Developers and researchers are confronted with a huge number of tools and technologies in their daily work, each of which has its own pros and cons. This realization is important for network devices intended to stop attacks — they should be “omnivores” with regard to network protocols. The speaker’s passion is to study and recreate various hacker attacks, exploits and tactics at the network level in order to develop reliable detection techniques for intrusion detection systems. While working on lots of attacks he noticed some tiny network conditions when a packet sequence slip away from IDS system but get to the target. Will your IDS system detect data network connection was broken? Using nc and a Linux machine, the speaker will demonstrate 4 CVEs he found for bypassing IDS systems, based on the example of the popular Suricata IDS.
Как HeadHunter удалось безопасно нарушить RFC 793 (TCP) и обойти сетевые лову...Ontico
В какой-то момент 3-й в мире работный сайт начал периодически падать на несколько минут. Сюрпризом стало то, что в этот раз действительно из-за сети.
Для масштабирования сервисов и их взаимодействия между собой hh.ru использует внутренний балансировщик. Обработку 25 тыс. запросов в секунду обеспечивают 5 серверов с nginx. Обращение к этим серверам балансирует коммутатор.
Я расскажу, как мы расследовали серию инцидентов, которая была вызвана нарушением протокола TCP при балансировке. И что мы придумали, чтобы продолжить безнаказанно его нарушать.
Как HeadHunter удалось безопасно нарушить RFC 793 (TCP) и обойти сетевые лову...Андрей Шорин
В какой-то момент 3-й в мире работный сайт начал периодически падать на несколько минут. Сюрпризом стало то, что в этот раз действительно из-за сети.
Для масштабирования сервисов и их взаимодействия между собой hh.ru использует внутренний балансировщик. Обработку 25 тыс. запросов в секунду обеспечивают 5 серверов с nginx. Обращение к этим серверам балансирует коммутатор.
Я расскажу, как мы расследовали серию инцидентов, которая была вызвана нарушением протокола TCP при балансировке. И что мы придумали, чтобы продолжить безнаказанно его нарушать.
OWASP Top 10 - Checkmarx Presentation at Polytechnic Institute of Cávado and AveCheckmarx
Presented by Paulo Silva, Security Researcher at Checkmarx on October 31, 2018 at Polytechnic Institute of Cávado and Ave.
Learn all about the OWASP Top 10 from his talk:
Part I
Web Application architecture
The HTTP protocol
HTTP Request walk-through
Part II
What is OWASP
What is the OWASP TOP 10
OWASP Top 10 walk - through
True stories on the analysis of network activity using Pythondelimitry
The presentation from SPbPython community / PiterPy meetup.
The presentation tells about the problems of analysing the network activity of applications on Linux using Python. The following topics are covered: analysis of network packets, analysis of packet filters, packets crafting using Scapy, analysis of open ports.
Developers and researchers are confronted with a huge number of tools and technologies in their daily work, each of which has its own pros and cons. This realization is important for network devices intended to stop attacks — they should be “omnivores” with regard to network protocols. The speaker’s passion is to study and recreate various hacker attacks, exploits and tactics at the network level in order to develop reliable detection techniques for intrusion detection systems. While working on lots of attacks he noticed some tiny network conditions when a packet sequence slip away from IDS system but get to the target. Will your IDS system detect data network connection was broken? Using nc and a Linux machine, the speaker will demonstrate 4 CVEs he found for bypassing IDS systems, based on the example of the popular Suricata IDS.
Как HeadHunter удалось безопасно нарушить RFC 793 (TCP) и обойти сетевые лову...Ontico
В какой-то момент 3-й в мире работный сайт начал периодически падать на несколько минут. Сюрпризом стало то, что в этот раз действительно из-за сети.
Для масштабирования сервисов и их взаимодействия между собой hh.ru использует внутренний балансировщик. Обработку 25 тыс. запросов в секунду обеспечивают 5 серверов с nginx. Обращение к этим серверам балансирует коммутатор.
Я расскажу, как мы расследовали серию инцидентов, которая была вызвана нарушением протокола TCP при балансировке. И что мы придумали, чтобы продолжить безнаказанно его нарушать.
