SlideShare a Scribd company logo

NGINX 101 - now with more Docker

Download as PPTX, PDF
Sarah Novotny
Sarah Novotny

NGINX is used by more than 130 million websites as a lightweight way to serve web content. Use it to decrease costs, improve performance and open up bottlenecks in web and application server environments without a major architectural overhaul. In this talk, we'll cover the three most basic use cases of static content delivery, application load balancing, and web proxying with caching; and touch on the NGINX maintained Docker container.

Internet
1 of 55
NGINX 101 Now with more Docker
Core NGINX functionality includes HTTP request, proxy and caching services which can be combined into a complete application delivery platform. Or, as we like to think of it….
The origins NGINX development began at Rambler.ru by Igor Sysoev to solve c10k problem • High concurrency • Low memory use • 2002 commodity hardware
High Concurrency Source: Webfaction Blog: http://blog.webfaction.com/2008/12/a-little-holiday-present-10000-reqssec-with-nginx-2/
Low Memory Use Source: Webfaction Blog: http://blog.webfaction.com/2008/12/a-little-holiday-present-10000-reqssec-with-nginx-2/
Learn more at nginx.com Apache is like Microsoft Word, it has a million options but you only need six. Nginx does those six things, and it does five of them 50 times faster than Apache. - Chris Lea
1. What functionality do you require? • Standard modules • NGINX Plus functionality • Optional NGINX and third-party modules 3. How do you want to install? • “Official” NGINX packages (nginx.org) • Build from Source • From Operating System repository • From AWS or Azure Marketplaces • From Docker Hub Registry 2. What branch do you want to track? • Mainline (1.7) • Stable (1.6) • Something older? http://nginx.com/blog/nginx-1-6-1-7-released/ Questions before you begin
$ wget http://nginx.org/keys/nginx_signing.key $ sudo apt-key add nginx_signing.key # cat > /etc/apt/sources.list.d/nginx.list deb http://nginx.org/packages/mainline/ubuntu/ trusty nginx deb-src http://nginx.org/packages/mainline/ubuntu/ trusty nginx # apt-get update # apt-cache policy nginx nginx: Installed: (none) Candidate: 1.7.0-1~trusty Version table: 1.7.0-1~trusty 0 500 http://nginx.org/packages/mainline/ubuntu/ trusty/nginx amd64 Packages 1.4.6-1ubuntu3 0 500 http://us.archive.ubuntu.com/ubuntu/ trusty/main amd64 Packages Traditional Installation http://nginx.org/en/linux_packages.html#mainline
Verify it’s working # /etc/init.d/nginx status * nginx is running # /usr/sbin/nginx –v nginx version: nginx/1.7.0
The basics of the install
Where are the things • NGINX executable is at /usr/sbin/nginx • Configuration files at /etc/nginx • Log files at /var/log/nginx
NGINX processes • One master process and many worker processes • The master process evaluates the configuration file and manages the worker processes • Worker processes handle actual requests [root@localhost ~]# ps -ef |grep nginx root 1991 1 0 08:06 ? 00:00:00 nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx.conf nginx 2974 1991 0 08:22 ? 00:00:00 nginx: worker process nginx 2975 1991 0 08:22 ? 00:00:00 nginx: worker process
Basic NGINX commands • To start NGINX, simply run the executable file at /usr/sbin/nginx • The executable can be run with a “-s” parameter followed by a signal. Reload configuration nginx –s reload Graceful shutdown. NGINX will wait for workers to finish processing requests nginx –s quit Fast shutdown nginx –s stop
The NGINX configuration file • The configuration file determines how NGINX and its modules behave • The main file is named nginx.conf and is located in /etc/nginx • The main configuration file may include references to additional configuration files • Configuration consists of – Directives – Blocks – Contexts
Configuration directives
Directives • Consists of the directive name, followed by parameters and ends in a semicolon • Two types of directives – Simple directive – Block directive A Directive is a configuration statement that controls the behaviour of NGINX modules
Block Directives A Block Directive is a directive that contains multiple configuration instructions • The configurations instructions inside a block directive are surrounded by braces (i.e { } )
Context example • Example of a Server context, which has two location blocks • The server context here can also be referred to as a server block
Specify the Server Block • Goes inside the HTTP context • Can contain a listen directive, server_name directive and root directive • Can specify many server blocks • Equivalent to VirtualHost in Apache The Server block defines the configuration for a virtual server
Specify the Server Block • NGINX will choose which server to process a request based on the server name and the listen port The Server block defines the configuration for a virtual server Define a virtual server that listens for requests on port 80 http { server { listen 80; } }
Location Block • Placed inside a server block • Server block can contain many location blocks • Can contain a Root directive, which will override the Root directive of the server • Can be nested inside a location block • Two types of location blocks Prefix location + Regex location • The location block defines the configuration that will apply based on a matching request URI
Example Server and Location • Root directive sets the root directory for a request. • A request to localhost:8080 will return the • index.html file in /home/nginx/public_html server { listen 8080; root /home/nginx/public_html; location /application1 { } location /images/ { root /data; } }
The Include directive • The include directive allows you to include additional configuration files • Syntax: include <path to file>; • Best Practices: – For each server, create a separate configuration file in /etc/nginx/conf.d – nginx.conf includes all files in the conf.d folder ending in .conf by default
Defining server names • Use the server_name directive in the server context to define the names for your server server { server_name mycompany.com *.mycompany.com; }
Simple Proxy Scenario • Server one listening for requests on port 80 and serves content from /home/nginx/public_html • Server two listens on port 8080 and serves content from /data/proxy • Requests for localhost are proxied over to the server on port 8080
