Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
NginxとELBの罠
Search
innossh
November 25, 2017
Technology
1
900
NginxとELBの罠
WEBエンジニア勉強会 #04
https://web-engineer-meetup.connpass.com/event/70551/
innossh
November 25, 2017
Tweet
Share
More Decks by innossh
See All by innossh
AnsibleとAWXでレガシーな本番環境デプロイを1-Click実行 / LT - Ansible Night in Tokyo 201712
innossh
1
1.6k
Other Decks in Technology
See All in Technology
AutomatedLabを使って内部ペンテストを勉強しよう! -やられ社内ネットワークの自動構築-
n_etupirka
1
610
目標設定は好きですか? アジャイルとともに目標と向き合い続ける方法 / Do you like target Management?
kakehashi
10
3k
「単なる OAuth 2.0 を認証に使うと、車が通れるほどのどでかいセキュリティー・ホールができる」のか検証してみた
terara
0
380
What is DRE? - Road to SRE NEXT@広島
chanyou0311
3
630
ソフトウェアエンジニアリングの知見を活かして データ基盤をいい感じにする on Snowflake [MIERUNE BBQ #10]
mtpooh
2
150
開発生産性をむしろ向上させる セキュリティパートナーの作り方 / Dev Productivity Con 2024
flatt_security
0
360
Git 研修 Basic【MIXI 24新卒技術研修】
mixi_engineers
PRO
0
310
データ分析基盤を作ってみよう~設計編~
nrinetcom
PRO
1
110
How to Think Like a Performance Engineer
csswizardry
4
590
[NIKKEI Tech Talk]Bias for Action!! 実践から学ぶための仕組とコミュニティ / Community for Practice and Learning
kanamasa
0
270
初中級者用如何使用backlog -VALE TUDOEDITION-
in0u
0
140
ここがすごいよ! AWS Systems Manager!
saichan11
0
1.8k
Featured
See All Featured
The Language of Interfaces
destraynor
151
23k
The Straight Up "How To Draw Better" Workshop
denniskardys
229
130k
Principles of Awesome APIs and How to Build Them.
keavy
124
16k
Bootstrapping a Software Product
garrettdimon
PRO
304
110k
The Power of CSS Pseudo Elements
geoffreycrofte
64
5.2k
A Tale of Four Properties
chriscoyier
155
22k
Become a Pro
speakerdeck
PRO
15
4.8k
Music & Morning Musume
bryan
43
5.9k
Optimising Largest Contentful Paint
csswizardry
18
2.6k
Unsuck your backbone
ammeep
666
57k
Building Adaptive Systems
keathley
34
2k
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
stephaniewalter
277
13k
Transcript
/HJOYͱ&-#ͷ᠘
ࣗݾհ !JOOPTTI ,JJגࣜձࣾ*P5ΫϥυϓϥοτϑΥʔϜ ιϑτΣΞΤϯδχΞ %FW0QT +BWB "OTJCMF ࠷ۙ"MFYB εϓϥτΡʔϯ
ొ͢Δͷ w/HJOY w0QFO3FTUZ w7BSOJTI w&-#
/HJOYͷઃఆ᠘͕ଟ͍
/HJOYࡾΫΠζ
ϨεϙϯεϔομͲ͏ͳΔʁ location /if { set $true 1; if ($true)
{ add_header X-First 1; } if ($true) { add_header X-Second 2; } return 204; }
"9'JSTUͱ94FDPOE#9'JSTUͷΈ $94FDPOEͷΈ location /if { set $true 1; if
($true) { add_header X-First 1; } if ($true) { add_header X-Second 2; } return 204; }
͑$94FDPOEͷΈ location /if { set $true 1; if ($true)
{ add_header X-First 1; } if ($true) { add_header X-Second 2; } return 204; }
*G*T&WJM ཧ༝ͳ͍
Ͱ͏Ұ
ϦΫΤετϔομͲ͏ͳΔʁ http { proxy_set_header X-Foo foo; server { proxy_set_header
X-Bar bar; location /proxysetheader { proxy_pass http://localhost:8080; proxy_set_header X-Baz baz; } } }
"9'PPͱ9#BSͱ9#B[ #9#BSͱ9#B[$9#B[ͷΈ http { proxy_set_header X-Foo foo; server {
proxy_set_header X-Bar bar; location /proxysetheader { proxy_pass http://localhost:8080; proxy_set_header X-Baz baz; } } }
͑$9#B[ͷΈ http { proxy_set_header X-Foo foo; server { proxy_set_header
X-Bar bar; location /proxysetheader { proxy_pass http://localhost:8080; proxy_set_header X-Baz baz; } } }
