Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
making-nginx-practical-guide
Search
Sponsored
·
SiteGround - Reliable hosting with speed, security, and support you can count on.
→
Tatsuhiko Kubo
February 08, 2016
Technology
9.8k
6
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
making-nginx-practical-guide
Tatsuhiko Kubo
February 08, 2016
More Decks by Tatsuhiko Kubo
See All by Tatsuhiko Kubo
Mackerel in さくらのクラウド
cubicdaiya
1
980
Handling a tremendous amount of images with Fastly / Yamagoya Traverse 2020
cubicdaiya
2
1.6k
System Integration with Fastly
cubicdaiya
0
680
実例で学ぶ画像最適化集 with ImageFlux / ImageFlux meetup#2
cubicdaiya
4
20k
Software Engineer, Infrastructure
cubicdaiya
4
3.3k
High Performance Count Up!
cubicdaiya
0
430
ImageFluxを利用した画像配信の最適化 / ImageFlux meetup 201801
cubicdaiya
0
3.1k
Building high performance push notification server in Go
cubicdaiya
5
3.4k
メルカリのデータ分析基盤 / mercari data analysis infrastructure
cubicdaiya
11
12k
Other Decks in Technology
See All in Technology
GoとSIMDとWasmの今。
askua
3
520
小さくはじめるSLI/SLO ~育てながら組織に定着させる実践知~ / Starting Small with SLI/SLOs: Building Adoption Through Continuous Growth
nari_ex
1
540
タクシーアプリ『GO』の実践的データ活用
mot_techtalk
3
180
ABEMA の Datadog × OTel 基盤、 中から見るか? 外から見るか?
tetsuya28
0
110
ブロックチェーン / Blockchain
ks91
PRO
0
110
「嘘をつくテスト」の失敗例から学ぶ 良いテストコード #frontend_phpcon_do
asumikam
0
590
10倍の生産性を実現するAI駆動並列エージェントのすべて
kumaiu
4
1.2k
Agentic Defenseとともにセキュリティエンジニアが輝き続けるには / How Security Engineers Can Keep Excelling with Agentic Defense
yuj1osm
0
140
"何を作るか"を任される エンジニアは、どう育つのか
yutaokafuji
1
280
中期計画、2回作ってみた ~業務委託と正社員、両方の視点から~
demaecan
1
500
Building applications in the Gemini API family.
line_developers_tw
PRO
0
2.4k
エンジニアリング戦略の作り方 / Crafting Engineering Strategy
iwashi86
16
5.2k
Featured
See All Featured
Typedesign – Prime Four
hannesfritz
42
3.1k
How to train your dragon (web standard)
notwaldorf
97
6.7k
WENDY [Excerpt]
tessaabrams
11
38k
Discover your Explorer Soul
emna__ayadi
2
1.1k
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
kevinliebholz
37
6.5k
Code Reviewing Like a Champion
maltzj
528
40k
The Myth of the Modular Monolith - Day 2 Keynote - Rails World 2024
eileencodes
28
3.5k
Digital Ethics as a Driver of Design Innovation
axbom
PRO
1
310
VelocityConf: Rendering Performance Case Studies
addyosmani
333
25k
Practical Orchestrator
shlominoach
191
11k
Ruling the World: When Life Gets Gamed
codingconduct
0
250
ラッコキーワード サービス紹介資料
rakko
1
3.6M
Transcript
nginx࣮ફೖ ϝΠΩϯά Tatsuhiko Kubo@cubicdaiya nginx Tech Talks 2016/02/08
@cubicdaiya / Tatsuhiko Kubo Principal Engineer, SRE @ Mercari, Inc.
