Skip to content

Latest commit

 

History

History
90 lines (76 loc) · 6.17 KB

NGINX.md

File metadata and controls

90 lines (76 loc) · 6.17 KB
Raw

NGINX

Quick Links

Introduction

  • NGINX is a popular open source HTTP and reverse proxy server, which was originally written by, a Russian engineer, Igor Sysoev. It can also be set up to function as a mail proxy server, and a TCP/UDP proxy server.
  • In addition to the basic feature of serving static and index files, NGINX provides caching feature and load balancing feature, with help from a paid product, NGINX Plus, as a reverse proxy server.

NGINX as a Web Server/Proxy

Setting up a TLS layer

NGINX as a Load Balancer

  • NGINX & NGINX Plus can be configured to act as a proxy that distributes requests to pools of multiple web/application servers, under a certain policy, to prevent overloading some servers while there are some idle servers.

    nginx load balancing

  • NGINX can replace hardware load balancers or be used in parallel or in series with them. Moving the role of load balancing from physical to logical realm makes load balancing more easy-to-control and cost effective.
  • Read how NGINX promotes their load balancing feature from this blog article.
  • The way to configure NGINX as a load balancing proxy server and possible options are explained in this link.

Installing NGINX

  • In Linux distributions, NGINX can be installed via their package managers. 
     apk update && apk add nginx (Alpine Linux)
  • But, often the version the package mangers provide are not the latest stable version. In order to install the latest stable version from the repository, provided by NGINX, follow instructions on this link.

Run, Control & Test NGINX

Run

  • Once the software is installed and configuration is ready, NGINX can be started by simply running the executable file.

  • When NGINX is run, a master process spawns a number of worker processes. Note that the master process is run as the system's root user and the workers are run as nginx.

    nginx load balancing

    • Exposing services that have root access is not recommended for security reasons. However, the root access is necessary to bind to ports that range from 1-1024. Therefore, the master process needs to be run as the root, but by running the workers as non-root user, entrypoints to the root access are hidden. (Check out this discussion.)
    • The master process's role is to read and evaluate configration files, and to maintain the worker processes.
    • The worker processes distribute connections a server/servers need to handle among themselves such that workload can be distributed to multiple processes. Running multiple processes also increase the amount of system resources a service can utilize (such as file descriptors).

  • When running

Control

  • By passing -s option with a specific <SIGNAL>, ab administrator can control a running NGINX service. 
      nginx -s <SIGNAL>
  • <SIGNAL> can be one of the following:
    • quit – Shut down gracefully (the SIGQUIT signal)
    • reload – Reload the configuration file (the SIGHUP signal)
    • reopen – Reopen log files (the SIGUSR1 signal)
    • stop – Shut down immediately (or fast shutdown, the SIGTERM singal)

Graceful Shutdown

  • Note thatSIGQUIT is the signal that shuts down the service gracefully. When running NGINX inside docker containers, STOPSIGNAL must be changed to SIGQUIT such that the container will stop gracefully when docker stop is run.
    • In this project STOPSIGNAL was set by using stop_signal directive in docker-compose.yml. 
      ...

volumes:
  - wp_resources:/var/www/ghan.42.fr
stop_signal: SIGQUIT
restart: on-failure

...

Test

  • After making changes to configuration files, NGINX can be tested by running nginx -t. Configuration syntax and availability of files referred in configuration are tested.

References