NI
Uploaded byNGINX, Inc.
PPTX, PDF424 views

NGINX: Back to Basics – APCJ

The document is a comprehensive guide on installing and configuring NGINX as a web server, reverse proxy, and load balancer, aimed at technical solutions architects. It outlines key features, installation procedures for various operating systems, and detailed configuration steps, including setting up multiple services and advanced features like health checks and rate limiting. Additionally, it provides links to resources for further learning and support on NGINX.

Embed presentation

Downloaded 60 times
NGINX: Back to the Basics INSTALL & CONFIGURE – WEB SERVER, REVERSE PROXY AND LOAD BALANCER Jay Desai Solutions Architect, Melbourne, Australia
| ©2019 F52 Today’s Host Jay Desai • Technical Solutions Architect, Melbourne - Australia
| ©2019 F53 Agenda 1. Introducing NGINX 2. Install NGINX 3. Configure Web Server 4. Configure Reverse Proxy 5. Configure Load Balancer 6. Link to Resources
| ©2019 F54 NGINX – Evolution Map 2004 •NGINX 0.1 2007 •“Viable” 2011 •NGINX, Inc. •NGINX 1.0 2013 •NGINX Plus R1 First Commercial Offering 2018 •NGINX Unit 1.0 •Controller 1.0 2019 •Controller 2.0 (API mgmt.) •NGINX Plus R18 •Acquired by F5 Networks 2020 •Controller 3.4 •NGINX Plus R22 •APP Protect
| ©2019 F55 #1 450 million Source: Netcraft May 2020 Web Server Survey “Most websites use NGINX”
| ©2019 F56 NGINX - Embracing a Multitude of Use Cases Web Server Reverse Proxy Load Balancer Cache Web Application Firewall Internal DDOS Protection API Gateway K8s IC Sidecar Proxy
| ©2019 F57 Let’s workshop!
| ©2019 F58 Enterprise Architecture Client / Browser Internet / WAN NGINX: Reverse Proxy, Load Balancer & Web Server Backend Services / Applications
| ©2019 F59 What we’re going to build Client / Browser + InternetNGINX: Reverse Proxy, Load Balancer & Web Server Other Services / Applications Some Services / Applications +
| ©2019 F510 • Laptop • Internet connection • Linux host / VM / Docker • NGINX already installed? −$ nginx -v Confidential – Do Not Distribute What will you need
| ©2019 F511 CONFIDENTIAL Installing NGINX (simple) CentOS / RHEL • yum install nginx Ubuntu / Debian • apt-get install nginx Docker • docker pull nginx MacOS / MacBook • Use a VM or Docker $ docker run --name mynginx -d -p 8080:80 nginx
| ©2019 F512 CONFIDENTIAL What I will actually do $sudo wgethttps://nginx.org/keys/nginx_signing.key $sudo apt-keyadd nginx_signing.key $sudo vi /etc/apt/sources.list deb https://nginx.org/packages/mainline/ubuntu/ bionic nginx deb-src https://nginx.org/packages/mainline/ubuntu/ bionic nginx $sudo apt-get update $sudo apt-get install nginx $sudo service nginxstart $nginx–v nginx version: nginx/1.19.0 $ curl -I 127.0.0.1 HTTP/1.1 200 OK Server: nginx/1.19.0 https://docs.nginx.com/nginx/admin-guide/installing-nginx/installing-nginx-open-source/#prebuilt_ubuntu
| ©2019 F513 CONFIDENTIAL Some Useful NGINX Commands $sudo service nginx{start|stop|status|restart|reload|force-reload|upgrade|configtest|check-reload} $sudo nginx–v #versionof NGINX $sudo nginx–V #version &EnabledModules $sudo nginx–t #nginxconfiguration test $sudo nginx–T #Full configuration dump
| ©2019 F514 Status: Now we have successfully Installed NGINX Next: Configure Web Server
| ©2019 F515 $curl http://localhost <!DOCTYPE html> <html> <head> <title>Welcometonginx!</title> <style> body { width:35em; margin:0auto; font-family:Tahoma, Verdana,Arial, sans-serif; } </style> </head> <body> <h1>Welcometo nginx!</h1> <p>If you see thispage, the nginxweb server is successfullyinstalledand working.Furtherconfigurationisrequired.</p> <p>For onlinedocumentationand support please refer to <a href="http://nginx.org/">nginx.org</a>.<br/> Commercial support isavailableat <a href="http://nginx.com/">nginx.com</a>.</p> <p><em>Thankyou for usingnginx.</em></p> </body> </html>
| ©2019 F516 Checking /etc/nginx/nginx.conf Exists Has http{} block • Contains include/etc/nginx/conf.d/*.conf; Sample here  /etc/nginx/nginx.conf 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 user nginx; worker_processes auto; error_log /var/log/nginx/error.lognotice; pid /var/run/nginx.pid; events{ worker_connections 1024; } http{ include /etc/nginx/mime.types; default_type application/octet-stream; log_format main '$remote_addr- $remote_user[$time_local]"$request"' '$status$body_bytes_sent"$http_referer"' '"$http_user_agent""$http_x_forwarded_for"'; access_log /var/log/nginx/access.log main; sendfile on; keepalive_timeout 65; include/etc/nginx/conf.d/*.conf; _ }
| ©2019 F517 Serving Content – Web Server • Inspect default.conf • Clean up default.conf • Remove #commented out content /etc/nginx/conf.d/default.conf 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 server{ listen80; server_namelocalhost; location/{ root/usr/share/nginx/html; index index.htmlindex.htm; } error_page500502503504/50x.html; location= /50x.html{ root/usr/share/nginx/html; } } $sudo nginx–t nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful $sudo nginx–s reload
| ©2019 F518 CONFIDENTIAL Create index.html file – APP 1 $ cd /opt $ sudo mkdir services $ cd services $ sudo mkdir App1 $ sudo mkdir App2 $ cd App1 $ sudo touch index.html $ sudo vim index.html Copy This  SAVE /opt/services/App1/index.html 1 2 3 4 5 6 7 8 9 10 11 12 13 14 1516 17 18 <!doctypehtml> <htmllang="en-US"> <head> <linkrel="icon"type="image/png" href="https://www.nginx.com/wp-content/uploads/2019/10/favicon-48x48.ico" sizes="48x48"> <h1>ThisismyAPP1</h1> <style> body{ background-color:#FF0000;} </style> <title>RED-APP 1</title> </head> </html>
