NGINX is one of the most widely used web servers available today, in part because of its capabilities as a load balancer and reverse proxy server for HTTP and other network protocols. This revised cookbook provides easy-to-follow examples of real-world problems in application delivery. The practical recipes will help you set up and use either the open source or commercial offering to solve problems in various use cases.
For professionals who understand modern web architectures, such as n-tier or microservice designs and common web protocols such as TCP and HTTP, these recipes provide proven solutions for security and software load balancing and for monitoring and maintaining NGINX's application delivery platform. You'll also explore advanced features of both NGINX and NGINX Plus, the free and licensed versions of this server.
You'll find recipes for:
• High-performance load balancing with HTTP, TCP, and UDP
• Securing access through encrypted traffic, secure links, HTTP authentication subrequests, and more
• Deploying NGINX to Google, AWS, and Azure cloud computing services
• Setting up and configuring NGINX Controller
• Installing and configuring the NGINX App Protect module
• Enabling WAF through Controller ADC
• NGINX Instance Manager (new chapter)
• New recipes for NGINX Service Mesh, HTTP3 and QUIC, and the njs module
Author(s): Derek DeJonghe
Edition: 2
Publisher: O'Reilly Media
Year: 2022
Language: English
Commentary: Vector PDF
Pages: 208
City: Sebastopol, CA
Tags: Amazon Web Services; Microsoft Azure; Cloud Computing; Debugging; Security; Monitoring; Logging; Microservices; Scalability; High Availability; Caching; High Performance; Troubleshooting; Performance Tuning; Web Servers; Automation; Load Balancing; Google Compute Engine; ngnix; gRPC; Containers; Traffic Management; Authentication; HTTP/2
Cover
F5 NGINX
Copyright
Table of Contents
Foreword
Preface
Conventions Used in This Book
O’Reilly Online Learning
How to Contact Us
Acknowledgments
Chapter 1. Basics
1.0 Introduction
1.1 Installing NGINX on Debian/Ubuntu
Problem
Solution
Discussion
1.2 Installing NGINX on RedHat/CentOS
Problem
Solution
Discussion
1.3 Installing NGINX Plus
Problem
Solution
Discussion
1.4 Verifying Your Installation
Problem
Solution
Discussion
1.5 Key Files, Directories, and Commands
Problem
Solution
Discussion
1.6 Serving Static Content
Problem
Solution
Discussion
Also See
1.7 Graceful Reload
Problem
Solution
Discussion
Chapter 2. High-Performance Load Balancing
2.0 Introduction
2.1 HTTP Load Balancing
Problem
Solution
Discussion
2.2 TCP Load Balancing
Problem
Solution
Discussion
2.3 UDP Load Balancing
Problem
Solution
Discussion
2.4 Load-Balancing Methods
Problem
Solution
Discussion
2.5 Sticky Cookie with NGINX Plus
Problem
Solution
Discussion
2.6 Sticky Learn with NGINX Plus
Problem
Solution
Discussion
2.7 Sticky Routing with NGINX Plus
Problem
Solution
Discussion
2.8 Connection Draining with NGINX Plus
Problem
Solution
Discussion
2.9 Passive Health Checks
Problem
Solution
Discussion
Also See
2.10 Active Health Checks with NGINX Plus
Problem
Solution
Discussion
Also See
2.11 Slow Start with NGINX Plus
Problem
Solution
Discussion
Chapter 3. Traffic Management
3.0 Introduction
3.1 A/B Testing
Problem
Solution
Discussion
Also See
3.2 Using the GeoIP Module and Database
Problem
Solution
Discussion
Also See
3.3 Restricting Access Based on Country
Problem
Solution
Discussion
3.4 Finding the Original Client
Problem
Solution
Discussion
3.5 Limiting Connections
Problem
Solution
Discussion
3.6 Limiting Rate
Problem
