SlideShare une entreprise Scribd logo

5 things you didn't know nginx could do

Télécharger en tant que PPTX, PDF
sarahnovotny
sarahnovotny

NGINX is a well kept secret of high performance web service. Many people know NGINX as an Open Source web server that delivers static content blazingly fast. But, it has many more features to help accelerate delivery of bits to your end users even in more complicated application environments. In this talk we'll cover several things that most developers or administrators could implement to further delight their end users.

Technologie
1  sur  31
5 things you didn’t know NGINX could do Sarah Novotny Nginx, Inc.
Many people know NGINX as an HTTP request and load balancing server that powers many of the world's busiest websites. But, there are a lot of ancillary pieces that go into the software to make it a whole web application accelerator.
What is NGINX? Internet N Web Server Serve content from disk Application Server FastCGI, uWSGI, Passenger… Proxy Caching, Load Balancing… HTTP traffic
143,000,000 Websites NGINX Accelerates
Advanced Features Bandwidth Management Content-based Routing Request Manipulation Response Rewriting Application Acceleration SSL and SPDY termination Authentication Video Delivery Mail Proxy GeoLocation Performance Monitoring High Availability
22% Top 1 million websites 37% Top 1,000 websites
Those 5 things -- 1. Compress assets for delivery 2. Stop form spamming 3. Protect Apache from thread exhaustion attacks 4. Rewrite content inline 5. Online updates Bonus: determine a nearly complete command for the configure script
1. Compress data to reduce bandwidth • Reduce bandwidth requirements per client – Content Compression reduces text and HTML – Image resampling reduces image sizes
HTTP gzip module • Provides Gzip capabilities so that responses from NGINX are compressed to reduce file size • Directives can be used in the http, server and location contexts • Key directives – gzip – gzip_types – gzip_proxied © Copyright 2014 by ServiceRocket, Inc. | All Rights Reserved | Prepared for Nginx, Inc. 9
Gzip example © Copyright 2014 by ServiceRocket, Inc. | All Rights Reserved | Prepared for Nginx, Inc. 10 It is not advisable to enable gzip for binary content types such as images, word documents or videos Enable gzip gzip on; Apply gzip for text, html and CSS gzip_types text/plain text/html text/css; Enable gzip compression for any proxied request gzip_proxy any;
HTTP image filter • Provides inline image manipulation to transform images for optimal delivery • Directives can be used in the location context • Key directives – image_filter size; – image_filter resize width height; – image_filter crop width height; 11
HTTP image filter example 12 location /img/ { proxy_pass http://backend; image_filter resize 150 100; image_filter rotate 90; error_page 415 = /empty; } location = /empty { empty_gif; }
We talk about the ‘N second rule’: – 10 seconds (Jakob Nielsen, March 1997) – 8 seconds (Zona Research, June 2001) – 4 seconds (Jupiter Research, June 2006) – 3 seconds (PhocusWright, March 2010)
2. Stop brute force retries • Stop brute force password attacks • Stop form spamming – Use the NGINX limit request module
HTTP limit req module • Allows granular control of request processing rate • Directives an be used in http, server and location contexts • Key directives – limit_req_zone – limit_req
HTTP limit req module http { limit_req_zone $binary_remote_addr zone=one:10m rate=1r/s; … server { … location /search/ { limit_req zone=one burst=5; } } }
3. Protect Apache from thread exhaustion attacks • Use NGINX in front of Apache • Mitigates ‘slow loris’, ‘keep dead’ and ‘front page of hacker news’ attacks
What is thread exhaustion? http process http process http process http process http process http process http process Client-side: Multiple Connections HTTP Keepalives Server-side: Limited concurrency
How NGINX mitigates thread exhaustion N Large numbers of clients, with long-term keepalive connections NGINX reduces connections to the minimum number necessary
4. Rewrite content inline • Use the power of substitution to simplify updates • Directives can be used in the http, server and location contexts • Key directives – sub_filter_once – sub_filter – sub_filter_types
HTTP sub module example 21 location / { sub_filter_once off; sub_filter_types text/html; sub_filter “__copyright_date__” “2014”; }
5. Online Binary updates and configuration changes • Update either the configuration files or the binary without losing any connections
Configuration file update 23 [root@localhost ~]# nginx -s reload [root@localhost ~]#
24 Yep. It’s that simple
Binary update • Choose your method of binary installation • Replace the binary [root@localhost ~]# cat /var/run/nginx.pid 1991 [root@localhost ~]# kill –USR2 1991
Binary update [root@localhost ~]# ps -ef |grep nginx root 1991 1 0 08:06 ? 00:00:00 nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx.conf nginx 2974 1991 0 08:22 ? 00:00:00 nginx: worker process nginx 2975 1991 0 08:22 ? 00:00:00 nginx: worker process root 3123 2948 0 08:43 pts/0 00:00:00 grep nginx root 3124 1991 0 08:43 ? 00:00:00 nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx.conf
Binary update [root@localhost ~]# kill –WINCH 1991 • Verify things are working as expected (you can still back out gracefully at this point) [root@localhost ~]# kill –QUIT 1991
Bonus: nginx –V gives a nearly complete configuration script for compiling
[root@localhost ~]# nginx -V nginx version: nginx/1.5.7 built by gcc 4.4.7 20120313 (Red Hat 4.4.7-3) (GCC) TLS SNI support enabled configure arguments: --prefix=/etc/nginx/ --sbin- path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf --error- log-path=/var/log/nginx/error.log --http-log- path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid -- lock-path=/var/run/nginx.lock --http-client-body-temp- path=/var/cache/nginx/client_temp --http-proxy-temp- path=/var/cache/nginx/proxy_temp --http-fastcgi-temp- path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp- path=/var/cache/nginx/uwsgi_temp --http-scgi-temp- path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with- http_ssl_module --with-http_spdy_module --with-http_realip_module --with-http_addition_module --with-http_sub_module --with- http_dav_module --etc
More resources • Check out our blog on nginx.com • Webinars: nginx.com/webinars Try NGINX F/OSS (nginx.org) or NGINX Plus (nginx.com)
Thanks for your time! @sarahnovotny Evangelist, NGINX Program Chair, OSCON

