Embed Size (px)
Citation preview
MORE INFORMATION AT NGINX.COM
3 Ways to Automate with NGINX and NGINX Plus
MORE INFORMATION AT NGINX.COM
Floyd SmithTechnical Marketing Writer at NGINX, Inc.
Formerly:- Apple, Alta Vista, Google, and more- Author of multiple books on technology
Kunal ParianiTechnical Solutions Architect at NGINX, Inc.
Formerly:- Zimbra, Motorola, Cisco- Intern at JPL - yes, a rocket scientist!
MORE INFORMATION AT NGINX.COM
• First OSS release in 2004• Company founded in 2011• VC-backed by industry leaders• 165+ million open source users• 800+ customers• 90+ employees
Igor Sysoev, NGINX creator and founder
MORE INFORMATION AT NGINX.COM
“How long would it take your organization to
deploy a change that involves just one single line of code?” – Mary Poppendieck, Lean software development guru
MORE INFORMATION AT NGINX.COM
Deploying NewApp Versions1
MORE INFORMATION AT NGINX.COM
Modifying open source NGINX configuration
1. SSH into NGINX server2. Edit configuration file to add/remove servers3. nginx –t && nginx –s reload
Problems with this approach:4. Have to manually SSH into each server every time5. Not scalable with frequent changes and/or long lived connections
MORE INFORMATION AT NGINX.COM
NGINX Plus HTTP-Based API -- Configuration
upstream backend { zone backend 64k; server app-server-v1;}
server { listen 8080; # Listen on a local port location /upstream_conf { allow 10.0.0.0/8; # Allow access only from LAN deny all; # Deny everyone else upstream_conf; }}
MORE INFORMATION AT NGINX.COM
NGINX Plus HTTP-Based API -- Commands• Add new server# curl 'http://localhost:8080/upstream_conf?add=&upstream=backend&server=app-server-v2’
• List servers# curl http://localhost:8080/upstream_conf?upstream=backendserver app-server-v1; # id=0server app-server-v2; # id=1
• Mark existing server to draining state# curl http://localhost:8080/upstream_conf?upstream=backend&id=0&drain=1
• Monitor the Live activity monitoring dashboard till the active connections count for this server reaches 0
• Remove existing server# curl 'http://localhost:8080/upstream_conf?remove=&upstream=backend&id=0'
MORE INFORMATION AT NGINX.COM
NGINX Plus Health Checks
Alternative method that involves no modification of NGINX at all
1. Configure health check to monitor if a file, such as healthcheck.html, exists
2. Delete or rename healthcheck.html
3. Make changes to production server
4. Recreate or rename healthcheck.html
5. Optional slow_start to gently bring the server back online
MORE INFORMATION AT NGINX.COM
Orchestration and Management2
MORE INFORMATION AT NGINX.COM
Orchestration and Management
MORE INFORMATION AT NGINX.COM
Orchestration and Management
MORE INFORMATION AT NGINX.COM
Service Discovery3
MORE INFORMATION AT NGINX.COM
NGINX, Inc. Confidential Information 14
• Key component of service-oriented or microservices architecture which has dynamic instances
• Process of discovering the endpoint addresses to which the requests need to be routed
• Automation enables dynamic addition or removal from the load-balanced pool as and when they get created or destroyed
• No modifications to the NGINX configuration, reducing complexity
What It Is and Why It Matters
MORE INFORMATION AT NGINX.COM
15
MORE INFORMATION AT NGINX.COM
16
• The DNS resolver in NGINX points to the DNS interface of a service discovery tool like Consul, etcd, or ZooKeeper
• NGINX requests DNS A records to get all the IP addresses associated with the domain name, and starts load balancing traffic across these addresses
• NGINX honors the TTL in the DNS response, or you can override it using the valid parameter to the resolver directive
DNS for Service Discovery with NGINX
MORE INFORMATION AT NGINX.COM
• Open source NGINX does not support DNS SRV records– NGINX Plus only
• Port numbers have to be statically defined
• Not suitable for microservices environments
Limitations and Caveats
MORE INFORMATION AT NGINX.COM
NGINX, Inc. Confidential Information 18
• NGINX Plus can periodically re-resolve DNS SRV records from the service registry
• Additional service and resolve parameters to the server directive (NGINX Plus only)
• Makes it a zero configuration deployment and allows scaling with ease
DNS SRV-Based Service Discovery with NGINX Plus
MORE INFORMATION AT NGINX.COM
resolver <dns-server-ip> valid=10s;upstream backend { zone backend 64k; server backends.example.com service=http resolve;}server { location / {
proxy_pass http://$backend; }}
• The service parameter sets the service name and enables resolving of DNS SRV records
• The resolve parameter monitors changes in SRV records and modifies upstream configuration automatically without the need for a reload
Example of NGINX Plus Configuration
MORE INFORMATION AT NGINX.COM
• DNS server either needs to be highly available or have a backup server
• An alternative to DNS for service discovery with NGINX Plus is the on-the-fly reconfiguration API
Caveats
MORE INFORMATION AT NGINX.COM
Demo(github.com/nginxinc/NGINX-Demos/tree/master/consul-dns-srv-demo)
MORE INFORMATION AT NGINX.COM
– Dan Chamberlain, Principal Architect
READ CASE STUDY
MORE INFORMATION AT NGINX.COM
1. On-the-fly reconfiguration API & active health checks with NGINX Plus enable automated deployments
2. Deploying NGINX and NGINX Plus with Ansible, Chef, or Puppet makes it easier to manage large production deployments
3. DNS SRV-based service discovery with NGINX Plus reduces complexity and allows for greater scalability with microservices-based apps
Summary
MORE INFORMATION AT NGINX.COM
Resources
1. Ansible blog post
2. Puppet NGINX management module
3. Chef blog post
4. Service Discovery for NGINX Plus w/DNS SRV Records
5. Bluestem Brands case study
MORE INFORMATION AT NGINX.COM
Q & A
MORE INFORMATION AT NGINX.COM
Thank you!
