Summary
As described in “Web Server Overview,” a web server is a module that is always connected to the network and is the base of web technology, returning HTTP response data in response to requests from clients. In this article, we will discuss nginx, one of the most widely used server technologies in web servers, excerpted from the “nginx Practical Guide”.
Overview of nginx
nginx (engine x) is a software that is gaining popularity as a web server, load balancer, and reverse proxy. Web servers, load balancers, and reverse proxies are all essential components of web systems that are usually accessed through a browser.
Web servers such as CERN httpd and NCSA HTTPd were used in the web world, but both have been replaced by the Apache HTTP Server (Apache). After that, various web servers such as Microsoft Internet Information Server (IIS), LightSpeed, lighthttpd, etc. were newly developed and used. nginx is one of them.
In 2011, NGINX. Inc. was established to develop and support nginx, and continues to develop both a commercial version of nginx Plus with additional features and an open source version of nginx. Inc. was established in 2011 to continue the development and support of both the commercial version of NGINX Plus with added features and the open source version of nginx. Currently, domestic OSS support companies have also begun to support nginx.
According to a survey by Netcraft, which has been collecting and publishing web server statistics for many years, Apache, IIS, and nginx occupy the top three positions as of 2016, with nearly 30% of the top one million most visited sites using nginx. This figure was 5% in 2010, but the number of sites is increasing with each passing year and is gradually growing in popularity.
Apache has been in use for more than 20 years and is still under active development, and as the standard web server for many Linux/UNIX distributions, Apache is often used unless there is a specific reason to use it. As for nginx, it is not a standard web server but a daring choice.
nginx functions and features
There are three main uses for nginx.
- Static Content Web Servers
Static content is fixed data that rarely changes. Static content web servers are used to serve web page data, resource files such as images and stylesheets used by web pages, and download files. nginx provides high performance as a static content web server.
- Dynamic Content Web Servers
Dynamic content is data that changes in response to user interaction, input, etc. A dynamic content web server runs a type of software called a web application to process accesses and generate data. A dynamic content web server runs a type of software called a web application to process accesses and generate data, and there are many ways to establish a positive connection with a web application, including FastCGI, WSGI, and TCP sockets.
- Load balancer, reverse proxy
A reverse proxy is a server that forwards web accesses from clients to another web server. Reverse proxies that distribute the load to multiple destinations are called load balancers. nginx is easy to configure and performs well as a load balancer or a reverse proxy, so it is sometimes used only for these functions. nginx can be used to handle HTTPS and forward access to another web server with unencrypted access. nginx can also be used to forward access to a different web server while unencrypting HTTPS.
Next, some of the features of nginx are listed below.
- Simple configuration file structure
As with other servers, nginx requires various configurations to be written in files, but compared to Apache and other servers, nginx has a simple structure and the contents are intuitive and easy to understand. It is possible to read other configuration files from the configuration file, and it is also easy to manage, for example, by preparing a separate configuration file for each virtual host.
- The basic structure is well built and runs stably.
nginx requires less memory and CPU resources to run, and runs efficiently. It has a full set of functions required of a server, such as restarting without stopping services and version upgrades, and it is stable and operates as described in the documentation.
- High performance
While recent web access tends to maintain connections for relatively long periods of time, nginx has high access performance, especially when the number of simultaneous connections increases and the system is delivered, and can demonstrate high performance in a variety of situations, from small content to large content. It also has a cache function, and performance can be further enhanced by saving file IO and network IO.
- Early support for new features
Early support for new features such as HTTP/2 and WebSocket reverse proxies.
Web System Architecture
A typical web system configuration is shown in the figure below.
User web access is first accepted by a load balancer. The load balancer then routes the accesses to a web server, where the web application handles the accesses, and the data used by the web application is stored in a database or file. The load balancer, web server, and database server each run in separate instances. Instance is a generic term for a unit of hardware, virtual machine (VM), container, process, etc.