Recommandé

Introduction to Nginx
Introduction to NginxIntroduction to Nginx
Introduction to NginxKnoldus Inc.
 
NGINX: Basics and Best Practices EMEA
NGINX: Basics and Best Practices EMEANGINX: Basics and Best Practices EMEA
NGINX: Basics and Best Practices EMEANGINX, Inc.
 
Introduction to NGINX web server
Introduction to NGINX web serverIntroduction to NGINX web server
Introduction to NGINX web serverMd Waresul Islam
 
High Availability Content Caching with NGINX
High Availability Content Caching with NGINXHigh Availability Content Caching with NGINX
High Availability Content Caching with NGINXNGINX, Inc.
 
NGINX: Basics & Best Practices - EMEA Broadcast
NGINX: Basics & Best Practices - EMEA BroadcastNGINX: Basics & Best Practices - EMEA Broadcast
NGINX: Basics & Best Practices - EMEA BroadcastNGINX, Inc.
 
Load Balancing and Scaling with NGINX
Load Balancing and Scaling with NGINXLoad Balancing and Scaling with NGINX
Load Balancing and Scaling with NGINXNGINX, Inc.
 
NGINX: Basics and Best Practices
NGINX: Basics and Best PracticesNGINX: Basics and Best Practices
NGINX: Basics and Best PracticesNGINX, Inc.
 
NGINX: High Performance Load Balancing
NGINX: High Performance Load BalancingNGINX: High Performance Load Balancing
NGINX: High Performance Load BalancingNGINX, Inc.
 

Recommandé

Introduction to Nginx
Introduction to NginxIntroduction to Nginx
Introduction to NginxKnoldus Inc.
 
NGINX: Basics and Best Practices EMEA
NGINX: Basics and Best Practices EMEANGINX: Basics and Best Practices EMEA
NGINX: Basics and Best Practices EMEANGINX, Inc.
 
Introduction to NGINX web server
Introduction to NGINX web serverIntroduction to NGINX web server
Introduction to NGINX web serverMd Waresul Islam
 
High Availability Content Caching with NGINX
High Availability Content Caching with NGINXHigh Availability Content Caching with NGINX
High Availability Content Caching with NGINXNGINX, Inc.
 
NGINX: Basics & Best Practices - EMEA Broadcast
NGINX: Basics & Best Practices - EMEA BroadcastNGINX: Basics & Best Practices - EMEA Broadcast
NGINX: Basics & Best Practices - EMEA BroadcastNGINX, Inc.
 
Load Balancing and Scaling with NGINX
Load Balancing and Scaling with NGINXLoad Balancing and Scaling with NGINX
Load Balancing and Scaling with NGINXNGINX, Inc.
 
NGINX: Basics and Best Practices
NGINX: Basics and Best PracticesNGINX: Basics and Best Practices
NGINX: Basics and Best PracticesNGINX, Inc.
 
NGINX: High Performance Load Balancing
NGINX: High Performance Load BalancingNGINX: High Performance Load Balancing
NGINX: High Performance Load BalancingNGINX, Inc.
 
Learn nginx in 90mins
Learn nginx in 90minsLearn nginx in 90mins
Learn nginx in 90minsLarry Cai
 
Nginx Essential
Nginx EssentialNginx Essential
Nginx EssentialGong Haibing
 
Nginx
NginxNginx
NginxDhrubaji Mandal ♛
 
NGINX: High Performance Load Balancing
NGINX: High Performance Load BalancingNGINX: High Performance Load Balancing
NGINX: High Performance Load BalancingNGINX, Inc.
 
