Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
NGINX / Developers Summit 2019
Search
Sponsored
·
Your Podcast. Everywhere. Effortlessly.
Share. Educate. Inspire. Entertain. You do you. We'll handle the rest.
→
NGINX Japan
February 15, 2019
Technology
1.6k
0
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
NGINX / Developers Summit 2019
NGINX Japan
February 15, 2019
More Decks by NGINX Japan
See All by NGINX Japan
NGINX Plus - マイクロサービスの高可用性 / JapanContainerDays v18.12
nginx_jp
4
2.1k
NGINXとApacheざっくり比較 - NGINX MeetUp #1 Lightning Talks
nginx_jp
0
130
NGINX Plusのご紹介 - Red Hat Forum Tokyo 2018
nginx_jp
0
120
Other Decks in Technology
See All in Technology
10年目を迎えた「ABEMA」がどのように AI 活用を推進して、AI 駆動開発にシフトしているのか / How ABEMA, entering its 10th year, is promoting the use of AI and shifting toward AI-driven development
miyukki
0
120
ruby.wasmとPicoRuby.wasmに対応した仮想DOMライブラリを作ってる話 #kaigieffect_kaigi
sue445
PRO
0
140
ポストモーテム! DDoSからサイトは守れた。 でもビジネスは守れなかった。
bengo4com
0
2.8k
Foxgloveについて 実際にExtensionを開発して公開するまでの話 / About Foxglove: The Story of Developing and Releasing an Extension
ry0_ka
0
210
「最後に責任を取るのはチーム」— 人間のPRレビューを最小化してアップデートしたメンタルモデル
jnishime_dresscode
0
540
ループエンジニアリングでE2Eテストを実践
noriyukitakei
0
350
CSに"SLO"は要らない、経営層に"99.9%"は伝わらない - SREを全社に"翻訳"する3原則
cscengineer
PRO
1
4.5k
Oracle Base Database Service 技術詳細
oracle4engineer
PRO
15
110k
凡エンジニアがこの先生きのこるためには。〜TypeScript完全に理解したい〜
alchemy1115
2
160
実装だけじゃない! CCA-F取得エンジニアが教えるClaude Code開発プロセス活用術
diggymo
2
620
「早く出す」より「事業に効く」 ── 顧客の業務サイクルから逆算するAI時代の二重ループ開発と「変化の設計者」 / devsumi2026
rakus_dev
1
210
AI Agent SaaS を支える自社仮想化基盤への挑戦と実運用 / ai-agent-saas-virtualization
flatt_security
2
3.8k
Featured
See All Featured
HTML-Aware ERB: The Path to Reactive Rendering @ RubyCon 2026, Rimini, Italy
marcoroth
2
320
Bioeconomy Workshop: Dr. Julius Ecuru, Opportunities for a Bioeconomy in West Africa
akademiya2063
PRO
1
170
Context Engineering - Making Every Token Count
addyosmani
9
1k
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
254
22k
svc-hook: hooking system calls on ARM64 by binary rewriting
retrage
2
330
The State of eCommerce SEO: How to Win in Today's Products SERPs - #SEOweek
aleyda
2
11k
Sam Torres - BigQuery for SEOs
techseoconnect
PRO
0
300
Put a Button on it: Removing Barriers to Going Fast.
