Delivering High-Availability Web Services with NGINX Plus on AWS Owen Garrett Nginx, Inc. Scott Ward Amazon Web Services

Introduc)ons  and  Agenda   •  Owen  Garre3   Head  of  Products,  NGINX   •  Sco3  Ward   Solu)ons  Architect,  Amazon  Web  Services  

Introducing Amazon Web Services

A broad and deep platform that helps customers build sophisticated, scalable applications ©  2014  Amazon.com,  Inc.  and  its  affiliates.  All  rights  reserved.  May  not  be  copied,  modified  or  distributed  in  whole  or  in  part  without  the  express  consent  of  Amazon.com,  Inc.  

A Culture of Innovation: Experiment Often & Fail Without Risk

Who is using AWS and what are they using it for?

Startups on AWS http://aws.amazon.com/solutions/case-studies/

Enterprises on AWS http://aws.amazon.com/solutions/case-studies/

Infrastructure Foundation Services Regions Availability Zones Storage (Object, Block and Archive) Networking Security & Access Control Platform Services Databases Relational NoSQL Caching Analytics Hadoop Real-time Data warehouse App Services Queuing Orchestration App streaming Transcoding Email Search Deployment & Management Containers Dev/ops Tools Resource Templates Mobile Services Identity Sync Mobile Analytics Notifications Enterprise Applications Virtual Desktops Data Workflows Usage Tracking Monitoring and Logs Compute (VMs, Auto-scaling and Load Balancing) CDN and Points of Presence Collaboration and Sharing

11 regions 28 availability zones 52 edge locations Infrastructure

AWS Services Overview Amazon EC2 – Virtual Servers & resizable compute capacity Auto Scaling – Scale compute resources up and down Elastic Load Balancing – Load balancer for compute instances Amazon Elastic Block Storage (EBS) – Block storage for EC2

AWS Service Overview AWS Identity and Access Management – AWS Account Access Controls Amazon Route 53 – Scalable Domain Name System Amazon CloudWatch – Resource and Application Monitoring

Breaking news - New services on AWS

Amazon EC2 Container Service   Creates  and  manages  clusters  made  up  of  Docker  containers.  It  launches  and   terminates  the  containers  and  maintains  complete  informa)on  about  the   state  of  your  cluster     Automa)cally  schedules  containers  to  help  find  a  balance  between  your   resource  needs  and  availability  requirements     Using  EC2  Container  Service  you  can  simply  launch  &  manage  clusters  with   thousands  of  instances  and  schedule  tens  of  thousands  of  containers  across   mul)ple  Availability  Zones     Amazon  EC2  Container  Service  launches  your  containers  on  your  own  EC2   instances,  so  that  you  do  not  share  resources  with  other  customers,  places   your  clusters  in  a  VPC,  and  allows  you  to  use  your  own  VPC  security  groups   and  network  ACLs.     Your  applica)ons  can  make  use  of  AWS  features  such  as  Elas)c  IP  addresses,   resource  tags,  and  Virtual  Private  Cloud  (VPC).   h3p://aws.amazon.com/ecs/    

AWS Code Deploy   Deploys  your  released  code  to  a  "fleet"  of  EC2  instances       Accommodate  fleets  that  range  in  size  from  one  instance  all  the  way  up  to   tens  of  thousands  of  instances     Automa)cally  schedules  updates  across  mul)ple  Availability  Zones  in   order  to  maintain  high  availability  during  the  deployment       Applica)on  and  Deployment  groups  described  in  YAML-­‐forma3ed  files     Deployment  groups  iden)fy  EC2  instances  by  tags  &  can  also  reference   Auto  Scaling  Groups     Managed  via  AWS  Management  Console,  CLI  or  APIs     Can  be  used  in  conjunc)on  with  Chef  recipes  or  Puppet  scripts     Deploy  configura)on  from  a  variety  of  repositories  (S3,  GitHub,  etc)   h3ps://aws.amazon.com/codedeploy/    

Successful  projects  use   NGINX  on  AWS  

INTRODUCING  NGINX  AND  NGINX  PLUS  

Amazon  web  applicaCon   reference  architecture   •  Route53  DNS   •  Elas)c  Load  Balancer   •  Autoscaling  web  and   app  )ers   •  Ac)ve/standby   databases  

Refactoring  the  architecture  with  NGINX   NGINX  provides  basic   load  balancing  for:   –  HTTP   –  FastCGI   –  uWSGI   –  SCGI   –  memcache  

Go  further  with  NGINX  Plus   NGINX  F/OSS     Webserver   Accelera)ng  Proxy   Applica)on  Gateway   NGINX  Plus     Advanced  load  balancing  features    Health  checks,  Session  Persistence   Ease-­‐of-­‐management    Dynamic  Configura)on,  Extended  Status   Commercial  support  

region region region Elastic Load Balancer Web App 1 NGINX Plus AMI Web App 2 Web App 3 Route53 hosted zone Web App 1 NGINX Plus AMI Web App 2 Web App 3