Simple Proxy Scenario
Logging • The error_log directive can be used to configure the logging settings • Syntax: error_log <file> <log level>; • Can be used in the main, server, http and location contexts • The Log level specifies how detailed the log output will be Example error_log logs/error.log info;
Logging best practices • Should keep a separate error log file for each server • Helps to reduce size of each log file and makes troubleshooting easier server { server_name server1.com; root /data/server1.com; error_log logs/server1.error.log info; } server { server_name server2.com root /data/server2.com; error_log logs/server2.error.log info; }
Proxying to the upstream block
Specifying server priorities • By default, all servers defined in the upstream block are treated with equal priority • Use the weight parameter to indicate a higher or lower weighting for a particular server upstream myServers { server backend.server1 weight=5 server backend.server2 weight=3 server backend.server3 weight=2 }
Reverse proxy and caching • It’s common to use NGINX in front of another web or application server • NGINX can handle serving all the static content, while requests for dynamic content such as php are proxied to the application server • Static content can then be cached to improve performance
Defining the cache path http { proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=server-cache:8m max_size=1000m inactive=600m; proxy_temp_path /tmp/nginx; • proxy_cache_path directive to set where to store cached content • proxy_temp_path directive tells NGINX where to store temporary data which is used to build the cache • Both directives must be placed in HTTP context
Defining the cache path • proxy_cache_path parameters – keys_zone parameter specifies the name and size of the cache – max_size parameter specifies the maximum size of the cache – Inactive parameter specifies how long cached data is kept for if not accessed
Configuring the proxy cache • proxy_cache_key directive specifies to use the hostname/subdomain/domain and request URI as the key • proxy_cache directive defines the shared memory zone used for caching. – Name specified must match the name of the cache defined in the proxy_cache_path directive Location / { proxy_pass http://application.com:8080; proxy_cache_key “$scheme$host$request_uri”; proxy_cache server-cache; proxy_chache_valid 1m; proxy_cache_valid 404 1m; ]
Passing headers • Use proxy_set_header directive to redefine the request header fields that are passed to the proxied server • Use this to pass on the hostname and IP address of the request machine • Without setting the headers, the server you proxy to will simply see your reverse proxy server’s host and IP proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
Configuring a HTTPS server • Enable SSL by specifying the SSL parameter on the listen directive • Specify the path of your SSL server certificate and private key server { listen 443 ssl; server_name training.secure.com; error_log logs/secure.error.log; ssl_certificate /etc/nginx/certs/nginxtraining.crt ssl_certificate_key /etc/nginx/certs/nginxtraining.key ]
SSL session cache • SSL sessions can be stored in a cache and reused in order to avoid having to perform a “handshake” as part of subsequent connections • Reduces the amount of CPU intensive operations on the server • The session cache can be shared between workers • Cache will timeout after 5 minutes by default, but this can be configured with the ssl_session_timeout directive
Session cache example • Syntax ssl_session_cache shared:<name>:size; • Size is specified in bytes or megabytes • 1 MB can store around 4000 sessions • Can specified in the http or server context Example http { ssl_session_cache shared:ssl:10m; ssl_session_timeout 10m; server { listen 443 ssl; ...
Now with more Docker
registry.hub.docker.com
Dockerfile FROM debian:wheezy MAINTAINER NGINX Docker Maintainers "docker-maint@nginx.com" RUN apt-key adv --keyserver pgp.mit.edu --recv-keys 573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62 RUN echo "deb http://nginx.org/packages/mainline/debian/ wheezy nginx" >> /etc/apt/sources.list ENV NGINX_VERSION 1.7.10-1~wheezy RUN apt-get update && apt-get install -y ca-certificates nginx=${NGINX_VERSION} && rm -rf /var/lib/apt/lists/* # forward request and error logs to docker log collector RUN ln -sf /dev/stdout /var/log/nginx/access.log RUN ln -sf /dev/stderr /var/log/nginx/error.log VOLUME ["/var/cache/nginx"] EXPOSE 80 443 CMD ["nginx", "-g", "daemon off;"]
$ docker run -P –d nginx ff635ea2653c9489de7037b5c106a26d36f5907e4e75a43f47a3a38029a56b14 # docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES ff635ea2653c nginx:latest "nginx -g 'daemon of 16 seconds ago Up 11 seconds 0.0.0.0:49153->443/tcp, 0.0.0.0:49154->80/tcp nginx-test Run our Docker container https://registry.hub.docker.com/_/nginx/
$ docker@52.10.213.150 ~: docker run -it nginx /bin/bash root@74d2a7e93244:/# more /etc/nginx/nginx.conf user nginx; worker_processes 1; error_log /var/log/nginx/error.log warn; pid /var/run/nginx.pid; events { worker_connections 1024; } http { include /etc/nginx/mime.types; default_type application/octet-stream; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"’; … Exploring our Docker container
Extending base images in your Dockerfile From @jpettazo’s Docker talk 20150220 #SCaLE13x
Your NGINX Dockerfile FROM nginx RUN rm /etc/nginx/conf.d/default.conf RUN rm /etc/nginx/conf.d/example_ssl.conf COPY static-html-directory /usr/share/nginx/html COPY nginx.conf /etc/nginx/nginx.conf http://nginx.com/blog/deploying-nginx-nginx-plus-docker/ • Fancier options i.e. more repeatable and scalable – Defining VOLUMEs – Using helper containers – Linking containers
http://sarah.is/ExcitedAboutMicroservices @sarahnovotny Chief Evangelist, NGINX Program Chair, OSCON Thanks for your time!
NGINX 101 - now with more Docker
NGINX 101 - now with more Docker
NGINX 101 - now with more Docker
NGINX 101 - now with more Docker
NGINX 101 - now with more Docker
NGINX 101 - now with more Docker

Recommended

NGINX: High Performance Load Balancing
NGINX: High Performance Load BalancingNGINX: High Performance Load Balancing
NGINX: High Performance Load Balancing
NGINX, Inc.
 
