Upgrade to Pro — share decks privately, control downloads, hide ads and more …

making-nginx-practical-guide

Tatsuhiko Kubo
February 08, 2016
Technology
6
9.5k

 making-nginx-practical-guide

Tatsuhiko Kubo

February 08, 2016
Tweet

More Decks by Tatsuhiko Kubo

See All by Tatsuhiko Kubo
Handling a tremendous amount of images with Fastly / Yamagoya Traverse 2020
cubicdaiya
2
1.4k
System Integration with Fastly
cubicdaiya
0
580
実例で学ぶ画像最適化集 with ImageFlux / ImageFlux meetup#2
cubicdaiya
4
19k
Software Engineer, Infrastructure
cubicdaiya
4
3.1k
High Performance Count Up!
cubicdaiya
0
340
ImageFluxを利用した画像配信の最適化 / ImageFlux meetup 201801
cubicdaiya
0
2.9k
Building high performance push notification server in Go
cubicdaiya
5
3.2k
メルカリのデータ分析基盤 / mercari data analysis infrastructure
cubicdaiya
11
12k
On-call Engineering
cubicdaiya
8
6.6k

Other Decks in Technology

See All in Technology
東京Ruby会議12 Ruby と Rust と私 / Tokyo RubyKaigi 12 Ruby, Rust and me
eagletmt
3
870
20250116_JAWS_Osaka
takuyay0ne
2
200
Goで実践するBFP
hiroyaterui
1
120
Oracle Exadata Database Service(Dedicated Infrastructure):サービス概要のご紹介
oracle4engineer
PRO
0
12k
2025年に挑戦したいこと
molmolken
0
160
CDKのコードレビューを楽にするパッケージcdk-mentorを作ってみた/cdk-mentor
tomoki10
0
210
AWS re:Invent 2024 recap in 20min / JAWSUG 千葉 2025.1.14
shimy
1
100
Amazon Route 53, 待ちに待った TLSAレコードのサポート開始
kenichinakamura
0
170
AWSマルチアカウント統制環境のすゝめ / 20250115 Mitsutoshi Matsuo
shift_evolve
0
120
Evolving Architecture
rainerhahnekamp
3
260
機械学習を「社会実装」するということ 2025年版 / Social Implementation of Machine Learning 2025 Version
moepy_stats
5
1.2k
re:Invent 2024のふりかえり
beli68
0
110

Featured

See All Featured
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
226
22k
Rebuilding a faster, lazier Slack
samanthasiow
79
8.8k
Measuring & Analyzing Core Web Vitals
bluesmoon
5
210
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
28
2.2k
Put a Button on it: Removing Barriers to Going Fast.
kastner
60
3.6k
Practical Tips for Bootstrapping Information Extraction Pipelines
honnibal
PRO
10
870
ReactJS: Keep Simple. Everything can be a component!
pedronauck
666
120k
What's in a price? How to price your products and services
michaelherold
244
12k
The Psychology of Web Performance [Beyond Tellerrand 2023]
tammyeverts
45
2.3k
Embracing the Ebb and Flow
colly
84
4.5k
Typedesign – Prime Four
hannesfritz
40
2.5k
Fontdeck: Realign not Redesign
paulrobertlloyd
82
5.3k

Transcript

  1. nginx࣮ફೖ໳ ϝΠΩϯά Tatsuhiko Kubo@cubicdaiya nginx Tech Talks 2016/02/08

  2. @cubicdaiya / Tatsuhiko Kubo Principal Engineer, SRE @ Mercari, Inc.

    ngx_small_light, ngx_dynamic_upstream, nginx-build, slackboard,cachectl, gaurun, etc…
  3. None

  4. https://www.mercari.com/ Mercari - Your Friendly Mobile Marketplace

  5. Agenda • ʰnginx࣮ફೖ໳ʱͷ঺հ • ࣥචʹ·ͭΘΔΤϐιʔυ • ຊॻ੶ʹܝࡌ͖͠Εͳ͔ͬͨ಺༰ɺɹɹɹ nginxͷ৽ػೳʹ͍ͭͯ

  6. None

  7. ʰnginx࣮ફೖ໳ʱষߏ੒ • 1ষ nginxͷ֓ཁͱΞʔΩςΫνϟ • 2ষ Πϯετʔϧͱىಈ • 3ষ جຊઃఆ

    • 4ষ ੩తͳWebαΠτͷߏங • 5ষ ҆શ͔ͭߴ଎ͳHTTPSαʔόͷߏங

  8. ʰnginx࣮ફೖ໳ʱষߏ੒ • 6ষ WebΞϓϦέʔγϣϯαʔόͷߏங • 7ষ େن໛ίϯςϯπ഑৴αʔόͷߏங • 8ষ Webαʔόͷӡ༻ͱϝτϦΫεϞχλϦϯά