ཧ༝͋Δ
QSPYZ@TFU@IFBEFS ಉ͡Ϩϕϧʹఆ͕ٛͳ͍࣌ʹ લͷϨϕϧͷఆٛΛҾ͖ܧ͙
http { proxy_set_header X-Foo foo; server { proxy_set_header X-Bar
bar; location /proxysetheader { proxy_pass http://localhost:8080; proxy_set_header X-Foo foo; proxy_set_header X-Bar bar; proxy_set_header X-Baz baz; } } }
˞ͩͨ͠ϨΞέʔεͳͷͰ ϦϥοΫεͯ͠ௌ͍͍ͯͩ͘͞ ͔͜͜Β͕ຊ
લஔ͖ w7BSOJTIΛ0QFO3FTUZʹஔ͖͑Δ࡞ۀ ͰϋϚͬͨ᠘ w)551ϔομ w$POUFOU-FOHUI w5SBOTGFS&ODPEJOHDIVOLFE
Ή͔͠Ή͔͋͠Δͱ͜Ζʹ 7BSOJTIͱ0QFO3FTUZ ͕͍·ͨ͠
7BSOJTI 0QFO3FTUZ &-#
7BSOJTI$POUFOU-FOHUIΛ HTTP/1.1 200 OK Server: varnish Date: Tue, 22 Aug
2017 10:44:59 GMT Content-Type: application/json; charset=utf-8 Connection: keep-alive Status: 200 OK Content-Length: 20 Cache-Control: max-age=0, no-cache, no-store
0QFO3FTUZUSBOTGFSFODPEJOHΛ HTTP/1.1 200 OK Server: openresty Date: Tue, 22 Aug
2017 10:44:59 GMT Content-Type: application/json; charset=utf-8 Connection: keep-alive Status: 200 OK transfer-encoding: chunked Cache-Control: max-age=0, no-cache, no-store
όοΫΤϯυ +BWB ಉҰ 7BSOJTI 0QFO3FTUZ - Content-Length: 20 + transfer-encoding:
chunked
ͲΜͿΒ͜ʙͲΜͿΒ͜ʙ όοΫΤϯυಉҰͳͷʹ ࠩҟͷ͋ΔϨεϙϯε͕ ྲྀΕ͖ͯ·ͨ͠
w0QFO3FTUZͷஔ͖͑ޙɺϨεϙϯε͕ νϟϯΫԽ͞ΕΔ w)551Λ໊ΓͭͭɺνϟϯΫԽ͞Εͨ ϨεϙϯεΛѻ͑ͳ͍ΫϥΠΞϯτ͕ଘࡏ
َୀ࣏ νϟϯΫԽ͞ΕͨݪҼΛ ୀ࣏͠Α͏
όοΫΤϯυʹ HTTP/1.1 200 OK Date: Tue, 22 Aug 2017 10:44:59
GMT Content-Type: application/json; charset=utf-8 Connection: close Content-Length: 20 ↑Content-Length͍͍ͯͳ͍ Status: 200 OK Cache-Control: max-age=0, no-cache, no-store
$POUFOU-FOHUIෆཁʁ wແ͍߹ίωΫγϣϯΛΫϩʔζ͢Δ·Ͱ ϝοηʔδΛड৴ w7BSOJTI$POUFOU-FOHUIΛউखʹ͚ ͍ͯͨ
ͦΕͳΒ0QFO3FTUZʹ HTTP/1.1 200 OK Server: openresty Date: Tue, 22 Aug
2017 10:44:59 GMT Content-Type: application/json; charset=utf-8 Connection: keep-alive Status: 200 OK Transfer-Encoding: chunked Cache-Control: max-age=0, no-cache, no-store
DIVOLFE@USBOTGFS@FODPEJOH w/HJOYͷઃఆ DIVOLFE@USBOTGFS@FODPEJOHσϑΥ ϧτͰPO w0QFO3FTUZ$POUFOU-FOHUIͷແ͍Ϩ εϙϯεΛνϟϯΫԽ͢Δ
7BSOJTI0QFO3FTUZՈདྷʹ νϟϯΫԽ͞ΕͨݪҼΛ ಥ͖ࢭΊͨʜʁ
DIVOLFE@USBOTGFS@FODPEJOHΛPGGʹ HTTP/1.1 200 OK Server: openresty Date: Tue, 22 Aug
2017 10:44:59 GMT Content-Type: application/json; charset=utf-8 Connection: keep-alive Status: 200 OK transfer-encoding: chunked Cache-Control: max-age=0, no-cache, no-store
Ͳ͏ͤ/HJOYͷ᠘ͩΖ͏ʜ wDIVOLFE@USBOTGFS@FODPEJOHPGG͕ޮ ͔ͳ͍ wͲ͏ߟ͑ͯνϟϯΫԽ͢Δίʔυ͕࣮ߦ͞ ΕΔ͕ͣͳ͍ w࠶ϏϧυόʔδϣϯΞοϓޮՌͳ͠
ʁ /HJOYͷιʔείʔυΛಡΜͰ Ұ͚ͭͩؾ͍ͮͨ͜ͱ͕ʜ
None
HTTP/1.1 200 OK Server: openresty Date: Tue, 22 Aug 2017
10:44:59 GMT Content-Type: application/json; charset=utf-8 Connection: keep-alive Status: 200 OK transfer-encoding: chunked Cache-Control: max-age=0, no-cache, no-store
NginxͰ Transfer-Encoding: chunked
ΫϥΠΞϯτͰ transfer-encoding: chunked
ELBͰ transfer-encoding: chunked ʊਓਓਓਓਓਓʊ ʼɹಥવͷ&-#ɹʻ ʉ:?:?:?:?:ʉ
ݪҼ&-# w&-#$POUFOU-FOHUIͷແ͍Ϩεϙϯε ΛνϟϯΫԽ͢Δ wখจࣈͷUSBOTGFSFODPEJOHΛ͚Δ
ಉ྅ʮ"-#ͬͯΈͨΒʁʯ
"-#ΛͬͯΈΔͱ wಉ༷ʹϨεϙϯεΛνϟϯΫԽ͢Δ wେจࣈͷ5SBOTGFS&ODPEJOHΛ͚Δ͆ Nginx: Transfer-Encoding ELB: transfer-encoding ALB: Transfer-Encoding <=
վળʁ͆
ղܾࡦ w&-#ͷ5$1ϦεφΛ͏ w͘͠/-#Λ͏
·ͱΊ wେจࣈখจࣈʹཱͭ͆ w)551ඇରԠͷΫϥΠΞϯτͭΒ͍ w)551ϔομΛकΔʹ5$1ϩʔυόϥϯα Λ͏
Ҏ্ɺ/HJOYͱ&-#ͷ᠘ͷ *P5ΫϥυϓϥοτϑΥʔϜ,JJ LJJDPN ΤϯδχΞืूͯ͠·͢ʂ