nginx A Practical Guide to High Performance

Author: Stephen Corona
Publisher: O'Reilly Media
Pages: 250
ISBN: 978-1491924778
Print: 1491924772 
Audience: Admins and full stack developers
Rating: 4.5
Reviewer:Nikos Vaggalis

Power up your web sites with nginx

nginx has taken the Internet by storm, gaining fast in popularity, powering up some of the most high traffic websites in the world and directly challenging Apache for its title of the most popular Web Server out there

Despite the truthfulness of that statement, nginx's main purpose is not to act as a Web server replacement, since in many cases it co-exists and cooperates with Apache under the very same installation

Subtitled "A Practical Guide to High Performance" this book slices through that hype and instead looks into nginx's substance, helping to understand its application, functionality and ease of scaling up.

Its author, Twitpic cofounder Steve Corona, swears by its versatility, having managed handling up-to 10,000 Twitpic requests per second with nginx.

We got hold of the Early Release copy of the author's raw and unedited content updated as the writer goes, to  explore the technologies talked about as soon as possible, with the downside of a lot of content still on the to-do list, with place-holders flagging missing material.

 

Banner

 

Chapter 1 Getting started
Of course it all begins by installing nginx.There are two installation options, directly from source or through a pre-built package. While installing the package is much more convenient, it’s typically an outdated version, so its preferable to install from source.

The dependencies in libraries necessary for its installation are:

• PCRE(for the HTTP Rewrite module)
• Zlib(for the HTTP Gzip module)
• OpenSSL(for HTTPS protocol support)

These can be safely installed or updated from the package manager of your OS. nginx of course supports everything Linux and while it’s possible to run it on Windows, it’s not recommended.

Modularity
This section of the first chapter looks at the first aspect of nginx's versatility; its extensibility with Modules. As a matter of fact,nginx is so modular that most of its functionality is not embedded within its  main source but instead offered as separate components. Son for example, even the basics such as the URL rewriting capability that changes the request URI through the use of regular expressions, or the proxying that allows passing requests to another HTTP server, come in the shape of the http_rewrite and http_proxy modules.

That aside, nginx comes with sensible defaults on, like the aforementioned modules, with others, such as the one for SSL support, deactivated by default.

Whatever the case, everything can be enabled and disabled during build time.That is the benefit you get when building nginx from source; that you’re able to specify exactly the modules you want, and which ones you don’t. The downside is that if you don’t include something that you later need, you’ll have to rebuild nginx from source.

 

Chapter 2 Basic Configuration
After installation comes configuration. In nginx this is done by fiddling with the nginx.conf file, so this chapter goes through the relevant instructions and their syntax. These instructions come in the form of the directives,both simple and complex, the difference being that the complex directives,otherwise known as blocks, can further enclose other directives. For example, the complex Server block wraps the listen, server_name, and root directives and denotes a piece of independent functionality,that of the server setup:

server {
  root /usr/share/nginx/html;
 
  location /foo {
      root /usr/share;
  }
}
 

Other blocks include Events,  the connection processing part of nginx; and http, which defines the available HTTP servers
 
nginx once more showcases its flexibility by not having to take down the whole installation when making changes to its configuration. Instead you can just reload it on the fly! Even more amazing is the ability of upgrading itself on the fly when installing a new nginx version, thus avoiding any downtime at all !

After getting the admin stuff out of the way we get to the point where things get interesting application wise, as nginx's most basic use case is the serving of static files,such as images,html,javascripts etc.Thus the focus on the location block, responsible for handling the incoming http requests and mapping their URIs, through the use of regular expressions, against custom configurations. This allows writing things like:

location /foobar/ {
   root /data;
}

meaning that when a request URI begins with the prefix /foobar/, it will be served from the /data directory,so that /foobar/menu.html for example would correlate to /data/menu.html.


This URI to configuration mapping is further explored by mixing regular expressions in, for matching parts of a URI :

location ~* \.(gif|jpg)$ {
  root /var/www/images;
}

The topic is wrapped up with a reference to the named location blocks, used when needing to redirect the flow of execution, jumping from one location block to another.

After enumerating the steps required to set up more than one web sites under one nginx installation, aka Virtual Hosting, the chapter closes with the necessaries for enabling SSL. It goes through the Server's block  configuration, but unfortunately stops there and does not explore generating a self-signed certificate and key. If you need HTTPS support, I would suggest obtaining a free Let's Encrypt certificate, signed by the same root authority, that comes with client tools that automate the setting up of the certificate, thus rendering SSL integration a breeze.

 

nginx

 

Chapter 3 CGI, FastCGI, and uWSGI
The author sets the scene with:

"serving static html pages is all right but the web would not be the same not having a way to execute programs. The solution first appeared back in the 90's was cgi,CGI works by executing the script or program, on demand, whenever it is requested by the HTTP client."

After a few PHP CGI examples, which hint at CGI's insecure nature, he presents the full table of the environmental variables that are made available to your backend PHP or Perl program by the CGI gateway. Entries include REMOTE_ADDR, the IP Address of the client, QUERY_STRING, the HTTP query string of the web request and REQUEST_METHOD, the HTTP request method, i.e POST.

