers
  • 36. HTTP2 / gRPC Proxying with SSL Termination server { listen 443 ssl http2; ssl_certificate server.crt; ssl_certificate_key server.key;      location / {         grpc_pass grpc://localhost: 50051;     } } • Configure SSL and HTTP/2 as usual • Go sample application needs to modified to point to NGINX IP Address and port.
  • 37. d Active Health Checks upstream my_upstream { zone my_upstream 64k; server server1.example.com slow_start=30s; } server { # ... location /health { internal; health_check interval=5s uri=/test.php match=statusok; proxy_set_header HOST www.example.com; proxy_pass http://my_upstream; } match statusok { # Used for /test.php health check status 200; header Content-Type = text/html; body ~ "Server[0-9]+ is alive"; } • Polls /test.php every 5 seconds • If response is not 200, server marked as failed • If response body does not contain “ServerN is alive”, server marked as failed • Recovered/new servers will slowly ramp up traffic over 30 seconds • Exclusive to NGINX Plus
  • 38. Sticky Cookie Session Persistence upstream my_upstream { server server1.example.com; server server2.example.com; sticky cookie name expires=1h domain=.example.com path=/; } • NGINX will insert a cookie using the specified name • expires defines how long the cookie is valid for. The default is for the cookie to expire at the end of the browser session. • domain specifies the domain the cookie is valid for. If not specified, domain field of cookie is left blank • path specifies the path the cookie is set for. If not specified, path field of cookie is left blank • Exclusive to NGINX Plus
  • 39. NGINX Stub Status Module server { location /basic_status { stub_status; } } • Provides aggregated NGINX statistics • Access should be locked down so its not publically visible $ curl http://www.example.com/basic_status Active connections: 1 server accepts handled requests 7 7 7 Reading: 0 Writing: 1 Waiting: 0
  • 40. NGINX Plus Extended Status • Provides detailed NGINX Plus statistics • Over 40+ additional metrics • JSON data output • Monitoring GUI also available, see demo.nginx.com • Exclusive to NGINX Plus server { listen 8080; location /api { api write=on; # Limit access to the API allow 10.0.0.0/8; deny all; } location = /dashboard.html { root /usr/share/nginx/html; }
  • 41. NGINX Access Logs 192.168.179.1 - - [15/May/2017:16:36:25 -0700] "GET / HTTP/1.1" 200 612 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36" "-" 192.168.179.1 - - [15/May/2017:16:36:26 -0700] "GET /favicon.ico HTTP/1.1" 404 571 "http://fmemon-redhat.local/" “Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36" "-" 192.168.179.1 - - [15/May/2017:16:36:31 -0700] "GET /basic_status HTTP/1.1" 200 100 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36" "-" • Enabled by default, can be shut off by adding “access_log off” to improve performance • By default lists client IP, date, request , referrer, user agent, etc. Can add additional NGINX variables, see nginx.org/en/docs/varindex.html • Log format configurable with the log_format directive
  • 43. Application Delivery Module for NGINX Controller 43
  • 45. Request on that page. nginx.com/developer-license
  • 46. Kevin Jones kevin.jones@nginx.com Thank you for coming!!! nginx.com | @nginxinc @kevinjonescreates @kevinjonescreates @webopsx /kevin-jones-19b17b47