Nginx A High Performance Load Balancer, Web Server & Reverse Proxy
Nginx A High Performance Load Balancer, Web Server & Reverse ProxyNginx A High Performance Load Balancer, Web Server & Reverse Proxy
Nginx A High Performance Load Balancer, Web Server & Reverse Proxy
Amit Aggarwal
 
ITB2019 NGINX Overview and Technical Aspects - Kevin Jones
ITB2019 NGINX Overview and Technical Aspects - Kevin JonesITB2019 NGINX Overview and Technical Aspects - Kevin Jones
ITB2019 NGINX Overview and Technical Aspects - Kevin Jones
Ortus Solutions, Corp
 
under the covers -- chef in 20 minutes or less
under the covers -- chef in 20 minutes or lessunder the covers -- chef in 20 minutes or less
under the covers -- chef in 20 minutes or less
sarahnovotny
 
Introduction to NGINX web server
Introduction to NGINX web serverIntroduction to NGINX web server
Introduction to NGINX web server
Md Waresul Islam
 
Nginx
NginxNginx
Nginx
Geeta Vinnakota
 
Apache Camel: Jetty Component With Example
Apache Camel: Jetty Component With ExampleApache Camel: Jetty Component With Example
Apache Camel: Jetty Component With Example
Amit Aggarwal
 
Rate Limiting with NGINX and NGINX Plus
Rate Limiting with NGINX and NGINX PlusRate Limiting with NGINX and NGINX Plus
Rate Limiting with NGINX and NGINX Plus
NGINX, Inc.
 

Recommended

NGINX: High Performance Load Balancing
NGINX: High Performance Load BalancingNGINX: High Performance Load Balancing
NGINX: High Performance Load Balancing
NGINX, Inc.
 
Nginx A High Performance Load Balancer, Web Server & Reverse Proxy
Nginx A High Performance Load Balancer, Web Server & Reverse ProxyNginx A High Performance Load Balancer, Web Server & Reverse Proxy
Nginx A High Performance Load Balancer, Web Server & Reverse Proxy
Amit Aggarwal
 
ITB2019 NGINX Overview and Technical Aspects - Kevin Jones
ITB2019 NGINX Overview and Technical Aspects - Kevin JonesITB2019 NGINX Overview and Technical Aspects - Kevin Jones
ITB2019 NGINX Overview and Technical Aspects - Kevin Jones
Ortus Solutions, Corp
 
under the covers -- chef in 20 minutes or less
under the covers -- chef in 20 minutes or lessunder the covers -- chef in 20 minutes or less
under the covers -- chef in 20 minutes or less
sarahnovotny
 
Introduction to NGINX web server
Introduction to NGINX web serverIntroduction to NGINX web server
Introduction to NGINX web server
Md Waresul Islam
 
Nginx
NginxNginx
Nginx
Geeta Vinnakota
 
Apache Camel: Jetty Component With Example
Apache Camel: Jetty Component With ExampleApache Camel: Jetty Component With Example
Apache Camel: Jetty Component With Example
Amit Aggarwal
 
Rate Limiting with NGINX and NGINX Plus
Rate Limiting with NGINX and NGINX PlusRate Limiting with NGINX and NGINX Plus
Rate Limiting with NGINX and NGINX Plus
NGINX, Inc.
 
High Availability Content Caching with NGINX
High Availability Content Caching with NGINXHigh Availability Content Caching with NGINX
High Availability Content Caching with NGINX
NGINX, Inc.
 
5 things you didn't know nginx could do
5 things you didn't know nginx could do5 things you didn't know nginx could do
5 things you didn't know nginx could do
sarahnovotny
 
NGINX: Basics & Best Practices - EMEA Broadcast
NGINX: Basics & Best Practices - EMEA BroadcastNGINX: Basics & Best Practices - EMEA Broadcast
NGINX: Basics & Best Practices - EMEA Broadcast
NGINX, Inc.
 
Extending functionality in nginx, with modules!
Extending functionality in nginx, with modules!Extending functionality in nginx, with modules!
Extending functionality in nginx, with modules!
Trygve Vea
 
Nginx - Tips and Tricks.
Nginx - Tips and Tricks.Nginx - Tips and Tricks.
Nginx - Tips and Tricks.
Harish S
 
Nginx dhruba mandal
Nginx dhruba mandalNginx dhruba mandal
Nginx dhruba mandal
Dhrubaji Mandal ♛
 
Delivering High Performance Websites with NGINX
Delivering High Performance Websites with NGINXDelivering High Performance Websites with NGINX
Delivering High Performance Websites with NGINX
NGINX, Inc.
 
5 things you didn't know nginx could do velocity
5 things you didn't know nginx could do velocity5 things you didn't know nginx could do velocity
5 things you didn't know nginx could do velocity
sarahnovotny
 
Load Balancing Applications with NGINX in a CoreOS Cluster
Load Balancing Applications with NGINX in a CoreOS ClusterLoad Balancing Applications with NGINX in a CoreOS Cluster
Load Balancing Applications with NGINX in a CoreOS Cluster
Kevin Jones
 
NginX - good practices, tips and advanced techniques
NginX - good practices, tips and advanced techniquesNginX - good practices, tips and advanced techniques
NginX - good practices, tips and advanced techniques
Claudio Borges
 
Nginx Internals
Nginx InternalsNginx Internals
Nginx Internals
Joshua Zhu
 
Nginx internals
Nginx internalsNginx internals
Nginx internals
liqiang xu
 
NGINX High-performance Caching
NGINX High-performance CachingNGINX High-performance Caching
NGINX High-performance Caching
NGINX, Inc.
 