Как HeadHunter удалось безопасно нарушить RFC 793 (TCP) и обойти сетевые лову...Андрей Шорин
В какой-то момент 3-й в мире работный сайт начал периодически падать на несколько минут. Сюрпризом стало то, что в этот раз действительно из-за сети.
Для масштабирования сервисов и их взаимодействия между собой hh.ru использует внутренний балансировщик. Обработку 25 тыс. запросов в секунду обеспечивают 5 серверов с nginx. Обращение к этим серверам балансирует коммутатор.
Я расскажу, как мы расследовали серию инцидентов, которая была вызвана нарушением протокола TCP при балансировке. И что мы придумали, чтобы продолжить безнаказанно его нарушать.
OWASP Top 10 - Checkmarx Presentation at Polytechnic Institute of Cávado and AveCheckmarx
Presented by Paulo Silva, Security Researcher at Checkmarx on October 31, 2018 at Polytechnic Institute of Cávado and Ave.
Learn all about the OWASP Top 10 from his talk:
Part I
Web Application architecture
The HTTP protocol
HTTP Request walk-through
Part II
What is OWASP
What is the OWASP TOP 10
OWASP Top 10 walk - through
True stories on the analysis of network activity using Pythondelimitry
The presentation from SPbPython community / PiterPy meetup.
The presentation tells about the problems of analysing the network activity of applications on Linux using Python. The following topics are covered: analysis of network packets, analysis of packet filters, packets crafting using Scapy, analysis of open ports.
Debugging Your Debugging Tools: What to do When Your Service Mesh Goes DownAspen Mesh
In this CNCF Member Webinar, Neeraj Poddar (Aspen Mesh) and John Howard (Google) shared information on debugging your debugging tools when your service mesh goes down in production.
Service meshes are widely used as a means to enforce policies and at the same time gain visibility into your application behavior and performance. As more organizations adopt service mesh in their architectures, they are relying more heavily on the metrics, tracing and other traffic management and security capabilities provided by the service mesh. But what happens when a critical piece of your infrastructure like Istio has issues while in production?
In this webinar we will cover the debugging in production aspects of Istio, in particular the following topics will be covered:
* How to debug and diagnose issues with your sidecar proxy Envoy
* How to monitor and debug the Istio control plane
* How to use operational tools like “istioctl” to understand issues with your configuration
* Using profiling to identify bottlenecks
* Recommendations for a production ready secure Istio deployment
Essential quality criteria for planning and validation of PROFINET networks
For PROFINET devices the quality criteria that are checked within the scope of the device certification are described in published specifications, standards and test specifications. Interoperability is protected by both the specification and the test procedures in the cooperation of the devices. From practical experience in the realization of network arrangements it appears that beside the device qualities also the planning quality and the quality of the validation of a whole arrangement can have an influence on the functionality.
In the task force CB / PG3 "Installation Guidelines" the suitable planning directives and introduction directives are now integrated into the quality criteria for the planning and validation of the PROFINET networks. The methods, measuring procedures and also the background will be fully explained.
Oczyszczacz powietrza i stos sieciowy? Czas na test! Semihalf Barcamp 13/06/2018Semihalf
Podczas wykładu pomijamy jakość filtracji powietrza natomiast skupiamy się na metodach testowania protokołów sieciowych przy wykorzystaniu języka TTCN-3. Sprawdzamy jakie dane nasze domowe urządzenia wysyłają w świat oraz jak można przejąć nad nimi kontrolę.
Handy Networking Tools and How to Use ThemSneha Inguva
When I joined the networking team at DigitalOcean a few years ago, I dove into an entirely different world of software-defined networking in the data center. Virtual switches, networking protocols — these were concepts that I had encountered at the surface level before — but now I frequently found myself debugging them. With time, I came to rely on a variety of Linux networking tools for introspecting, troubleshooting, and examining network state. In this talk, I’ll share some of my favorite Linux networking tools and discuss scenarios in which they are quite helpful.
Training Slides: 153 - Working with the CLIContinuent
Watch this 55min training session to learn about the main command line tools you’ll be using when working with Tungsten Replicator.