In an actual web system, the configuration of instances varies depending on the purpose and scale of the system. Smaller systems may not use load balancers or may be built entirely on a single server, including the database. On the other hand, in a large-scale system, the load balancer itself may be configured with multiple nodes to distribute the load, or web servers may be separated by content type or role, such as images and text, or upload and download, etc. In addition, an external content delivery service called a CDN (content delivery network) may be used. In some cases, an external content delivery service called CDN (Content Delivery Network) is used to handle a large number of accesses.
nginx plays an active role in load balancers and web servers. HTTP and HTTPS are used as communication protocols between clients and load balancers, and between load balancers and web servers. Therefore, if a load balancer is built with nginx, it is not necessary that the web server must also be nginx. It is acceptable to use nginx as the load balancer and Apache or IIS as the web server. On the other hand, there are cases where the load balancer is Apache and the wb server is nginx, or both are hginx.
Internal structure of nginx
When you start nginx, you will see that there are two different processes running: “nginx: master process” and “nginx: worker process,” respectively. The master and worker processes have different roles.
The master reads the configuration file, sets up listening sockets for network communication, starts the worker, and monitors it; the worker handles the event loop of network processing, accepts connections using the sockets that the master has set up to listen, and performs network and file IO. The worker is also responsible for handling HTTP and SSL/TLS protocols. (see figure below)
In nginx, a single master can run multiple workers, but even within a single worker, IO is multiplexed. Multiplexing is a processing method that does not wait for processing, but proceeds with processing one after another from where it can be done. In general, IO is slower than memory and CPU, so it is difficult to improve server performance without a software structure that can multiplex IO. In order to achieve multiplexing, it is necessary to proceed with processing according to events such as “client connected,” “reception enabled,” and “transmission enabled.
In this respect, nginx is designed to demonstrate high performance by automatically selecting and multiplexing efficient event loop processing for network IO, even for operating systems such as Linux’s epol or FreeBSD’s kqueque. Efficient event loop processing is especially effective when many connections are processed simultaneously.
On the other hand, file IO is not multiplexed by default, but on Linux and FreeBSD, it can be multiplexed by specifying a combination of asynchronous IO and direct IO. File IO often performs better without multiplexing due to the cache effect, so which is faster depends on the situation.
nginx module configuration
nginx is internally divided into modules for each function, and whether or not to include a module can be specified by a flag at compile time. For this reason, the documentation on the official site describes separate pages in the form of configuration items for each module. However, most of the binary packages distributed by the developer of nginx have most of the modules pre-installed, so you will not be aware of the differences between modules except for dynamic modules whose binaries are contained in separate files.
For statically embedded modules, the configuration files contain a mixture of configuration items from various modules, so that you can proceed with configuration without knowing which module each configuration item belongs to. However, if a configuration file contains configuration items for a module that is not built in, nginx will consider it an error and stop working.
In the case of dynamic modules, the binary file of the module is also a package or a separate file, and the configuration to load the module must be written in the first part of the configuration, so you need to be aware of the built-in modules.
Packages of nginx
There are two versions of nginx: stablef and minline. stablef is the version that incorporates bug fixes without API changes. minline is the version that continues to be actively developed and incorporates new features.
As the name suggests, this is the version that incorporates bug fixes without API changes, while mainline is the version that continues to be actively developed and incorporates new features.
According to the developer’s blog, changes to nginx are first incorporated into mainline, and then only major bug fixes are incorporated into stable. Major version upgrades will be done every April and every other year.
The developer encourages the use of mainline unless there is a special reason to use it.
Other Packages
In addition to the main nginx package, other software is required to use nginx. For example, openssl for cryptography-related processing to support HTTPS, firewalls for firewall configuration, systemd for managing server startup including nginx, and Running a web application also requires a scripting language processor.
In order to run such a web server, a variety of peripheral software is required, but this time, except for nginx, we will use the standard CentOS7 packages unless there is a special reason not to. If you need to use a package that is not included in the minimum installation of CentOS7, install it by yum command as needed.
Installation of nginx
Although nginx can run on a wide variety of operating systems, this section describes the installation on CentOS7 x86_64 version. First, disable SELinux if it is enabled, since it is likely to cause problems such as not starting when changing the listening port or connecting to an application server.
$ sudo vi /etc/sellunux/config
……
#. disabled - No SELinux policy is loaded
SELINUX=disabled.
$ rebootAdd Repository
The default repository for CentoOS does not include nginx, so add the repository before installing nginx on CentOS7.