| ©2019 F519 CONFIDENTIAL Create index.html file – APP 2 $ cd /opt/services/App2 $ sudo touch index.html $ sudo vim index.html Copy This  SAVE /opt/services/App1/index.html 1 2 3 4 5 6 7 8 9 10 11 12 13 14 1516 17 18 <!doctypehtml> <htmllang="en-US"> <head> <linkrel="icon"type="image/png" href="https://www.nginx.com/wp-content/uploads/2019/10/favicon-48x48.ico" sizes="48x48"> <h1>ThisismyAPP2</h1> <style> body{ background-color:#00FF00;} </style> <title>RED-APP 2</title> </head> </html>
| ©2019 F520 CONFIDENTIAL Editing – default.conf • Inspect default.conf $cd/etc/nginx/conf.d $sudomvdefault.conf b2b.conf $sudovim/etc/nginx/conf.d/b2b.conf Copy This  /etc/nginx/conf.d/b2b.conf 1 2 3 4 5 6 7 8 9 10 11 12 13 14 1516 17 18 19 20 21 22 23 24 25 26 server{ listen 8001default_server; server_name localhost; location/{ root /opt/services/App1; index index.htmlindex.htm; } } server{ listen 8002default_server; server_name localhost; location/{ root /opt/services/App2; index index.htmlindex.htm; } } $sudo nginx–t nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful $sudo nginx–s reload
| ©2019 F521 $ curl http://localhost:8001 <!doctype html> <html lang="en-US"> . <h1>This is my APP1</h1> . $ curl http://localhost:8002 <!doctype html> <html lang="en-US"> . <h1>This is my APP2</h1> .
| ©2019 F522 Status: We are serving two applications/services Next: Configure Reverse Proxy & Load Balancer
| ©2019 F523 Configuring upstream /etc/nginx/conf.d/b2b.conf upstreambackend_servers{ zonebackend_server_zone64k; serverlocalhost:8001; serverlocalhost:8002; } server{ listen8080 default_server; server_namelocalhost; location/{ proxy_passhttp://backend_servers/; } } server{ listen 8001 default_server; server_name localhost; index index.htmlindex.htm; location/{ root /opt/services/App1; index index.htmlindex.htm; } } server{ listen 8002 default_server; server_name localhost; index index.htmlindex.htm; location/{ root /opt/services/App2; index index.htmlindex.htm; } } $sudovim/etc/nginx/conf.d/b2b.conf $sudo nginx–t nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful $sudo nginx–s reload
| ©2019 F524 $ curl http://localhost:8080 <!doctype html> <html lang="en-US"> . <h1>This is my APP1</h1> . $ curl http://localhost:8080 <!doctype html> <html lang="en-US"> . <h1>This is my APP2</h1> .
| ©2019 F525 Configuring upstream: Adding Servers /etc/nginx/conf.d/b2b.conf upstreambackend_servers{ zonebackend_server_zone64k; least_conn; serverlocalhost:8001; serverlocalhost:8002; www.jdaus.net:9083; } server{ listen8080 default_server; server_namelocalhost; location/{ proxy_passhttp://backend_servers/; } } server{ listen 8001 default_server; server_name localhost; index index.htmlindex.htm; location/{ root /opt/services/App1; index index.htmlindex.htm; } } server{ listen 8002 default_server; server_name localhost; index index.htmlindex.htm; location/{ root /opt/services/App2; index index.htmlindex.htm; } } $sudovim/etc/nginx/conf.d/b2b.conf $sudo nginx–t nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful $sudo nginx–s reload
| ©2019 F526 $ curl http://localhost:8080 <!doctype html> <html lang="en-US"> . <h1>This is my APP1</h1> . $ curl http://localhost:8080 <!doctype html> <html lang="en-US"> . <h1>This is my APP2</h1> .
| ©2019 F527 Status: Now we have configured Web Server, Reverse Proxy & Load Balancer Next: Unique Features
| ©2019 F528 Shifting to NGINX PLUS
| ©2019 F529 Live Activity Monitoring • Configuring the Dashboard /etc/nginx/conf.d/b2b.conf . . . . . . . . . . . . server{ listen 8005default_server; server_name localhost; location/api/{ apiwrite=on; allowall; #denyall; } location/{ root/usr/share/nginx/html; index dashboard.html; } } #End offileb2b.conf NGINX Plus - ONLY $sudo nginx–t nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful $sudo nginx–s reload
| ©2019 F530 Active Health Check • Actively monitors all upstream server locations • Default – 5 seconds health_check interval=10fails=3 passes=2; /etc/nginx/conf.d/b2b.conf . . . server{ listen8080default_server; server_namelocalhost; location/{ proxy_passhttp://backend_servers/; health_check; } } . . . NGINX Plus - ONLY $sudo nginx–t nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful $sudo nginx–s reload
| ©2019 F531 Zero Downtime Config Reloads • Adding a new upstream • Zero Downtime for active streams /etc/nginx/conf.d/b2b.conf 1 2 3 4 5 6 7 8 9 upstreambackend_servers{ zonebackend_server_zone64k; least_conn; serverlocalhost:8001; serverlocalhost:8002; www.jdaus.net:9083; #INSERTTHE FOLLOWINGUPSTREAM www.jdaus.net:9084; } NGINX Plus - ONLY $sudo nginx–t nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful $sudo nginx–s reload
| ©2019 F532 Rate Limiting Rate limit is configured and monitored at a global level Limit is applied where we want it • Per API gateway • Per API definition • Per URI/route /etc/nginx/conf.d/b2b.conf limit_req_zone$remote_addrzone=perip:1mrate=2r/s; upstreambackend_servers{ zonebackend_server_zone64k; . . . server{ listen8000default_server; server_namelocalhost; location/{ proxy_passhttp://backend_servers/; health_check; limit_reqzone=peripnodelay; limit_req_status429; } } . . .
| ©2019 F533 $ nginx -s reload $ curlhttp://localhost:8000 <!doctype html> <html lang="en-US"> <head>… $ !!;!!;!!;!!;!! {"status":429,"message":”Rate limit exceeded"}
| ©2019 F534 How did we do? 1. Installing NGINX 2. Configuring Webserver 3. Configure Reverse Proxy & Load Balancer 4. Active Health Check 5. Zero Downtime Configuration Reloads
| ©2019 F535 Resources Official NGINX open source downloads • http://nginx.org/en/linux_packages.html NGINX Plus Trial License • https://www.nginx.com/free-trial-request/ Getting Started with NGINX Guides • https://www.nginx.com/resources/wiki/start/ • http://nginx.org/en/docs/beginners_guide.html
NGINX: Back to Basics – APCJ