Solution
Discussion
3.7 Limiting Bandwidth
Problem
Solution
Discussion
Chapter 4. Massively Scalable Content Caching
4.0 Introduction
4.1 Caching Zones
Problem
Solution
Discussion
4.2 Cache Locking
Problem
Solution
Discussion
4.3 Caching Hash Keys
Problem
Solution
Discussion
4.4 Cache Bypass
Problem
Solution
Discussion
4.5 Cache Performance
Problem
Solution
Discussion
4.6 Cache Purging with NGINX Plus
Problem
Solution
Discussion
4.7 Cache Slicing
Problem
Solution
Discussion
Also See
Chapter 5. Programmability and Automation
5.0 Introduction
5.1 NGINX Plus API
Problem
Solution
Discussion
Also See
5.2 Using the Key-Value Store with NGINX Plus
Problem
Solution
Discussion
Also See
5.3 Using the NJS Module to Expose JavaScript Functionality Within NGINX
Problem
Solution
Discussion
Also See
5.4 Extending NGINX with a Common Programming Language
Problem
Solution
Discussion
Also See
5.5 Installing with Chef
Problem
Solution
Discussion
Also See
5.6 Installing with Ansible
Problem
Solution
Discussion
Also See
5.7 Automating Configurations with Consul Templating
Problem
Solution
Discussion
Also See
Chapter 6. Authentication
6.0 Introduction
6.1 HTTP Basic Authentication
Problem
Solution
Discussion
6.2 Authentication Subrequests
Problem
Solution
Discussion
6.3 Validating JWTs with NGINX Plus
Problem
Solution
Discussion
Also See
6.4 Creating JSON Web Keys
Problem
Solution
Discussion
Also See
6.5 Validate JSON Web Tokens with NGINX Plus
Problem
Solution
Discussion
Also See
6.6 Automatically Obtaining and Caching JSON Web Key Sets with NGINX Plus
Problem
Solution
Discussion
Also See
6.7 Authenticate Users via Existing OpenID Connect SSO with NGINX Plus
Problem
Solution
Discussion
Also See
Chapter 7. Security Controls
7.0 Introduction
7.1 Access Based on IP Address
Problem
Solution
Discussion
7.2 Allowing Cross-Origin Resource Sharing
Problem
Solution
Discussion
7.3 Client-Side Encryption
Problem
Solution
Discussion
Also See
7.4 Advanced Client-Side Encryption
Problem
Solution
Discussion
Also See
7.5 Upstream Encryption
Problem
Solution
Discussion
7.6 Securing a Location
Problem
Solution
Discussion
7.7 Generating a Secure Link with a Secret
Problem
Solution
Discussion
7.8 Securing a Location with an Expire Date
Problem
Solution
Discussion
7.9 Generating an Expiring Link
Problem
Solution
Discussion
7.10 HTTPS Redirects
Problem
Solution
Discussion
7.11 Redirecting to HTTPS Where SSL/TLS Is Terminated Before NGINX
Problem
Solution
Discussion
7.12 HTTP Strict Transport Security
Problem
Solution
Discussion
Also See
7.13 Satisfying Any Number of Security Methods
Problem
Solution
Discussion
7.14 NGINX Plus Dynamic Application Layer DDoS Mitigation
Problem
Solution
Discussion
7.15 Installing and Configuring NGINX Plus with the NGINX App Protect WAF Module
Problem
Solution
Discussion
Also See
Chapter 8. HTTP/2
8.0 Introduction
8.1 Basic Configuration
Problem
Solution
Discussion
Also See
8.2 gRPC
Problem
Solution
Discussion
8.3 HTTP/2 Server Push
Problem
Solution
Discussion
Chapter 9. Sophisticated Media Streaming
9.0 Introduction
9.1 Serving MP4 and FLV
Problem
Solution
Discussion
9.2 Streaming with HLS with NGINX Plus
Problem
Solution
Discussion
9.3 Streaming with HDS with NGINX Plus
Problem
Solution
Discussion
9.4 Bandwidth Limits with NGINX Plus
Problem
Solution
Discussion
Chapter 10. Cloud Deployments
10.0 Introduction
10.1 Auto-Provisioning on AWS
Problem
Solution
Discussion
10.2 Routing to NGINX Nodes Without an AWS ELB
Problem
Solution
Discussion
Also See
10.3 The NLB Sandwich
Problem
Solution
Discussion
