Professional Documents
Culture Documents
05/06/20201
Content a. Rewrite (Redirects)
b. Try_files
1. About NGINX c. Logging
a. What is NGINX? d. Inheritance and Directive types
2. NGINX Design Architecture e. Buffers and timeouts
a. Code Structure 1. Performance
b. Worker Model a. Caching
c. Nginx Process Model b. Headers and expires
3. Apache vs NGINX c. Compressed response with gzip
a. Basic Architecture d. http2
b. Performance 2. Reverse proxy and Load balancing
c. Configuration a. Reverse Proxying
4. Installing NGINX b. Load balancing
a. Installing with a package manager 3. Nginx pitfalls
b. Building nginx from source a. Chmod 777
adding modules b. Root inside Location Block
5. Configuration c. Multiple Index Directives
d. Passing Uncontrolled Requests to PHP
a. Configuration terminology
05/06/2020 2
e. Rewrite missing http://
1. About NGINX
• NGINX pronounced like “engine-X”
• First developed to solve the C10K problem
• The main focus was
• High performance
• High concurrency and
• Low memory usage
• The event-driven, asynchronous
architecture, made NGINX to handle high
number of concurrent connections gracefully.
requires efficient scheduling of connections.
05/06/2020 3
a. What is NGINX?
05/06/2020 4
2. NGINX Architecture Design
05/06/2020 5
2. NGINX Architecture ….
• Code Structure
• Nginx worker code includes the core and the functional modules.
• Core of nginx is responsible for
• maintaining a tight run-loop
• executing appropriate sections of modules' code on each stage of request
processing.
• Core modules include event, http, mail, stream
• Functional Modules constitute most of the presentation and application layer
functionality.
• NGINX modules includes
05/06/2020 6
2. NGINX DESIGN…
• What Modules do?
05/06/2020 7
2. NGINX Architecture …
b. Workers Model
• NGINX doesn't generate a process or thread for every connection.
• Each worker process in Nginx is single threaded and runs independently.
• When the worker processes are launched,
• they are initialized with the configuration and
• The master process tells them to listen to the configured sockets.
• The worker threads do not get blocked on slow I/O. They are neither waiting on the slow I/O
from a back-end application server, nor they are waiting on a slow client!
05/06/2020 8
2. NGINX DESIGN …
05/06/2020 9
2. NGINX DESIGN …
05/06/2020 11
3. Apache vs NGINX
05/06/2020 12
3. Apache vs NGINX
2. Performance
1. Deliver faster static resources
Nginx will serve static resources without the need to involve any server side languages. This
makes Nginx faster than Apache.
05/06/2020 13
3. Apache vs NGINX
C. Configuration
• In Nginx that request requests are interpreted as uri locations.
05/06/2020 14
4. Installing NGINX
05/06/2020 15
4. Installing NGINX
• Download the mainline Nginx version & mandatory NGINX dependencies' source code And extract
05/06/2020 16
4. Installing NGINX
05/06/2020 17
4. Installing NGINX
• Print the NGINX version, compiler version, and configure script parameters. To see the
installation summary.
05/06/2020
• Make sure nginx is running. 18
5. Configuration
b. Directive
05/06/2020 Directives are specific configuration options and consists of a name and a value 19
5. Configuration
05/06/2020 20
5. Configuration
05/06/2020 21
5. Configuration
05/06/2020 22
5. Configuration
05/06/2020 23
5. Configuration
• Location Context
• Points to the actual content on the web server.
• This is where the uri is defined and configured to handle a specific request.
• There are sever location modifiers for matching request uri.
1. The prefix match: 2. Exact match:
5. Preferential:
05/06/2020 24
5. Configuration
C. Variables:
• Nginx variables exist in two forms.
1. Configuration variables
2. Nginx module variables.
1. Configuration variables:
$var ‘something’;
variables can be set in to simple string, integers or Boolean.
05/06/2020 25
5. Configuration
d. Rewrite (Redirects):
• Nginx uses rewrite and return directives for redirecting requests.
1. Return:
• The return statement takes a status code and a response data or a string.
• A redirect simply tells the client performing the request where to go.
05/06/2020 26
5. Configuration
2. Rewrite:
• mutates the uri internally.