Then the discussion moves to the replacement of CGI with FastCGI and the way this changed the web's architecture, shifting from the web server directly talking to the backend Perl or PHP program to the web server delegating the request to the FastCGI backend, which is now burdened with having to talk to the backend application.

The configuration steps needed for setting up FCGI are examined, and the chapter closes by enumerating Future Sections in the making :

1. Advanced FastCGI Configuration
2. FastCGI Params
3. PHP and FastCGI Security
4. Python and uWSGI
5. uWSGI vs FastCGI
 
As a side note, this chapter also serves as a quick reminder that relying on questionable blog entries is not safe when it comes to security, as a simple misconfiguration error can expose your system to backdoors and vulnerabilities. So an authoritative guide in the form of a good book written by an expert should serve as an extra guarantee against that case.

Chapter 4 Reverse Proxy
This chapter highlights yet another reason for nginx's gain in popularity; its use as a reverse proxy.

The chapter starts with a confident comparison between  forward and reverse proxying, highlighting their differences, the main one being that reverse proxying is the springboard for the serving of dynamic websites.

In this architecture, nginx acts as the first point of entry, intercepting and forwarding the incoming http requests to the other backend servers for further processing.

One example of a popular setup is that used by smadeseek.com where nginx act as the reverse proxy which forwards the requests to Starman, a PSGI enabled server capable of running Perl powered applications. Starman then loads and serves a Perl Dancer application, the epicentre of the whole web site

How is this delegation done? By leveraging the location blocks to tell nginx to redirect the requests hitting the main domain to the port where Starman listens. This is the set up concerning the dynamic part of the site. The static files are not served by Starman but by nginx itself. This frees up the backend, letting it take care of the dynamic processing.

Putting theory into practice, the author sets up a Ruby on Rails application, with WEBrick in place of Starman, managing to piece together everything learned thus far, with a pinch of security awareness suggesting  hiding nginx's version by setting the server_tokens directive to off. He goes even further, replacing the ROR application and WEBrick with Node.js and Websockets, once more demonstrating nginx's ease of plugin ability.

Chapter 5 Load Balancing
Reverse proxying and load balancing are similar concepts, the only difference being that typically a load balancer is communicating upstream to another nginx or web server, located on a different physical machine, while the reverse proxy is often talking to a service on the same machine.

There are both software and hardware load balancers and
nginx has the ability to run as a software load balancer using the http_proxy module,another useful way to use nginx in a web stack.

The chapter opens up with the most fearsome scenario a web site admin can face: not being able to operate under heavy load due to thousands of simultaneous requests, resulting in disruption of service. That’s when the load balancer comes in to play; it receives all of the incoming traffic and distributes it across a pool of application servers. Setting up a load balancer in nginx is typically done with the upstream directive, cleanly presented in this chapter.

It then wraps up with tips on tweaking nginx side by side with the Linux Kernel to enable the handling of up to 10,000 simultaneous, concurrent connections

Conclusion

Summing up, an admin book that it is so logically coherent is a rare find.

I've read books that just go through nginx's various options and switches, presenting a short accompanying description and example usage, but they all fail in projecting the complete picture because of the highly segmented and unconnected information, hence abandoning the reader into connecting the pieces and completing the puzzle on their own.

Living up to its subtitle of "A Practical Guide to High Performance" this book uses easy to follow and jargon free language, manages to project the whole picture. It goes going step by step from building nginx, to serving dynamic web applications, and finally setting up a state of the art load balancer, exposing the multiple and flexible identities of nginx. Along the way, it also safeguards administrators from bad advice on setting up the infrastructure's most mission critical component.

True, there's stuff missing, like not covering advanced URI rewriting scenarios, access control, authentication and logging, but Chapters 1 thru 4 serve their purpose as (excellent) introductory material, leaving the last and more advanced material on Load Balancing to the minority of people who will entangle with it. Let's also take into consideration that this is the early version, and judging from the Future Content place-holders, there is a lot more to follow

So while not a complete release, it is nonetheless a great appetizer for what's to follow...

 

To keep up with our coverage of books for programmers, follow @bookwatchiprog on Twitter or subscribe to I Programmer's Books RSS feed for each day's new addition to Book Watch and for new reviews.

 

Banner


The AWK Programming Language, 2nd Ed

Author: Alfred V. Aho, Brian W. Kernighan and Peter J. Weinberger
Publisher: Addison-Wesley
Pages: 240
ISBN: 978-0138269722
Print: 0138269726
Kindle: B0CCJ1N4X3
Audience: Developers interested in Awk
Rating: 5
Reviewer: Kay Ewbank

The name Brian Kernighan among the authors of this updated classic raises  [ ... ]



Discovering Modern C++, 2nd Ed

Author: Peter Gottschling
Publisher: Addison-Wesley
Pages: 576
ISBN: 978-0136677642
Print: 0136677649
Kindle: ‎ B09HTJRJ3V
Audience: C++ developers
Rating: 5
Reviewer: Mike James

Modern C++ who would want to write anything else? Is this a suitable introduction for the rest of us?


More Reviews

 

 

Last Updated ( Friday, 22 April 2016 )