TOPICS COVERED
- Re-cap the previous Installation
- Explore the main Command Line Tools
- tpm
- trepctl
- thl
Adding 1.21 Gigawatts to Applications with RabbitMQ (PHPNW Dec 2014 Meetup)James Titcumb
As your application grows, you soon realise you need to break up your application into smaller chunks that talk to each other. You could just use web services to interact, or you could take a more robust approach and use the message broker RabbitMQ. In this talk, we will take a look at the techniques you can use to vastly enhance inter-application communication, learn about the core concepts of RabbitMQ, cover how you can scale different parts of your application separately, and modernise your development using a message-oriented architecture
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024Neo4j
Neha Bajwa, Vice President of Product Marketing, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
More Related Content
Similar to NGINX Live EP.5 NGINX Health Checks Slide
Debugging Your Debugging Tools: What to do When Your Service Mesh Goes DownAspen Mesh
In this CNCF Member Webinar, Neeraj Poddar (Aspen Mesh) and John Howard (Google) shared information on debugging your debugging tools when your service mesh goes down in production.
Service meshes are widely used as a means to enforce policies and at the same time gain visibility into your application behavior and performance. As more organizations adopt service mesh in their architectures, they are relying more heavily on the metrics, tracing and other traffic management and security capabilities provided by the service mesh. But what happens when a critical piece of your infrastructure like Istio has issues while in production?
In this webinar we will cover the debugging in production aspects of Istio, in particular the following topics will be covered:
* How to debug and diagnose issues with your sidecar proxy Envoy
* How to monitor and debug the Istio control plane
* How to use operational tools like “istioctl” to understand issues with your configuration
* Using profiling to identify bottlenecks
* Recommendations for a production ready secure Istio deployment
Essential quality criteria for planning and validation of PROFINET networks
For PROFINET devices the quality criteria that are checked within the scope of the device certification are described in published specifications, standards and test specifications. Interoperability is protected by both the specification and the test procedures in the cooperation of the devices. From practical experience in the realization of network arrangements it appears that beside the device qualities also the planning quality and the quality of the validation of a whole arrangement can have an influence on the functionality.
In the task force CB / PG3 "Installation Guidelines" the suitable planning directives and introduction directives are now integrated into the quality criteria for the planning and validation of the PROFINET networks. The methods, measuring procedures and also the background will be fully explained.
Oczyszczacz powietrza i stos sieciowy? Czas na test! Semihalf Barcamp 13/06/2018Semihalf
Podczas wykładu pomijamy jakość filtracji powietrza natomiast skupiamy się na metodach testowania protokołów sieciowych przy wykorzystaniu języka TTCN-3. Sprawdzamy jakie dane nasze domowe urządzenia wysyłają w świat oraz jak można przejąć nad nimi kontrolę.
Handy Networking Tools and How to Use ThemSneha Inguva
When I joined the networking team at DigitalOcean a few years ago, I dove into an entirely different world of software-defined networking in the data center. Virtual switches, networking protocols — these were concepts that I had encountered at the surface level before — but now I frequently found myself debugging them. With time, I came to rely on a variety of Linux networking tools for introspecting, troubleshooting, and examining network state. In this talk, I’ll share some of my favorite Linux networking tools and discuss scenarios in which they are quite helpful.
Training Slides: 153 - Working with the CLIContinuent
Watch this 55min training session to learn about the main command line tools you’ll be using when working with Tungsten Replicator.