Nginx dhruba mandal
Nginx dhruba mandalNginx dhruba mandal
Nginx dhruba mandalDhrubaji Mandal ♛
 
NGINX ADC: Basics and Best Practices – EMEA
NGINX ADC: Basics and Best Practices – EMEANGINX ADC: Basics and Best Practices – EMEA
NGINX ADC: Basics and Best Practices – EMEANGINX, Inc.
 
Nginx A High Performance Load Balancer, Web Server & Reverse Proxy
Nginx A High Performance Load Balancer, Web Server & Reverse ProxyNginx A High Performance Load Balancer, Web Server & Reverse Proxy
Nginx A High Performance Load Balancer, Web Server & Reverse ProxyAmit Aggarwal
 
Nginx
NginxNginx
NginxGeeta Vinnakota
 
Reverse proxy & web cache with NGINX, HAProxy and Varnish
Reverse proxy & web cache with NGINX, HAProxy and VarnishReverse proxy & web cache with NGINX, HAProxy and Varnish
Reverse proxy & web cache with NGINX, HAProxy and VarnishEl Mahdi Benzekri
 
How to Get Started With NGINX
How to Get Started With NGINXHow to Get Started With NGINX
How to Get Started With NGINXNGINX, Inc.
 
NGINX ADC: Basics and Best Practices
NGINX ADC: Basics and Best PracticesNGINX ADC: Basics and Best Practices
NGINX ADC: Basics and Best PracticesNGINX, Inc.
 
Using NGINX as an Effective and Highly Available Content Cache
Using NGINX as an Effective and Highly Available Content CacheUsing NGINX as an Effective and Highly Available Content Cache
Using NGINX as an Effective and Highly Available Content CacheKevin Jones
 
Nginx Internals
Nginx InternalsNginx Internals
Nginx InternalsJoshua Zhu
 
Nginx internals
Nginx internalsNginx internals
Nginx internalsliqiang xu
 
Introduction to gRPC
Introduction to gRPCIntroduction to gRPC
Introduction to gRPCChandresh Pancholi
 
NGINX Installation and Tuning
NGINX Installation and TuningNGINX Installation and Tuning
NGINX Installation and TuningNGINX, Inc.
 
HAProxy
HAProxy HAProxy
HAProxy Arindam Nayak
 
Apache Server Tutorial
Apache Server TutorialApache Server Tutorial
Apache Server TutorialJagat Kothari
 
Grokking TechTalk #33: High Concurrency Architecture at TIKI
Grokking TechTalk #33: High Concurrency Architecture at TIKIGrokking TechTalk #33: High Concurrency Architecture at TIKI
Grokking TechTalk #33: High Concurrency Architecture at TIKIGrokking VN
 
Web servers presentacion
Web servers presentacionWeb servers presentacion
Web servers presentacionKiwi Science
 
5 things you didn't know nginx could do velocity
5 things you didn't know nginx could do velocity5 things you didn't know nginx could do velocity
5 things you didn't know nginx could do velocitysarahnovotny
 
20 tips for website performance
20 tips for website performance20 tips for website performance
20 tips for website performanceAndrew Siemer
 

Contenu connexe

Tendances

Learn nginx in 90mins
Learn nginx in 90minsLearn nginx in 90mins
Learn nginx in 90minsLarry Cai
 
NGINX: High Performance Load Balancing
NGINX: High Performance Load BalancingNGINX: High Performance Load Balancing
NGINX: High Performance Load BalancingNGINX, Inc.
 
NGINX ADC: Basics and Best Practices – EMEA
NGINX ADC: Basics and Best Practices – EMEANGINX ADC: Basics and Best Practices – EMEA
NGINX ADC: Basics and Best Practices – EMEANGINX, Inc.
 
Nginx A High Performance Load Balancer, Web Server & Reverse Proxy
Nginx A High Performance Load Balancer, Web Server & Reverse ProxyNginx A High Performance Load Balancer, Web Server & Reverse Proxy
Nginx A High Performance Load Balancer, Web Server & Reverse ProxyAmit Aggarwal
 
Reverse proxy & web cache with NGINX, HAProxy and Varnish
Reverse proxy & web cache with NGINX, HAProxy and VarnishReverse proxy & web cache with NGINX, HAProxy and Varnish
Reverse proxy & web cache with NGINX, HAProxy and VarnishEl Mahdi Benzekri
 
How to Get Started With NGINX
How to Get Started With NGINXHow to Get Started With NGINX
How to Get Started With NGINXNGINX, Inc.
 
NGINX ADC: Basics and Best Practices
NGINX ADC: Basics and Best PracticesNGINX ADC: Basics and Best Practices
NGINX ADC: Basics and Best PracticesNGINX, Inc.
 