More Related Content

PDF
How to Get Started With NGINX
byNGINX, Inc.
 
PPTX
Session: A Reference Architecture for Running Modern APIs with NGINX Unit and...
byNGINX, Inc.
 
PPTX
NGINX Basics and Best Practices Workshop
byNGINX, Inc.
 
PDF
Securing Your Apps & APIs in the Cloud
byOlivia LaMar
 
PPTX
API Workloads on Kubernetes | Show Code Part 4
byNGINX, Inc.
 
PDF
Kubernetes Networking
byNGINX, Inc.
 
PDF
Nim tames sprawl
byNGINX, Inc.
 
PDF
Découvrez NGINX AppProtect
byNGINX, Inc.
 
How to Get Started With NGINX
byNGINX, Inc.
 
Session: A Reference Architecture for Running Modern APIs with NGINX Unit and...
byNGINX, Inc.
 
NGINX Basics and Best Practices Workshop
byNGINX, Inc.
 
Securing Your Apps & APIs in the Cloud
byOlivia LaMar
 
API Workloads on Kubernetes | Show Code Part 4
byNGINX, Inc.
 
Kubernetes Networking
byNGINX, Inc.
 
Nim tames sprawl
byNGINX, Inc.
 
Découvrez NGINX AppProtect
byNGINX, Inc.
 

What's hot

PPTX
Migrating from BIG-IP Deployment to NGINX ADC
byNGINX, Inc.
 
PPTX
Control Kubernetes Ingress and Egress Together with NGINX
byNGINX, Inc.
 
PDF
Relevez les défis Kubernetes avec NGINX
byNGINX, Inc.
 
PDF
Deep Dive: Automating the Application and Security Pipeline with NGINX and An...
byNGINX, Inc.
 
PPTX
Production-Grade Kubernetes With NGINX Ingress Controller
byNGINX, Inc.
 
PDF
What's New with NGINX Application Security Solutions
byNGINX, Inc.
 
PDF
NGINX 101: Web Traffic Encryption with SSL/TLS and NGINX
byNGINX, Inc.
 
PDF
Data Plane Matters! A Deep Dive and Demo on NGINX Service Mesh
byNGINX, Inc.
 
PDF
Control Kubernetes Ingress and Egress Together with NGINX
byNGINX, Inc.
 
PDF
Fundamentals of microservices
byNGINX, Inc.
 
PDF
Application Security with NGINX
byNGINX, Inc.
 
PDF
API Gateway Use Cases​ for Kubernetes​
byNGINX, Inc.
 
PDF
Get the Most Out of Kubernetes with NGINX
byNGINX, Inc.
 
PPTX
Flexible, Powerful, and Easy-to-Use Ingress Load Balancing with NGINX and Ope...
byNGINX, Inc.
 
PPTX
NGINX Basics: Ask Me Anything – EMEA
byNGINX, Inc.
 
PPTX
Accélérez vos déploiements applicatifs avec NGINX Controller
byNGINX, Inc.
 
PDF
Secured APIM-as-a-Service
byNGINX, Inc.
 
PPTX
NGINX Lunch and Learn Event: Kubernetes and the NGINX Plus Ingress controller
byKatherine Bagood
 
PDF
NGINX DevSecOps Workshop
byNGINX, Inc.
 