Content Caching with NGINX and NGINX Plus
Content Caching with NGINX and NGINX PlusContent Caching with NGINX and NGINX Plus
Content Caching with NGINX and NGINX Plus
Kevin Jones
 
Load Balancing MySQL with HAProxy - Slides
Load Balancing MySQL with HAProxy - SlidesLoad Balancing MySQL with HAProxy - Slides
Load Balancing MySQL with HAProxy - Slides
Severalnines
 
Nginx
NginxNginx
Nginx
Dhrubaji Mandal ♛
 
How to monitor NGINX
How to monitor NGINXHow to monitor NGINX
How to monitor NGINX
Server Density
 
Kea DHCP – the new open source DHCP server from ISC
Kea DHCP – the new open source DHCP server from ISCKea DHCP – the new open source DHCP server from ISC
Kea DHCP – the new open source DHCP server from ISC
Men and Mice
 
SLA Europe Abu Dhabi Gulf Chapter Conference part 3
SLA Europe Abu Dhabi Gulf Chapter Conference part 3SLA Europe Abu Dhabi Gulf Chapter Conference part 3
SLA Europe Abu Dhabi Gulf Chapter Conference part 3
SLA Europe
 
Karma kaakatyasiddhant
Karma kaakatyasiddhantKarma kaakatyasiddhant
Karma kaakatyasiddhant
gurusewa
 
Sahaj sadhna
Sahaj sadhnaSahaj sadhna
Sahaj sadhna
gurusewa
 
SITO Presentaion - by Paul
SITO Presentaion - by PaulSITO Presentaion - by Paul
SITO Presentaion - by Paul
Paul Hiscox
 

More Related Content

What's hot

High Availability Content Caching with NGINX
High Availability Content Caching with NGINXHigh Availability Content Caching with NGINX
High Availability Content Caching with NGINX
NGINX, Inc.
 
Nginx - Tips and Tricks.
Nginx - Tips and Tricks.Nginx - Tips and Tricks.
Nginx - Tips and Tricks.
Harish S
 
Delivering High Performance Websites with NGINX
Delivering High Performance Websites with NGINXDelivering High Performance Websites with NGINX
Delivering High Performance Websites with NGINX
NGINX, Inc.
 
Nginx internals
Nginx internalsNginx internals
Nginx internals
liqiang xu
 

What's hot (18)

High Availability Content Caching with NGINX
High Availability Content Caching with NGINXHigh Availability Content Caching with NGINX
High Availability Content Caching with NGINX
 
5 things you didn't know nginx could do
5 things you didn't know nginx could do5 things you didn't know nginx could do
5 things you didn't know nginx could do
 
NGINX: Basics & Best Practices - EMEA Broadcast
NGINX: Basics & Best Practices - EMEA BroadcastNGINX: Basics & Best Practices - EMEA Broadcast
NGINX: Basics & Best Practices - EMEA Broadcast
 
Extending functionality in nginx, with modules!
Extending functionality in nginx, with modules!Extending functionality in nginx, with modules!
Extending functionality in nginx, with modules!
 
Nginx - Tips and Tricks.
Nginx - Tips and Tricks.Nginx - Tips and Tricks.
Nginx - Tips and Tricks.
 
Nginx dhruba mandal
Nginx dhruba mandalNginx dhruba mandal
Nginx dhruba mandal
 
Delivering High Performance Websites with NGINX
Delivering High Performance Websites with NGINXDelivering High Performance Websites with NGINX
Delivering High Performance Websites with NGINX
 
5 things you didn't know nginx could do velocity
5 things you didn't know nginx could do velocity5 things you didn't know nginx could do velocity
5 things you didn't know nginx could do velocity
 
Load Balancing Applications with NGINX in a CoreOS Cluster
Load Balancing Applications with NGINX in a CoreOS ClusterLoad Balancing Applications with NGINX in a CoreOS Cluster
Load Balancing Applications with NGINX in a CoreOS Cluster
 
NginX - good practices, tips and advanced techniques
NginX - good practices, tips and advanced techniquesNginX - good practices, tips and advanced techniques
NginX - good practices, tips and advanced techniques
 
Nginx Internals
Nginx InternalsNginx Internals
Nginx Internals
 
Nginx internals
Nginx internalsNginx internals
Nginx internals
 
NGINX High-performance Caching
NGINX High-performance CachingNGINX High-performance Caching
NGINX High-performance Caching
 
Content Caching with NGINX and NGINX Plus
Content Caching with NGINX and NGINX PlusContent Caching with NGINX and NGINX Plus
Content Caching with NGINX and NGINX Plus
 
Load Balancing MySQL with HAProxy - Slides
Load Balancing MySQL with HAProxy - SlidesLoad Balancing MySQL with HAProxy - Slides
Load Balancing MySQL with HAProxy - Slides
 
Nginx
NginxNginx
Nginx
 
How to monitor NGINX
How to monitor NGINXHow to monitor NGINX
How to monitor NGINX
 
Kea DHCP – the new open source DHCP server from ISC
Kea DHCP – the new open source DHCP server from ISCKea DHCP – the new open source DHCP server from ISC
Kea DHCP – the new open source DHCP server from ISC
 

Viewers also liked

Karma kaakatyasiddhant
Karma kaakatyasiddhantKarma kaakatyasiddhant
Karma kaakatyasiddhant
gurusewa
 
Sahaj sadhna
Sahaj sadhnaSahaj sadhna
Sahaj sadhna
gurusewa
 
The bible; how to study and understand it#2
The bible; how to study and understand it#2The bible; how to study and understand it#2
The bible; how to study and understand it#2
Rick Dupperon
 
טקס יום הזיכרון לחללי צהל
טקס יום הזיכרון לחללי צהלטקס יום הזיכרון לחללי צהל
טקס יום הזיכרון לחללי צהל
guest60cd323
 
Gyani kigatgyanijane
Gyani kigatgyanijaneGyani kigatgyanijane
Gyani kigatgyanijane
gurusewa
 
Lessonsto mind
Lessonsto mindLessonsto mind
Lessonsto mind
gurusewa
 
Desarro curricular
Desarro curricularDesarro curricular
Desarro curricular
moreliano68
 
Purusharth paramdev
Purusharth paramdevPurusharth paramdev
Purusharth paramdev
gurusewa
 