Relevant  NGINX  Plus  features   •  Content-­‐based  rou)ng   •  Request  Priori)za)on   •  Health  Checks   •  Session  Persistence   •  PROXY  support   •  Dynamic  Reconfigura)on  (inc  DNS)   •  Extended  Status  

Content-­‐based  Rou)ng   Full  control  over  request     rouCng  for  mulCple     applicaCons     Single  front-­‐end  ELB  service     Mul)ple  front-­‐end  domains   Mul)ple  back-­‐end  applica)ons  

Request  Priori)za)on   Internet Large  spike  of  traffic   risks  overwhelming   upstream  servers     NGINX  Plus  limits  concurrent   connec)ons  to  upstream  servers   and  queues  addi)onal  traffic   Upstream  servers   protected  from   effects  of  traffic  spike   max_conns=150

Health  Checks   SophisCcated,  app-­‐specific   health  checks     Detect  applica)on  failures   Orchestrate  upgrades  

Session  Persistence   Per-­‐applicaCon  session     persistence  rules     Cookie-­‐inser)on,  rules-­‐based,   Learn  mode     Consistent-­‐hash  load  balancing  

PROXY  protocol   Internet Amazon  ELB  (mulCple  availability  zones)   Load-­‐balances  TCP  with  PROXY  protocol   NGINX  proxies  WebSockets   and  terminates  SPDY  traffic   Allows  for  support  for  WebSocket  proxying     and  SPDY  termina)on  

Dynamic  Reconfigura)on   Control  load  balancing  configura)on  dynamically   http { resolver 192.168.0.2; upstream backends { zone backends 64k; server api.u.com resolve; } upstream_conf; } DNS Changes  in  DNS  can  dynamically   update  NGINX  Plus’  load   balancing  configura)on   API Upstream_conf  API  gives  a   simple  HTTP  API  to  control   configura)on  

Extended  Status   …  with  CloudWatch  integra)on   GET /status/connections/active 17 GET /status/upstreams/ demoupstreams/0/server ”192.168.45.2:80" { checks: 15375, fails: 183, unhealthy: 165, last_passed: true } GET /status/upstreams/ demoupstreams/0/health_checks

Complemen)ng  Amazon  ELB  

Monitoring with Cloudwatch Know what is going on with your environment at all times!

Amazon CloudWatch Default Amazon EC2 metrics CPU Utilization (Percent) Disk Reads (Bytes) Disk Read Operations (Operations) Disk Writes (Bytes) Disk Write Operations (Operations) Network In (Bytes) Network Out (Bytes) Status Check Failed (Count) 1 or 5 minute intervals

NGINX Metrics into Amazon CloudWatch status.html à CloudWatch Install Agent $ sudo yum install nginx-cw-agent $ sudo apt-get install nginx-cw-agent  

NGINX Metrics into Amazon CloudWatch status.html à CloudWatch Update Configuration $ /etc/nginx-cw-agent/nginx-cw-agent.ini [source1] name=exampleorg url=http://example.org/status [source2] name=examplecom url=http://example.com/status http_user=testuser http_pass=testpass  

NGINX Metrics into Amazon CloudWatch status.html à CloudWatch Start Background Agent  Test  -­‐  $ /usr/bin/nginx-cw-agent.py –f start  All  in  -­‐  $ sudo service nginx-cw-agent start   View  Metrics  

NGINX with Amazon CloudWatch Logs •  Consolidate metrics and alarming for log files from 1 or many instances •  Define filters to parse content from your log files •  Measure and alarm on specific attributes •  Define retention period for your log files EC2   CloudWatch

NGINX with Amazon CloudWatch Logs Filter Alarm

NGINX with Amazon CloudWatch Logs EC2   EC2   EC2   EC2   EC2   EC2   Capture  logs  from  mul)ple  instances  in  one  place   CloudWatch

NEXT  STEPS  

Get  started  with  NGINX  Plus  AMI    h3p://aws.amazon.com/marketplace  

Finding  NGINX  Plus  on  AWS    h3p://aws.amazon.com/marketplace  -­‐  search  for  NGINX  

No content

  ubuntu@ip-­‐172-­‐31-­‐20-­‐254:~$  /etc/init.d/nginx  status    *  nginx  is  running     ubuntu@ip-­‐172-­‐31-­‐20-­‐254:~$  cd  /etc/nginx/conf.d     ubuntu@ip-­‐172-­‐31-­‐20-­‐254:~$  nginx  –s  reload     Is  it  running…?  

Check  out  the  NGINX  Plus     on  AWS  whitepaper     Partner  Whitepapers:   h3p://aws.amazon.com/whitepapers/       h3p://d0.awssta)c.com/whitepapers/ AWS_NGINX_Plus-­‐whitepaper-­‐final_v4.pdf      

THANK  YOU