TOPICS COVERED
- Re-cap the previous Installation
- Explore the main Command Line Tools
- tpm
- trepctl
- thl
Adding 1.21 Gigawatts to Applications with RabbitMQ (PHPNW Dec 2014 Meetup)James Titcumb
As your application grows, you soon realise you need to break up your application into smaller chunks that talk to each other. You could just use web services to interact, or you could take a more robust approach and use the message broker RabbitMQ. In this talk, we will take a look at the techniques you can use to vastly enhance inter-application communication, learn about the core concepts of RabbitMQ, cover how you can scale different parts of your application separately, and modernise your development using a message-oriented architecture
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024Neo4j
Neha Bajwa, Vice President of Product Marketing, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
Communications Mining Series - Zero to Hero - Session 1DianaGray10
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...Neo4j
Leonard Jayamohan, Partner & Generative AI Lead, Deloitte
This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
GridMate - End to end testing is a critical piece to ensure quality and avoid...ThomasParaiso2
End to end testing is a critical piece to ensure quality and avoid regressions. In this session, we share our journey building an E2E testing pipeline for GridMate components (LWC and Aura) using Cypress, JSForce, FakerJS…
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Securing your Kubernetes cluster_ a step-by-step guide to success !
NGINX Live EP.5 NGINX Health Checks Slide
1. NGINX
HEALTH CHECKS
NGINX LIVE EP.5
SUPACHAI JATURAPROM (TUM)
AUG 2020
NGINX USER GROUP: THAILAND CHAPTER
WWW.MEETUP.COM/TH-TH/NGINX-THAILAND
2. NGINX
HEALTH CHECKS
AGENDA
Why ? Health Checks
TCP Health Checks
HTTP Health Checks
UDP Health Checks
Active Health Checks
Passive Health Checks
NGINX User Group: Thailand Chapter
www.meetup.com/th-TH/NGINX-Thailand
NGINX Live EP.5
Supachai Jaturaprom (Tum)
6. WHY ? HEALTH CHECKS (4)
Client 1
Load Balance
Host 1
Host 2
Host 3
Client 2
Client 3
Health checks
Health checks
Health checks
Data Traffic
Data Traffic
Data Traffic
NGINX User Group: Thailand Chapter
www.meetup.com/th-TH/NGINX-Thailand
NGINX Live EP.5
Supachai Jaturaprom (Tum)
7. WHY ? HEALTH CHECKS (5)
Load Balance
Client 1 Host 1
Host 2
Host 3
Client 2
Client 3
Health checks
Health checks
Health checks
Data Traffic
Data Traffic
Data Traffic
NGINX User Group: Thailand Chapter
www.meetup.com/th-TH/NGINX-Thailand
NGINX Live EP.5
Supachai Jaturaprom (Tum)
8. WHY ? HEALTH CHECKS (6)
Client 1
Load Balance
Host 1
Host 2Client 2
Client 3
Health checks
Health checks
Health checks
Host 3
Data Traffic
Data Traffic
Data Traffic
NGINX User Group: Thailand Chapter
www.meetup.com/th-TH/NGINX-Thailand
NGINX Live EP.5
Supachai Jaturaprom (Tum)
9. WHY ? HEALTH CHECKS (7)
Client 1
Load Balance
Host 1
Host 2
Host 3
Client 2
Client 3
Health checks
Health checks
Health checks
Data Traffic
Data Traffic
Data Traffic
healthy
healthy
healthy
NGINX User Group: Thailand Chapter
www.meetup.com/th-TH/NGINX-Thailand
NGINX Live EP.5
Supachai Jaturaprom (Tum)
10. Load Balance
Host 1
Host 2
Host 3
Client 1
Health checks
Health checks
Health checks
Data Traffic
ACTIVE HEALTH CHECK
GET / Return 200 OK
healthy
healthy
healthy
NGINX User Group: Thailand Chapter
www.meetup.com/th-TH/NGINX-Thailand
NGINX Live EP.5
Supachai Jaturaprom (Tum)
11. Load Balance
Host 1
Host 2
Host 3
Client 1
Data Traffic
PASSIVE HEALTH CHECK
500 Error
หรือ Timeout
Client 2
Data Traffic
unhealthy
healthy
healthy
NGINX User Group: Thailand Chapter
www.meetup.com/th-TH/NGINX-Thailand
NGINX Live EP.5
Supachai Jaturaprom (Tum)
12. HTTPS HEALTH CHECKS (1)
upstream backend {
server backend1.example.com;
server backend2.example.com;
}
server {
location / {
proxy_pass http://backend;
health_check;
}
}
by default, every five seconds
a request for “/” to each server in
the backend group.
If any communication error or
timeout occurs (outside 200-399)
the health check fails.
