Upgrade to Pro — share decks privately, control downloads, hide ads and more …

making-nginx-practical-guide

Tatsuhiko Kubo
February 08, 2016
Technology
6
9.1k

 making-nginx-practical-guide

Tatsuhiko Kubo

February 08, 2016
Tweet

More Decks by Tatsuhiko Kubo

See All by Tatsuhiko Kubo
Handling a tremendous amount of images with Fastly / Yamagoya Traverse 2020
cubicdaiya
2
1.1k
System Integration with Fastly
cubicdaiya
0
440
実例で学ぶ画像最適化集 with ImageFlux / ImageFlux meetup#2
cubicdaiya
4
17k
Software Engineer, Infrastructure
cubicdaiya
4
2.8k
High Performance Count Up!
cubicdaiya
0
210
ImageFluxを利用した画像配信の最適化 / ImageFlux meetup 201801
cubicdaiya
0
2.4k
Building high performance push notification server in Go
cubicdaiya
5
2.8k
メルカリのデータ分析基盤 / mercari data analysis infrastructure
cubicdaiya
11
11k
On-call Engineering
cubicdaiya
8
5.9k

Other Decks in Technology

See All in Technology
スクラム導入して変わったチーム、組織のありかた
yumechi
0
280
SignalR を使ったアプリケーション開発をより快適に!
nenonaninu
0
710
IoTを始めたきっかけの話と個人でできるIoTの今後 / 新年LT会「私の愛するIoT 2023」
you
0
250
Bill One 開発エンジニア 紹介資料
sansantech
PRO
0
130
ECSコスト削減のブレイクアウトセッションを聴いてきた話 / joining a breakout session on reducing costs with ECS
yayoi_dd
0
140
2年で10→70人へ! スタートアップの 情報セキュリティ課題と施策
miekobayashi
1
690
ラズパイとGASで加湿器の消し忘れをLINEでリマインド&操作
minako__ph
0
150
目指せCoverage100%! AutoScale環境におけるSavings Plans購入戦略 / JAWS-UG_SRE_Coverage
taishin
0
520
AWS re:Invent 2022で発表された新機能を試してみた ~Cloud OperationとSecurity~ / New Cloud Operation and Security Features Announced at AWS reInvent 2022
yuj1osm
1
220
開発者と協働できるメトリクスダッシュボードを作ろう!/SRE Lounge 2023
lmi
3
600
Periodic Multi-Agent Path Planning
hziwara
0
160
データ分析基盤の要件分析の話(202201_JEDAI)
yabooun
0
400

Featured

See All Featured
Gamification - CAS2011
davidbonilla
75
4.1k
Keith and Marios Guide to Fast Websites
keithpitt
407
21k
Producing Creativity
orderedlist
PRO
335
38k
Faster Mobile Websites
deanohume
295
29k
It's Worth the Effort
3n
177
26k
Code Reviewing Like a Champion
maltzj
508
38k
Statistics for Hackers
jakevdp
785
210k
Testing 201, or: Great Expectations
jmmastey
25
5.7k
Imperfection Machines: The Place of Print at Facebook
scottboms
254
12k
ParisWeb 2013: Learning to Love: Crash Course in Emotional UX Design
dotmariusz
101
6.2k
Web development in the modern age
philhawksworth
197
9.6k
Automating Front-end Workflow
addyosmani
1351
200k

Transcript

  1. nginx࣮ફೖ໳ ϝΠΩϯά Tatsuhiko [email protected] nginx Tech Talks 2016/02/08

  2. @cubicdaiya / Tatsuhiko Kubo Principal Engineer, SRE @ Mercari, Inc.

    ngx_small_light, ngx_dynamic_upstream, nginx-build, slackboard,cachectl, gaurun, etc…
  3. None

  4. https://www.mercari.com/ Mercari - Your Friendly Mobile Marketplace

  5. Agenda • ʰnginx࣮ફೖ໳ʱͷ঺հ • ࣥචʹ·ͭΘΔΤϐιʔυ • ຊॻ੶ʹܝࡌ͖͠Εͳ͔ͬͨ಺༰ɺɹɹɹ nginxͷ৽ػೳʹ͍ͭͯ

  6. None

  7. ʰnginx࣮ફೖ໳ʱষߏ੒ • 1ষ nginxͷ֓ཁͱΞʔΩςΫνϟ • 2ষ Πϯετʔϧͱىಈ • 3ষ جຊઃఆ

    • 4ষ ੩తͳWebαΠτͷߏங • 5ষ ҆શ͔ͭߴ଎ͳHTTPSαʔόͷߏங

  8. ʰnginx࣮ફೖ໳ʱষߏ੒ • 6ষ WebΞϓϦέʔγϣϯαʔόͷߏங • 7ষ େن໛ίϯςϯπ഑৴αʔόͷߏங • 8ষ Webαʔόͷӡ༻ͱϝτϦΫεϞχλϦϯά

