Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

NginX - good practices, tips and advanced techniques

1,006 views

Published on

I brief description about how to use and why to use NginX, including good practices, tips, and advanced techniques.

Published in: Internet
  • Be the first to comment

NginX - good practices, tips and advanced techniques

  1. 1. NginX - Good practices, tips and advanced techniques Claudio Filho <claudio.filho@locaweb.com.br>
  2. 2. About me +14 years experience with Linux/Unix. Technical Operations Leader at Locaweb. I can handle myself in different languages such as Python, Perl, PHP, Bash, Lua, C and I'm learning Ruby. USF4 Player (PSN ID: but3k4 or piupiu_monstro).
  3. 3. A brief description about NginX NginX (pronounced "engine X”) is an OpenSource HTTP and reverse proxy server, a mail proxy server, and a load balancing server. Currently it is the second most popular web server on the Internet.
  4. 4. Good Practices NginX is flexible, it allows to do the same thing in different ways, but, good practices can save resources and increase the performance (such as good programming techniques).
  5. 5. try_files is basically a replacement for the typical mod_rewrite style file/directory existence check. If possible, avoid to use “if (-f …), it is a bad practice(according to author of NginX)., ex: bad: if (-f $request_filename) { ……………. } good: location / { try_files $uri $uri/ = 404; } try_files instead of if
  6. 6. Using the return directive we can completely avoid evaluation of regular expression. bad: rewrite ^/(.*)$ http://domain.com/$1 permanent; also bad: rewrite ^ http://domain.com$request_uri? permanent; good: return 301 http://domain.com$request_uri; return instead of rewrite
  7. 7. Avoid proxy everything. The try_files directive tries files in a specific order. This means that NginX can first look for a number of static files to serve and if not found move on to a user defined fallback. proxy everything bad: location / { proxy_pass http://upstream_servers; } good: location / { try_files $uri $uri/ @proxy; } location @proxy { proxy_pass http://upstream_servers; }
  8. 8. You can include any configuration files for what ever purpose you want. The include directive also supports filename globbing. The examples below show how the nginx.conf file already uses includes by default: include files include /etc/nginx/conf.d/*.conf; or include conf.d/*.conf;
  9. 9. Tips NginX has dozen of modules (native or third- party), each module has a lot of directive, each directive has its own peculiarities.
  10. 10. core module core module has a lot of directives, among of them, there are interested directives: http2 location limit_rate error_page resolver try_files
  11. 11. http rewrite module This module makes it possible to change URI using Perl Compatible Regular Expressions (PCRE), and to redirect and select configuration depending on variables. This cycle can be repeated up to 10 times, after which Nginx returns a 500 error. server_name ~^(?P<subdomain>[wd-]+.)?(?P<domain>[wd-]+).(?P<cctld>[w.]+)$; set $docroot "default"; if ($domain) { set $docroot $domain; } root /srv/$docroot/www;
  12. 12. gzip log files If you want, you can specify compression of the log files. If the gzip parameter is used, then the buffered data will be compressed before writing to the file. Since the data is compressed in atomic blocks, the log file can be decompressed or read by "zcat" at any time. format: access_log location format gzip; ex: access_log /var/log/nginx/access.log.gz combined gzip;
  13. 13. http map module The http map module enable to create variables whose values depend on values of other variables. You can create new variable whose value depends on values of one or more of the source variables specified in the first parameter. map $http_user_agent $bad_user_agent { default 0; ~*wget 1; ~*curl 1; ~*libwww-perl 1; ~*python-urllib 1; ~*PycURL 1; }
  14. 14. http echo module This module wraps lots of Nginx internal APIs for streaming input and output, parallel/sequential subrequests, timers and sleeping, as well as various meta data accessing. location /echo { default_type text/html; echo -n "<html>n<head><title>echo</title></head>n<body><h1>echo</h1></body>n</html> n"; }
  15. 15. http lua module This module embeds Lua, via the standard Lua 5.1 interpreter or LuaJIT 2.0/2.1, into Nginx and by leveraging Nginx's subrequests, allows the integration of the powerful Lua threads (Lua coroutines) into the Nginx event model. location /lua { default_type text/plain; content_by_lua “nginx.say(‘hello, world!’)“; }
  16. 16. http perl module The ngx_http_perl_module module is used to implement location and variable handlers in Perl and insert Perl calls into SSI.
  17. 17. http Live Streaming (HLS) module The ngx_http_hls_module module provides HTTP Live Streaming (HLS) server-side support for MP4 and MOV media files. Such files typically have the .mp4, .m4v, .m4a, .mov, or .qt filename extensions. The module supports H.264 video codec, AAC and MP3 audio codecs. http://www.claudioborges.org/sf4.mp4.m3u8?offset=1.000&start=1.000&end=2.200 http://www.claudioborges.org/sf4.mp4.m3u8?len=8.000 http://www.claudioborges.org/sf4.mp4.ts?start=1.000&end=2.200
  18. 18. third-party modules These modules are not officially supported and may not be compatible across versions of Nginx. If you check this (http://wiki.nginx.org/3rdPartyModules) you can find interested things. Enjoy at your own risk. To compile a third-party module, from the Nginx source directory, type: ./configure --add-module=/path/to/module1/source --add-module=/path/to/module2/source
  19. 19. Advanced techniques NginX is a powerful web server with a lot of features. But, it has a few limitations. For example, it doesn’t have nested ifs, but, you can use a different way to do that.
  20. 20. nested if statement - part 1 Like I said, NginX doesn't allow nested if statements, for example, you can't do something like: if ($http_refer ~* “.*claudioborges.*" && $args ~* “execute”) { rewrite ^/things$ /another_thing break; }
  21. 21. nested if statement part - 2 But, you can do using a different way: set $result ""; if ($http_refer ~* ".*claudioborges.*") { set $result 1; } if ($args ~* "execute") { set $result 2; } if ($result = 2) { rewrite ^/things$ /another_thing break; }
  22. 22. Dynamic virtual host You can use dynamic virtual hosts in NginX. I mean, you can create just one file for many websites. It works similar to Apache mod_vhost_alias. server { listen 80; server_name ~^(?P<subdomain>[wd-]+.)?(?P<domain>[wd-]+).(?P<cctld>[w.]+)$; index index.html; set $docroot “default"; if ($domain) { set $docroot $domain; } root /srv/$docroot/www; location / { try_files $uri $uri/ =404; } access_log /var/log/nginx/$domain-access.log main; error_log /var/log/nginx/error.log; }
  23. 23. HTTP and HTTPS in the same virtual host - part 1 Unlike Apache, NginX allows to use the same virtual host for both HTTP and HTTPS. Its configuration is pretty easy and using it avoid duplicate configurations.
  24. 24. HTTP and HTTPS in the same virtual host - part 2 To do that, you need to merge the HTTP and HTTPS virtual host file in a unique file. The only detail is: You need to omit the "SSL on" option. This directive in modern versions is thus discouraged. The example below shows an unique virtual host that handles both HTTP and HTTPS requests: server { listen 80; listen 443 ssl http2; server_name www.example.com; ssl_certificate www.example.com.crt; ssl_certificate_key www.example.com.key; ... }
  25. 25. References http://nginx.org http://wiki.nginx.org/Pitfalls http://wiki.nginx.org/IfIsEvil http://wiki.nginx.org/3rdPartyModules http://w3techs.com/technologies/cross/ web_server/ranking
  26. 26. Thanks for you attention! Any questions? Claudio Filho <claudio.filho@locaweb.com.br> @but3k4 http://www.claudioborges.org https://github.com/but3k4

×