• When nginx process a rewrite, it starts re-evaluating the rewrite request starting from the
server block.
e. Try_files:
• Used in the server context to all incoming requests or inside location for a specific uri.
05/06/2020 27
5. Configuration
f. Logging
• Nginx provides two log types. Namely access_log and error_log.
• For better organization of the log file it is a good practice to create custom log or
• disable logging all together for a given context by means of access_log and error_log.
1. Array directives:
• Can be specified multiple times without overriding previous one and
• Gets inherited by a child context. But child contexts can override inheritance by re-
declaring directives.
2. Standard directives:
• Most common directives type and can only be declared once.
• A second declaration overrides the first one.
• Child context can override inheritance by re-declaring directive.
• E.g root and try_files directives
3. Action directives
• invoke some action in the configuration such as the redirect by the return directive.
• Inheritance simply does not apply to action directives. As they stop the normal flow of the
configuration.
• E.g return and rewrite directives
05/06/2020 29
5. Configuration
05/06/2020 30
6. Performance
a. Caching:
• A content cache sits between a client and an “origin server” and saves copies
of all the content it sees.
05/06/2020 31
6. Performance
05/06/2020 32
6. Performance
• Caching parameters:
• proxy_cache_path: local disk directory for the cache.
• Levels: sets up a two-level directory hierarchy.
• keys_zone: sets up a shared memory zone for storing the cache keys and metadata.
• max_size: sets the upper limit of the size of the cache .
• Inactive: specifies how long an item can remain in the cache without being accessed.
• proxy_cache_revalidate: instructs NGINX to use conditional GET requests when
refreshing content from the origin servers.
• proxy_cache_min_uses: sets the number of times an item must be requested by
clients before NGINX caches it.
• proxy_cache_use_stale: directive instructs NGINX to deliver stale content.
• proxy_cache_lock: enabled, if multiple clients request a file that is not current in the
cache (a MISS), only the first of those requests is allowed through to the origin
server.
05/06/2020 33
6. Performance
05/06/2020 34
6. Performance
• Cache-Headers
• These headers tell client the content is cacheable and the requesting client has
to honor the cacheability options.
Headers How it influences caching
Cache-Control Caching mechanisms in both, requests and responses.
Vary Accept-Encoding Header Vary means the content of this response can vary with the value
of Accept-Encoding.
Expires A standard nginx duration when a cached content will expire.
Last-Modified The date and time at which the origin server believes the resource was
last modified.
ETag An identifier (or fingerprint) for a specific version of a resource
05/06/2020 35
6. Performance
• Compression level:
05/06/2020 36
6. Performance
• Http2
• This module improves the performance of nginx webservers.
1. Binary protocol: http2 is a binary protocol where as http1 is a textual protocol.
2. Compressed response headers: http2 compressed response headers which reduces the
transfer time.
3. Persistent connection: of using a single TCP connection to send and receive multiple
HTTP requests/responses.
4. Multiplex streaming:
5. Server push: This means the client can be informed of assets such as scripts, images or
style sheets in advance along with the initial request.
05/06/2020 37
7. Reverse proxy and Load balancing
05/06/2020 38
7. Reverse proxy …
3. Setting the backend the right way
4. Adding transparency
05/06/2020 39
7. Reverse proxy …
05/06/2020 40
7. Reverse proxy …
Load-Balancing Methods:
Method Directive Application
Round robin: ---- distributes requests in the order of the list of servers in the
upstream pool.
Least connections: Least_conn The upstream server with the least connection is favored.
IP hash Ip_hash which is extremely helpful when the session state is of concern.
Generic hash hash $request_uri very useful when more control is need over where requests are sent
05/06/2020 41
8. Nginx pitfalls
a. Chmod 777
Never use Chmod 777 in nginx directories.
05/06/2020 42
8. Nginx pitfalls
05/06/2020 43
8. Nginx pitfalls
05/06/2020 44
Reference
1. http://nginx.org/en/docs/
2. https://docs.nginx.com/
3. Udemy - Nginx - Beginner to Advanced by Zeal Vora
4. stackacademy.tv - Nginx-fundamentals (video)
5. Apress Nginx From Beginner to Pro
6. Nginx Essentials (2015)
05/06/2020 45
The end
05/06/2020 46