Using NGINX as an Effective and Highly Available Content Cache
Using NGINX as an Effective and Highly Available Content CacheUsing NGINX as an Effective and Highly Available Content Cache
Using NGINX as an Effective and Highly Available Content CacheKevin Jones
 
Nginx Internals
Nginx InternalsNginx Internals
Nginx InternalsJoshua Zhu
 
Nginx internals
Nginx internalsNginx internals
Nginx internalsliqiang xu
 
NGINX Installation and Tuning
NGINX Installation and TuningNGINX Installation and Tuning
NGINX Installation and TuningNGINX, Inc.
 
Apache Server Tutorial
Apache Server TutorialApache Server Tutorial
Apache Server TutorialJagat Kothari
 
Grokking TechTalk #33: High Concurrency Architecture at TIKI
Grokking TechTalk #33: High Concurrency Architecture at TIKIGrokking TechTalk #33: High Concurrency Architecture at TIKI
Grokking TechTalk #33: High Concurrency Architecture at TIKIGrokking VN
 
Web servers presentacion
Web servers presentacionWeb servers presentacion
Web servers presentacionKiwi Science
 

Tendances (20)

Learn nginx in 90mins
Learn nginx in 90minsLearn nginx in 90mins
Learn nginx in 90mins
 
Nginx Essential
Nginx EssentialNginx Essential
Nginx Essential
 
Nginx
NginxNginx
Nginx
 
NGINX: High Performance Load Balancing
NGINX: High Performance Load BalancingNGINX: High Performance Load Balancing
NGINX: High Performance Load Balancing
 
Nginx dhruba mandal
Nginx dhruba mandalNginx dhruba mandal
Nginx dhruba mandal
 
NGINX ADC: Basics and Best Practices – EMEA
NGINX ADC: Basics and Best Practices – EMEANGINX ADC: Basics and Best Practices – EMEA
NGINX ADC: Basics and Best Practices – EMEA
 
Nginx A High Performance Load Balancer, Web Server & Reverse Proxy
Nginx A High Performance Load Balancer, Web Server & Reverse ProxyNginx A High Performance Load Balancer, Web Server & Reverse Proxy
Nginx A High Performance Load Balancer, Web Server & Reverse Proxy
 
Nginx
NginxNginx
Nginx
 
Reverse proxy & web cache with NGINX, HAProxy and Varnish
Reverse proxy & web cache with NGINX, HAProxy and VarnishReverse proxy & web cache with NGINX, HAProxy and Varnish
Reverse proxy & web cache with NGINX, HAProxy and Varnish
 
How to Get Started With NGINX
How to Get Started With NGINXHow to Get Started With NGINX
How to Get Started With NGINX
 
NGINX ADC: Basics and Best Practices
NGINX ADC: Basics and Best PracticesNGINX ADC: Basics and Best Practices
NGINX ADC: Basics and Best Practices
 
Using NGINX as an Effective and Highly Available Content Cache
Using NGINX as an Effective and Highly Available Content CacheUsing NGINX as an Effective and Highly Available Content Cache
Using NGINX as an Effective and Highly Available Content Cache
 
Nginx Internals
Nginx InternalsNginx Internals
Nginx Internals
 
Nginx internals
Nginx internalsNginx internals
Nginx internals
 
Introduction to gRPC
Introduction to gRPCIntroduction to gRPC
Introduction to gRPC
 
NGINX Installation and Tuning
NGINX Installation and TuningNGINX Installation and Tuning
NGINX Installation and Tuning
 
HAProxy
HAProxy HAProxy
HAProxy
 
Apache Server Tutorial
Apache Server TutorialApache Server Tutorial
Apache Server Tutorial
 
Grokking TechTalk #33: High Concurrency Architecture at TIKI
Grokking TechTalk #33: High Concurrency Architecture at TIKIGrokking TechTalk #33: High Concurrency Architecture at TIKI
Grokking TechTalk #33: High Concurrency Architecture at TIKI
 
Web servers presentacion
Web servers presentacionWeb servers presentacion
Web servers presentacion
 

Similaire à 5 things you didn't know nginx could do

5 things you didn't know nginx could do velocity
5 things you didn't know nginx could do velocity5 things you didn't know nginx could do velocity
5 things you didn't know nginx could do velocitysarahnovotny
 
20 tips for website performance
20 tips for website performance20 tips for website performance
20 tips for website performanceAndrew Siemer
 
What's New in NGINX Plus R8
What's New in NGINX Plus R8What's New in NGINX Plus R8
What's New in NGINX Plus R8NGINX, Inc.
 
What’s New in NGINX Plus R15? - EMEA
What’s New in NGINX Plus R15? - EMEAWhat’s New in NGINX Plus R15? - EMEA
What’s New in NGINX Plus R15? - EMEANGINX, Inc.
 
