Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
NginxとELBの罠
Search
innossh
November 25, 2017
Technology
1
980
NginxとELBの罠
WEBエンジニア勉強会 #04
https://web-engineer-meetup.connpass.com/event/70551/
innossh
November 25, 2017
Tweet
Share
More Decks by innossh
See All by innossh
AnsibleとAWXでレガシーな本番環境デプロイを1-Click実行 / LT - Ansible Night in Tokyo 201712
innossh
1
1.7k
Other Decks in Technology
See All in Technology
クラウドセキュリティを支える技術と運用の最前線 / Cutting-edge Technologies and Operations Supporting Cloud Security
yuj1osm
2
310
Snowflakeの生成AI機能を活用したデータ分析アプリの作成 〜Cortex AnalystとCortex Searchの活用とStreamlitアプリでの利用〜
nayuts
1
450
roppongirb_20250911
igaiga
0
180
20250903_1つのAWSアカウントに複数システムがある環境におけるアクセス制御をABACで実現.pdf
yhana
3
530
BPaaSにおける人と協働する前提のAIエージェント-AWS登壇資料
kentarofujii
0
130
AI開発ツールCreateがAnythingになったよ
tendasato
0
120
La gouvernance territoriale des données grâce à la plateforme Terreze
bluehats
0
150
人工衛星のファームウェアをRustで書く理由
koba789
10
6.1k
Automating Web Accessibility Testing with AI Agents
maminami373
0
1.2k
下手な強制、ダメ!絶対! 「ガードレール」を「檻」にさせない"ガバナンス"の取り方とは?
tsukaman
2
420
バッチ処理で悩むバックエンドエンジニアに捧げるAWS Glue入門
diggymo
3
180
COVESA VSSによる車両データモデルの標準化とAWS IoT FleetWiseの活用
osawa
1
250
Featured
See All Featured
Done Done
chrislema
185
16k
Navigating Team Friction
lara
189
15k
Designing for humans not robots
tammielis
253
25k
KATA
mclloyd
32
14k
How STYLIGHT went responsive
nonsquared
100
5.8k
Code Review Best Practice
trishagee
70
19k
A better future with KSS
kneath
239
17k
Building an army of robots
kneath
306
46k
Context Engineering - Making Every Token Count
addyosmani
1
19
Thoughts on Productivity
jonyablonski
70
4.8k
The MySQL Ecosystem @ GitHub 2015
samlambert
251
13k
The Cult of Friendly URLs
andyhume
79
6.6k
Transcript
/HJOYͱ&-#ͷ᠘
ࣗݾհ !JOOPTTI ,JJגࣜձࣾ*P5ΫϥυϓϥοτϑΥʔϜ ιϑτΣΞΤϯδχΞ %FW0QT +BWB "OTJCMF ࠷ۙ"MFYB εϓϥτΡʔϯ
ొ͢Δͷ w/HJOY w0QFO3FTUZ w7BSOJTI w&-#
/HJOYͷઃఆ᠘͕ଟ͍
/HJOYࡾΫΠζ
ϨεϙϯεϔομͲ͏ͳΔʁ location /if { set $true 1; if ($true)
{ add_header X-First 1; } if ($true) { add_header X-Second 2; } return 204; }
"9'JSTUͱ94FDPOE#9'JSTUͷΈ $94FDPOEͷΈ location /if { set $true 1; if
($true) { add_header X-First 1; } if ($true) { add_header X-Second 2; } return 204; }
͑$94FDPOEͷΈ location /if { set $true 1; if ($true)
{ add_header X-First 1; } if ($true) { add_header X-Second 2; } return 204; }
*G*T&WJM ཧ༝ͳ͍
Ͱ͏Ұ
ϦΫΤετϔομͲ͏ͳΔʁ http { proxy_set_header X-Foo foo; server { proxy_set_header
X-Bar bar; location /proxysetheader { proxy_pass http://localhost:8080; proxy_set_header X-Baz baz; } } }
"9'PPͱ9#BSͱ9#B[ #9#BSͱ9#B[$9#B[ͷΈ http { proxy_set_header X-Foo foo; server {
proxy_set_header X-Bar bar; location /proxysetheader { proxy_pass http://localhost:8080; proxy_set_header X-Baz baz; } } }
͑$9#B[ͷΈ http { proxy_set_header X-Foo foo; server { proxy_set_header
X-Bar bar; location /proxysetheader { proxy_pass http://localhost:8080; proxy_set_header X-Baz baz; } } }
ཧ༝͋Δ
QSPYZ@TFU@IFBEFS ಉ͡Ϩϕϧʹఆ͕ٛͳ͍࣌ʹ લͷϨϕϧͷఆٛΛҾ͖ܧ͙