PPTX
NGINX Controller: Configuration, Management, and Troubleshooting at Scale
byNGINX, Inc.
 
Migrating from BIG-IP Deployment to NGINX ADC
byNGINX, Inc.
 
Control Kubernetes Ingress and Egress Together with NGINX
byNGINX, Inc.
 
Relevez les défis Kubernetes avec NGINX
byNGINX, Inc.
 
Deep Dive: Automating the Application and Security Pipeline with NGINX and An...
byNGINX, Inc.
 
Production-Grade Kubernetes With NGINX Ingress Controller
byNGINX, Inc.
 
What's New with NGINX Application Security Solutions
byNGINX, Inc.
 
NGINX 101: Web Traffic Encryption with SSL/TLS and NGINX
byNGINX, Inc.
 
Data Plane Matters! A Deep Dive and Demo on NGINX Service Mesh
byNGINX, Inc.
 
Control Kubernetes Ingress and Egress Together with NGINX
byNGINX, Inc.
 
Fundamentals of microservices
byNGINX, Inc.
 
Application Security with NGINX
byNGINX, Inc.
 
API Gateway Use Cases​ for Kubernetes​
byNGINX, Inc.
 
Get the Most Out of Kubernetes with NGINX
byNGINX, Inc.
 
Flexible, Powerful, and Easy-to-Use Ingress Load Balancing with NGINX and Ope...
byNGINX, Inc.
 
NGINX Basics: Ask Me Anything – EMEA
byNGINX, Inc.
 
Accélérez vos déploiements applicatifs avec NGINX Controller
byNGINX, Inc.
 
Secured APIM-as-a-Service
byNGINX, Inc.
 
NGINX Lunch and Learn Event: Kubernetes and the NGINX Plus Ingress controller
byKatherine Bagood
 
NGINX DevSecOps Workshop
byNGINX, Inc.
 
NGINX Controller: Configuration, Management, and Troubleshooting at Scale
byNGINX, Inc.
 

Similar to NGINX: Back to Basics – APCJ

PPTX
NGINX: Basics & Best Practices - EMEA Broadcast
byNGINX, Inc.
 
PDF
NGINX ADC: Basics and Best Practices
byNGINX, Inc.
 
PDF
How to Install NGINX on CentOS 10 (Step-by-Step Guide).pdf
byGreen Webpage
 
PPTX
NGINX: High Performance Load Balancing
byNGINX, Inc.
 
PDF
NGINX: Basics and Best Practices EMEA
byNGINX, Inc.
 
PPTX
Nginx A High Performance Load Balancer, Web Server & Reverse Proxy
byAmit Aggarwal
 
PPTX
NGINX: Basics and Best Practices
byNGINX, Inc.
 
PDF
Complete-NGINX-Cookbook-2019.pdf
byTomaszWojciechowski22
 
PPTX
NGINX Installation and Tuning
byNGINX, Inc.
 
PPTX
NGINX: High Performance Load Balancing
byNGINX, Inc.
 
PPTX
Basics of NGINX
bySquash Apps Pvt Ltd
 
PPTX
Load Balancing Container with Nginx
byKumar Mayank
 
PDF
NGINX ADC: Basics and Best Practices – EMEA
byNGINX, Inc.
 
PDF
ITB2019 NGINX Overview and Technical Aspects - Kevin Jones
byOrtus Solutions, Corp
 
PPTX
NGINX 101 - now with more Docker
bySarah Novotny
 
PPTX
NGINX 101 - now with more Docker
bysarahnovotny
 
PPTX
Drupal 8 and NGINX
byNGINX, Inc.
 
PPTX
What's New in NGINX Plus R7?
byNGINX, Inc.
 
PDF
NGINX: The Past, Present and Future of the Modern Web
byKevin Jones
 
PDF
ITB2017 - Nginx ppf intothebox_2017
byOrtus Solutions, Corp
 
NGINX: Basics & Best Practices - EMEA Broadcast
byNGINX, Inc.
 
NGINX ADC: Basics and Best Practices
byNGINX, Inc.
 
How to Install NGINX on CentOS 10 (Step-by-Step Guide).pdf
byGreen Webpage
 
NGINX: High Performance Load Balancing
byNGINX, Inc.
 
NGINX: Basics and Best Practices EMEA
byNGINX, Inc.
 
Nginx A High Performance Load Balancer, Web Server & Reverse Proxy
byAmit Aggarwal
 
NGINX: Basics and Best Practices
byNGINX, Inc.
 
Complete-NGINX-Cookbook-2019.pdf
byTomaszWojciechowski22
 
NGINX Installation and Tuning
byNGINX, Inc.
 
NGINX: High Performance Load Balancing
byNGINX, Inc.
 
Basics of NGINX
bySquash Apps Pvt Ltd
 
Load Balancing Container with Nginx
byKumar Mayank
 
NGINX ADC: Basics and Best Practices – EMEA
byNGINX, Inc.
 
ITB2019 NGINX Overview and Technical Aspects - Kevin Jones
byOrtus Solutions, Corp
 
NGINX 101 - now with more Docker
bySarah Novotny
 
NGINX 101 - now with more Docker
bysarahnovotny
 
Drupal 8 and NGINX
byNGINX, Inc.
 
What's New in NGINX Plus R7?
byNGINX, Inc.
 
NGINX: The Past, Present and Future of the Modern Web
byKevin Jones
 
ITB2017 - Nginx ppf intothebox_2017
byOrtus Solutions, Corp
 

More from NGINX, Inc.

