Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
NGINX / Developers Summit 2019
Search
NGINX Japan
February 15, 2019
Technology
1.6k
0
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
NGINX / Developers Summit 2019
NGINX Japan
February 15, 2019
More Decks by NGINX Japan
See All by NGINX Japan
NGINX Plus - マイクロサービスの高可用性 / JapanContainerDays v18.12
nginx_jp
4
2.1k
NGINXとApacheざっくり比較 - NGINX MeetUp #1 Lightning Talks
nginx_jp
0
130
NGINX Plusのご紹介 - Red Hat Forum Tokyo 2018
nginx_jp
0
120
Other Decks in Technology
See All in Technology
ご挨拶「10周年を迎える共創ラボのこれまでとこれから」
iotcomjpadmin
0
180
AI時代のエンジニアキャリアについて今一度考える
sakamoto_582
1
1.2k
「ちゃんとやっている」は独りよがりだった ― 不安に寄り添うインシデント対応へ / Towards incident response that addresses anxieties
chmikata
1
400
5分でわかる Amazon Connect_20260608
hwangbyeonghun
0
180
ゼロをイチにする仕事が終わったあと
smasato
0
280
テスト設計の本質を改めて考えてみる~生成AIを活用する時代だからこそ、作ったテストの説明性を高めよう~
yamasaki696
1
290
End-to-Endで考える信頼性 —LINEアプリにおけるクライアント開発×SRE連携の実践
maruloop
1
230
AIで政治は変わるのか? — 中高生と考えたAI時代の民主主義(東海高校サタデープログラム)
eitarosuda
0
380
次世代ランサムウェア対策の考察 / 20260704 Mitsutoshi Matsuo
shift_evolve
PRO
5
1.7k
SRE依存からの脱却 運用を開 発チームへ移す、 フルサイ クル開 発体制の実践
joooee0000
0
170
10x Speed With QA Agent Platform - How we scaled adoption from individual effort to organizational capability
lycorptech_jp
PRO
0
130
『AIに負けない』より『AIと遊ぶ』」〜ワクワクが最強のテスト・QA学習戦略_公開用
odan611
1
370
Featured
See All Featured
Building Better People: How to give real-time feedback that sticks.
wjessup
370
20k
Public Speaking Without Barfing On Your Shoes - THAT 2023
reverentgeek
1
450
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
55
3.4k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
230
23k
Amusing Abliteration
ianozsvald
1
220
The Impact of AI in SEO - AI Overviews June 2024 Edition
aleyda
5
1.1k
Hiding What from Whom? A Critical Review of the History of Programming languages for Music