kastner
60
4.4k
Future Trends and Review - Lecture 12 - Web Technologies (1019888BNR)
signer
PRO
0
3.6k
Raft: Consensus for Rubyists
vanstee
141
7.6k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
234
17k
The innovator’s Mindset - Leading Through an Era of Exponential Change - McGill University 2025
jdejongh
PRO
1
220
Transcript
Webαʔόʔར༻͚ͩͰͳ͍ NGINXιϦϡʔγϣϯ NGINX ςΫχΧϧ ιϦϡʔγϣϯζ ΞʔΩςΫτ ాล ໜ 2019/2/15
NGINXͷ͝հ NGINX Plus ϚΠΫϩαʔϏεͷऔΓΈ 1 2 3 ຊͷ༰ NGINX Controller
4 2
NGINXͷ͝հ 1
NGINXࣾ • ʹઃཱɺʹNGINX 1MVTͷॳظϦϦʔε 044൛ॳظϦϦʔε • ສҎ্ͷΣϒαΠτ • ΤϯλʔϓϥΠζιϑτΣΞۀքͷϦʔμʔͷϕϯνϟʔΩϟϐλϧͷࢧԉ •
αϯϑϥϯγείɺϩϯυϯɺίʔΫɺγϯΨϙʔϧɺγυχʔɺϞεΫϫɺ౦ژͷΦϑΟε • ࣾҎ্ͷސ٬ • ਓҎ্ͷैۀһ 4
NGINX Unit NGINX ͔Βͷ৽͍͠ಈతͳWebͱΞϓϦ έʔγϣϯɾαʔόʔɻΦʔϓϯιʔεɺ ෳͷݴޠͷαϙʔτɺ͓Αͼಈతͳ REST API ओಋͷߏɻ NGINX
Plus ϩʔυόϥϯαʔɺWebαʔόʔɺίϯςϯπ ΩϟογϡΛؚΉ།ҰͷΦʔϧΠϯϫϯ ιϦϡʔγϣϯɻίετΛݮ͠ͳ͕Βɺ ΞʔΩςΫνϟΛ؆ૉԽ͠·͢ɻ NGINX Controller NGINX PlusͷͨΊͷूதࢹ͓Αͼཧɻ ୯Ұͷඒ͍͠ΠϯλʔϑΣΠεΛ༻ͯ͠ɺ ԾϩʔυόϥϯαʔΛల։͠·͢ɻ NGINX WAF Φʔϓϯιʔεͷ WebΞϓϦέʔγϣϯ ϑΝΠΞΥʔϧ (WAF) SQL ΠϯδΣΫγϣϯɺLFIRFI ͓ΑͼͦͷଞͷϨΠϠ7߈ܸΛޚ͠·͢ɻ Powered by ModSecurity. 5
ݱࡏͷΞϓϦͷΠϯϑϥෳࡶ 6
NGINXʹΑΓ10ഒ؆ૉԽɾ 80%ίετݮ 7
NGINX ΞϓϦέʔγϣϯ ϓϥοτϑΥʔϜ ϨΨγʔͳϞϊϦγοΫ ΞϓϦ͔ΒϞμϯͳϚΠ ΫϩαʔϏε·Ͱ෯͘ ରԠ͠ɺσδλϧମݧΛ ։ൃఏڙ͢ΔͨΊͷςΫ ϊϩδʔεΠʔτ ϩʔυόϥϯαʔ
API αʔϏεϝογϡ 8
NGINX Plus 2
ߴੑೳͳΞϓϦέʔγϣϯͷ৴ • ৄࡉͰ๛ͳϝτϦοΫ • ڧྗͳෛՙࢄ • ϔϧενΣοΫ • αʔϏεϨδετϦͷ౷߹ •
HTTP/HTTPS/H2/gRPC/TCP/UDP ΤϯλʔϓϥΠζαϙʔτ HTTP HTTPS HTTP/2 gRPC TCP UDP consul etcd 11
NGINX PlusͷμογϡϘʔυ 12 શମ αʔόʔͷঢ়گʢκʔϯʹ͚ͯදࣔʣ Ωϟογϡ ڞ༗ϝϞϦʔ NGINX Plusͷ Πϯελϯεຖͷใ
http://demo.nginx.com
NGINX Plus: Upstreamͷಈతมߋ ϩʔυόϥϯεઌ (Upstream) ΛಈతʹมߋՄೳ μογϡϘʔυͷGUIͰ APIͰ
ϩʔυόϥϯαʔɾΩϟογϡ • HTTP, TCP, UDP ͷෛՙࢄ • URIɺΫοΩʔɺҾͳͲΛ༻ͨ͠ɺ ϨΠϠ7ϦΫΤετϧʔςΟϯά
• ͞·͟·ͳΞϧΰϦζϜ • ϥϯυϩϏϯɺ࠷খίωΫγϣϯɺIPϋογϡ • ࠷খλΠϜɺ࠷খίωΫγϣϯ͔Βೋͭબ • ΫοΩʔʹجͮ͘ηογϣϯӬଓԽ • εςʔλείʔυͱԠϘσΟʹجͮ͘ɺ ΞΫςΟϒϔϧενΣοΫ • DNS Λ༻ͨ͠αʔϏε୳ࡧ ࣈ෦NGINX PlusͷΈͷػೳʣ
APIήʔτΣΠͱͯ͠
NGINX WAF ߴͳ8&#ΞϓϦέʔγϣϯ ϑΝΠΞΥʔϧ ϨΠϠ߈ܸอޢ %%P4؇ *1Ϩϐϡςʔγϣϯ
ࠪϩά
ϚΠΫϩαʔϏεͷऔΓΈ 3
NGINXɺ͞·͟·ͳϚΠΫϩ αʔϏεΞʔΩςΫνϟΛαϙʔτ 3. Fabric Model 2. Router Mesh Model 1.