ngx_small_light, ngx_dynamic_upstream, nginx-build, slackboard,cachectl, gaurun, etc…
None
https://www.mercari.com/ Mercari - Your Friendly Mobile Marketplace
Agenda • ʰnginx࣮ફೖʱͷհ • ࣥචʹ·ͭΘΔΤϐιʔυ • ຊॻ੶ʹܝࡌ͖͠Εͳ͔ͬͨ༰ɺɹɹɹ nginxͷ৽ػೳʹ͍ͭͯ
None
ʰnginx࣮ફೖʱষߏ • 1ষ nginxͷ֓ཁͱΞʔΩςΫνϟ • 2ষ Πϯετʔϧͱىಈ • 3ষ جຊઃఆ
• 4ষ ੩తͳWebαΠτͷߏங • 5ষ ҆શ͔ͭߴͳHTTPSαʔόͷߏங
ʰnginx࣮ફೖʱষߏ • 6ষ WebΞϓϦέʔγϣϯαʔόͷߏங • 7ষ େنίϯςϯπ৴αʔόͷߏங • 8ষ Webαʔόͷӡ༻ͱϝτϦΫεϞχλϦϯά
• 9ষ LuaʹΑΔnginxͷ֦ு • 10ষ OpenResty
ࣥච։࢝ɿ201311݄ ࣥචྃɿ201512݄ ൃചɹɿ20161݄ 2͔͔Γ·ͨ͠…
ষߏ ݪҊʢ2013ࠒʣ • 1ষ nginxͷ֓ཁͱΞʔΩςΫνϟ • 2ষ Πϯετʔϧ • 3ষ
جຊઃఆ • 4ষ ੩తͳWebαΠτͷߏங • 5ষ WebΞϓϦέʔγϣϯαʔόͷߏங
ষߏ ݪҊʢ2013ࠒʣ • 6ষ େنίϯςϯπ৴αʔόͷߏங • 7ষ ը૾ετϨʔδαʔόͷߏங • 8ষ
nginxαʔόͷӡ༻ʗࢹ • 9ষ ϋΠύϑΥʔϚϯεnginx • 10ষ LuaʹΑΔnginxͷ֦ு • 11ষ ֦ுϞδϡʔϧͷ࡞Γํ
Ϙπʹͳͬͨষ
ը૾ετϨʔδαʔόͷߏங
ʮը૾ετϨʔδαʔόͷߏஙʯͳΜͰ͚͢Ͳɺ ͜ΕྲྀΕతʹʮେنίϯςϯπ৴αʔόʯͷষʹ ౷߹͠·͢Ͷ ͑ɺ͋ɺ͏Μ ※ձͷ༰ΠϝʔδͰ͢
ը૾ετϨʔδαʔόͷߏங • nginxͰαϜωΠϧੜػೳ͖ετϨʔδαʔόΛߏங͢Δ ͩͬͨ • ngx_http_image_filter_module • ngx_http_dav_module • େنίϯςϯπ৴αʔόͷষʹ౷߹ͨ͠ํ͕͍͍ͷͰ
ʁ by @harukasan • ༰͝ͱ7ষʹ౷߹͞Ε·ͨ͠ • ࠓͳΒngx_small_lightͷΛͯ͠Α͔͔ͬͨ͠Εͳ͍
ϋΠύϑΥʔϚϯεnginx
ϋΠύϑΥʔϚϯεnginx • tcp_nopushΞοϓετϦʔϜͷΩʔϓΞ ϥΠϒnginxͰͷνϡʔχϯάू • ֤ষ͕༻్ຖʹղઆ͍ͯ͠Δ͜ͱ͋ͬͯ͜ ͚ͩ͜·ͱ·Γ͕ͳ͍ • harukasanͷఏҊͰదͳষʹࢄ
ʮϋΠύϑΥʔϚϯεnginxʯͳΜͰ͚͢Ͳɺ ͜Ε֤߲ͷͷ༰͕όϥόϥͳͷͰ ผʑͷষʹࢄͤ͞·͢Ͷɻ ͓ɺ͓͏ ※ձͷ༰ΠϝʔδͰ͢
֦ுϞδϡʔϧͷ࡞Γํ • ్த·Ͱॻ͍ͯ·͕ͨ͠ɺશવϖʔδΓͳ͘ ͯΊ·ͨ͠ • ͜ͷ༰͚ͩͰຊ͕Ұॻ͚Δ • ༰͕શવೖ͡Όͳ͍ • CΑΓLuaͷղઆ૿ͨ͠ํ͕ಡऀͷͨΊʹͳΔ
• ͦ͏ͩɺOpenRestyʹ͠Α͏ʂ
ޙͰՃ͞Εͨষ
҆શ͔ͭߴͳHTTPSαʔόͷߏங
҆શ͔ͭߴͳHTTPSαʔόͷߏங • ॳʰ੩తͳWebαΠτͷߏஙʱͰશ෦ղઆ ͍ͯͨ͠ • ͔͠͠ɺHTTPSͷॏཁੑͷߴ·Γ2014ࠒ͔ Βͷ૬͙࣍OpenSSLͷ੬ऑੑใࠂ͔Β༰͕ ංେԽ • e.g.