10.4 Deploying from the AWS Marketplace
Problem
Solution
Discussion
10.5 Creating an NGINX Virtual Machine Image on Azure
Problem
Solution
Discussion
Also See
10.6 Load Balancing Over NGINX Scale Sets on Azure
Problem
Solution
Discussion
10.7 Deploying Through the Azure Marketplace
Problem
Solution
Discussion
10.8 Deploying to Google Compute Engine
Problem
Solution
Discussion
10.9 Creating a Google Compute Image
Problem
Solution
Discussion
Also See
10.10 Creating a Google App Engine Proxy
Problem
Solution
Discussion
Chapter 11. Containers/Microservices
11.0 Introduction
11.1 Using NGINX as an API Gateway
Problem
Solution
Discussion
Also See
11.2 Using DNS SRV Records with NGINX Plus
Problem
Solution
Discussion
11.3 Using the Official NGINX Image
Problem
Solution
Discussion
Also See
11.4 Creating an NGINX Dockerfile
Problem
Solution
Discussion
11.5 Building an NGINX Plus Docker Image
Problem
Solution
Discussion
Also See
11.6 Using Environment Variables in NGINX
Problem
Solution
Discussion
11.7 Kubernetes Ingress Controller
Problem
Solution
Discussion
11.8 Prometheus Exporter Module
Problem
Solution
Discussion
Also See
11.9 NGINX Service Mesh mTLS
Problem
Solution
Discussion
Also See
Chapter 12. High-Availability Deployment Modes
12.0 Introduction
12.1 NGINX Plus HA Mode
Problem
Solution
Discussion
12.2 Load-Balancing Load Balancers with DNS
Problem
Solution
Discussion
12.3 Load Balancing on EC2
Problem
Solution
Discussion
12.4 NGINX Plus Configuration Synchronization
Problem
Solution
Discussion
12.5 State Sharing with NGINX Plus and Zone Sync
Problem
Solution
Discussion
Chapter 13. Advanced Activity Monitoring
13.0 Introduction
13.1 Enable NGINX Open Source Stub Status
Problem
Solution
Discussion
13.2 Enabling the NGINX Plus Monitoring Dashboard
Problem
Solution
Discussion
Also See
13.3 Collecting Metrics Using the NGINX Plus API
Problem
Solution
Discussion
Also See
Chapter 14. Debugging and Troubleshooting with Access Logs, Error Logs, and Request Tracing
14.0 Introduction
14.1 Configuring Access Logs
Problem
Solution
Discussion
14.2 Configuring Error Logs
Problem
Solution
Discussion
14.3 Forwarding to Syslog
Problem
Solution
Discussion
14.4 Request Tracing
Problem
Solution
Discussion
14.5 OpenTracing for NGINX
Problem
Solution
Discussion
Also See
Chapter 15. Performance Tuning
15.0 Introduction
15.1 Automating Tests with Load Drivers
Problem
Solution
Discussion
15.2 Keeping Connections Open to Clients
Problem
Solution
Discussion
15.3 Keeping Connections Open Upstream
Problem
Solution
Discussion
15.4 Buffering Responses
Problem
Solution
Discussion
Also See
15.5 Buffering Access Logs
Problem
Solution
Discussion
15.6 OS Tuning
Problem
Solution
Discussion
Chapter 16. Introduction to NGINX Instance Manager
16.0 Introduction
16.1 Setup Overview
Problem
Solution
Discussion
Also See
16.2 Agent Installation
Problem
Solution
Discussion
16.3 Automating NGINX Discovery, Configuration, and Monitoring with the API
Problem
Solution
Discussion
Also See
Chapter 17. Introduction to NGINX Controller
17.0 Introduction
17.1 Setup Overview
Problem
Solution
Discussion
Also See
17.2 Connecting NGINX Plus with Controller
Problem
Solution
Discussion
Also See
17.3 Driving NGINX Controller with the API
Problem
Solution
Discussion
Also See
17.4 Enable WAF Through Controller App Security
Problem
Solution
Discussion
Chapter 18. Practical Ops Tips and Conclusion
18.0 Introduction
18.1 Using Includes for Clean Configs
Problem
Solution
Discussion
18.2 Debugging Configs
Problem
Solution
Discussion
Also See
Conclusion
Index
About the Author
