Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
NGINX / Developers Summit 2019
Search
NGINX Japan
February 15, 2019
Technology
0
1.4k
NGINX / Developers Summit 2019
NGINX Japan
February 15, 2019
Tweet
Share
More Decks by NGINX Japan
See All by NGINX Japan
NGINX Plus - マイクロサービスの高可用性 / JapanContainerDays v18.12
nginx_jp
4
1.9k
NGINXとApacheざっくり比較 - NGINX MeetUp #1 Lightning Talks
nginx_jp
0
120
NGINX Plusのご紹介 - Red Hat Forum Tokyo 2018
nginx_jp
0
110
Other Decks in Technology
See All in Technology
AWS re:Invent 2024 re:Cap CloudFront編
yoshimi0227
0
300
GPTsで模擬問題生成して資格対策してみる
hsg_alf
2
110
社外コミュニティで学び社内に活かす共に学ぶプロジェクトの実践/backlogworld2024
nishiuma
0
200
AIのコンプラは何故しんどい?
shujisado
1
160
プロダクト開発を加速させるためのQA文化の築き方 / How to build QA culture to accelerate product development
mii3king
1
120
Snowflake女子会#3 Snowpipeの良さを5分で語るよ
lana2548
0
120
Oracle Base Database Service 技術詳細
oracle4engineer
PRO
5
52k
データパイプラインをなんとかした話 / Improving the Data Pipeline in IVRy
mirakui
1
320
AWS re:Invent 2024で発表された コードを書く開発者向け機能について
maruto
0
110
Kubernetes環境のオブザーバビリティの次の一歩をOpenTelemetryで実現すると何がどうなるの? - CloudNative Days Winter 2024
katzchang
0
130
Amazon SageMaker Unified Studio(Preview)、Lakehouse と Amazon S3 Tables
ishikawa_satoru
0
120
【AWS re:Invent 2024】Amazon Bedrock アップデート総まとめ
minorun365
PRO
7
760
Featured
See All Featured
A Philosophy of Restraint
colly
203
16k
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
eileencodes
132
33k
Adopting Sorbet at Scale
ufuk
73
9.1k
How STYLIGHT went responsive
nonsquared
95
5.2k
The Art of Programming - Codeland 2020
erikaheidi
53
13k
jQuery: Nuts, Bolts and Bling
dougneiner
61
7.5k
Visualization
eitanlees
145
15k
The Power of CSS Pseudo Elements
geoffreycrofte
73
5.4k
Chrome DevTools: State of the Union 2024 - Debugging React & Beyond
