6. MORE INFORMATION AT NGINX.COM
• First OSS release in 2004
• Company founded in 2011
• VC-backed by industry leaders
• 500+ Customers
• 100+ Employees
Igor Sysoev, NGINX creator and founder
7. MORE INFORMATION AT NGINX.COM
OPEN SOURCE
PLUS
FEATURES
REQUEST ROUTING COMPRESSION LOAD BALANCING APP HEALTH MONITORING GUI VISUALIZATION
SSL EMBEDDED SCRIPT LANGUAGE EDGE CACHE MEDIA STREAMING MONITORING ANALYTICS CONFIGURATION RESTFUL API
What’s inside NGINX Plus?
7
9. Application delivery for microservices
NGINX is in each microservice,
ensuring they are:
• Connected
• Served
• Authenticated
• Secured
• Cached
• Load Balanced
• Scaled
9
10. nginScript
• First preview announced at nginx.conf 2015
• Custom JS engine
• One VM for each request
• JS snippets embedded in NGINX configuration
• Evaluated at runtime
11. Dynamic modules
• Easy distribution of 3rd party modules to end users
• Migration of existing modules (rebuild)
• Only certified modules loadable in NGINX Plus
12. • Dynatrace is certified NGINX partner
• Dynatrace 6.2 offers NGINX web server agent
• Full coverage of transactions
• Part of browser-to-database visibility of business
logic in operation
“Once you’ve decided to welcome NGINX as a new member in your enterprise
environment, you have to care for proper monitoring. The more complex your
environment becomes, the more important it is to get full end-to-end visibility of
your transactions.”
Harald Zeitlhofer
Performance Advocate, Dynatrace
Dynatrace for NGINX
20. MORE INFORMATION AT
NGINX.COM
4. Use compression
gzip on;
gzip_min_length 1000;
gzip_comp_level 1;
gzip_proxied any;
gzip_types text/plain text/xml text/css application/x-javascript;
gzip_vary on;
gzip_disable "MSIE [1-6].(?!.*SV1)";
Content-Encoding: gzip
21. MORE INFORMATION AT
NGINX.COM
5. Optimize your SSL and TLS settings
HTTPS to upstreamHTTPS to client
Remote client’s
certificate
NGINX’s client
certificate
Upstream server’s
certificate
NGINX’s server
certificate
ssl_protocols TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers
"ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:EC
DH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS";
24. Harald Zeitlhofer‘s favorite performance
tools
• Load Generator
(Apache Benchmark, Selenium, JMeter)
• Firebug, Google Developer Tools
Dynatrace Ajax Edition
• Dynatrace Application Monitoring Free Trial
– Free trial license for 30 days
– Free personal license for developers
• Dynatrace Ruxit
– 2016 free hours for monitoring
http://bit.ly/monitoring-2016
http://bit.ly/dttrial
25. Our joint further information resources
1. about:performance site
2. NGINX performance blog post – Harald Z
3. PHP on NGINX performance post – Harald Z
4. NGINX performance presentations
5. Application Performance Management with NGINX
6. NGINX Plus description
7. NGINX vs. F5 price/performance comparison
8. NGINX Microservices Reference Architecture – Proxy Model
9. NGINX Plus R9 features
10. NGINX documentation
11. Introduction to Microservices blog post
12. Microservices ebook – free download
NGINX gives you all the tools you need to deliver your application reliably.
Web Server
NGINX is a fully featured web server that can directly serve static content. NGINX Plus can scale to handle hundreds of thousands of clients simultaneously, and serve hundreds of thousands of content resources per second.
Application Gateway
NGINX handles all HTTP traffic, and forwards requests in a smooth, controlled manner to PHP, Ruby, Java, and other application types, using FastCGI, uWSGI, and linux sockets.
Reverse Proxy
NGINX is a reverse proxy that you can put in front of your applications. NGINX can cache both static and dynamic content to improve overall performance, as well as load balance traffic enabling you to scale-out.
Load Balancer
NGINX can load balancer layer 4 (TCP/UDP) and layer 7 traffic.