tomoyanonymous
3
880
The agentic SEO stack - context over prompts
schlessera
0
840
Designing for humans not robots
tammielis
254
26k
Side Projects
sachag
455
43k
Paper Plane
katiecoart
PRO
1
52k
Everyday Curiosity
cassininazir
0
250
Transcript
Webαʔόʔར༻͚ͩͰͳ͍ NGINXιϦϡʔγϣϯ NGINX ςΫχΧϧ ιϦϡʔγϣϯζ ΞʔΩςΫτ ాล ໜ 2019/2/15
NGINXͷ͝հ NGINX Plus ϚΠΫϩαʔϏεͷऔΓΈ 1 2 3 ຊͷ༰ NGINX Controller
4 2
NGINXͷ͝հ 1
NGINXࣾ • ʹઃཱɺʹNGINX 1MVTͷॳظϦϦʔε 044൛ॳظϦϦʔε • ສҎ্ͷΣϒαΠτ • ΤϯλʔϓϥΠζιϑτΣΞۀքͷϦʔμʔͷϕϯνϟʔΩϟϐλϧͷࢧԉ •
αϯϑϥϯγείɺϩϯυϯɺίʔΫɺγϯΨϙʔϧɺγυχʔɺϞεΫϫɺ౦ژͷΦϑΟε • ࣾҎ্ͷސ٬ • ਓҎ্ͷैۀһ 4
NGINX Unit NGINX ͔Βͷ৽͍͠ಈతͳWebͱΞϓϦ έʔγϣϯɾαʔόʔɻΦʔϓϯιʔεɺ ෳͷݴޠͷαϙʔτɺ͓Αͼಈతͳ REST API ओಋͷߏɻ NGINX
Plus ϩʔυόϥϯαʔɺWebαʔόʔɺίϯςϯπ ΩϟογϡΛؚΉ།ҰͷΦʔϧΠϯϫϯ ιϦϡʔγϣϯɻίετΛݮ͠ͳ͕Βɺ ΞʔΩςΫνϟΛ؆ૉԽ͠·͢ɻ NGINX Controller NGINX PlusͷͨΊͷूதࢹ͓Αͼཧɻ ୯Ұͷඒ͍͠ΠϯλʔϑΣΠεΛ༻ͯ͠ɺ ԾϩʔυόϥϯαʔΛల։͠·͢ɻ NGINX WAF Φʔϓϯιʔεͷ WebΞϓϦέʔγϣϯ ϑΝΠΞΥʔϧ (WAF) SQL ΠϯδΣΫγϣϯɺLFIRFI ͓ΑͼͦͷଞͷϨΠϠ7߈ܸΛޚ͠·͢ɻ Powered by ModSecurity. 5
ݱࡏͷΞϓϦͷΠϯϑϥෳࡶ 6
NGINXʹΑΓ10ഒ؆ૉԽɾ 80%ίετݮ 7
NGINX ΞϓϦέʔγϣϯ ϓϥοτϑΥʔϜ ϨΨγʔͳϞϊϦγοΫ ΞϓϦ͔ΒϞμϯͳϚΠ ΫϩαʔϏε·Ͱ෯͘ ରԠ͠ɺσδλϧମݧΛ ։ൃఏڙ͢ΔͨΊͷςΫ ϊϩδʔεΠʔτ ϩʔυόϥϯαʔ
API αʔϏεϝογϡ 8
NGINX Plus 2
ߴੑೳͳΞϓϦέʔγϣϯͷ৴ • ৄࡉͰ๛ͳϝτϦοΫ • ڧྗͳෛՙࢄ • ϔϧενΣοΫ • αʔϏεϨδετϦͷ౷߹ •
HTTP/HTTPS/H2/gRPC/TCP/UDP ΤϯλʔϓϥΠζαϙʔτ HTTP HTTPS HTTP/2 gRPC TCP UDP consul etcd 11
NGINX PlusͷμογϡϘʔυ 12 શମ αʔόʔͷঢ়گʢκʔϯʹ͚ͯදࣔʣ Ωϟογϡ ڞ༗ϝϞϦʔ NGINX Plusͷ Πϯελϯεຖͷใ
http://demo.nginx.com
NGINX Plus: Upstreamͷಈతมߋ ϩʔυόϥϯεઌ (Upstream) ΛಈతʹมߋՄೳ μογϡϘʔυͷGUIͰ APIͰ
ϩʔυόϥϯαʔɾΩϟογϡ • HTTP, TCP, UDP ͷෛՙࢄ • URIɺΫοΩʔɺҾͳͲΛ༻ͨ͠ɺ ϨΠϠ7ϦΫΤετϧʔςΟϯά
• ͞·͟·ͳΞϧΰϦζϜ • ϥϯυϩϏϯɺ࠷খίωΫγϣϯɺIPϋογϡ • ࠷খλΠϜɺ࠷খίωΫγϣϯ͔Βೋͭબ • ΫοΩʔʹجͮ͘ηογϣϯӬଓԽ • εςʔλείʔυͱԠϘσΟʹجͮ͘ɺ ΞΫςΟϒϔϧενΣοΫ • DNS Λ༻ͨ͠αʔϏε୳ࡧ ࣈ෦NGINX PlusͷΈͷػೳʣ
APIήʔτΣΠͱͯ͠
NGINX WAF ߴͳ8&#ΞϓϦέʔγϣϯ ϑΝΠΞΥʔϧ ϨΠϠ߈ܸอޢ %%P4؇ *1Ϩϐϡςʔγϣϯ
ࠪϩά
ϚΠΫϩαʔϏεͷऔΓΈ 3
NGINXɺ͞·͟·ͳϚΠΫϩ αʔϏεΞʔΩςΫνϟΛαϙʔτ 3. Fabric Model 2. Router Mesh Model 1.