HeartBleed, FREAK Attack… • ݁Ռɺؙʑ1ষׂ͍ͯղઆ͢Δ͜ͱʹ
OpenResty
OpenResty • CʹΑΔ֦ுϞδϡʔϧ࡞ͷষΛͬͨͷͰ ͔ΘΓʹೖΕͨ • ngx_luaؚΊଟࠃͰॳͷຊ֨తͳղઆ • ngx_luaΛར༻͢Δ߹ɺʹར༻͢ΔΑΓ OpenRestyʹ͓ͯ͘͠ํָ͕ͳ͜ͱ͕ଟ͍ͷ ͰΦεεϝͰ͢
ʰnginx࣮ફೖʱষߏ • 1ষ nginxͷ֓ཁͱΞʔΩςΫνϟ • 2ষ Πϯετʔϧͱىಈ • 3ষ جຊઃఆ
• 4ষ ੩తͳWebαΠτͷߏங • 5ষ ҆શ͔ͭߴͳHTTPSαʔόͷߏங
ʰnginx࣮ફೖʱষߏ • 6ষ WebΞϓϦέʔγϣϯαʔόͷߏங • 7ষ େنίϯςϯπ৴αʔόͷߏங • 8ষ Webαʔόͷӡ༻ͱϝτϦΫεϞχλϦϯά
• 9ষ LuaʹΑΔnginxͷ֦ு • 10ষ OpenResty
೦ߍ࣌ظͷΈ(2015ळʙౙ)
nginxͷHTTP/2࣮͕ ͍ͭग़Δ͔Θ͔Βͳ͍
nginxͷdynamic module͕ ͍ͭग़Δ͔Θ͔Βͳ͍
nginx࣮ફೖͰղઆͯ͠ͳ͍ओͳ༰ • ngx_mail_xxx_module • nginxͰϝʔϧϓϩΩγ • ngx_stream_xxx_module • nginxͰL4ϩʔυόϥϯε •
ngx_luaͷ࠷৽ͷσΟϨΫςΟϒ • e.g. (ssl_certificate|balancer)_by_lua_block
nginxͰL4ϩʔυόϥϯε stream { upstream app { server x.x.x.x:12345; server x.x.x.y:12345;
} server { listen 50000; proxy_pass app; } }
xxx_by_lua_block (e.g. content_by_lua_block) • LuaεΫϦϓτΛΠϯϥΠϯͰॻ͘ࡍʹώΞυ ΩϡϝϯτͰॻ͚ΔΑ͏ʹͳͬͨ
content_by_lua location / { content_by_lua ‘ngx.say(‘hello’)’; } Syntax error…
content_by_lua_block location / { content_by_lua_block { ngx.say(‘hello’) } }
ssl_certificate_by_lua_(block|file) • TLSϋϯυγΣΠΫ࣌ʹLuaεΫϦϓτΛϑο ΫͰ͖Δ • ূ໌ॻͷಈతͳΓସ͑ʹԠ༻Մೳ
balancer_by_lua_(block|file) • upstreamίϯςΩετͰར༻ग़དྷΔσΟϨΫ ςΟϒ • ಈతͳϩʔυόϥϯαʔͷߏஙʹར༻Մೳ
ngx_stream_lua_module • https://github.com/openresty/stream-lua- nginx-module • ngx_luaͰL4ϩʔυόϥϯε • Status • Quite
usable but still experimental.
Coming soon… • dynamic module support of nginx • طʹnginxͷmainlineϦϙδτϦʹίϛοτ͞
ΕͯΔͷͰଟ࣍ͷ1.9.11ͰདྷΔ ./configure —with-stream=dynamic ▪ streamϞδϡʔϧͷಈతϩʔσΟϯά ▪ nginx.confͷઃఆ load_module /path/to/ngx_stream_module.so
SiteGround - Reliable hosting with speed, security, and support you can count on.
cubicdaiya
askua
nari_ex
mot_techtalk
tetsuya28
ks91
asumikam
kumaiu
yuj1osm
yutaokafuji
demaecan
line_developers_tw
iwashi86
hannesfritz
notwaldorf
tessaabrams
emna__ayadi
kevinliebholz
maltzj
eileencodes
axbom
addyosmani
shlominoach
codingconduct
rakko