    • 9ষ LuaʹΑΔnginxͷ֦ு • 10ষ OpenResty

  9. ࣥච։࢝ɿ2013೥11݄ ࣥච׬ྃɿ2015೥12݄ ൃച೔ɹɿ2016೥1݄ ໿2೥͔͔Γ·ͨ͠…

  10. ষߏ੒ ݪҊʢ2013೥຤ࠒʣ • 1ষ nginxͷ֓ཁͱΞʔΩςΫνϟ • 2ষ Πϯετʔϧ • 3ষ

    جຊઃఆ • 4ষ ੩తͳWebαΠτͷߏங • 5ষ WebΞϓϦέʔγϣϯαʔόͷߏங

  11. ষߏ੒ ݪҊʢ2013೥຤ࠒʣ • 6ষ େن໛ίϯςϯπ഑৴αʔόͷߏங • 7ষ ը૾ετϨʔδαʔόͷߏங • 8ষ

    nginxαʔόͷӡ༻ʗ؂ࢹ • 9ষ ϋΠύϑΥʔϚϯεnginx • 10ষ LuaʹΑΔnginxͷ֦ு • 11ষ ֦ுϞδϡʔϧͷ࡞Γํ

  12. Ϙπʹͳͬͨষ

  13. ը૾ετϨʔδαʔόͷߏங

  14. ʮը૾ετϨʔδαʔόͷߏஙʯͳΜͰ͚͢Ͳɺ ͜ΕྲྀΕతʹʮେن໛ίϯςϯπ഑৴αʔόʯͷষʹ ౷߹͠·͢Ͷ ͑ɺ͋ɺ͏Μ ※ձ࿩ͷ಺༰͸ΠϝʔδͰ͢

  15. ը૾ετϨʔδαʔόͷߏங • nginxͰαϜωΠϧੜ੒ػೳ෇͖ετϨʔδαʔόΛߏங͢Δ ࿩ͩͬͨ • ngx_http_image_filter_module • ngx_http_dav_module • େن໛ίϯςϯπ഑৴αʔόͷষʹ౷߹ͨ͠ํ͕͍͍ͷͰ

    ͸ʁ by @harukasan • ಺༰͝ͱ7ষʹ౷߹͞Ε·ͨ͠ • ࠓͳΒngx_small_lightͷ࿩Λͯ͠΋Α͔͔ͬͨ΋͠Εͳ͍

  16. ϋΠύϑΥʔϚϯεnginx

  17. ϋΠύϑΥʔϚϯεnginx • tcp_nopush΍ΞοϓετϦʔϜ΁ͷΩʔϓΞ ϥΠϒ౳nginxͰͷνϡʔχϯάू • ֤ষ͕༻్ຖʹղઆ͍ͯ͠Δ͜ͱ΋͋ͬͯ͜ ͚ͩ͜·ͱ·Γ͕ͳ͍ • harukasanͷఏҊͰద੾ͳষʹ෼ࢄ

  18. ʮϋΠύϑΥʔϚϯεnginxʯͳΜͰ͚͢Ͳɺ ͜Ε֤߲໨ͷ࿩ͷ಺༰͕όϥόϥͳͷͰ ผʑͷষʹ෼ࢄͤ͞·͢Ͷɻ ͓ɺ͓͏ ※ձ࿩ͷ಺༰͸ΠϝʔδͰ͢

  19. ֦ுϞδϡʔϧͷ࡞Γํ • ్த·Ͱॻ͍ͯ·͕ͨ͠ɺશવϖʔδ਺଍Γͳ͘ ͯ΍Ί·ͨ͠ • ͜ͷ಺༰͚ͩͰຊ͕Ұ࡭ॻ͚Δ • ಺༰͕શવೖ໳͡Όͳ͍ • CΑΓ΋Luaͷղઆ૿΍ͨ͠ํ͕ಡऀͷͨΊʹͳΔ

    • ͦ͏ͩɺOpenRestyʹ͠Α͏ʂ

  20. ޙͰ௥Ճ͞Εͨষ

  21. ҆શ͔ͭߴ଎ͳHTTPSαʔόͷߏங

  22. ҆શ͔ͭߴ଎ͳHTTPSαʔόͷߏங • ౰ॳ͸ʰ੩తͳWebαΠτͷߏஙʱͰશ෦ղઆ ͍ͯͨ͠ • ͔͠͠ɺHTTPSͷॏཁੑͷߴ·Γ΍2014೥ࠒ͔ Βͷ૬͙࣍OpenSSLͷ੬ऑੑใࠂ౳͔Β಺༰͕ ංେԽ • e.g.

