Upload
nginx-inc
View
272
Download
4
Embed Size (px)
Citation preview
NGINX Plus R9 – what’s newOWEN GARRETTApril 27, 2016
Building a great applicationis only half the battle, delivering the application is the other half.
The modern web requiresa new approachto application delivery
MORE INFORMATION AT NGINX.COM
Flawless Application Deliveryfor the Modern Web
4
Load Balancer Monitoring & ManagementWeb ServerContent Cache
Streaming Media
MORE INFORMATION AT NGINX.COM
What’s New?NGINX Plus R9
● Dynamic Modules○ Load rich extensions into NGINX Plus at
runtime
● UDP Load Balancing○ DNS, RADIUS, and other UDP services○ Emerging IoT applications
● Service Discovery using DNS SRV records○ Discover new services using a familiar DNS
interface
● NGINX Plus App Pricing○ “All you can eat” pricing for NGINX Plus
● Improved caching performance and other great new features…
Dynamic Modules
MORE INFORMATION AT NGINX.COM
NGINX and Third-Party Modules
● Over 100 third-party modules available• Lua, Naxsi, Pagespeed, etc.
● Over 60 NGINX written modules• GeoIP, HTTP/2, TCP load balancing, etc.
● Problem: Modules have to be statically compiled in• Compare: Apple selects third-party apps and distributes them as a part of
iOS• Multiple NGINX Plus images:
■ nginx-plus -- 56 NGINX modules, 0 third-party modules■ nginx-plus-extras -- 4 additional NGINX modules, 6 third-party
modules
MORE INFORMATION AT NGINX.COM
Static modules are compiled into the NGINX executable
MORE INFORMATION AT NGINX.COM
Dynamic modules are compiled into a separate binary module shared object
load_module "modules/ngx_http_geoip_module.so"; load_module "modules/ngx_stream_module.so";
MORE INFORMATION AT NGINX.COM
NGINX Plus and Dynamic Modules
● Modules can now be loaded in dynamically
● You can download tested and certified extensions from our repository• Accessible via standard package management tools
● We will begin building only a single NGINX Plus binary• Install only the extensions you want• nginx-plus-extras to be deprecated
MORE INFORMATION AT NGINX.COM
Dynamic Modules in NGINX Plus R9
● For this release we are still providing two images:• nginx-plus with support for dynamic modules• nginx-plus-extras same as before without support for dynamic modules
● All nginx-plus-extras modules are available as dynamic modules from our repository.
● Existing nginx-plus-extras users are encouraged to upgrade:• apt-get remove nginx-plus-extras• apt-get install nginx-plus
• apt-get install nginx-plus-module-lua
MORE INFORMATION AT NGINX.COM
Dynamic Modules in NGINX Plus R9
● NGINX written modules:• nginx-plus-module-geoip• nginx-plus-module-image-filter• nginx-plus-module-perl• nginx-plus-module-xslt
● 3rd party modules• nginx-plus-module-headers-more• nginx-plus-module-lua• nginx-plus-module-passenger• nginx-plus-module-rtmp• nginx-plus-module-set-misc
* lua-resty-redis can be installed on top of nginx-plus-module-lua
MORE INFORMATION AT NGINX.COM
Dynamic Modules Going Forward
● nginx-plus-extras will be maintained till NGINX Plus R10
● NGINX Plus R11 and beyond will only have a single nginx-plus image
● Our plan is to certify and add more modules to our repository
● We will soon provide a tool for you to compile your own dynamic modules• As of right now, can only extend NGINX Plus with modules from our
repository
UDP Load Balancing
MORE INFORMATION AT NGINX.COM
Overview
● UDP is used for common services such as DNS, RADIUS, syslog, and more that need load balancing
● UDP is emerging as protocol of choice for IoT due to its low overhead
● Released as part of open source NGINX 1.9.13
● NGINX Plus R9 has advanced features such as active health checks and on-the-fly reconfiguration
● NGINX Plus can now load balance (almost) any application: TCP, UDP, or HTTP
MORE INFORMATION AT NGINX.COM
TCP vs. UDP Refresher
