Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
NGINX / Developers Summit 2019
Search
NGINX Japan
February 15, 2019
Technology
0
1.5k
NGINX / Developers Summit 2019
NGINX Japan
February 15, 2019
Tweet
Share
More Decks by NGINX Japan
See All by NGINX Japan
NGINX Plus - マイクロサービスの高可用性 / JapanContainerDays v18.12
nginx_jp
4
2k
NGINXとApacheざっくり比較 - NGINX MeetUp #1 Lightning Talks
nginx_jp
0
120
NGINX Plusのご紹介 - Red Hat Forum Tokyo 2018
nginx_jp
0
120
Other Decks in Technology
See All in Technology
20201008_ファインディ_品質意識を育てる役目は人かAIか___2_.pdf
findy_eventslides
0
120
Flaky Testへの現実解をGoのプロポーザルから考える | Go Conference 2025
upamune
1
420
ZOZOのAI活用実践〜社内基盤からサービス応用まで〜
zozotech
PRO
0
170
Why React!?? Next.jsそしてReactを改めてイチから選ぶ
ypresto
10
4.4k
生成AI_その前_に_マルチクラウド時代の信頼できるデータを支えるSnowflakeメタデータ活用術.pdf
cm_mikami
0
110
AI駆動開発を推進するためにサービス開発チームで 取り組んでいること
noayaoshiro
0
160
成長自己責任時代のあるきかた/How to navigate the era of personal responsibility for growth
kwappa
3
270
コンテキストエンジニアリングとは? 考え方と応用方法
findy_eventslides
4
890
Large Vision Language Modelを用いた 文書画像データ化作業自動化の検証、運用 / shibuya_AI
sansan_randd
0
100
10年の共創が示す、これからの開発者と企業の関係 ~ Crossroad
soracom
PRO
1
170
動画データのポテンシャルを引き出す! Databricks と AI活用への奮闘記(現在進行形)
databricksjapan
0
140
それでも私はContextに値を詰めたい | Go Conference 2025 / go conference 2025 fill context
budougumi0617
4
1.2k
Featured
See All Featured
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
mongodb
48
9.7k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
33
2.5k
Site-Speed That Sticks
csswizardry
11
880
Bootstrapping a Software Product
garrettdimon
PRO
307
110k
Principles of Awesome APIs and How to Build Them.
keavy
127
17k
Measuring & Analyzing Core Web Vitals
bluesmoon
9
610
Designing Experiences People Love
moore
142
24k
Optimizing for Happiness
mojombo