Nirbhaya naad
Nirbhaya naadNirbhaya naad
Nirbhaya naad
gurusewa
 
Mehakate phool
Mehakate phoolMehakate phool
Mehakate phool
gurusewa
 
Blogs and wikis keynote
Blogs and wikis keynoteBlogs and wikis keynote
Blogs and wikis keynote
Teresa Wells
 
Yog yatra3
Yog yatra3Yog yatra3
Yog yatra3
gurusewa
 
Shri krishnajanamashtami
Shri krishnajanamashtamiShri krishnajanamashtami
Shri krishnajanamashtami
gurusewa
 
Yog yatra4hindi
Yog yatra4hindiYog yatra4hindi
Yog yatra4hindi
gurusewa
 

Viewers also liked (20)

SLA Europe Abu Dhabi Gulf Chapter Conference part 3
SLA Europe Abu Dhabi Gulf Chapter Conference part 3SLA Europe Abu Dhabi Gulf Chapter Conference part 3
SLA Europe Abu Dhabi Gulf Chapter Conference part 3
 
Karma kaakatyasiddhant
Karma kaakatyasiddhantKarma kaakatyasiddhant
Karma kaakatyasiddhant
 
Sahaj sadhna
Sahaj sadhnaSahaj sadhna
Sahaj sadhna
 
SITO Presentaion - by Paul
SITO Presentaion - by PaulSITO Presentaion - by Paul
SITO Presentaion - by Paul
 
The bible; how to study and understand it#2
The bible; how to study and understand it#2The bible; how to study and understand it#2
The bible; how to study and understand it#2
 
טקס יום הזיכרון לחללי צהל
טקס יום הזיכרון לחללי צהלטקס יום הזיכרון לחללי צהל
טקס יום הזיכרון לחללי צהל
 
You Should Know This Man ( Salllallahu Alaih Wasallam)
You Should Know This Man ( Salllallahu Alaih Wasallam)You Should Know This Man ( Salllallahu Alaih Wasallam)
You Should Know This Man ( Salllallahu Alaih Wasallam)
 
Gyani kigatgyanijane
Gyani kigatgyanijaneGyani kigatgyanijane
Gyani kigatgyanijane
 
Lessonsto mind
Lessonsto mindLessonsto mind
Lessonsto mind
 
Desarro curricular
Desarro curricularDesarro curricular
Desarro curricular
 
Purusharth paramdev
Purusharth paramdevPurusharth paramdev
Purusharth paramdev
 
Nirbhaya naad
Nirbhaya naadNirbhaya naad
Nirbhaya naad
 
Open Access (OA) - Introduction
Open Access (OA) - IntroductionOpen Access (OA) - Introduction
Open Access (OA) - Introduction
 
Mcg overview
Mcg overviewMcg overview
Mcg overview
 
C21 Indy Star
C21 Indy StarC21 Indy Star
C21 Indy Star
 
Mehakate phool
Mehakate phoolMehakate phool
Mehakate phool
 
Blogs and wikis keynote
Blogs and wikis keynoteBlogs and wikis keynote
Blogs and wikis keynote
 
Yog yatra3
Yog yatra3Yog yatra3
Yog yatra3
 
Shri krishnajanamashtami
Shri krishnajanamashtamiShri krishnajanamashtami
Shri krishnajanamashtami
 
Yog yatra4hindi
Yog yatra4hindiYog yatra4hindi
Yog yatra4hindi
 

Similar to NGINX 101 - now with more Docker

NGINX: High Performance Load Balancing
NGINX: High Performance Load BalancingNGINX: High Performance Load Balancing
NGINX: High Performance Load Balancing
NGINX, Inc.
 
NGINX ADC: Basics and Best Practices
NGINX ADC: Basics and Best PracticesNGINX ADC: Basics and Best Practices
NGINX ADC: Basics and Best Practices
NGINX, Inc.
 
NGINX ADC: Basics and Best Practices – EMEA
NGINX ADC: Basics and Best Practices – EMEANGINX ADC: Basics and Best Practices – EMEA
NGINX ADC: Basics and Best Practices – EMEA
NGINX, Inc.
 
What’s New in NGINX Plus R16? – EMEA
What’s New in NGINX Plus R16? – EMEAWhat’s New in NGINX Plus R16? – EMEA
What’s New in NGINX Plus R16? – EMEA
NGINX, Inc.
 
What’s New in NGINX Plus R16?
What’s New in NGINX Plus R16?What’s New in NGINX Plus R16?
What’s New in NGINX Plus R16?
NGINX, Inc.
 
Introduction to Infrastructure as Code & Automation / Introduction to Chef
Introduction to Infrastructure as Code & Automation / Introduction to ChefIntroduction to Infrastructure as Code & Automation / Introduction to Chef
Introduction to Infrastructure as Code & Automation / Introduction to Chef
Nathen Harvey
 

Similar to NGINX 101 - now with more Docker (20)

NGINX: Basics and Best Practices
NGINX: Basics and Best PracticesNGINX: Basics and Best Practices
NGINX: Basics and Best Practices
 
NGINX: Basics and Best Practices EMEA
NGINX: Basics and Best Practices EMEANGINX: Basics and Best Practices EMEA
NGINX: Basics and Best Practices EMEA
 
NGINX: High Performance Load Balancing
NGINX: High Performance Load BalancingNGINX: High Performance Load Balancing
NGINX: High Performance Load Balancing
 
NGINX ADC: Basics and Best Practices
NGINX ADC: Basics and Best PracticesNGINX ADC: Basics and Best Practices
NGINX ADC: Basics and Best Practices
 
NGINX ADC: Basics and Best Practices – EMEA
NGINX ADC: Basics and Best Practices – EMEANGINX ADC: Basics and Best Practices – EMEA
NGINX ADC: Basics and Best Practices – EMEA
 
What’s New in NGINX Plus R16? – EMEA
What’s New in NGINX Plus R16? – EMEAWhat’s New in NGINX Plus R16? – EMEA
What’s New in NGINX Plus R16? – EMEA
 
High Availability Content Caching with NGINX
High Availability Content Caching with NGINXHigh Availability Content Caching with NGINX
High Availability Content Caching with NGINX
 
Using NGINX as an Effective and Highly Available Content Cache
Using NGINX as an Effective and Highly Available Content CacheUsing NGINX as an Effective and Highly Available Content Cache
Using NGINX as an Effective and Highly Available Content Cache
 
What’s New in NGINX Plus R16?
What’s New in NGINX Plus R16?What’s New in NGINX Plus R16?
What’s New in NGINX Plus R16?
 