PDF
NGINX基本セミナー(セキュリティ編)~NGINXでセキュアなプラットフォームを実現する方法!
byNGINX, Inc.
 
PPTX
Installing and Configuring NGINX Open Source
byNGINX, Inc.
 
PDF
【NGINXセミナー】 NGINXのWAFとは?その使い方と設定方法 解説セミナー
byNGINX, Inc.
 
PPTX
Get Hands-On with NGINX and QUIC+HTTP/3
byNGINX, Inc.
 
PPTX
Install and Configure NGINX Unit, the Universal Application, Web, and Proxy S...
byNGINX, Inc.
 
PDF
【NGINXセミナー】API ゲートウェイとしてのNGINX Plus活用方法
byNGINX, Inc.
 
PDF
NGINXセミナー(基本編)~いまさら聞けないNGINXコンフィグなど基本がわかる!
byNGINX, Inc.
 
PPTX
Managing Kubernetes Cost and Performance with NGINX & Kubecost
byNGINX, Inc.
 
PPTX
Protecting Apps from Hacks in Kubernetes with NGINX
byNGINX, Inc.
 
PDF
Unit 1: Apply the Twelve-Factor App to Microservices Architectures
byNGINX, Inc.
 
PDF
Unit 2: Microservices Secrets Management 101
byNGINX, Inc.
 
PDF
Easily View, Manage, and Scale Your App Security with F5 NGINX
byNGINX, Inc.
 
PDF
【NGINXセミナー】 Ingressを使ってマイクロサービスの運用を楽にする方法
byNGINX, Inc.
 
PDF
Manage Microservices Chaos and Complexity with Observability
byNGINX, Inc.
 
PDF
Keep Ahead of Evolving Cyberattacks with OPSWAT and F5 NGINX
byNGINX, Inc.
 
PDF
Accelerate Microservices Deployments with Automation
byNGINX, Inc.
 
PPTX
How to Avoid the Top 5 NGINX Configuration Mistakes.pptx
byNGINX, Inc.
 
PPTX
Successfully Implement Your API Strategy with NGINX
byNGINX, Inc.
 
PPTX
Shift Left for More Secure Apps with F5 NGINX
byNGINX, Inc.
 
PPTX
NGINX Kubernetes API
byNGINX, Inc.
 
NGINX基本セミナー(セキュリティ編)~NGINXでセキュアなプラットフォームを実現する方法!
byNGINX, Inc.
 
Installing and Configuring NGINX Open Source
byNGINX, Inc.
 
【NGINXセミナー】 NGINXのWAFとは?その使い方と設定方法 解説セミナー
byNGINX, Inc.
 
Get Hands-On with NGINX and QUIC+HTTP/3
byNGINX, Inc.
 
Install and Configure NGINX Unit, the Universal Application, Web, and Proxy S...
byNGINX, Inc.
 
【NGINXセミナー】API ゲートウェイとしてのNGINX Plus活用方法
byNGINX, Inc.
 
NGINXセミナー(基本編)~いまさら聞けないNGINXコンフィグなど基本がわかる!
byNGINX, Inc.
 
Managing Kubernetes Cost and Performance with NGINX & Kubecost
byNGINX, Inc.
 
Protecting Apps from Hacks in Kubernetes with NGINX
byNGINX, Inc.
 
Unit 1: Apply the Twelve-Factor App to Microservices Architectures
byNGINX, Inc.
 
Unit 2: Microservices Secrets Management 101
byNGINX, Inc.
 
Easily View, Manage, and Scale Your App Security with F5 NGINX
byNGINX, Inc.
 
【NGINXセミナー】 Ingressを使ってマイクロサービスの運用を楽にする方法
byNGINX, Inc.
 
Manage Microservices Chaos and Complexity with Observability
byNGINX, Inc.
 
Keep Ahead of Evolving Cyberattacks with OPSWAT and F5 NGINX
byNGINX, Inc.
 
Accelerate Microservices Deployments with Automation
byNGINX, Inc.
 
How to Avoid the Top 5 NGINX Configuration Mistakes.pptx
byNGINX, Inc.
 
Successfully Implement Your API Strategy with NGINX
byNGINX, Inc.
 
Shift Left for More Secure Apps with F5 NGINX
byNGINX, Inc.
 
NGINX Kubernetes API
byNGINX, Inc.
 

Recently uploaded

PPTX
apidays Australia 2025 | Hey man, which one will deploy much faster, API or kid?
byapidays
 
PDF
Gojek Clone Business Strategy: From Launch to Scale
byV3CUBE TECHNOLABS
 
PDF
A Complete Guide to Progressive Web App and Their Development
byMaxtra Technologies
 
PDF
How Fireworks AI Achieves 1TB_s+ Throughput for Model Deployment Across Multi...
byAlluxio, Inc.
 
PDF
Projectlify: Everything You Need to Get Things Done
byRafal Ksiazek
 
PDF
Cloud Automotive Software: Cost, Speed & Scalability
byShiv Technolabs Pvt. Ltd.
 