    • 9ষ LuaʹΑΔnginxͷ֦ு • 10ষ OpenResty

  9. ࣥච։࢝ɿ2013೥11݄ ࣥච׬ྃɿ2015೥12݄ ൃച೔ɹɿ2016೥1݄ ໿2೥͔͔Γ·ͨ͠…

  10. ষߏ੒ ݪҊʢ2013೥຤ࠒʣ • 1ষ nginxͷ֓ཁͱΞʔΩςΫνϟ • 2ষ Πϯετʔϧ • 3ষ

    جຊઃఆ • 4ষ ੩తͳWebαΠτͷߏங • 5ষ WebΞϓϦέʔγϣϯαʔόͷߏங

  11. ষߏ੒ ݪҊʢ2013೥຤ࠒʣ • 6ষ େن໛ίϯςϯπ഑৴αʔόͷߏங • 7ষ ը૾ετϨʔδαʔόͷߏங • 8ষ

    nginxαʔόͷӡ༻ʗ؂ࢹ • 9ষ ϋΠύϑΥʔϚϯεnginx • 10ষ LuaʹΑΔnginxͷ֦ு • 11ষ ֦ுϞδϡʔϧͷ࡞Γํ

  12. Ϙπʹͳͬͨষ

  13. ը૾ετϨʔδαʔόͷߏங

  14. ʮը૾ετϨʔδαʔόͷߏஙʯͳΜͰ͚͢Ͳɺ ͜ΕྲྀΕతʹʮେن໛ίϯςϯπ഑৴αʔόʯͷষʹ ౷߹͠·͢Ͷ ͑ɺ͋ɺ͏Μ ※ձ࿩ͷ಺༰͸ΠϝʔδͰ͢

  15. ը૾ετϨʔδαʔόͷߏங • nginxͰαϜωΠϧੜ੒ػೳ෇͖ετϨʔδαʔόΛߏங͢Δ ࿩ͩͬͨ • ngx_http_image_filter_module • ngx_http_dav_module • େن໛ίϯςϯπ഑৴αʔόͷষʹ౷߹ͨ͠ํ͕͍͍ͷͰ

    ͸ʁ by @harukasan • ಺༰͝ͱ7ষʹ౷߹͞Ε·ͨ͠ • ࠓͳΒngx_small_lightͷ࿩Λͯ͠΋Α͔͔ͬͨ΋͠Εͳ͍

  16. ϋΠύϑΥʔϚϯεnginx

  17. ϋΠύϑΥʔϚϯεnginx • tcp_nopush΍ΞοϓετϦʔϜ΁ͷΩʔϓΞ ϥΠϒ౳nginxͰͷνϡʔχϯάू • ֤ষ͕༻్ຖʹղઆ͍ͯ͠Δ͜ͱ΋͋ͬͯ͜ ͚ͩ͜·ͱ·Γ͕ͳ͍ • harukasanͷఏҊͰద੾ͳষʹ෼ࢄ

  18. ʮϋΠύϑΥʔϚϯεnginxʯͳΜͰ͚͢Ͳɺ ͜Ε֤߲໨ͷ࿩ͷ಺༰͕όϥόϥͳͷͰ ผʑͷষʹ෼ࢄͤ͞·͢Ͷɻ ͓ɺ͓͏ ※ձ࿩ͷ಺༰͸ΠϝʔδͰ͢

  19. ֦ுϞδϡʔϧͷ࡞Γํ • ్த·Ͱॻ͍ͯ·͕ͨ͠ɺશવϖʔδ਺଍Γͳ͘ ͯ΍Ί·ͨ͠ • ͜ͷ಺༰͚ͩͰຊ͕Ұ࡭ॻ͚Δ • ಺༰͕શવೖ໳͡Όͳ͍ • CΑΓ΋Luaͷղઆ૿΍ͨ͠ํ͕ಡऀͷͨΊʹͳΔ

    • ͦ͏ͩɺOpenRestyʹ͠Α͏ʂ

  20. ޙͰ௥Ճ͞Εͨষ

  21. ҆શ͔ͭߴ଎ͳHTTPSαʔόͷߏங

  22. ҆શ͔ͭߴ଎ͳHTTPSαʔόͷߏங • ౰ॳ͸ʰ੩తͳWebαΠτͷߏஙʱͰશ෦ղઆ ͍ͯͨ͠ • ͔͠͠ɺHTTPSͷॏཁੑͷߴ·Γ΍2014೥ࠒ͔ Βͷ૬͙࣍OpenSSLͷ੬ऑੑใࠂ౳͔Β಺༰͕ ංେԽ • e.g.

