Book Image

Mastering NGINX - Second Edition

By : Dimitri Aivaliotis
Book Image

Mastering NGINX - Second Edition

By: Dimitri Aivaliotis

Overview of this book

NGINX is a high-performance HTTP server and mail proxy designed to use very few system resources. But despite its power it is often a challenge to properly configure NGINX to meet your expectations. Mastering Nginx is the solution – an insider’s guide that will clarify the murky waters of NGINX’s configuration. Tune NGINX for various situations, improve your NGINX experience with some of the more obscure configuration directives, and discover how to design and personalize a configuration to match your needs. To begin with, quickly brush up on installing and setting up the NGINX server on the OS and its integration with third-party modules. From here, move on to explain NGINX's mail proxy module and its authentication, and reverse proxy to solve scaling issues. Then see how to integrate NGINX with your applications to perform tasks. The latter part of the book focuses on working through techniques to solve common web issues and the know-hows using NGINX modules. Finally, we will also explore different configurations that will help you troubleshoot NGINX server and assist with performance tuning.

Related Content you might be interested in

Current Title:

Small book image
Mastering NGINX - Second Edition
Dimitri Aivaliotis
Jul, 2016 | 320 pages
No titles found
Table of Contents (20 chapters)
Mastering NGINX - Second Edition
Mastering NGINX - Second Edition
Credits
Credits
About the Author
About the Author
About the Reviewer
About the Reviewer
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Installing NGINX and Third-Party Modules
Installing NGINX and Third-Party Modules
Installing NGINX using a package manager
Installing NGINX from source
Configuring SSL support
Enabling various modules
Finding and installing third-party modules
Adding support for Lua
Putting it all together
Summary
2
A Configuration Guide
A Configuration Guide
The basic configuration format
NGINX global configuration parameters
Using the include files
The HTTP server section
The virtual server section
Locations – where, when, and how
Full sample configuration
Summary
3
Using the mail Module
Using the mail Module
Basic proxy service
Authentication service
Combining with memcached
Interpreting log files
Operating system limits
Summary
4
NGINX as a Reverse Proxy
NGINX as a Reverse Proxy
Introducing reverse proxying
The proxy module
Legacy servers with cookies
The upstream module
Keepalive connections
Types of upstream servers
Single upstream server
Multiple upstream servers
Non-HTTP upstream servers
Load-balancing
Converting an if-fy configuration to a more modern interpretation
Using error documents to handle upstream problems
Determining the client's real IP address
Summary
5
Reverse Proxy Advanced Topics
Reverse Proxy Advanced Topics
Security through separation
Isolating application components for scalability
Reverse proxy performance tuning
Summary
6
The NGINX HTTP Server
The NGINX HTTP Server
NGINX's architecture
The HTTP core module
Using limits to prevent abuse
Restricting access
Streaming media files
Predefined variables
SPDY and HTTP/2
Using NGINX with PHP-FPM
Wiring NGINX and uWSGI together
Summary
7
NGINX for the Application Developer
NGINX for the Application Developer
Caching integration
Changing content on-the-fly
Using Server Side Includes
Decision-making in NGINX
Creating a secure link
Generating images
Tracking website visitors
Preventing inadvertent code execution
Summary
8
Integrating Lua with NGINX
Integrating Lua with NGINX
The ngx_lua module
Integrating with Lua
Logging with Lua
Summary
9
Troubleshooting Techniques
Troubleshooting Techniques
Analyzing log files
Configuring advanced logging
Common configuration errors
Operating system limits
Performance problems
Using the Stub Status module
Summary
Directive Reference
Directive Reference
The Rewrite Rule Guide
The Rewrite Rule Guide
Introducing the rewrite module
Creating new rewrite rules
Translating from Apache
Summary
The NGINX Community
The NGINX Community
NGINX Plus
Mailing list
IRC channel
Web resources
Writing a good bug report
Summary
Persisting Solaris Network Tunings
Persisting Solaris Network Tunings
Index
Index

Appendix D. Persisting Solaris Network Tunings

In Chapter 9, Troubleshooting Techniques, we saw how to change different network tuning parameters for different operating systems. This appendix details what is necessary to persist these changes on Solaris 10 and above.

The following script is what is actually run by the Service Management Framework (SMF) to set the network parameters with ndd. Save it as /lib/svc/method/network-tuning.sh and make it executable so that it can be run at any time on the command line to test:

# vi /lib/svc/method/network-tuning.sh

The following snippet is the content of the /lib/svc/method/network-tuning.sh file:

#!/sbin/sh
# Set the following values as desired
ndd -set /dev/tcp tcp_max_buf 16777216
ndd -set /dev/tcp tcp_smallest_anon_port 1024
ndd -set /dev/tcp tcp_largest_anon_port 65535
ndd -set /dev/tcp tcp_conn_req_max_q 1024
ndd -set /dev/tcp tcp_conn_req_max_q0 4096
ndd -set /dev/tcp tcp_xmit_hiwat 1048576
ndd -set /dev/tcp tcp_recv_hiwat 1048576
# chmod 755 /lib/svc
/method/network-tuning.sh

The following manifest serves to define the network tuning service and will run the script at boot time. Note that we specify the duration of transient to let SMF know that this is a run-once script and not a persistent daemon.

Place it in /var/svc/manifest/site/network-tuning.xml and import with the following command:

# svccfg import /var/svc/manifest/site/network-tuning.xml

You will see the following output:

<?xml version="1.0"?>
<!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1">
<service_bundle type='manifest' name='SUNW:network_tuning'>

  <service
    name='site/network_tuning'
    type='service'
    version='1'>

      <create_default_instance enabled='true' />

    <single_instance />

    <dependency
      name='usr'
      type='service'
      grouping='require_all'
      restart_on='none'>
      <service_fmri value='svc:/system/filesystem/minimal' />
    </dependency>

    <!-- Run ndd commands after network/physical is plumbed. -->
    <dependency
      name='network-physical'
      grouping='require_all'
      restart_on='none'
      type='service'>
      <service_fmri value='svc:/network/physical' />
    </dependency>

    <!-- but run the commands before network/initial -->
    <dependent
      name='ndd_network-initial'
      grouping='optional_all'
      restart_on='none'>
      <service_fmri value='svc:/network/initial' />
    </dependent>

    <exec_method
      type='method'
      name='start'
      exec='/lib/svc/method/network-tuning.sh'
    timeout_seconds='60' />

    <exec_method
      type='method'
      name='stop'
      exec=':true'
    timeout_seconds='60' />

    <property_group name='startd' type='framework'>
      <propval name='duration' type='astring' value='transient' />
    </property_group>

    <stability value='Unstable' />

    <template>
      <common_name>
        <loctext xml:lang='C'>
          Network Tunings
        </loctext>
      </common_name>

    </template>
  </service>

</service_bundle>

This service is intentionally kept simple for demonstration purposes.

Note

The interested reader can explore SMF in the Solaris man pages (https://docs.oracle.com/cd/E26502_01/html/E29043/smf-5.html) and online resources (https://github.com/natefoo/smf-nettune/blob/master/README.md).

Previous Section
End of Chapter
Next Chapter