NGINX Cookbook

Book Description

NGINX is one of the most widely used web servers available today, in part because of its capabilities as a load balancer and reverse proxy server for HTTP and other network protocols. The 2019 edition of this popular cookbook provides more than 80 practical recipes to help you set up and use this open source server to solve problems in various use cases.

For professionals who understand modern web architectures, such as n-tier or microservice designs, and common web protocols, including TCP and HTTP, these recipes provide proven solutions for security, software load balancing, and monitoring and maintaining NGINX’s application delivery platform. You’ll also explore advanced features of both NGINX and NGINX Plus, the free and licensed versions of this server.

You’ll find recipes for:

  • High-performance load balancing with HTTP, TCP, and UDP
  • Traffic management and A/B testing
  • Managing programmability and automation with dynamic templating and the NGINX Plus API
  • Securing access through encrypted traffic, secure links, HTTP authentication subrequests, and more
  • Deploying NGINX to AWS, Azure, and Google cloud-computing services
  • Using Docker to deploy containers and microservices
  • Debugging and troubleshooting, performance tuning, and practical ops tips

Table of Contents

  1. Foreword
  2. Preface
  3. 1. Basics
    1. Introduction
    2. Installing on Debian/Ubuntu
    3. Installing on RedHat/CentOS
    4. Installing NGINX Plus
    5. Verifying Your Installation
    6. Key Files, Commands, and Directories
    7. Serving Static Content
    8. Graceful Reload
  4. 2. High-Performance Load Balancing
    1. Introduction
    2. HTTP Load Balancing
    3. TCP Load Balancing
    4. UDP Load Balancing
    5. Load-Balancing Methods
    6. Sticky Cookie
    7. Sticky Learn
    8. Sticky Routing
    9. Connection Draining
    10. Passive Health Checks
    11. Active Health Checks
    12. Slow Start
    13. TCP Health Checks
  5. 3. Traffic Management
    1. Introduction
    2. A/B Testing
      1. Problem
      2. Solution
      3. Discussion
      4. Also See
    3. Using the GeoIP Module and Database
      1. Problem
      2. Solution
      3. Discussion
      4. Also See
    4. Restricting Access Based on Country
      1. Problem
      2. Solution
      3. Discussion
    5. Finding the Original Client
      1. Problem
      2. Solution
      3. Discussion
    6. Limiting Connections
      1. Problem
      2. Solution
      3. Discussion
    7. Limiting Rate
      1. Problem
      2. Solution
      3. Discussion
    8. Limiting Bandwidth
      1. Problem
      2. Solution
      3. Discussion
  6. 4. Massively Scalable Content Caching
    1. Introduction
    2. Caching Zones
    3. Caching Hash Keys
    4. Cache Bypass
    5. Cache Performance
    6. Purging
    7. Cache Slicing
  7. 5. Programmability and Automation
    1. Introduction
    2. NGINX Plus API
    3. Key-Value Store
      1. Problem
      2. Solution
      3. Discussion
      4. Also See
    4. Installing with Puppet
      1. Problem
      2. Solution
      3. Discussion
      4. Also See
    5. Installing with Chef
      1. Problem
      2. Solution
      3. Discussion
      4. Also See
    6. Installing with Ansible
      1. Problem
      2. Solution
      3. Discussion
      4. Also See
    7. Installing with SaltStack
      1. Problem
      2. Solution
      3. Discussion
      4. Also See
    8. Automating Configurations with Consul Templating
      1. Problem
      2. Solution
      3. Discussion
      4. Also See
  8. 6. Authentication
    1. Introduction
    2. HTTP Basic Authentication
      1. Problem
      2. Solution
      3. Discussion
    3. Authentication Subrequests
      1. Problem
      2. Solution
      3. Discussion
    4. Validating JWTs
      1. Problem
      2. Solution
      3. Discussion
      4. Also See
    5. Creating JSON Web Keys
      1. Problem
      2. Solution
      3. Discussion
      4. Also See
    6. Authenticate Users via Existing OpenID Connect SSO
      1. Problem
      2. Solution
      3. Discussion
      4. Also See
    7. Obtaining the JSON Web Key from Google
      1. Problem
      2. Solution
      3. Discussion
      4. Also See
  9. 7. Security Controls
    1. Introduction
    2. Access Based on IP Address
      1. Problem
      2. Solution
      3. Discussion
    3. Allowing Cross-Origin Resource Sharing
      1. Problem
      2. Solution
      3. Discussion
    4. Client-Side Encryption
      1. Problem
      2. Solution
      3. Discussion
      4. Also See
    5. Upstream Encryption
      1. Problem
      2. Solution
      3. Discussion
    6. Securing a Location
      1. Problem
      2. Solution
      3. Discussion
    7. Generating a Secure Link with a Secret
      1. Problem
      2. Solution
      3. Discussion
    8. Securing a Location with an Expire Date