    HeartBleed, FREAK Attack… • ݁Ռɺؙʑ1ষׂ͍ͯղઆ͢Δ͜ͱʹ

  23. OpenResty

  24. OpenResty • CʹΑΔ֦ுϞδϡʔϧ࡞੒ͷষΛ࡟ͬͨͷͰ ͔ΘΓʹೖΕͨ • ngx_luaؚΊଟ෼ࠃ಺Ͱॳͷຊ֨తͳղઆ • ngx_luaΛར༻͢Δ৔߹ɺ௚ʹར༻͢ΔΑΓ͸ OpenRestyʹ͓ͯ͘͠ํָ͕ͳ͜ͱ͕ଟ͍ͷ ͰΦεεϝͰ͢

  25. ʰnginx࣮ફೖ໳ʱষߏ੒ • 1ষ nginxͷ֓ཁͱΞʔΩςΫνϟ • 2ষ Πϯετʔϧͱىಈ • 3ষ جຊઃఆ

    • 4ষ ੩తͳWebαΠτͷߏங • 5ষ ҆શ͔ͭߴ଎ͳHTTPSαʔόͷߏங

  26. ʰnginx࣮ફೖ໳ʱষߏ੒ • 6ষ WebΞϓϦέʔγϣϯαʔόͷߏங • 7ষ େن໛ίϯςϯπ഑৴αʔόͷߏங • 8ষ Webαʔόͷӡ༻ͱϝτϦΫεϞχλϦϯά

    • 9ষ LuaʹΑΔnginxͷ֦ு • 10ষ OpenResty

  27. ೦ߍ࣌ظͷ೰Έ(2015೥ळʙౙ)

  28. nginxͷHTTP/2࣮૷͕ ͍ͭग़Δ͔Θ͔Βͳ͍

  29. nginxͷdynamic module͕ ͍ͭग़Δ͔Θ͔Βͳ͍

  30. nginx࣮ફೖ໳Ͱղઆͯ͠ͳ͍ओͳ಺༰ • ngx_mail_xxx_module • nginxͰϝʔϧϓϩΩγ • ngx_stream_xxx_module • nginxͰL4ϩʔυόϥϯε •

    ngx_luaͷ࠷৽ͷσΟϨΫςΟϒ • e.g. (ssl_certificate|balancer)_by_lua_block

  31. nginxͰL4ϩʔυόϥϯε stream { upstream app { server x.x.x.x:12345; server x.x.x.y:12345;

    } server { listen 50000; proxy_pass app; } }

  32. xxx_by_lua_block (e.g. content_by_lua_block) • LuaεΫϦϓτΛΠϯϥΠϯͰॻ͘ࡍʹώΞυ ΩϡϝϯτͰॻ͚ΔΑ͏ʹͳͬͨ

  33. content_by_lua location / { content_by_lua ‘ngx.say(‘hello’)’; } Syntax error…

  34. content_by_lua_block location / { content_by_lua_block { ngx.say(‘hello’) } }

  35. ssl_certificate_by_lua_(block|file) • TLSϋϯυγΣΠΫ࣌ʹLuaεΫϦϓτΛϑο ΫͰ͖Δ • ূ໌ॻͷಈతͳ੾Γସ͑౳ʹԠ༻Մೳ

  36. balancer_by_lua_(block|file) • upstreamίϯςΩετͰར༻ग़དྷΔσΟϨΫ ςΟϒ • ಈతͳϩʔυόϥϯαʔͷߏஙʹར༻Մೳ

  37. ngx_stream_lua_module • https://github.com/openresty/stream-lua- nginx-module • ngx_luaͰL4ϩʔυόϥϯε • Status • Quite

    usable but still experimental.

  38. Coming soon… • dynamic module support of nginx • طʹnginxͷmainlineϦϙδτϦʹίϛοτ͞

    ΕͯΔͷͰଟ෼࣍ͷ1.9.11ͰདྷΔ ./configure —with-stream=dynamic ▪ streamϞδϡʔϧͷಈతϩʔσΟϯά ▪ nginx.confͷઃఆ load_module /path/to/ngx_stream_module.so