addyosmani
1
150
The Myth of the Modular Monolith - Day 2 Keynote - Rails World 2024
eileencodes
17
2.2k
Statistics for Hackers
jakevdp
796
220k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
232
17k
Transcript
Webαʔόʔར༻͚ͩͰͳ͍ NGINXιϦϡʔγϣϯ NGINX ςΫχΧϧ ιϦϡʔγϣϯζ ΞʔΩςΫτ ాล ໜ 2019/2/15
NGINXͷ͝հ NGINX Plus ϚΠΫϩαʔϏεͷऔΓΈ 1 2 3 ຊͷ༰ NGINX Controller
4 2
NGINXͷ͝հ 1
NGINXࣾ • ʹઃཱɺʹNGINX 1MVTͷॳظϦϦʔε 044൛ॳظϦϦʔε • ສҎ্ͷΣϒαΠτ • ΤϯλʔϓϥΠζιϑτΣΞۀքͷϦʔμʔͷϕϯνϟʔΩϟϐλϧͷࢧԉ •
αϯϑϥϯγείɺϩϯυϯɺίʔΫɺγϯΨϙʔϧɺγυχʔɺϞεΫϫɺ౦ژͷΦϑΟε • ࣾҎ্ͷސ٬ • ਓҎ্ͷैۀһ 4
NGINX Unit NGINX ͔Βͷ৽͍͠ಈతͳWebͱΞϓϦ έʔγϣϯɾαʔόʔɻΦʔϓϯιʔεɺ ෳͷݴޠͷαϙʔτɺ͓Αͼಈతͳ REST API ओಋͷߏɻ NGINX
Plus ϩʔυόϥϯαʔɺWebαʔόʔɺίϯςϯπ ΩϟογϡΛؚΉ།ҰͷΦʔϧΠϯϫϯ ιϦϡʔγϣϯɻίετΛݮ͠ͳ͕Βɺ ΞʔΩςΫνϟΛ؆ૉԽ͠·͢ɻ NGINX Controller NGINX PlusͷͨΊͷूதࢹ͓Αͼཧɻ ୯Ұͷඒ͍͠ΠϯλʔϑΣΠεΛ༻ͯ͠ɺ ԾϩʔυόϥϯαʔΛల։͠·͢ɻ NGINX WAF Φʔϓϯιʔεͷ WebΞϓϦέʔγϣϯ ϑΝΠΞΥʔϧ (WAF) SQL ΠϯδΣΫγϣϯɺLFIRFI ͓ΑͼͦͷଞͷϨΠϠ7߈ܸΛޚ͠·͢ɻ Powered by ModSecurity. 5
ݱࡏͷΞϓϦͷΠϯϑϥෳࡶ 6
NGINXʹΑΓ10ഒ؆ૉԽɾ 80%ίετݮ 7
NGINX ΞϓϦέʔγϣϯ ϓϥοτϑΥʔϜ ϨΨγʔͳϞϊϦγοΫ ΞϓϦ͔ΒϞμϯͳϚΠ ΫϩαʔϏε·Ͱ෯͘ ରԠ͠ɺσδλϧମݧΛ ։ൃఏڙ͢ΔͨΊͷςΫ ϊϩδʔεΠʔτ ϩʔυόϥϯαʔ
API αʔϏεϝογϡ 8
NGINX Plus 2
ߴੑೳͳΞϓϦέʔγϣϯͷ৴ • ৄࡉͰ๛ͳϝτϦοΫ • ڧྗͳෛՙࢄ • ϔϧενΣοΫ • αʔϏεϨδετϦͷ౷߹ •
HTTP/HTTPS/H2/gRPC/TCP/UDP ΤϯλʔϓϥΠζαϙʔτ HTTP HTTPS HTTP/2 gRPC TCP UDP consul etcd 11
NGINX PlusͷμογϡϘʔυ 12 શମ αʔόʔͷঢ়گʢκʔϯʹ͚ͯදࣔʣ Ωϟογϡ ڞ༗ϝϞϦʔ NGINX Plusͷ Πϯελϯεຖͷใ
http://demo.nginx.com
NGINX Plus: Upstreamͷಈతมߋ ϩʔυόϥϯεઌ (Upstream) ΛಈతʹมߋՄೳ μογϡϘʔυͷGUIͰ APIͰ
ϩʔυόϥϯαʔɾΩϟογϡ • HTTP, TCP, UDP ͷෛՙࢄ • URIɺΫοΩʔɺҾͳͲΛ༻ͨ͠ɺ ϨΠϠ7ϦΫΤετϧʔςΟϯά
• ͞·͟·ͳΞϧΰϦζϜ • ϥϯυϩϏϯɺ࠷খίωΫγϣϯɺIPϋογϡ • ࠷খλΠϜɺ࠷খίωΫγϣϯ͔Βೋͭબ • ΫοΩʔʹجͮ͘ηογϣϯӬଓԽ • εςʔλείʔυͱԠϘσΟʹجͮ͘ɺ ΞΫςΟϒϔϧενΣοΫ • DNS Λ༻ͨ͠αʔϏε୳ࡧ ࣈ෦NGINX PlusͷΈͷػೳʣ
APIήʔτΣΠͱͯ͠
NGINX WAF ߴͳ8&#ΞϓϦέʔγϣϯ ϑΝΠΞΥʔϧ ϨΠϠ߈ܸอޢ %%P4؇ *1Ϩϐϡςʔγϣϯ
ࠪϩά
ϚΠΫϩαʔϏεͷऔΓΈ 3
NGINXɺ͞·͟·ͳϚΠΫϩ αʔϏεΞʔΩςΫνϟΛαϙʔτ 3. Fabric Model 2. Router Mesh Model 1.