PDF
Princeton 2026: Tools That Help You
 Write Better Code
byHenry Schreiner
 
PPTX
NetworkMediaWireless (1).pptxunsnsndjdjdjjdnd
byre7022
 
PDF
Princeton RSE: What's new in Python π (3.14)
byHenry Schreiner
 
PDF
What-Every-Tech-Leader-Needs-to-Know-About-AI-in-2025.pdf
byrishabhxbohra
 
PDF
Shaping Your 2026 Testing Strategy | Applitools Product Pulse - January 2026
byApplitools
 
PDF
Princeton RSE: Python Histograms as objects
byHenry Schreiner
 
PDF
Edge AI vs Cloud AI: Why Frontend Developers Must Master On-Device Machine Le...
byWorkfall hire developers
 
PDF
The Future of Microsoft Project Management Tools - Connecting Teams, Work, an...
byOnePlan Solutions
 
PDF
Salesforce Careers in 2026_ Trends, Certifications, and Must-Have Skills
byDele Amefo
 
PDF
Salesforce Data Migration Services.pdf
byRobert Mark
 
PDF
Postmates Clone App Delivery Service Business Solution.pdf
byV3CUBE TECHNOLABS
 
PPTX
wAIred_RabobankWRProducts__22012026.pptx
bySimonedeGijt
 
PDF
Cybernetic Global Intelligence Securing Businesses in a Digital-First World.pdf
byCybernetic Global Intelligence
 
apidays Australia 2025 | Hey man, which one will deploy much faster, API or kid?
byapidays
 
Gojek Clone Business Strategy: From Launch to Scale
byV3CUBE TECHNOLABS
 
A Complete Guide to Progressive Web App and Their Development
byMaxtra Technologies
 
How Fireworks AI Achieves 1TB_s+ Throughput for Model Deployment Across Multi...
byAlluxio, Inc.
 
Projectlify: Everything You Need to Get Things Done
byRafal Ksiazek
 
Cloud Automotive Software: Cost, Speed & Scalability
byShiv Technolabs Pvt. Ltd.
 
Princeton 2026: Tools That Help You
 Write Better Code
byHenry Schreiner
 
NetworkMediaWireless (1).pptxunsnsndjdjdjjdnd
byre7022
 
Princeton RSE: What's new in Python π (3.14)
byHenry Schreiner
 
What-Every-Tech-Leader-Needs-to-Know-About-AI-in-2025.pdf
byrishabhxbohra
 
Shaping Your 2026 Testing Strategy | Applitools Product Pulse - January 2026
byApplitools
 
Princeton RSE: Python Histograms as objects
byHenry Schreiner
 
Edge AI vs Cloud AI: Why Frontend Developers Must Master On-Device Machine Le...
byWorkfall hire developers
 
The Future of Microsoft Project Management Tools - Connecting Teams, Work, an...
byOnePlan Solutions
 
Salesforce Careers in 2026_ Trends, Certifications, and Must-Have Skills
byDele Amefo
 
Salesforce Data Migration Services.pdf
byRobert Mark
 
Postmates Clone App Delivery Service Business Solution.pdf
byV3CUBE TECHNOLABS
 
wAIred_RabobankWRProducts__22012026.pptx
bySimonedeGijt
 
Cybernetic Global Intelligence Securing Businesses in a Digital-First World.pdf
byCybernetic Global Intelligence
 