      1. Problem
      2. Solution
      3. Discussion
    9. Generating an Expiring Link
      1. Problem
      2. Solution
      3. Discussion
    10. HTTPS Redirects
      1. Problem
      2. Solution
      3. Discussion
    11. Redirecting to HTTPS where SSL/TLS Is Terminated Before NGINX
      1. Problem
      2. Solution
      3. Discussion
    12. HTTP Strict Transport Security
      1. Problem
      2. Solution
      3. Discussion
      4. Also See
    13. Satisfying Any Number of Security Methods
      1. Problem
      2. Solution
      3. Discussion
    14. Dynamic DDoS Mitigation
      1. Problem
      2. Solution
      3. Discussion
  10. 8. HTTP/2
    1. Introduction
    2. Basic Configuration
      1. Problem
      2. Solution
      3. Discussion
      4. Also See
    3. gRPC
      1. Problem
      2. Solution
      3. Discussion
    4. HTTP/2 Server Push
      1. Problem
      2. Solution
      3. Discussion
  11. 9. Sophisticated Media Streaming
    1. Introduction
    2. Serving MP4 and FLV
    3. Streaming with HLS
    4. Streaming with HDS
    5. Bandwidth Limits
  12. 10. Cloud Deployments
    1. Introduction
    2. Auto-Provisioning on AWS
      1. Problem
      2. Solution
      3. Discussion
    3. Routing to NGINX Nodes Without an AWS ELB
      1. Problem
      2. Solution
      3. Discussion
      4. Also See
    4. The NLB Sandwich
      1. Problem
      2. Solution
      3. Discussion
    5. Deploying from the AWS Marketplace
      1. Problem
      2. Solution
      3. Discussion
    6. Creating an NGINX Virtual Machine Image on Azure
      1. Problem
      2. Solution
      3. Discussion
      4. Also See
    7. Load Balancing Over NGINX Scale Sets on Azure
      1. Problem
      2. Solution
      3. Discussion
    8. Deploying Through the Azure Marketplace
      1. Problem
      2. Solution
      3. Discussion
    9. Deploying to Google Compute Engine
      1. Problem
      2. Solution
      3. Discussion
    10. Creating a Google Compute Image
      1. Problem
      2. Solution
      3. Discussion
      4. Also See
    11. Creating a Google App Engine Proxy
      1. Problem
      2. Solution
      3. Discussion
  13. 11. Containers/Microservices
    1. Introduction
    2. DNS SRV Records
    3. Using the Official NGINX Image
      1. Problem
      2. Solution
      3. Discussion
      4. Also See
    4. Creating an NGINX Dockerfile
      1. Problem
      2. Solution
      3. Discussion
    5. Building an NGINX Plus Image
      1. Problem
      2. Solution
      3. Discussion
      4. Also See
    6. Using Environment Variables in NGINX
      1. Problem
      2. Solution
      3. Discussion
    7. Kubernetes Ingress Controller
      1. Problem
      2. Solution
      3. Discussion
    8. OpenShift Router
      1. Problem
      2. Solution
      3. Discussion
  14. 12. High-Availability Deployment Modes
    1. Introduction
    2. NGINX HA Mode
    3. Load-Balancing Load Balancers with DNS
    4. Load Balancing on EC2
    5. Configuration Synchronization
      1. Problem
      2. Solution
      3. Discussion
    6. State Sharing with Zone Sync
      1. Problem
      2. Solution
      3. Discussion
  15. 13. Advanced Activity Monitoring
    1. Introduction
    2. Enable NGINX Open Source Stub Status
      1. Problem
      2. Solution
      3. Discussion
    3. Enabling the NGINX Plus Monitoring Dashboard Provided by NGINX Plus
    4. Collecting Metrics Using the NGINX Plus API
  16. 14. Debugging and Troubleshooting with Access Logs, Error Logs, and Request Tracing
    1. Introduction
    2. Configuring Access Logs
      1. Problem
      2. Solution
      3. Discussion
    3. Configuring Error Logs
      1. Problem
      2. Solution
      3. Discussion
    4. Forwarding to Syslog
      1. Problem
      2. Solution
      3. Discussion
    5. Request Tracing
      1. Problem
      2. Solution
      3. Discussion
  17. 15. Performance Tuning
    1. Introduction
    2. Automating Tests with Load Drivers
      1. Problem
      2. Solution
      3. Discussion
    3. Keeping Connections Open to Clients
      1. Problem
      2. Solution
      3. Discussion
    4. Keeping Connections Open Upstream
      1. Problem
      2. Solution
      3. Discussion
    5. Buffering Responses
      1. Problem
      2. Solution
      3. Discussion
    6. Buffering Access Logs
      1. Problem
      2. Solution
      3. Discussion
    7. OS Tuning
      1. Problem
      2. Solution
      3. Discussion
  18. 16. Practical Ops Tips and Conclusion
    1. Introduction
    2. Using Includes for Clean Configs
      1. Problem
      2. Solution
      3. Discussion
    3. Debugging Configs
      1. Problem
      2. Solution
      3. Discussion
      4. Also See
    4. Conclusion

Product Information

  • Title: NGINX Cookbook
  • Author(s): Derek DeJonghe
  • Release date: January 2019
  • Publisher(s): O'Reilly Media, Inc.
  • ISBN: 9781492049098