http { proxy_set_header X-Foo foo; server { proxy_set_header X-Bar
bar; location /proxysetheader { proxy_pass http://localhost:8080; proxy_set_header X-Foo foo; proxy_set_header X-Bar bar; proxy_set_header X-Baz baz; } } }
˞ͩͨ͠ϨΞέʔεͳͷͰ ϦϥοΫεͯ͠ௌ͍͍ͯͩ͘͞ ͔͜͜Β͕ຊ
લஔ͖ w7BSOJTIΛ0QFO3FTUZʹஔ͖͑Δ࡞ۀ ͰϋϚͬͨ᠘ w)551ϔομ w$POUFOU-FOHUI w5SBOTGFS&ODPEJOHDIVOLFE
Ή͔͠Ή͔͋͠Δͱ͜Ζʹ 7BSOJTIͱ0QFO3FTUZ ͕͍·ͨ͠
7BSOJTI 0QFO3FTUZ &-#
7BSOJTI$POUFOU-FOHUIΛ HTTP/1.1 200 OK Server: varnish Date: Tue, 22 Aug
2017 10:44:59 GMT Content-Type: application/json; charset=utf-8 Connection: keep-alive Status: 200 OK Content-Length: 20 Cache-Control: max-age=0, no-cache, no-store
0QFO3FTUZUSBOTGFSFODPEJOHΛ HTTP/1.1 200 OK Server: openresty Date: Tue, 22 Aug
2017 10:44:59 GMT Content-Type: application/json; charset=utf-8 Connection: keep-alive Status: 200 OK transfer-encoding: chunked Cache-Control: max-age=0, no-cache, no-store
όοΫΤϯυ +BWB ಉҰ 7BSOJTI 0QFO3FTUZ - Content-Length: 20 + transfer-encoding:
chunked
ͲΜͿΒ͜ʙͲΜͿΒ͜ʙ όοΫΤϯυಉҰͳͷʹ ࠩҟͷ͋ΔϨεϙϯε͕ ྲྀΕ͖ͯ·ͨ͠
w0QFO3FTUZͷஔ͖͑ޙɺϨεϙϯε͕ νϟϯΫԽ͞ΕΔ w)551Λ໊ΓͭͭɺνϟϯΫԽ͞Εͨ ϨεϙϯεΛѻ͑ͳ͍ΫϥΠΞϯτ͕ଘࡏ
َୀ࣏ νϟϯΫԽ͞ΕͨݪҼΛ ୀ࣏͠Α͏
όοΫΤϯυʹ HTTP/1.1 200 OK Date: Tue, 22 Aug 2017 10:44:59
GMT Content-Type: application/json; charset=utf-8 Connection: close Content-Length: 20 ↑Content-Length͍͍ͯͳ͍ Status: 200 OK Cache-Control: max-age=0, no-cache, no-store
$POUFOU-FOHUIෆཁʁ wແ͍߹ίωΫγϣϯΛΫϩʔζ͢Δ·Ͱ ϝοηʔδΛड৴ w7BSOJTI$POUFOU-FOHUIΛউखʹ͚ ͍ͯͨ
ͦΕͳΒ0QFO3FTUZʹ HTTP/1.1 200 OK Server: openresty Date: Tue, 22 Aug
2017 10:44:59 GMT Content-Type: application/json; charset=utf-8 Connection: keep-alive Status: 200 OK Transfer-Encoding: chunked Cache-Control: max-age=0, no-cache, no-store
DIVOLFE@USBOTGFS@FODPEJOH w/HJOYͷઃఆ DIVOLFE@USBOTGFS@FODPEJOHσϑΥ ϧτͰPO w0QFO3FTUZ$POUFOU-FOHUIͷແ͍Ϩ εϙϯεΛνϟϯΫԽ͢Δ
7BSOJTI0QFO3FTUZՈདྷʹ νϟϯΫԽ͞ΕͨݪҼΛ ಥ͖ࢭΊͨʜʁ
DIVOLFE@USBOTGFS@FODPEJOHΛPGGʹ HTTP/1.1 200 OK Server: openresty Date: Tue, 22 Aug
2017 10:44:59 GMT Content-Type: application/json; charset=utf-8 Connection: keep-alive Status: 200 OK transfer-encoding: chunked Cache-Control: max-age=0, no-cache, no-store
Ͳ͏ͤ/HJOYͷ᠘ͩΖ͏ʜ wDIVOLFE@USBOTGFS@FODPEJOHPGG͕ޮ ͔ͳ͍ wͲ͏ߟ͑ͯνϟϯΫԽ͢Δίʔυ͕࣮ߦ͞ ΕΔ͕ͣͳ͍ w࠶ϏϧυόʔδϣϯΞοϓޮՌͳ͠
ʁ /HJOYͷιʔείʔυΛಡΜͰ Ұ͚ͭͩؾ͍ͮͨ͜ͱ͕ʜ
None
HTTP/1.1 200 OK Server: openresty Date: Tue, 22 Aug 2017
10:44:59 GMT Content-Type: application/json; charset=utf-8 Connection: keep-alive Status: 200 OK transfer-encoding: chunked Cache-Control: max-age=0, no-cache, no-store
NginxͰ Transfer-Encoding: chunked
ΫϥΠΞϯτͰ transfer-encoding: chunked
ELBͰ transfer-encoding: chunked ʊਓਓਓਓਓਓʊ ʼɹಥવͷ&-#ɹʻ ʉ:?:?:?:?:ʉ
ݪҼ&-# w&-#$POUFOU-FOHUIͷແ͍Ϩεϙϯε ΛνϟϯΫԽ͢Δ wখจࣈͷUSBOTGFSFODPEJOHΛ͚Δ
ಉ྅ʮ"-#ͬͯΈͨΒʁʯ
"-#ΛͬͯΈΔͱ wಉ༷ʹϨεϙϯεΛνϟϯΫԽ͢Δ wେจࣈͷ5SBOTGFS&ODPEJOHΛ͚Δ͆ Nginx: Transfer-Encoding ELB: transfer-encoding ALB: Transfer-Encoding <=
վળʁ͆
ղܾࡦ w&-#ͷ5$1ϦεφΛ͏ w͘͠/-#Λ͏
·ͱΊ wେจࣈখจࣈʹཱͭ͆ w)551ඇରԠͷΫϥΠΞϯτͭΒ͍ w)551ϔομΛकΔʹ5$1ϩʔυόϥϯα Λ͏
Ҏ্ɺ/HJOYͱ&-#ͷ᠘ͷ *P5ΫϥυϓϥοτϑΥʔϜ,JJ LJJDPN ΤϯδχΞืूͯ͠·͢ʂ