Delivering High Performance Websites with NGINX
Delivering High Performance Websites with NGINXDelivering High Performance Websites with NGINX
Delivering High Performance Websites with NGINXNGINX, Inc.
 
NGINX 101 - now with more Docker
NGINX 101 - now with more DockerNGINX 101 - now with more Docker
NGINX 101 - now with more Dockersarahnovotny
 
NGINX 101 - now with more Docker
NGINX 101 - now with more DockerNGINX 101 - now with more Docker
NGINX 101 - now with more DockerSarah Novotny
 
What's new in NGINX Plus R19
What's new in NGINX Plus R19What's new in NGINX Plus R19
What's new in NGINX Plus R19NGINX, Inc.
 
NGINX: HTTP/2 Server Push and gRPC – EMEA
NGINX: HTTP/2 Server Push and gRPC – EMEANGINX: HTTP/2 Server Push and gRPC – EMEA
NGINX: HTTP/2 Server Push and gRPC – EMEANGINX, Inc.
 
CENTRAL MANAGEMENT OF NETWORK AND CALL SERVICES
CENTRAL MANAGEMENT OF NETWORK AND CALL SERVICESCENTRAL MANAGEMENT OF NETWORK AND CALL SERVICES
CENTRAL MANAGEMENT OF NETWORK AND CALL SERVICESNazmul Hossain Rakib
 
What’s New in NGINX Plus R15?
What’s New in NGINX Plus R15?What’s New in NGINX Plus R15?
What’s New in NGINX Plus R15?NGINX, Inc.
 
NGINX: HTTP/2 Server Push and gRPC
NGINX: HTTP/2 Server Push and gRPCNGINX: HTTP/2 Server Push and gRPC
NGINX: HTTP/2 Server Push and gRPCNGINX, Inc.
 
Maximizing PHP Performance with NGINX
Maximizing PHP Performance with NGINXMaximizing PHP Performance with NGINX
Maximizing PHP Performance with NGINXNGINX, Inc.
 
What’s New in NGINX Plus R16?
What’s New in NGINX Plus R16?What’s New in NGINX Plus R16?
What’s New in NGINX Plus R16?NGINX, Inc.
 
Introduction to Infrastructure as Code & Automation / Introduction to Chef
Introduction to Infrastructure as Code & Automation / Introduction to ChefIntroduction to Infrastructure as Code & Automation / Introduction to Chef
Introduction to Infrastructure as Code & Automation / Introduction to ChefAll Things Open
 
What is Nginx and Why You Should to Use it with Wordpress Hosting
What is Nginx and Why You Should to Use it with Wordpress HostingWhat is Nginx and Why You Should to Use it with Wordpress Hosting
What is Nginx and Why You Should to Use it with Wordpress HostingWPSFO Meetup Group
 
NGINX Plus R20 Webinar
NGINX Plus R20 WebinarNGINX Plus R20 Webinar
NGINX Plus R20 WebinarNGINX, Inc.
 
Nginx, PHP, Apache and Spelix
Nginx, PHP, Apache and SpelixNginx, PHP, Apache and Spelix
Nginx, PHP, Apache and SpelixHarald Zeitlhofer
 
NGINX Plus R19 : EMEA
NGINX Plus R19 : EMEANGINX Plus R19 : EMEA
NGINX Plus R19 : EMEANGINX, Inc.
 
ITB2019 NGINX Overview and Technical Aspects - Kevin Jones
ITB2019 NGINX Overview and Technical Aspects - Kevin JonesITB2019 NGINX Overview and Technical Aspects - Kevin Jones
ITB2019 NGINX Overview and Technical Aspects - Kevin JonesOrtus Solutions, Corp
 

Similaire à 5 things you didn't know nginx could do (20)

5 things you didn't know nginx could do velocity
5 things you didn't know nginx could do velocity5 things you didn't know nginx could do velocity
5 things you didn't know nginx could do velocity
 
20 tips for website performance
20 tips for website performance20 tips for website performance
20 tips for website performance
 
What's New in NGINX Plus R8
What's New in NGINX Plus R8What's New in NGINX Plus R8
What's New in NGINX Plus R8
 
What’s New in NGINX Plus R15? - EMEA
What’s New in NGINX Plus R15? - EMEAWhat’s New in NGINX Plus R15? - EMEA
What’s New in NGINX Plus R15? - EMEA
 
Delivering High Performance Websites with NGINX
Delivering High Performance Websites with NGINXDelivering High Performance Websites with NGINX
Delivering High Performance Websites with NGINX
 
NGINX 101 - now with more Docker
NGINX 101 - now with more DockerNGINX 101 - now with more Docker
NGINX 101 - now with more Docker
 
NGINX 101 - now with more Docker
NGINX 101 - now with more DockerNGINX 101 - now with more Docker
NGINX 101 - now with more Docker
 