(ATS4-PLAT01) Core Architecture Changes in AEP 9.0 and their Impact on Admini...
(ATS4-PLAT01) Core Architecture Changes in AEP 9.0 and their Impact on Admini...(ATS4-PLAT01) Core Architecture Changes in AEP 9.0 and their Impact on Admini...
(ATS4-PLAT01) Core Architecture Changes in AEP 9.0 and their Impact on Admini...
 
Nginx Deep Dive Kubernetes Ingress
Nginx Deep Dive Kubernetes IngressNginx Deep Dive Kubernetes Ingress
Nginx Deep Dive Kubernetes Ingress
 
Introduction to Infrastructure as Code & Automation / Introduction to Chef
Introduction to Infrastructure as Code & Automation / Introduction to ChefIntroduction to Infrastructure as Code & Automation / Introduction to Chef
Introduction to Infrastructure as Code & Automation / Introduction to Chef
 
NGINX Installation and Tuning
NGINX Installation and TuningNGINX Installation and Tuning
NGINX Installation and Tuning
 
Introduction to Infrastructure as Code & Automation / Introduction to Chef
Introduction to Infrastructure as Code & Automation / Introduction to ChefIntroduction to Infrastructure as Code & Automation / Introduction to Chef
Introduction to Infrastructure as Code & Automation / Introduction to Chef
 
What’s New in NGINX Plus R15? - EMEA
What’s New in NGINX Plus R15? - EMEAWhat’s New in NGINX Plus R15? - EMEA
What’s New in NGINX Plus R15? - EMEA
 
Apache1.ppt
Apache1.pptApache1.ppt
Apache1.ppt
 
What’s New in NGINX Plus R15?
What’s New in NGINX Plus R15?What’s New in NGINX Plus R15?
What’s New in NGINX Plus R15?
 
Best And Worst Practices Deploying IBM Connections
Best And Worst Practices Deploying IBM ConnectionsBest And Worst Practices Deploying IBM Connections
Best And Worst Practices Deploying IBM Connections
 
cache concepts and varnish-cache
cache concepts and varnish-cachecache concepts and varnish-cache
cache concepts and varnish-cache
 
What's new in NGINX Plus R19
What's new in NGINX Plus R19What's new in NGINX Plus R19
What's new in NGINX Plus R19
 

Recently uploaded

Abu Dhabi Escorts Service 0508644382 Escorts in Abu Dhabi
Abu Dhabi Escorts Service 0508644382 Escorts in Abu DhabiAbu Dhabi Escorts Service 0508644382 Escorts in Abu Dhabi
Abu Dhabi Escorts Service 0508644382 Escorts in Abu Dhabi
Monica Sydney
 
一比一原版奥兹学院毕业证如何办理
一比一原版奥兹学院毕业证如何办理一比一原版奥兹学院毕业证如何办理
一比一原版奥兹学院毕业证如何办理
F
 
Mira Road Housewife Call Girls 07506202331, Nalasopara Call Girls
Mira Road Housewife Call Girls 07506202331, Nalasopara Call GirlsMira Road Housewife Call Girls 07506202331, Nalasopara Call Girls
Mira Road Housewife Call Girls 07506202331, Nalasopara Call Girls
Priya Reddy
 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
EleniIlkou
 
Indian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Indian Escort in Abu DHabi 0508644382 Abu Dhabi EscortsIndian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Indian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Monica Sydney
 
Call girls Service in Ajman 0505086370 Ajman call girls
Call girls Service in Ajman 0505086370 Ajman call girlsCall girls Service in Ajman 0505086370 Ajman call girls
Call girls Service in Ajman 0505086370 Ajman call girls
Monica Sydney
 
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girlsRussian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Monica Sydney
 
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
ayvbos
 
一比一原版田纳西大学毕业证如何办理
一比一原版田纳西大学毕业证如何办理一比一原版田纳西大学毕业证如何办理
一比一原版田纳西大学毕业证如何办理
F
 
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
kumargunjan9515
 
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
ydyuyu
 

Recently uploaded (20)

Abu Dhabi Escorts Service 0508644382 Escorts in Abu Dhabi
Abu Dhabi Escorts Service 0508644382 Escorts in Abu DhabiAbu Dhabi Escorts Service 0508644382 Escorts in Abu Dhabi
Abu Dhabi Escorts Service 0508644382 Escorts in Abu Dhabi
 
一比一原版奥兹学院毕业证如何办理
一比一原版奥兹学院毕业证如何办理一比一原版奥兹学院毕业证如何办理
一比一原版奥兹学院毕业证如何办理
 
Ballia Escorts Service Girl ^ 9332606886, WhatsApp Anytime Ballia
Ballia Escorts Service Girl ^ 9332606886, WhatsApp Anytime BalliaBallia Escorts Service Girl ^ 9332606886, WhatsApp Anytime Ballia
Ballia Escorts Service Girl ^ 9332606886, WhatsApp Anytime Ballia
 
Mira Road Housewife Call Girls 07506202331, Nalasopara Call Girls
Mira Road Housewife Call Girls 07506202331, Nalasopara Call GirlsMira Road Housewife Call Girls 07506202331, Nalasopara Call Girls
Mira Road Housewife Call Girls 07506202331, Nalasopara Call Girls
 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
 
Indian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Indian Escort in Abu DHabi 0508644382 Abu Dhabi EscortsIndian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Indian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
 
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
 
Call girls Service in Ajman 0505086370 Ajman call girls
Call girls Service in Ajman 0505086370 Ajman call girlsCall girls Service in Ajman 0505086370 Ajman call girls
Call girls Service in Ajman 0505086370 Ajman call girls
 
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girlsRussian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
 
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
 
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...
 