    HeartBleed, FREAK Attack… • ݁Ռɺؙʑ1ষׂ͍ͯղઆ͢Δ͜ͱʹ

  23. OpenResty

  24. OpenResty • CʹΑΔ֦ுϞδϡʔϧ࡞੒ͷষΛ࡟ͬͨͷͰ ͔ΘΓʹೖΕͨ • ngx_luaؚΊଟ෼ࠃ಺Ͱॳͷຊ֨తͳղઆ • ngx_luaΛར༻͢Δ৔߹ɺ௚ʹར༻͢ΔΑΓ͸ OpenRestyʹ͓ͯ͘͠ํָ͕ͳ͜ͱ͕ଟ͍ͷ ͰΦεεϝͰ͢

  25. ʰnginx࣮ફೖ໳ʱষߏ੒ • 1ষ nginxͷ֓ཁͱΞʔΩςΫνϟ • 2ষ Πϯετʔϧͱىಈ • 3ষ جຊઃఆ

    • 4ষ ੩తͳWebαΠτͷߏங • 5ষ ҆શ͔ͭߴ଎ͳHTTPSαʔόͷߏங

  26. ʰnginx࣮ફೖ໳ʱষߏ੒ • 6ষ WebΞϓϦέʔγϣϯαʔόͷߏங • 7ষ େن໛ίϯςϯπ഑৴αʔόͷߏங • 8ষ Webαʔόͷӡ༻ͱϝτϦΫεϞχλϦϯά

    • 9ষ LuaʹΑΔnginxͷ֦ு • 10ষ OpenResty

  27. ೦ߍ࣌ظͷ೰Έ(2015೥ळʙౙ)

  28. nginxͷHTTP/2࣮૷͕ ͍ͭग़Δ͔Θ͔Βͳ͍

  29. nginxͷdynamic module͕ ͍ͭग़Δ͔Θ͔Βͳ͍

  30. nginx࣮ફೖ໳Ͱղઆͯ͠ͳ͍ओͳ಺༰ • ngx_mail_xxx_module • nginxͰϝʔϧϓϩΩγ • ngx_stream_xxx_module • nginxͰL4ϩʔυόϥϯε •

    ngx_luaͷ࠷৽ͷσΟϨΫςΟϒ • e.g. (ssl_certificate|balancer)_by_lua_block

  31. nginxͰL4ϩʔυόϥϯε stream { upstream app { server x.x.x.x:12345; server x.x.x.y:12345;

    } server { listen 50000; proxy_pass app; } }

  32. xxx_by_lua_block (e.g. content_by_lua_block) • LuaεΫϦϓτΛΠϯϥΠϯͰॻ͘ࡍʹώΞυ ΩϡϝϯτͰॻ͚ΔΑ͏ʹͳͬͨ

  33. content_by_lua location / { content_by_lua ‘ngx.say(‘hello’)’; } Syntax error…

  34. content_by_lua_block location / { content_by_lua_block { ngx.say(‘hello’) } }

  35. ssl_certificate_by_lua_(block|file) • TLSϋϯυγΣΠΫ࣌ʹLuaεΫϦϓτΛϑο ΫͰ͖Δ • ূ໌ॻͷಈతͳ੾Γସ͑౳ʹԠ༻Մೳ

  36. balancer_by_lua_(block|file) • upstreamίϯςΩετͰར༻ग़དྷΔσΟϨΫ ςΟϒ • ಈతͳϩʔυόϥϯαʔͷߏஙʹར༻Մೳ

  37. ngx_stream_lua_module • https://github.com/openresty/stream-lua- nginx-module • ngx_luaͰL4ϩʔυόϥϯε • Status • Quite

    usable but still experimental.

  38. Coming soon… • dynamic module support of nginx • طʹnginxͷmainlineϦϙδτϦʹίϛοτ͞

    ΕͯΔͷͰଟ෼࣍ͷ1.9.11ͰདྷΔ ./configure —with-stream=dynamic ▪ streamϞδϡʔϧͷಈతϩʔσΟϯά ▪ nginx.confͷઃఆ load_module /path/to/ngx_stream_module.so