What's new in NGINX Plus R19
What's new in NGINX Plus R19What's new in NGINX Plus R19
What's new in NGINX Plus R19
 
NGINX: HTTP/2 Server Push and gRPC – EMEA
NGINX: HTTP/2 Server Push and gRPC – EMEANGINX: HTTP/2 Server Push and gRPC – EMEA
NGINX: HTTP/2 Server Push and gRPC – EMEA
 
CENTRAL MANAGEMENT OF NETWORK AND CALL SERVICES
CENTRAL MANAGEMENT OF NETWORK AND CALL SERVICESCENTRAL MANAGEMENT OF NETWORK AND CALL SERVICES
CENTRAL MANAGEMENT OF NETWORK AND CALL SERVICES
 
What’s New in NGINX Plus R15?
What’s New in NGINX Plus R15?What’s New in NGINX Plus R15?
What’s New in NGINX Plus R15?
 
NGINX: HTTP/2 Server Push and gRPC
NGINX: HTTP/2 Server Push and gRPCNGINX: HTTP/2 Server Push and gRPC
NGINX: HTTP/2 Server Push and gRPC
 
Maximizing PHP Performance with NGINX
Maximizing PHP Performance with NGINXMaximizing PHP Performance with NGINX
Maximizing PHP Performance with NGINX
 
What’s New in NGINX Plus R16?
What’s New in NGINX Plus R16?What’s New in NGINX Plus R16?
What’s New in NGINX Plus R16?
 
Introduction to Infrastructure as Code & Automation / Introduction to Chef
Introduction to Infrastructure as Code & Automation / Introduction to ChefIntroduction to Infrastructure as Code & Automation / Introduction to Chef
Introduction to Infrastructure as Code & Automation / Introduction to Chef
 
What is Nginx and Why You Should to Use it with Wordpress Hosting
What is Nginx and Why You Should to Use it with Wordpress HostingWhat is Nginx and Why You Should to Use it with Wordpress Hosting
What is Nginx and Why You Should to Use it with Wordpress Hosting
 
NGINX Plus R20 Webinar
NGINX Plus R20 WebinarNGINX Plus R20 Webinar
NGINX Plus R20 Webinar
 
Nginx, PHP, Apache and Spelix
Nginx, PHP, Apache and SpelixNginx, PHP, Apache and Spelix
Nginx, PHP, Apache and Spelix
 
NGINX Plus R19 : EMEA
NGINX Plus R19 : EMEANGINX Plus R19 : EMEA
NGINX Plus R19 : EMEA
 
ITB2019 NGINX Overview and Technical Aspects - Kevin Jones
ITB2019 NGINX Overview and Technical Aspects - Kevin JonesITB2019 NGINX Overview and Technical Aspects - Kevin Jones
ITB2019 NGINX Overview and Technical Aspects - Kevin Jones
 

Plus de sarahnovotny

Interconnecting containers at scale #Dockercon
Interconnecting containers at scale #Dockercon Interconnecting containers at scale #Dockercon
Interconnecting containers at scale #Dockercon sarahnovotny
 
Building a Learning Culture
Building a Learning CultureBuilding a Learning Culture
Building a Learning Culturesarahnovotny
 
Lessons Learned and Best Practices for Game Development in the Cloud
Lessons Learned and Best Practices for Game Development in the CloudLessons Learned and Best Practices for Game Development in the Cloud
Lessons Learned and Best Practices for Game Development in the Cloudsarahnovotny
 
under the covers -- chef in 20 minutes or less
under the covers -- chef in 20 minutes or lessunder the covers -- chef in 20 minutes or less
under the covers -- chef in 20 minutes or lesssarahnovotny
 
people hacking: opensource biz etiquette
people hacking: opensource biz etiquettepeople hacking: opensource biz etiquette
people hacking: opensource biz etiquettesarahnovotny
 
IRL: How Geeks Undermine Their Presentations & Conversations With Body Language
IRL: How Geeks Undermine Their Presentations & Conversations With Body LanguageIRL: How Geeks Undermine Their Presentations & Conversations With Body Language
IRL: How Geeks Undermine Their Presentations & Conversations With Body Languagesarahnovotny
 
all data everywhere
all data everywhereall data everywhere
all data everywheresarahnovotny
 
you know databases, how hard can MySQL be?
you know databases, how hard can MySQL be?you know databases, how hard can MySQL be?
you know databases, how hard can MySQL be?sarahnovotny
 
nursing for future transhumanist
nursing for future transhumanistnursing for future transhumanist
nursing for future transhumanistsarahnovotny
 
Scaling my sql_in_3d
Scaling my sql_in_3dScaling my sql_in_3d
Scaling my sql_in_3dsarahnovotny
 