20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdf20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdf
 
Meaning of On page SEO & its process in detail.
Meaning of On page SEO & its process in detail.Meaning of On page SEO & its process in detail.
Meaning of On page SEO & its process in detail.
 
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrStory Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
 
一比一原版田纳西大学毕业证如何办理
一比一原版田纳西大学毕业证如何办理一比一原版田纳西大学毕业证如何办理
一比一原版田纳西大学毕业证如何办理
 
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
 
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency""Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
 
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
 
Real Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtReal Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirt
 
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
 

NGINX 101 - now with more Docker

  • 1.
  • 3.
  • 4. Core NGINX functionality includes HTTP request, proxy and caching services which can be combined into a complete application delivery platform. Or, as we like to think of it….
  • 5.
  • 6. The origins NGINX development began at Rambler.ru by Igor Sysoev to solve c10k problem • High concurrency • Low memory use • 2002 commodity hardware
  • 7. High Concurrency Source: Webfaction Blog: http://blog.webfaction.com/2008/12/a-little-holiday-present-10000-reqssec-with-nginx-2/
  • 8. Low Memory Use Source: Webfaction Blog: http://blog.webfaction.com/2008/12/a-little-holiday-present-10000-reqssec-with-nginx-2/
  • 9. Learn more at nginx.com Apache is like Microsoft Word, it has a million options but you only need six. Nginx does those six things, and it does five of them 50 times faster than Apache. - Chris Lea
  • 10. 1. What functionality do you require? • Standard modules • NGINX Plus functionality • Optional NGINX and third-party modules 3. How do you want to install? • “Official” NGINX packages (nginx.org) • Build from Source • From Operating System repository • From AWS or Azure Marketplaces • From Docker Hub Registry 2. What branch do you want to track? • Mainline (1.7) • Stable (1.6) • Something older? http://nginx.com/blog/nginx-1-6-1-7-released/ Questions before you begin
  • 11. $ wget http://nginx.org/keys/nginx_signing.key $ sudo apt-key add nginx_signing.key # cat > /etc/apt/sources.list.d/nginx.list deb http://nginx.org/packages/mainline/ubuntu/ trusty nginx deb-src http://nginx.org/packages/mainline/ubuntu/ trusty nginx # apt-get update # apt-cache policy nginx nginx: Installed: (none) Candidate: 1.7.0-1~trusty Version table: 1.7.0-1~trusty 0 500 http://nginx.org/packages/mainline/ubuntu/ trusty/nginx amd64 Packages 1.4.6-1ubuntu3 0 500 http://us.archive.ubuntu.com/ubuntu/ trusty/main amd64 Packages Traditional Installation http://nginx.org/en/linux_packages.html#mainline
  • 12. Verify it’s working # /etc/init.d/nginx status * nginx is running # /usr/sbin/nginx –v nginx version: nginx/1.7.0
  • 13. The basics of the install
  • 14. Where are the things • NGINX executable is at /usr/sbin/nginx • Configuration files at /etc/nginx • Log files at /var/log/nginx
  • 15. NGINX processes • One master process and many worker processes • The master process evaluates the configuration file and manages the worker processes • Worker processes handle actual requests [root@localhost ~]# ps -ef |grep nginx root 1991 1 0 08:06 ? 00:00:00 nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx.conf nginx 2974 1991 0 08:22 ? 00:00:00 nginx: worker process nginx 2975 1991 0 08:22 ? 00:00:00 nginx: worker process
  • 16. Basic NGINX commands • To start NGINX, simply run the executable file at /usr/sbin/nginx • The executable can be run with a “-s” parameter followed by a signal. Reload configuration nginx –s reload Graceful shutdown. NGINX will wait for workers to finish processing requests nginx –s quit Fast shutdown nginx –s stop
  • 17. The NGINX configuration file • The configuration file determines how NGINX and its modules behave • The main file is named nginx.conf and is located in /etc/nginx • The main configuration file may include references to additional configuration files • Configuration consists of – Directives – Blocks – Contexts
  • 19. Directives • Consists of the directive name, followed by parameters and ends in a semicolon • Two types of directives – Simple directive – Block directive A Directive is a configuration statement that controls the behaviour of NGINX modules
  • 20. Block Directives A Block Directive is a directive that contains multiple configuration instructions • The configurations instructions inside a block directive are surrounded by braces (i.e { } )
  • 21. Context example • Example of a Server context, which has two location blocks • The server context here can also be referred to as a server block
  • 22. Specify the Server Block • Goes inside the HTTP context • Can contain a listen directive, server_name directive and root directive • Can specify many server blocks • Equivalent to VirtualHost in Apache The Server block defines the configuration for a virtual server
  • 23. Specify the Server Block • NGINX will choose which server to process a request based on the server name and the listen port The Server block defines the configuration for a virtual server Define a virtual server that listens for requests on port 80 http { server { listen 80; } }
  • 24. Location Block • Placed inside a server block • Server block can contain many location blocks • Can contain a Root directive, which will override the Root directive of the server • Can be nested inside a location block • Two types of location blocks Prefix location + Regex location • The location block defines the configuration that will apply based on a matching request URI
  • 25. Example Server and Location • Root directive sets the root directory for a request. • A request to localhost:8080 will return the • index.html file in /home/nginx/public_html server { listen 8080; root /home/nginx/public_html; location /application1 { } location /images/ { root /data; } }
  • 26. The Include directive • The include directive allows you to include additional configuration files • Syntax: include <path to file>; • Best Practices: – For each server, create a separate configuration file in /etc/nginx/conf.d – nginx.conf includes all files in the conf.d folder ending in .conf by default