NGINX: Back to Basics – APCJ

  • 1.
    NGINX: Back to theBasics INSTALL & CONFIGURE – WEB SERVER, REVERSE PROXY AND LOAD BALANCER Jay Desai Solutions Architect, Melbourne, Australia
  • 2.
    | ©2019 F52 Today’sHost Jay Desai • Technical Solutions Architect, Melbourne - Australia
  • 3.
    | ©2019 F53 Agenda 1.Introducing NGINX 2. Install NGINX 3. Configure Web Server 4. Configure Reverse Proxy 5. Configure Load Balancer 6. Link to Resources
  • 4.
    | ©2019 F54 NGINX– Evolution Map 2004 •NGINX 0.1 2007 •“Viable” 2011 •NGINX, Inc. •NGINX 1.0 2013 •NGINX Plus R1 First Commercial Offering 2018 •NGINX Unit 1.0 •Controller 1.0 2019 •Controller 2.0 (API mgmt.) •NGINX Plus R18 •Acquired by F5 Networks 2020 •Controller 3.4 •NGINX Plus R22 •APP Protect
  • 5.
    | ©2019 F55 #1450 million Source: Netcraft May 2020 Web Server Survey “Most websites use NGINX”
  • 6.
    | ©2019 F56 NGINX- Embracing a Multitude of Use Cases Web Server Reverse Proxy Load Balancer Cache Web Application Firewall Internal DDOS Protection API Gateway K8s IC Sidecar Proxy
  • 7.
  • 8.
    | ©2019 F58 EnterpriseArchitecture Client / Browser Internet / WAN NGINX: Reverse Proxy, Load Balancer & Web Server Backend Services / Applications
  • 9.
    | ©2019 F59 Whatwe’re going to build Client / Browser + InternetNGINX: Reverse Proxy, Load Balancer & Web Server Other Services / Applications Some Services / Applications +
  • 10.
    | ©2019 F510 •Laptop • Internet connection • Linux host / VM / Docker • NGINX already installed? −$ nginx -v Confidential – Do Not Distribute What will you need
  • 11.
    | ©2019 F511CONFIDENTIAL Installing NGINX (simple) CentOS / RHEL • yum install nginx Ubuntu / Debian • apt-get install nginx Docker • docker pull nginx MacOS / MacBook • Use a VM or Docker $ docker run --name mynginx -d -p 8080:80 nginx
  • 12.
    | ©2019 F512CONFIDENTIAL What I will actually do $sudo wgethttps://nginx.org/keys/nginx_signing.key $sudo apt-keyadd nginx_signing.key $sudo vi /etc/apt/sources.list deb https://nginx.org/packages/mainline/ubuntu/ bionic nginx deb-src https://nginx.org/packages/mainline/ubuntu/ bionic nginx $sudo apt-get update $sudo apt-get install nginx $sudo service nginxstart $nginx–v nginx version: nginx/1.19.0 $ curl -I 127.0.0.1 HTTP/1.1 200 OK Server: nginx/1.19.0 https://docs.nginx.com/nginx/admin-guide/installing-nginx/installing-nginx-open-source/#prebuilt_ubuntu
  • 13.
    | ©2019 F513CONFIDENTIAL Some Useful NGINX Commands $sudo service nginx{start|stop|status|restart|reload|force-reload|upgrade|configtest|check-reload} $sudo nginx–v #versionof NGINX $sudo nginx–V #version &EnabledModules $sudo nginx–t #nginxconfiguration test $sudo nginx–T #Full configuration dump
  • 14.
    | ©2019 F514 Status: Nowwe have successfully Installed NGINX Next: Configure Web Server
  • 15.
    | ©2019 F515 $curlhttp://localhost <!DOCTYPE html> <html> <head> <title>Welcometonginx!</title> <style> body { width:35em; margin:0auto; font-family:Tahoma, Verdana,Arial, sans-serif; } </style> </head> <body> <h1>Welcometo nginx!</h1> <p>If you see thispage, the nginxweb server is successfullyinstalledand working.Furtherconfigurationisrequired.</p> <p>For onlinedocumentationand support please refer to <a href="http://nginx.org/">nginx.org</a>.<br/> Commercial support isavailableat <a href="http://nginx.com/">nginx.com</a>.</p> <p><em>Thankyou for usingnginx.</em></p> </body> </html>
  • 16.
    | ©2019 F516 Checking/etc/nginx/nginx.conf Exists Has http{} block • Contains include/etc/nginx/conf.d/*.conf; Sample here  /etc/nginx/nginx.conf 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 user nginx; worker_processes auto; error_log /var/log/nginx/error.lognotice; pid /var/run/nginx.pid; events{ worker_connections 1024; } http{ include /etc/nginx/mime.types; default_type application/octet-stream; log_format main '$remote_addr- $remote_user[$time_local]"$request"' '$status$body_bytes_sent"$http_referer"' '"$http_user_agent""$http_x_forwarded_for"'; access_log /var/log/nginx/access.log main; sendfile on; keepalive_timeout 65; include/etc/nginx/conf.d/*.conf; _ }
  • 17.
    | ©2019 F517 ServingContent – Web Server • Inspect default.conf • Clean up default.conf • Remove #commented out content /etc/nginx/conf.d/default.conf 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 server{ listen80; server_namelocalhost; location/{ root/usr/share/nginx/html; index index.htmlindex.htm; } error_page500502503504/50x.html; location= /50x.html{ root/usr/share/nginx/html; } } $sudo nginx–t nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful $sudo nginx–s reload
  • 18.
    | ©2019 F518CONFIDENTIAL Create index.html file – APP 1 $ cd /opt $ sudo mkdir services $ cd services $ sudo mkdir App1 $ sudo mkdir App2 $ cd App1 $ sudo touch index.html $ sudo vim index.html Copy This  SAVE /opt/services/App1/index.html 1 2 3 4 5 6 7 8 9 10 11 12 13 14 1516 17 18 <!doctypehtml> <htmllang="en-US"> <head> <linkrel="icon"type="image/png" href="https://www.nginx.com/wp-content/uploads/2019/10/favicon-48x48.ico" sizes="48x48"> <h1>ThisismyAPP1</h1> <style> body{ background-color:#FF0000;} </style> <title>RED-APP 1</title> </head> </html>
  • 19.
    | ©2019 F519CONFIDENTIAL Create index.html file – APP 2 $ cd /opt/services/App2 $ sudo touch index.html $ sudo vim index.html Copy This  SAVE /opt/services/App1/index.html 1 2 3 4 5 6 7 8 9 10 11 12 13 14 1516 17 18 <!doctypehtml> <htmllang="en-US"> <head> <linkrel="icon"type="image/png" href="https://www.nginx.com/wp-content/uploads/2019/10/favicon-48x48.ico" sizes="48x48"> <h1>ThisismyAPP2</h1> <style> body{ background-color:#00FF00;} </style> <title>RED-APP 2</title> </head> </html>
  • 20.