IGNITE MySQL - Backups Don't Make Me Money
IGNITE MySQL - Backups Don't Make Me MoneyIGNITE MySQL - Backups Don't Make Me Money
IGNITE MySQL - Backups Don't Make Me Moneysarahnovotny
 

Plus de sarahnovotny (14)

Interconnecting containers at scale #Dockercon
Interconnecting containers at scale #Dockercon Interconnecting containers at scale #Dockercon
Interconnecting containers at scale #Dockercon
 
Building a Learning Culture
Building a Learning CultureBuilding a Learning Culture
Building a Learning Culture
 
0 to enterprise
0 to enterprise0 to enterprise
0 to enterprise
 
Lessons Learned and Best Practices for Game Development in the Cloud
Lessons Learned and Best Practices for Game Development in the CloudLessons Learned and Best Practices for Game Development in the Cloud
Lessons Learned and Best Practices for Game Development in the Cloud
 
under the covers -- chef in 20 minutes or less
under the covers -- chef in 20 minutes or lessunder the covers -- chef in 20 minutes or less
under the covers -- chef in 20 minutes or less
 
people hacking: opensource biz etiquette
people hacking: opensource biz etiquettepeople hacking: opensource biz etiquette
people hacking: opensource biz etiquette
 
IRL: How Geeks Undermine Their Presentations & Conversations With Body Language
IRL: How Geeks Undermine Their Presentations & Conversations With Body LanguageIRL: How Geeks Undermine Their Presentations & Conversations With Body Language
IRL: How Geeks Undermine Their Presentations & Conversations With Body Language
 
geek_lifestyle
geek_lifestylegeek_lifestyle
geek_lifestyle
 
all data everywhere
all data everywhereall data everywhere
all data everywhere
 
you know databases, how hard can MySQL be?
you know databases, how hard can MySQL be?you know databases, how hard can MySQL be?
you know databases, how hard can MySQL be?
 
nursing for future transhumanist
nursing for future transhumanistnursing for future transhumanist
nursing for future transhumanist
 
Scaling my sql_in_3d
Scaling my sql_in_3dScaling my sql_in_3d
Scaling my sql_in_3d
 
IGNITE MySQL - Backups Don't Make Me Money
IGNITE MySQL - Backups Don't Make Me MoneyIGNITE MySQL - Backups Don't Make Me Money
IGNITE MySQL - Backups Don't Make Me Money
 
5 things MySql
5 things MySql5 things MySql
5 things MySql
 

Dernier

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 

Dernier (20)