Proxy Model 19
NGINX Unit 20 • μΠφϛοΫWebɾ ΞϓϦέʔγϣϯαʔόʔ ◦ γϯϓϧɾܰྔ ◦ ଟݴޠʹରԠ:
Python, PHP, Go, Perl, Ruby, JavaScript (Node.js), Java(༧ఆ) ηοτΞοϓɾઃఆͳͲɺಉ༷ͷڥΛར༻Մೳ ◦ RESTful JSON APIͰͷಈతͳઃఆ ◦ Φʔϓϯιʔε ◦ NGINX PlusϢʔβʔ αϙʔτར༻Մ ◦ NGINXΛαΠυΧʔʹ
ಈతͳϧʔςΟϯά: αʔϏεͷݕग़ • ͜Μͳͱ͖ʹඞཁ ◦ ৽͍͠αʔϏε͕Ճ͞Εͨ ◦ طଘͷαʔϏεͷΠϯελϯε͕Ճ͞Εͨ • ϓϩΩγ͕ߏ͞ΕΔτϦΨʔͷྫ
◦ Ansible Roles ◦ Consul templates ◦ DNS A, SRV Ϩίʔυ ◦ AWS Autoscaling άϧʔϓ ◦ Kubernetes (kube-dns) Ingress and Service-to- Service 21
Unit
Unit deployment/unit-headless Deployment Unit Unit
Unit deployment/unit-headless Deployment Unit Unit
Unit deployment/unit-headless svc/unit-headless-svc Deployment Headless Service Unit Unit
Unit deployment/unit-headless svc/unit-headless-svc Deployment Headless Service NGINX Plus Load Balancer
SRV ϨίʔυͰσΟεΧόϦ pod/nginx-headless Unit Unit
Unit deployment/unit-headless svc/unit-headless-svc Deployment Headless Service NGINX Plus Load Balancer
SRV ϨίʔυͰσΟεΧόϦ NodePort Service pod/nginx-headless svc/nginx-headless Unit Unit
DNSαʔϏεσΟεΧόϦ ༏ઌɾΣΠτ ϙʔτ൪߸ɾϗετ໊ NGINXͷDNSΩϟογϡ༗ޮ࣌ؒ αʔόʔϦετΛDNSͰղܾ UpstreamΛࢀর 29 खಈͰDNSϨίʔυઃఆɺKubernetesͰHeadless Service
None
NGINX Plus - Kubernetes Ingress Controller NGINX PlusΛೖΓޱͱͯ͠ KubernetesΞϓϦέʔγϣϯΛ࡞ :
• ߴͳෛՙࢄͱSSL/TLS ऴ • WebSocket ͱ HTTP/2 ͷαϙʔτ • ϦΫΤετ͕ΞϓϦέʔγϣϯʹసૹ͞ΕΔ લʹURI ॻ͖͑ • ಈతͳ࠶ߏ • Session persistence • JWT authentication • Prometheusͷαϙʔτ • 24x7 αϙʔτ https://github.com/nginxinc/kubernetes-ingress 32
NGINX Controller 4
NGINX Controller: ϞχλϦϯά 34 ଟͷNGINX Plus͔Β౷ܭใΛू
NGINX Controller: LBઃఆ 35 nginx.conf ͷ֬ೝ nginx.conf ͷมߋ ઃఆͷݕূ NGINXͷίϯτϩʔϧϓϨʔϯͱͯ͠
·ͣAPI Gateway͔Β
NGINX Controller: APIཧ APIఆٛ ྲྀྔཧ ೝূɾೝՄ
·ͱΊ • ࣗࣾͷWebγεςϜ͕ෳࡶʹͳΓ͍͗ͯ͢Δ ◦ → NGINX Plus! • ϩʔυόϥϯαʔͷϋʔυΣΞͷߋ৽࣌ظʹདྷ͍ͯΔ ◦
→ NGINX Plus! • ϚΠΫϩαʔϏείϯςφͰͷӡ༻Λݕ౼த ◦ → NGINX Plus! ϑϦʔτϥΠΞϧ ͪ͜Β͔Β 37
Thank you! 38