The server is marked as unhealthy.
NGINX User Group: Thailand Chapter
www.meetup.com/th-TH/NGINX-Thailand
NGINX Live EP.5
Supachai Jaturaprom (Tum)
13. HTTPS HEALTH CHECKS (2)
server {
location / {
proxy_pass http://backend;
health_check port=9999 interval=10 fails=3 passes=2
uri=/some/path;
}
} port = คือ การระบุ port number ทีใช้ health checks (default port server)
interval = คือ การระบุระยะเวลาในการทํา health checks (default 5s)
fails= คือ จํานวนการ fails ทีจะทําการ marking ว่า unhealthy (default 1)
passes= คือ จํานวนการ success ทีจะทําการ marking ว่า healthy (default 1)
uri= คือ การระบุ uri path (default path "/" )
http://backend1.exmaple.naja/i/love/nginx
marking unhealthy = 10x3 = 30 วินาที
marking healthy = 10x2 = 20 วินาที
NGINX User Group: Thailand Chapter
www.meetup.com/th-TH/NGINX-Thailand
NGINX Live EP.5
Supachai Jaturaprom (Tum)
14. HTTPS HEALTH CHECKS (3)
http {
...........
match server_ok {
status 200-399;
body !~ "maintenance mode";
}
server {
...........
location / {
proxy_pass http://backend;
health_check match=server_ok;
}
Here the health check is passed if
the status code of the response is
in the range 200–399, and its
body does not contain the string
"maintenance mode".
NGINX User Group: Thailand Chapter
www.meetup.com/th-TH/NGINX-Thailand
NGINX Live EP.5
Supachai Jaturaprom (Tum)
15. TCP HEALTH CHECKS (1)
stream {
#...
server {
listen 12345;
proxy_pass stream_backend;
health_check port=12346 interval=10 passes=2 fails=3;
health_check_timeout 5s;
}
}
** health_check_timeout directive is overrides proxy_timeout directive.
NGINX User Group: Thailand Chapter
www.meetup.com/th-TH/NGINX-Thailand
NGINX Live EP.5
Supachai Jaturaprom (Tum)
17. UDP HEALTH CHECKS (1)
stream {
#...
server {
listen 53 udp;
proxy_pass dns_upstream;
health_check interval=20 passes=2 fails=2 udp;
}
#...
}
** udp parameter specifies that the UDP protocol should be used
for health checks instead of the default TCP protocol.
NGINX User Group: Thailand Chapter
www.meetup.com/th-TH/NGINX-Thailand
NGINX Live EP.5
Supachai Jaturaprom (Tum)
18. UDP HEALTH CHECKS (2)
stream {
#...
match dns {
send x00x2ax00x00x00x01x00x00x00x00x00x00x03.....;
expect ~* "health.is.good";
}
server {
listen 53 udp;
proxy_pass dns_upstream;
health_check match=udp_test udp;
}
#...
}
NGINX User Group: Thailand Chapter
www.meetup.com/th-TH/NGINX-Thailand
NGINX Live EP.5
Supachai Jaturaprom (Tum)
19. SERVER SLOW-START
upstream backend {
server backend1.example.com slow_start=30s;
server backend2.example.com;
server 127.255.255.254 backup;
}
slow‑start allows an upstream server to gradually recover its weight from 0 to
its nominal value after it has been recovered or became available. by default is
0, that mean disable slow-start.
NGINX User Group: Thailand Chapter
www.meetup.com/th-TH/NGINX-Thailand
NGINX Live EP.5
Supachai Jaturaprom (Tum)
20. NGINX
HEALTH CHECKS
SUMMARY
Why ? Health Checks
Active Health Checks
Passive Health Checks
NGINX User Group: Thailand Chapter
www.meetup.com/th-TH/NGINX-Thailand
NGINX Live EP.5
Supachai Jaturaprom (Tum)
21. THANKS YOUR
NGINX LIVE EP.5
SUPACHAI JATURAPROM (TUM)
NGINX User Group: Thailand Chapter
www.meetup.com/th-TH/NGINX-Thailand