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 

5 things you didn't know nginx could do

  • 1. 5 things you didn’t know NGINX could do Sarah Novotny Nginx, Inc.
  • 2. Many people know NGINX as an HTTP request and load balancing server that powers many of the world's busiest websites. But, there are a lot of ancillary pieces that go into the software to make it a whole web application accelerator.
  • 3. What is NGINX? Internet N Web Server Serve content from disk Application Server FastCGI, uWSGI, Passenger… Proxy Caching, Load Balancing… HTTP traffic
  • 5. Advanced Features Bandwidth Management Content-based Routing Request Manipulation Response Rewriting Application Acceleration SSL and SPDY termination Authentication Video Delivery Mail Proxy GeoLocation Performance Monitoring High Availability
  • 6. 22% Top 1 million websites 37% Top 1,000 websites
  • 7. Those 5 things -- 1. Compress assets for delivery 2. Stop form spamming 3. Protect Apache from thread exhaustion attacks 4. Rewrite content inline 5. Online updates Bonus: determine a nearly complete command for the configure script
  • 8. 1. Compress data to reduce bandwidth • Reduce bandwidth requirements per client – Content Compression reduces text and HTML – Image resampling reduces image sizes
  • 9. HTTP gzip module • Provides Gzip capabilities so that responses from NGINX are compressed to reduce file size • Directives can be used in the http, server and location contexts • Key directives – gzip – gzip_types – gzip_proxied © Copyright 2014 by ServiceRocket, Inc. | All Rights Reserved | Prepared for Nginx, Inc. 9
  • 10. Gzip example © Copyright 2014 by ServiceRocket, Inc. | All Rights Reserved | Prepared for Nginx, Inc. 10 It is not advisable to enable gzip for binary content types such as images, word documents or videos Enable gzip gzip on; Apply gzip for text, html and CSS gzip_types text/plain text/html text/css; Enable gzip compression for any proxied request gzip_proxy any;
  • 11. HTTP image filter • Provides inline image manipulation to transform images for optimal delivery • Directives can be used in the location context • Key directives – image_filter size; – image_filter resize width height; – image_filter crop width height; 11
  • 12. HTTP image filter example 12 location /img/ { proxy_pass http://backend; image_filter resize 150 100; image_filter rotate 90; error_page 415 = /empty; } location = /empty { empty_gif; }
  • 13. We talk about the ‘N second rule’: – 10 seconds (Jakob Nielsen, March 1997) – 8 seconds (Zona Research, June 2001) – 4 seconds (Jupiter Research, June 2006) – 3 seconds (PhocusWright, March 2010)
  • 14. 2. Stop brute force retries • Stop brute force password attacks • Stop form spamming – Use the NGINX limit request module
  • 15. HTTP limit req module • Allows granular control of request processing rate • Directives an be used in http, server and location contexts • Key directives – limit_req_zone – limit_req
  • 16. HTTP limit req module http { limit_req_zone $binary_remote_addr zone=one:10m rate=1r/s; … server { … location /search/ { limit_req zone=one burst=5; } } }
  • 17. 3. Protect Apache from thread exhaustion attacks • Use NGINX in front of Apache • Mitigates ‘slow loris’, ‘keep dead’ and ‘front page of hacker news’ attacks
  • 18. What is thread exhaustion? http process http process http process http process http process http process http process Client-side: Multiple Connections HTTP Keepalives Server-side: Limited concurrency
  • 19. How NGINX mitigates thread exhaustion N Large numbers of clients, with long-term keepalive connections NGINX reduces connections to the minimum number necessary
  • 20. 4. Rewrite content inline • Use the power of substitution to simplify updates • Directives can be used in the http, server and location contexts • Key directives – sub_filter_once – sub_filter – sub_filter_types
  • 21. HTTP sub module example 21 location / { sub_filter_once off; sub_filter_types text/html; sub_filter “__copyright_date__” “2014”; }
  • 22. 5. Online Binary updates and configuration changes • Update either the configuration files or the binary without losing any connections
  • 23. Configuration file update 23 [root@localhost ~]# nginx -s reload [root@localhost ~]#
  • 25. Binary update • Choose your method of binary installation • Replace the binary [root@localhost ~]# cat /var/run/nginx.pid 1991 [root@localhost ~]# kill –USR2 1991
  • 26. Binary update [root@localhost ~]# ps -ef |grep nginx root 1991 1 0 08:06 ? 00:00:00 nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx.conf nginx 2974 1991 0 08:22 ? 00:00:00 nginx: worker process nginx 2975 1991 0 08:22 ? 00:00:00 nginx: worker process root 3123 2948 0 08:43 pts/0 00:00:00 grep nginx root 3124 1991 0 08:43 ? 00:00:00 nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx.conf
  • 27. Binary update [root@localhost ~]# kill –WINCH 1991 • Verify things are working as expected (you can still back out gracefully at this point) [root@localhost ~]# kill –QUIT 1991
  • 28. Bonus: nginx –V gives a nearly complete configuration script for compiling
  • 29. [root@localhost ~]# nginx -V nginx version: nginx/1.5.7 built by gcc 4.4.7 20120313 (Red Hat 4.4.7-3) (GCC) TLS SNI support enabled configure arguments: --prefix=/etc/nginx/ --sbin- path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf --error- log-path=/var/log/nginx/error.log --http-log- path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid -- lock-path=/var/run/nginx.lock --http-client-body-temp- path=/var/cache/nginx/client_temp --http-proxy-temp- path=/var/cache/nginx/proxy_temp --http-fastcgi-temp- path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp- path=/var/cache/nginx/uwsgi_temp --http-scgi-temp- path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with- http_ssl_module --with-http_spdy_module --with-http_realip_module --with-http_addition_module --with-http_sub_module --with- http_dav_module --etc
  • 30. More resources • Check out our blog on nginx.com • Webinars: nginx.com/webinars Try NGINX F/OSS (nginx.org) or NGINX Plus (nginx.com)
  • 31. Thanks for your time! @sarahnovotny Evangelist, NGINX Program Chair, OSCON

Notes de l'éditeur

  1. Story starts with a single guy, Igor Sysoev What was originally a tool for managing concurrency hos evolved into a Web Application Accelerator Not because of vision but user driven innovation
  2. Top 37% These tend to be successful websites, generating revenue and featuring well in google search results
  3. Size: outputs json about image Rotate is also an option.
  4. You can also crop
  5. Story about int’l flight with metered transfer
  6. sets the shared memory zone and the maximum burst size of requests. If the requests rate exceeds the rate configured for a zone, their processing is delayed such that requests are processed at a defined rate. Excessive requests are delayed until their number exceeds the maximum burst size in which case the request is terminated with an error 503 (Service Temporarily Unavailable). By default, the maximum burst size is equal to zero.
  7. This can be granularly set up for specific portions of the site like /search or /registration or the like.
  8. It’s all about concurrency…
  9. It’s all about concurrency…
  10. Sets a string to replace and a replacement string. The string to replace is matched ignoring the case. The replacement string can contain variables. sub_filter_types is text/html by default
  11. You can also crop
  12. You can also crop
  13. You can also crop
  14. You can also crop
  15. You can also crop