[user@host] Sudo vi /etc/yum.repos.d/nginx.repo
[nginx]
name=nginx repo
baseurl=htttp://nginx.org/packages/mainline/centos/7/$basearch/
gpgcheck=1
enable=1
gpgkey=http://nginx.org/keys/nginx_signing.key
[nginx-source]
name=nginx source
baseurl=htttp://nginx.org/packages/mainline/centos/7/SRPMS/
gpgcheck=1
enable=1
gpgkey=http://nginx.org/keys/nginx_signing.key
Installation by yum command
Next, install nginx using the yum install command as follows: yum command automatically selects the latest version and installs the package. The first time you run the command after adding the repository, you will be asked to confirm that you want to install the public key that signs the version.
[user@host]$ sudo yum install nginx
(input password)
………………
Loading mirror speeds from cached hostfile
………………
Is this ok [y/d/N] : y
Downloading Packages:
………………
thank you for using nginx!
………………
install:
nginx.x86.64 1:1.11:8-1.e17.ngx
done!
[user@host]$Automatic Update Settings
nginx automatic updates can be configured to check for updates every day at midnight and always use the new version. nginx package updates are configured to make a non-disruptive change to the new binary after checking that the syntax checks in the configuration file pass The new binary is configured to work without interruption. In the unlikely event that the binary does not work, the old binary will remain in place.
Verify installation package
The contents of the installed package can be checked with the rpm command.
[user@host]$ rpm -qi nginx
Name :nginx
Epoch. :1
Version :1.11.8
……………………
nginx [engine x] is an HPPT and reverse proxy server, as well as a mail proxy serverThe files in the package can be checked with “rpm -ql nginx”.
Firewall Settings
Currently, most distributions have a firewall set up by default, which prevents the web server from accepting requests from clients just by starting it. Therefore, we will configure the firewall to open the HTTP port so that it can operate as a web server.
In CentoOS7, the command firewall-cmd is used to configure the firewall. At that time, two commands need to be executed, one to change the current settings and the other to save the settings.
#Service Designation
[user@host]$ sudo firewall-cmd --add-service http
success
[user@host]$ sudo firewall-cmd --add-service http -permanent
success
#Port Designation
[user@host]$ sudo firewall-cmd --add-port 8080/tcp
success
[user@host]$ sudo firewall-cmd --add-port 8080/tcp -permanent
success
Start/quit/restart/read configuration files
Not only CentOS, but most of the recent Linux distributions use systemd to start and stop services. nginx packages also support systemd, and normal operations are performed by the systemd command. The systemd command options include the following
- start systemctl start nginx
- End systemctl stop nginx
- Restart systemctl restart nginx
- Reload configuration systemctl reload nginx
- Check status systemctl status nginx
Web server construction
In nginx, the configuration file consists of nested blocks, and the structure surrounded by blocks is called a context. Then, configuration items called directives are written in each context. However, the directives that can be written differ depending on the context in the configuration file, and the formatting is complex in some cases. Also, some directives have complex evaluation priorities, so it is not uncommon to have problems with configuration chapters when you first start using nginx.
The nginx configuration file is located in /etc/nginx/nginx.conf. In the nginx configuration file, configuration items called directives are written. Some directives end with a “;” and others can be enclosed in blocks using “{}” to create context. The outermost context that is not contained in any block is called the main context, and the context immediate created by a directive is called the <directive name> context, named after the directive that created the context. For example, the directive http creates a context for describing the web server configuration, and the context created by the http directive is called the “http context”.
The context can be written as follows
# Comment from '#' to end of line
nginx main body configuration (main context)
events {
Event Waiting Related Parameters
}
htttp {
Configure the entire web server
server {
Virtual Host Settings
location … {
Per URL pathname settings
}
}
server {
Virtual Host Settings
location … {
Per URL pathname settings
}
}
}Each directive has a specific context in which it can be placed: http directives can only be placed in the mian context, and server directives can only be placed in the http context. Location directives can only be written in the server context or the location context.
An example of the server context for a static web site is shown below.
server {
listen 80;
serve_name stastic.example.com;
access_log /var/log/nginx/stastic-access.log;
error_log /var/log/nginx/stastic-error.log;
location / {
root /www/dir;
index index.html index.htm;
}
}
コメント