Proxy Model 19
NGINX Unit 20 • μΠφϛοΫWebɾ ΞϓϦέʔγϣϯαʔόʔ ◦ γϯϓϧɾܰྔ ◦ ଟݴޠʹରԠ:
Python, PHP, Go, Perl, Ruby, JavaScript (Node.js), Java(༧ఆ) ηοτΞοϓɾઃఆͳͲɺಉ༷ͷڥΛར༻Մೳ ◦ RESTful JSON APIͰͷಈతͳઃఆ ◦ Φʔϓϯιʔε ◦ NGINX PlusϢʔβʔ αϙʔτར༻Մ ◦ NGINXΛαΠυΧʔʹ
ಈతͳϧʔςΟϯά: αʔϏεͷݕग़ • ͜Μͳͱ͖ʹඞཁ ◦ ৽͍͠αʔϏε͕Ճ͞Εͨ ◦ طଘͷαʔϏεͷΠϯελϯε͕Ճ͞Εͨ • ϓϩΩγ͕ߏ͞ΕΔτϦΨʔͷྫ
◦ Ansible Roles ◦ Consul templates ◦ DNS A, SRV Ϩίʔυ ◦ AWS Autoscaling άϧʔϓ ◦ Kubernetes (kube-dns) Ingress and Service-to- Service 21
Unit
Unit deployment/unit-headless Deployment Unit Unit
Unit deployment/unit-headless Deployment Unit Unit
Unit deployment/unit-headless svc/unit-headless-svc Deployment Headless Service Unit Unit
Unit deployment/unit-headless svc/unit-headless-svc Deployment Headless Service NGINX Plus Load Balancer
SRV ϨίʔυͰσΟεΧόϦ pod/nginx-headless Unit Unit
Unit deployment/unit-headless svc/unit-headless-svc Deployment Headless Service NGINX Plus Load Balancer
SRV ϨίʔυͰσΟεΧόϦ NodePort Service pod/nginx-headless svc/nginx-headless Unit Unit
DNSαʔϏεσΟεΧόϦ ༏ઌɾΣΠτ ϙʔτ൪߸ɾϗετ໊ NGINXͷDNSΩϟογϡ༗ޮ࣌ؒ αʔόʔϦετΛDNSͰղܾ UpstreamΛࢀর 29 खಈͰDNSϨίʔυઃఆɺKubernetesͰHeadless Service
None
NGINX Plus - Kubernetes Ingress Controller NGINX PlusΛೖΓޱͱͯ͠ KubernetesΞϓϦέʔγϣϯΛ࡞ :
• ߴͳෛՙࢄͱSSL/TLS ऴ • WebSocket ͱ HTTP/2 ͷαϙʔτ • ϦΫΤετ͕ΞϓϦέʔγϣϯʹసૹ͞ΕΔ લʹURI ॻ͖͑ • ಈతͳ࠶ߏ • Session persistence • JWT authentication • Prometheusͷαϙʔτ • 24x7 αϙʔτ https://github.com/nginxinc/kubernetes-ingress 32
NGINX Controller 4
NGINX Controller: ϞχλϦϯά 34 ଟͷNGINX Plus͔Β౷ܭใΛू
NGINX Controller: LBઃఆ 35 nginx.conf ͷ֬ೝ nginx.conf ͷมߋ ઃఆͷݕূ NGINXͷίϯτϩʔϧϓϨʔϯͱͯ͠
·ͣAPI Gateway͔Β
NGINX Controller: APIཧ APIఆٛ ྲྀྔཧ ೝূɾೝՄ
·ͱΊ • ࣗࣾͷWebγεςϜ͕ෳࡶʹͳΓ͍͗ͯ͢Δ ◦ → NGINX Plus! • ϩʔυόϥϯαʔͷϋʔυΣΞͷߋ৽࣌ظʹདྷ͍ͯΔ ◦
→ NGINX Plus! • ϚΠΫϩαʔϏείϯςφͰͷӡ༻Λݕ౼த ◦ → NGINX Plus! ϑϦʔτϥΠΞϧ ͪ͜Β͔Β 37
Thank you! 38