Proxy Model 19
NGINX Unit 20 • μΠφϛοΫWebɾ ΞϓϦέʔγϣϯαʔόʔ ◦ γϯϓϧɾܰྔ ◦ ଟݴޠʹରԠ:
Python, PHP, Go, Perl, Ruby, JavaScript (Node.js), Java(༧ఆ) ηοτΞοϓɾઃఆͳͲɺಉ༷ͷڥΛར༻Մೳ ◦ RESTful JSON APIͰͷಈతͳઃఆ ◦ Φʔϓϯιʔε ◦ NGINX PlusϢʔβʔ αϙʔτར༻Մ ◦ NGINXΛαΠυΧʔʹ
ಈతͳϧʔςΟϯά: αʔϏεͷݕग़ • ͜Μͳͱ͖ʹඞཁ ◦ ৽͍͠αʔϏε͕Ճ͞Εͨ ◦ طଘͷαʔϏεͷΠϯελϯε͕Ճ͞Εͨ • ϓϩΩγ͕ߏ͞ΕΔτϦΨʔͷྫ
◦ Ansible Roles ◦ Consul templates ◦ DNS A, SRV Ϩίʔυ ◦ AWS Autoscaling άϧʔϓ ◦ Kubernetes (kube-dns) Ingress and Service-to- Service 21
Unit
Unit deployment/unit-headless Deployment Unit Unit
Unit deployment/unit-headless Deployment Unit Unit
Unit deployment/unit-headless svc/unit-headless-svc Deployment Headless Service Unit Unit
Unit deployment/unit-headless svc/unit-headless-svc Deployment Headless Service NGINX Plus Load Balancer
SRV ϨίʔυͰσΟεΧόϦ pod/nginx-headless Unit Unit
Unit deployment/unit-headless svc/unit-headless-svc Deployment Headless Service NGINX Plus Load Balancer
SRV ϨίʔυͰσΟεΧόϦ NodePort Service pod/nginx-headless svc/nginx-headless Unit Unit
DNSαʔϏεσΟεΧόϦ ༏ઌɾΣΠτ ϙʔτ൪߸ɾϗετ໊ NGINXͷDNSΩϟογϡ༗ޮ࣌ؒ αʔόʔϦετΛDNSͰղܾ UpstreamΛࢀর 29 खಈͰDNSϨίʔυઃఆɺKubernetesͰHeadless Service
None
NGINX Plus - Kubernetes Ingress Controller NGINX PlusΛೖΓޱͱͯ͠ KubernetesΞϓϦέʔγϣϯΛ࡞ :
• ߴͳෛՙࢄͱSSL/TLS ऴ • WebSocket ͱ HTTP/2 ͷαϙʔτ • ϦΫΤετ͕ΞϓϦέʔγϣϯʹసૹ͞ΕΔ લʹURI ॻ͖͑ • ಈతͳ࠶ߏ • Session persistence • JWT authentication • Prometheusͷαϙʔτ • 24x7 αϙʔτ https://github.com/nginxinc/kubernetes-ingress 32
NGINX Controller 4
NGINX Controller: ϞχλϦϯά 34 ଟͷNGINX Plus͔Β౷ܭใΛू
NGINX Controller: LBઃఆ 35 nginx.conf ͷ֬ೝ nginx.conf ͷมߋ ઃఆͷݕূ NGINXͷίϯτϩʔϧϓϨʔϯͱͯ͠
·ͣAPI Gateway͔Β
NGINX Controller: APIཧ APIఆٛ ྲྀྔཧ ೝূɾೝՄ
·ͱΊ • ࣗࣾͷWebγεςϜ͕ෳࡶʹͳΓ͍͗ͯ͢Δ ◦ → NGINX Plus! • ϩʔυόϥϯαʔͷϋʔυΣΞͷߋ৽࣌ظʹདྷ͍ͯΔ ◦
→ NGINX Plus! • ϚΠΫϩαʔϏείϯςφͰͷӡ༻Λݕ౼த ◦ → NGINX Plus! ϑϦʔτϥΠΞϧ ͪ͜Β͔Β 37
Thank you! 38