21 million of these were between April and May
49% of top 1000
44% of top 100K
35% of top 1M
30% of entire Internet
NGINX has quite literally become the heart of the modern web
Like Dynatrace, NGINX was born to solve performance problems. Using concepts to solve what is known as the C10K problem and beyond.
Left side is what is in Open Source and the right side is the additional features that can be found in Plus.
NGINX Plus extends NGINX with advanced features such as health monitoring, session persistence, and an advanced monitoring interface. NGINX Plus is a complete application delivery platform.
You current stack can have an ADC, web servers and application servers. *CLICK*
NGINX can be put in front of these servers as a reverse proxy or even replace them in the case of web servers *CLICK*
It can also be a replacement for your Application Delivery Controller.
Microservices have been made famous by companies like Netflix and Amazon. They’re applications grew too big to be deployed as a single monolith and the decision was made to decompose the application into smaller services, each of which exposes an API that other services can consume.
We have some exciting developments in the pipeline which I can’t talk about today around Microservices, so watch this space.
You could use this instead of or to compliment existing Lua scripted configurations.
NGINX support Dynamically loadable modules to add additional functionality. This is relatively new and we don’t have a wide selection yet but we already have modules providing features such as Web Application Firewalls in the pipeline.
Here we have a Dynatrace transaction flow showing the transaction details of an NGINX reverse proxy in front of an Apache web server and Java backend
This is actually a very typical deployment architecture for NGINX.
And here is the detailed PurePath Tree including information from the NGINX monitoring agent
Why performance matters…
You can see an exponential growth in network traffic over the years. I suspect most of that is my kids using Netflix and YouTube.
Online users has also steadly grown since the mid-nineties AOL boom (for better or worse)
The average size of a page has also grown significantly as higher definition content and more Javascript and CSS is used. In fact the average page size today is almost the same size as the typically NGINX binary.
Expectations of page load times have reduced. Gone are the days where we would wait for a Geocities page on a 56K modem. Users are impatient and don’t like waiting more than a second or two for their content to load.
But there are ways that you can help your application stack solve these issues.
Applications suck at performance
The reverse proxy server improves performance directly by offloading HTTP processing from the application server, which then runs more efficiently. And it hosts additional functions that improve performance further, as described in the following slides.
NGINX and NGINX Plus are widely used for load balancing. In fact, NGINX often replaces hardware load balancers – ADCs – that cost four or five times as much.
NGINX does several forms of load balancing, starting with “round robin” load balancing, where each new request goes to the next server in line.
NGINX Plus adds advanced features:
Load balancing by how busy a server is.
Session persistence, allowing the same server to serve the same user session throughout. (Think of an e-commerce transaction.)
Advanced monitoring and management features that make managing multiple servers much easier. (See later slide.)
NGINX can be configured to cache content for the web servers it is proxying or load balancing for. Reducing the amount of load on the web servers.
NGINX can handle data compression at the webserver, or serve as a control point for compressed content:
Throughput greatly reduced.
Performance greatly enhanced.
Data can be compressed at any point, including at the client. (For instance, JPEG data.)
Many sites and applications have expensive or limited bandwidth, either to the servers or to specific clients. Compression greatly improves effective transmission speeds, and therefore performance.
SSL/TLS handshakes and data encoding/decoding are expensive and can greatly slow performance. NGINX can handle these at the reverse proxy server, then exchange unencrypted traffic among servers across a LAN. This capability complements HTTP/2 support.
With things like Let’s Encrypt, Google’s preferential ranking of SSL sites and HTTP/2 this is becoming more important.
NGINX supports HTTP/2 clients – that is, most recent Web browsers – and “downshifts” to HTTP 1.x for older clients. Most websites that support HTTP/2 today use NGINX, including service providers who support hundreds or thousands of sites, such as CloudFlare.
HTTP/2 requires SSL which is also why the SSL offloading is important.
NGINX is well-integrated with application performance management tools, in particular Dynatrace. You can use the full array of Dynatrace features to monitor, and then adjust, processing responsibilities and data flows.
NGINX Plus adds monitoring and management features that allow you direct insight into the functioning of NGINX servers.
In combination, you can prevent problems before they impact userand steadily improve perfromance.