    | ©2019 F520CONFIDENTIAL Editing – default.conf • Inspect default.conf $cd/etc/nginx/conf.d $sudomvdefault.conf b2b.conf $sudovim/etc/nginx/conf.d/b2b.conf Copy This  /etc/nginx/conf.d/b2b.conf 1 2 3 4 5 6 7 8 9 10 11 12 13 14 1516 17 18 19 20 21 22 23 24 25 26 server{ listen 8001default_server; server_name localhost; location/{ root /opt/services/App1; index index.htmlindex.htm; } } server{ listen 8002default_server; server_name localhost; location/{ root /opt/services/App2; index index.htmlindex.htm; } } $sudo nginx–t nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful $sudo nginx–s reload
  • 21.
    | ©2019 F521 $curl http://localhost:8001 <!doctype html> <html lang="en-US"> . <h1>This is my APP1</h1> . $ curl http://localhost:8002 <!doctype html> <html lang="en-US"> . <h1>This is my APP2</h1> .
  • 22.
    | ©2019 F522 Status: Weare serving two applications/services Next: Configure Reverse Proxy & Load Balancer
  • 23.
    | ©2019 F523 Configuringupstream /etc/nginx/conf.d/b2b.conf upstreambackend_servers{ zonebackend_server_zone64k; serverlocalhost:8001; serverlocalhost:8002; } server{ listen8080 default_server; server_namelocalhost; location/{ proxy_passhttp://backend_servers/; } } server{ listen 8001 default_server; server_name localhost; index index.htmlindex.htm; location/{ root /opt/services/App1; index index.htmlindex.htm; } } server{ listen 8002 default_server; server_name localhost; index index.htmlindex.htm; location/{ root /opt/services/App2; index index.htmlindex.htm; } } $sudovim/etc/nginx/conf.d/b2b.conf $sudo nginx–t nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful $sudo nginx–s reload
  • 24.
    | ©2019 F524 $curl http://localhost:8080 <!doctype html> <html lang="en-US"> . <h1>This is my APP1</h1> . $ curl http://localhost:8080 <!doctype html> <html lang="en-US"> . <h1>This is my APP2</h1> .
  • 25.
    | ©2019 F525 Configuringupstream: Adding Servers /etc/nginx/conf.d/b2b.conf upstreambackend_servers{ zonebackend_server_zone64k; least_conn; serverlocalhost:8001; serverlocalhost:8002; www.jdaus.net:9083; } server{ listen8080 default_server; server_namelocalhost; location/{ proxy_passhttp://backend_servers/; } } server{ listen 8001 default_server; server_name localhost; index index.htmlindex.htm; location/{ root /opt/services/App1; index index.htmlindex.htm; } } server{ listen 8002 default_server; server_name localhost; index index.htmlindex.htm; location/{ root /opt/services/App2; index index.htmlindex.htm; } } $sudovim/etc/nginx/conf.d/b2b.conf $sudo nginx–t nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful $sudo nginx–s reload
  • 26.
    | ©2019 F526 $curl http://localhost:8080 <!doctype html> <html lang="en-US"> . <h1>This is my APP1</h1> . $ curl http://localhost:8080 <!doctype html> <html lang="en-US"> . <h1>This is my APP2</h1> .
  • 27.
    | ©2019 F527 Status: Nowwe have configured Web Server, Reverse Proxy & Load Balancer Next: Unique Features
  • 28.
  • 29.
    | ©2019 F529 LiveActivity Monitoring • Configuring the Dashboard /etc/nginx/conf.d/b2b.conf . . . . . . . . . . . . server{ listen 8005default_server; server_name localhost; location/api/{ apiwrite=on; allowall; #denyall; } location/{ root/usr/share/nginx/html; index dashboard.html; } } #End offileb2b.conf NGINX Plus - ONLY $sudo nginx–t nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful $sudo nginx–s reload
  • 30.
    | ©2019 F530 ActiveHealth Check • Actively monitors all upstream server locations • Default – 5 seconds health_check interval=10fails=3 passes=2; /etc/nginx/conf.d/b2b.conf . . . server{ listen8080default_server; server_namelocalhost; location/{ proxy_passhttp://backend_servers/; health_check; } } . . . NGINX Plus - ONLY $sudo nginx–t nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful $sudo nginx–s reload
  • 31.
    | ©2019 F531 ZeroDowntime Config Reloads • Adding a new upstream • Zero Downtime for active streams /etc/nginx/conf.d/b2b.conf 1 2 3 4 5 6 7 8 9 upstreambackend_servers{ zonebackend_server_zone64k; least_conn; serverlocalhost:8001; serverlocalhost:8002; www.jdaus.net:9083; #INSERTTHE FOLLOWINGUPSTREAM www.jdaus.net:9084; } NGINX Plus - ONLY $sudo nginx–t nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful $sudo nginx–s reload
  • 32.
    | ©2019 F532 RateLimiting Rate limit is configured and monitored at a global level Limit is applied where we want it • Per API gateway • Per API definition • Per URI/route /etc/nginx/conf.d/b2b.conf limit_req_zone$remote_addrzone=perip:1mrate=2r/s; upstreambackend_servers{ zonebackend_server_zone64k; . . . server{ listen8000default_server; server_namelocalhost; location/{ proxy_passhttp://backend_servers/; health_check; limit_reqzone=peripnodelay; limit_req_status429; } } . . .
  • 33.
    | ©2019 F533 $nginx -s reload $ curlhttp://localhost:8000 <!doctype html> <html lang="en-US"> <head>… $ !!;!!;!!;!!;!! {"status":429,"message":”Rate limit exceeded"}
  • 34.
    | ©2019 F534 Howdid we do? 1. Installing NGINX 2. Configuring Webserver 3. Configure Reverse Proxy & Load Balancer 4. Active Health Check 5. Zero Downtime Configuration Reloads
  • 35.
    | ©2019 F535 Resources OfficialNGINX open source downloads • http://nginx.org/en/linux_packages.html NGINX Plus Trial License • https://www.nginx.com/free-trial-request/ Getting Started with NGINX Guides • https://www.nginx.com/resources/wiki/start/ • http://nginx.org/en/docs/beginners_guide.html

Editor's Notes

  • #5 Talk about NGINX PLUS here. Launched in 2013
  • #10 Come to my talk later to hear about other API gateway architectures (deployment patterns)
  • #17 Don’t care what else is in your nginx.conf – make sure the include line is there Throughout the workshop, if you see a line highlighted in yellow, among other config, then it’s time to add that line.