379
70k
Gamification - CAS2011
davidbonilla
81
5.5k
Docker and Python
trallard
46
3.6k
Stop Working from a Prison Cell
hatefulcrawdad
271
21k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
morganepeng
132
19k
Transcript
Webαʔόʔར༻͚ͩͰͳ͍ NGINXιϦϡʔγϣϯ NGINX ςΫχΧϧ ιϦϡʔγϣϯζ ΞʔΩςΫτ ాล ໜ 2019/2/15
NGINXͷ͝հ NGINX Plus ϚΠΫϩαʔϏεͷऔΓΈ 1 2 3 ຊͷ༰ NGINX Controller
4 2
NGINXͷ͝հ 1
NGINXࣾ • ʹઃཱɺʹNGINX 1MVTͷॳظϦϦʔε 044൛ॳظϦϦʔε • ສҎ্ͷΣϒαΠτ • ΤϯλʔϓϥΠζιϑτΣΞۀքͷϦʔμʔͷϕϯνϟʔΩϟϐλϧͷࢧԉ •
αϯϑϥϯγείɺϩϯυϯɺίʔΫɺγϯΨϙʔϧɺγυχʔɺϞεΫϫɺ౦ژͷΦϑΟε • ࣾҎ্ͷސ٬ • ਓҎ্ͷैۀһ 4
NGINX Unit NGINX ͔Βͷ৽͍͠ಈతͳWebͱΞϓϦ έʔγϣϯɾαʔόʔɻΦʔϓϯιʔεɺ ෳͷݴޠͷαϙʔτɺ͓Αͼಈతͳ REST API ओಋͷߏɻ NGINX
Plus ϩʔυόϥϯαʔɺWebαʔόʔɺίϯςϯπ ΩϟογϡΛؚΉ།ҰͷΦʔϧΠϯϫϯ ιϦϡʔγϣϯɻίετΛݮ͠ͳ͕Βɺ ΞʔΩςΫνϟΛ؆ૉԽ͠·͢ɻ NGINX Controller NGINX PlusͷͨΊͷूதࢹ͓Αͼཧɻ ୯Ұͷඒ͍͠ΠϯλʔϑΣΠεΛ༻ͯ͠ɺ ԾϩʔυόϥϯαʔΛల։͠·͢ɻ NGINX WAF Φʔϓϯιʔεͷ WebΞϓϦέʔγϣϯ ϑΝΠΞΥʔϧ (WAF) SQL ΠϯδΣΫγϣϯɺLFIRFI ͓ΑͼͦͷଞͷϨΠϠ7߈ܸΛޚ͠·͢ɻ Powered by ModSecurity. 5
ݱࡏͷΞϓϦͷΠϯϑϥෳࡶ 6
NGINXʹΑΓ10ഒ؆ૉԽɾ 80%ίετݮ 7
NGINX ΞϓϦέʔγϣϯ ϓϥοτϑΥʔϜ ϨΨγʔͳϞϊϦγοΫ ΞϓϦ͔ΒϞμϯͳϚΠ ΫϩαʔϏε·Ͱ෯͘ ରԠ͠ɺσδλϧମݧΛ ։ൃఏڙ͢ΔͨΊͷςΫ ϊϩδʔεΠʔτ ϩʔυόϥϯαʔ
API αʔϏεϝογϡ 8
NGINX Plus 2
ߴੑೳͳΞϓϦέʔγϣϯͷ৴ • ৄࡉͰ๛ͳϝτϦοΫ • ڧྗͳෛՙࢄ • ϔϧενΣοΫ • αʔϏεϨδετϦͷ౷߹ •
HTTP/HTTPS/H2/gRPC/TCP/UDP ΤϯλʔϓϥΠζαϙʔτ HTTP HTTPS HTTP/2 gRPC TCP UDP consul etcd 11
NGINX PlusͷμογϡϘʔυ 12 શମ αʔόʔͷঢ়گʢκʔϯʹ͚ͯදࣔʣ Ωϟογϡ ڞ༗ϝϞϦʔ NGINX Plusͷ Πϯελϯεຖͷใ
http://demo.nginx.com
NGINX Plus: Upstreamͷಈతมߋ ϩʔυόϥϯεઌ (Upstream) ΛಈతʹมߋՄೳ μογϡϘʔυͷGUIͰ APIͰ
ϩʔυόϥϯαʔɾΩϟογϡ • HTTP, TCP, UDP ͷෛՙࢄ • URIɺΫοΩʔɺҾͳͲΛ༻ͨ͠ɺ ϨΠϠ7ϦΫΤετϧʔςΟϯά
• ͞·͟·ͳΞϧΰϦζϜ • ϥϯυϩϏϯɺ࠷খίωΫγϣϯɺIPϋογϡ • ࠷খλΠϜɺ࠷খίωΫγϣϯ͔Βೋͭબ • ΫοΩʔʹجͮ͘ηογϣϯӬଓԽ • εςʔλείʔυͱԠϘσΟʹجͮ͘ɺ ΞΫςΟϒϔϧενΣοΫ • DNS Λ༻ͨ͠αʔϏε୳ࡧ ࣈ෦NGINX PlusͷΈͷػೳʣ
APIήʔτΣΠͱͯ͠
NGINX WAF ߴͳ8&#ΞϓϦέʔγϣϯ ϑΝΠΞΥʔϧ ϨΠϠ߈ܸอޢ %%P4؇ *1Ϩϐϡςʔγϣϯ
ࠪϩά
ϚΠΫϩαʔϏεͷऔΓΈ 3
NGINXɺ͞·͟·ͳϚΠΫϩ αʔϏεΞʔΩςΫνϟΛαϙʔτ 3. Fabric Model 2. Router Mesh Model 1.