  • 27. Defining server names • Use the server_name directive in the server context to define the names for your server server { server_name mycompany.com *.mycompany.com; }
  • 28. Simple Proxy Scenario • Server one listening for requests on port 80 and serves content from /home/nginx/public_html • Server two listens on port 8080 and serves content from /data/proxy • Requests for localhost are proxied over to the server on port 8080
  • 30. Logging • The error_log directive can be used to configure the logging settings • Syntax: error_log <file> <log level>; • Can be used in the main, server, http and location contexts • The Log level specifies how detailed the log output will be Example error_log logs/error.log info;
  • 31. Logging best practices • Should keep a separate error log file for each server • Helps to reduce size of each log file and makes troubleshooting easier server { server_name server1.com; root /data/server1.com; error_log logs/server1.error.log info; } server { server_name server2.com root /data/server2.com; error_log logs/server2.error.log info; }
  • 32. Proxying to the upstream block
  • 33. Specifying server priorities • By default, all servers defined in the upstream block are treated with equal priority • Use the weight parameter to indicate a higher or lower weighting for a particular server upstream myServers { server backend.server1 weight=5 server backend.server2 weight=3 server backend.server3 weight=2 }
  • 34. Reverse proxy and caching • It’s common to use NGINX in front of another web or application server • NGINX can handle serving all the static content, while requests for dynamic content such as php are proxied to the application server • Static content can then be cached to improve performance
  • 35. Defining the cache path http { proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=server-cache:8m max_size=1000m inactive=600m; proxy_temp_path /tmp/nginx; • proxy_cache_path directive to set where to store cached content • proxy_temp_path directive tells NGINX where to store temporary data which is used to build the cache • Both directives must be placed in HTTP context
  • 36. Defining the cache path • proxy_cache_path parameters – keys_zone parameter specifies the name and size of the cache – max_size parameter specifies the maximum size of the cache – Inactive parameter specifies how long cached data is kept for if not accessed
  • 37. Configuring the proxy cache • proxy_cache_key directive specifies to use the hostname/subdomain/domain and request URI as the key • proxy_cache directive defines the shared memory zone used for caching. – Name specified must match the name of the cache defined in the proxy_cache_path directive Location / { proxy_pass http://application.com:8080; proxy_cache_key “$scheme$host$request_uri”; proxy_cache server-cache; proxy_chache_valid 1m; proxy_cache_valid 404 1m; ]
  • 38. Passing headers • Use proxy_set_header directive to redefine the request header fields that are passed to the proxied server • Use this to pass on the hostname and IP address of the request machine • Without setting the headers, the server you proxy to will simply see your reverse proxy server’s host and IP proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  • 39. Configuring a HTTPS server • Enable SSL by specifying the SSL parameter on the listen directive • Specify the path of your SSL server certificate and private key server { listen 443 ssl; server_name training.secure.com; error_log logs/secure.error.log; ssl_certificate /etc/nginx/certs/nginxtraining.crt ssl_certificate_key /etc/nginx/certs/nginxtraining.key ]
  • 40. SSL session cache • SSL sessions can be stored in a cache and reused in order to avoid having to perform a “handshake” as part of subsequent connections • Reduces the amount of CPU intensive operations on the server • The session cache can be shared between workers • Cache will timeout after 5 minutes by default, but this can be configured with the ssl_session_timeout directive
  • 41. Session cache example • Syntax ssl_session_cache shared:<name>:size; • Size is specified in bytes or megabytes • 1 MB can store around 4000 sessions • Can specified in the http or server context Example http { ssl_session_cache shared:ssl:10m; ssl_session_timeout 10m; server { listen 443 ssl; ...
  • 44. Dockerfile FROM debian:wheezy MAINTAINER NGINX Docker Maintainers "docker-maint@nginx.com" RUN apt-key adv --keyserver pgp.mit.edu --recv-keys 573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62 RUN echo "deb http://nginx.org/packages/mainline/debian/ wheezy nginx" >> /etc/apt/sources.list ENV NGINX_VERSION 1.7.10-1~wheezy RUN apt-get update && apt-get install -y ca-certificates nginx=${NGINX_VERSION} && rm -rf /var/lib/apt/lists/* # forward request and error logs to docker log collector RUN ln -sf /dev/stdout /var/log/nginx/access.log RUN ln -sf /dev/stderr /var/log/nginx/error.log VOLUME ["/var/cache/nginx"] EXPOSE 80 443 CMD ["nginx", "-g", "daemon off;"]
  • 45. $ docker run -P –d nginx ff635ea2653c9489de7037b5c106a26d36f5907e4e75a43f47a3a38029a56b14 # docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES ff635ea2653c nginx:latest "nginx -g 'daemon of 16 seconds ago Up 11 seconds 0.0.0.0:49153->443/tcp, 0.0.0.0:49154->80/tcp nginx-test Run our Docker container https://registry.hub.docker.com/_/nginx/
  • 46. $ docker@52.10.213.150 ~: docker run -it nginx /bin/bash root@74d2a7e93244:/# more /etc/nginx/nginx.conf user nginx; worker_processes 1; error_log /var/log/nginx/error.log warn; pid /var/run/nginx.pid; events { worker_connections 1024; } http { include /etc/nginx/mime.types; default_type application/octet-stream; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"’; … Exploring our Docker container
  • 47. Extending base images in your Dockerfile From @jpettazo’s Docker talk 20150220 #SCaLE13x
  • 48. Your NGINX Dockerfile FROM nginx RUN rm /etc/nginx/conf.d/default.conf RUN rm /etc/nginx/conf.d/example_ssl.conf COPY static-html-directory /usr/share/nginx/html COPY nginx.conf /etc/nginx/nginx.conf http://nginx.com/blog/deploying-nginx-nginx-plus-docker/ • Fancier options i.e. more repeatable and scalable – Defining VOLUMEs – Using helper containers – Linking containers