Powering Your Applications With Nginx

Slide 1

Slide 1 text

Powering Your Applications with Nginx

Slide 2

Slide 2 text

• Web Server • Application Proxy • Load Balancer • Web Cache What is Nginx?

Slide 3

Slide 3 text

• Gzip • SSL Termination • Logging • Streaming (Nginx+) • Monitoring (Nginx+) • more …and more

Slide 4

Slide 4 text

Nginx as a Web Server

Slide 5

Slide 5 text

vs Apache Same functionality, diﬀerent PM new connection Nginx event loop process process Apache

Slide 6

Slide 6 text

Web Server • Static Asset Eﬃciency • Roughly as fast as Varnish

Slide 7

Slide 7 text

Web Server server { listen 80 default_site; ! root /var/www; index index.html index.htm; ! server_name example.com www.example.com; ! location / { try_files $uri $uri/ =404; } }

Slide 8

Slide 8 text

Web Server Use H5BP Conﬁguration

Slide 9

Slide 9 text

Web Server • Gzip Setup • Mime Types • Cache Expiration • Proper SSL Config Use H5BP Configuration • SPDY Setup • X-Domain/Web Fonts • Cache Busting • Security (XSS, dot files)

Slide 10

Slide 10 text

Nginx as an App Proxy

Slide 11

Slide 11 text

App Proxy Gateway

Slide 12

Slide 12 text

App Proxy • HTTP - Go, NodeJS, Gunicorn, Unicorn, uWSGI • FastCGI - PHP-FPM, uWSGI • uWSGI - uWSGI • (SCGI & Memcached, too!) Supported “Gateway Protocols”

Slide 13

Slide 13 text

App Proxy HTTP Proxy location /static { try_files $uri $uri/ =404; } ! location / { proxy_pass 127.0.0.1:9000; proxy_param APPENV production; include proxy_params; }

Slide 14

Slide 14 text

App Proxy location ~ \.php$ { fastcgi_split_path_info ^(.+\.php)(/.+)$; ! fastcgi_pass 127.0.0.1:9000; # Or: #fastcgi_pass unix:/var/run/php5-fpm.sock; ! fastcgi_index index.php; fastcgi_param APPENV production; include fastcgi.conf; } FastCGI (PHP-FPM)

Slide 15

Slide 15 text

App Proxy uWSGI (Python) location /static { try_files $uri $uri/ =404; } ! location / { uwsgi_pass 127.0.0.1:9000; uwsgi_param APPENV production; include uwsgi_params; }

Slide 16

Slide 16 text

Nginx as a Load Balancer

Slide 17

Slide 17 text

Load Balancer upstream app_example { zone backend 64k; least_conn; server 127.0.0.1:9000 max_fails=3 fail_timeout=30s; server 127.0.0.1:9001 max_fails=3 fail_timeout=30s; server 127.0.0.1:9002 max_fails=3 fail_timeout=30s; } ! server { ! # usual stuff omitted ! location / { health_check; include proxy_params; ! proxy_pass http://app_example/; ! # Handle Web Socket connections proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } } Proxy “Upstream”

Slide 18

Slide 18 text

Load Balancer Upstream: upstream app_example { zone backend 64k; least_conn; server 127.0.0.1:9000 max_fails=3 fail_timeout=30s; server 127.0.0.1:9001 max_fails=3 fail_timeout=30s; server 127.0.0.1:9002 max_fails=3 fail_timeout=30s; } Servers & Algorithm

Slide 19

Slide 19 text

Load Balancer Proxy Pass: • Health Check • Proxy • Web Sockets ! server { ! # usual stuff omitted ! location / { health_check; include proxy_params; ! proxy_pass http://app_example/; ! # Handle Web Socket connections proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } }

Slide 20

Slide 20 text

Nginx as a Web Cache

Slide 21

Slide 21 text

Web Cache • Static Files - Caches static ﬁles, following Cache-Control header rules as per HTTP spec • Dynamic Requests - Can cache results of dynamic (HTTP, FastCGI & uWSGI, etc) requests! • Works with Load Balancing - Do all the things for all the requests! Caches all the things

Slide 22

Slide 22 text

Web Cache • Cache Server - Server (Nginx) which does web caching, pays attention to cache headers • Origin Server - Server containing actual resources that the cache server caches. Determines “Cache Policy” Terminology

Slide 23

Slide 23 text

App Proxy Gateway Cache Server Origin Server

Slide 24

Slide 24 text

Web Cache proxy_cache_path /tmp/nginx levels=1:2 keys_zone=my_zone:10m inactive=60m; proxy_cache_key "$scheme$request_method$host$request_uri"; ! server { # Stuff Omitted ! location / { proxy_cache my_zone; add_header X-Proxy-Cache $upstream_cache_status; ! include proxy_params; proxy_pass http://172.17.0.18:9000; } }

Slide 25

Slide 25 text

Web Cache fastcgi_cache_path /tmp/nginx levels=1:2 keys_zone=my_zone:10m inactive=60m; fastcgi_cache_key "$scheme$request_method$host$request_uri"; ! server { # Stuff Omitted ! location / { fastcgi_cache my_zone; add_header X-Proxy-Cache $upstream_cache_status; ! include fastcgi_params; fastcgi_pass http://172.17.0.18:9000; } }

Slide 26

Slide 26 text

Web Cache uwsgi_cache_path /tmp/nginx levels=1:2 keys_zone=my_zone:10m inactive=60m; uwsgi_cache_key "$scheme$request_method$host$request_uri"; ! server { # Stuff Omitted ! location / { uwsgi_cache my_zone; add_header X-Proxy-Cache $upstream_cache_status; ! include uwsgi_params; uwsgi_pass http://172.17.0.18:9000; } }

Slide 27

Slide 27 text

The End ServersForHackers.com