Proxy Model 19
NGINX Unit 20 • μΠφϛοΫWebɾ ΞϓϦέʔγϣϯαʔόʔ ◦ γϯϓϧɾܰྔ ◦ ଟݴޠʹରԠ:
Python, PHP, Go, Perl, Ruby, JavaScript (Node.js), Java(༧ఆ) ηοτΞοϓɾઃఆͳͲɺಉ༷ͷڥΛར༻Մೳ ◦ RESTful JSON APIͰͷಈతͳઃఆ ◦ Φʔϓϯιʔε ◦ NGINX PlusϢʔβʔ αϙʔτར༻Մ ◦ NGINXΛαΠυΧʔʹ
ಈతͳϧʔςΟϯά: αʔϏεͷݕग़ • ͜Μͳͱ͖ʹඞཁ ◦ ৽͍͠αʔϏε͕Ճ͞Εͨ ◦ طଘͷαʔϏεͷΠϯελϯε͕Ճ͞Εͨ • ϓϩΩγ͕ߏ͞ΕΔτϦΨʔͷྫ
◦ Ansible Roles ◦ Consul templates ◦ DNS A, SRV Ϩίʔυ ◦ AWS Autoscaling άϧʔϓ ◦ Kubernetes (kube-dns) Ingress and Service-to- Service 21
Unit
Unit deployment/unit-headless Deployment Unit Unit
Unit deployment/unit-headless Deployment Unit Unit
Unit deployment/unit-headless svc/unit-headless-svc Deployment Headless Service Unit Unit
Unit deployment/unit-headless svc/unit-headless-svc Deployment Headless Service NGINX Plus Load Balancer
SRV ϨίʔυͰσΟεΧόϦ pod/nginx-headless Unit Unit
Unit deployment/unit-headless svc/unit-headless-svc Deployment Headless Service NGINX Plus Load Balancer
SRV ϨίʔυͰσΟεΧόϦ NodePort Service pod/nginx-headless svc/nginx-headless Unit Unit
DNSαʔϏεσΟεΧόϦ ༏ઌɾΣΠτ ϙʔτ൪߸ɾϗετ໊ NGINXͷDNSΩϟογϡ༗ޮ࣌ؒ αʔόʔϦετΛDNSͰղܾ UpstreamΛࢀর 29 खಈͰDNSϨίʔυઃఆɺKubernetesͰHeadless Service
None
NGINX Plus - Kubernetes Ingress Controller NGINX PlusΛೖΓޱͱͯ͠ KubernetesΞϓϦέʔγϣϯΛ࡞ :
• ߴͳෛՙࢄͱSSL/TLS ऴ • WebSocket ͱ HTTP/2 ͷαϙʔτ • ϦΫΤετ͕ΞϓϦέʔγϣϯʹసૹ͞ΕΔ લʹURI ॻ͖͑ • ಈతͳ࠶ߏ • Session persistence • JWT authentication • Prometheusͷαϙʔτ • 24x7 αϙʔτ https://github.com/nginxinc/kubernetes-ingress 32
NGINX Controller 4
NGINX Controller: ϞχλϦϯά 34 ଟͷNGINX Plus͔Β౷ܭใΛू
NGINX Controller: LBઃఆ 35 nginx.conf ͷ֬ೝ nginx.conf ͷมߋ ઃఆͷݕূ NGINXͷίϯτϩʔϧϓϨʔϯͱͯ͠
·ͣAPI Gateway͔Β
NGINX Controller: APIཧ APIఆٛ ྲྀྔཧ ೝূɾೝՄ
·ͱΊ • ࣗࣾͷWebγεςϜ͕ෳࡶʹͳΓ͍͗ͯ͢Δ ◦ → NGINX Plus! • ϩʔυόϥϯαʔͷϋʔυΣΞͷߋ৽࣌ظʹདྷ͍ͯΔ ◦
→ NGINX Plus! • ϚΠΫϩαʔϏείϯςφͰͷӡ༻Λݕ౼த ◦ → NGINX Plus! ϑϦʔτϥΠΞϧ ͪ͜Β͔Β 37
Thank you! 38