TCP UDP
Reliable data transfer Unreliable data transfer
High overhead Low overhead
Typical applications:- Web pages- iPhone/Android apps- Email
Typical applications:- DNS- RADIUS authentication- VoIP (FaceTime, etc) *
* Not supported with NGINX or NGINX Plus
MORE INFORMATION AT NGINX.COM
DNS without NGINX Plus
MORE INFORMATION AT NGINX.COM
DNS with NGINX Plus
MORE INFORMATION AT NGINX.COM
Exclusive to NGINX Plus
● Least Time load balancing algorithm○ Send new connections to the server with lowest average response time
and least number of existing connections
● Active health checks○ Actively monitor the health of UDP applications
● On-the-fly reconfiguration○ Add and remove servers without restarting NGINX Plus
● Stats○ Critical visibility into the health and performance of UDP services
Service Discovery Using DNS SRV
MORE INFORMATION AT NGINX.COM
Service Discovery Overview
MORE INFORMATION AT NGINX.COM
How Does NGINX Query the Service Registry?
● Configuration templates○ Service discovery platform rewrites NGINX config and reloads NGINX○ Works with both NGINX and NGINX Plus○ Downside: Not as scalable, NGINX has to be restarted for every small
change
● NGINX Plus HTTP-based API○ Service discovery platform calls a script to add/remove services using the
API○ Upside: Fast, no reloads○ Downside: Requires additional code to maintain
● NGINX Plus DNS interface○ NGINX Plus polls DNS interface of service registry to get list of services○ Upside: No additional code to maintain, no reloads○ Downside: Polling based, depends on TTL
MORE INFORMATION AT NGINX.COM
What’s Changed in R9?
● New support for DNS SRV records○ SRV -> Service○ Contains additional information (port, weight, priority) not in standard
DNS records
● Ports are dynamically assigned in microservice environments, and NGINX Plus needs port information for services to load balance traffic to them
resolver consul:53 valid=10s;
upstream backend { zone upstream_backend 64k;
server app.local service=http resolve; }
NGINX Plus App Pricing
MORE INFORMATION AT NGINX.COM
What Is NGINX Plus App Pricing?
● All you can eat pricing - No matter how many VMs, containers, nodes, concurrent connections, or users, you pay one low rate per application for the entire year.
● NGINX Plus App Pricing is based on volume of web traffic, company size, and number of NGINX Plus instances currently used or estimated to be used.
● It includes:○ Unlimited use of NGINX Plus for a multitude of use cases within your
application○ Your choice of installation and/or tuning support from
NGINX Professional Services○ Training in NGINX fundamentals and/or advanced topics for your team
MORE INFORMATION AT NGINX.COM
Why NGINX Plus App Pricing?
● There is no counting of instances or licenses, enabling unlimited usage of NGINX Plus
● Single per-app price means there is a predictable cost, priced to fit your application for the entire subscription period
● Well suited to distributed and microservice-based architectures, and was originally created to serve the world’s most popular SaaS applications
● All-you-can eat pricing aligns with the modern approach of creating and destroying VMs or containers as needed
● App Pricing means you can use NGINX Plus across a multitude of use cases without limits or constraints
● One number to call if something goes wrong or if you need help
MORE INFORMATION AT NGINX.COM
Who Is NGINX Plus App Pricing for?
NGINX Plus App pricing is for applications that:
● Experience traffic spikes and/or have unpredictable traffic● Use containers or virtual machines to regularly create and destroy instances● Need flexibility to grow quickly during the term of their subscription with
NGINX● Don’t want to (or can’t) track instance counts
Additional Features
MORE INFORMATION AT NGINX.COM
● Cache performance improvements - Cache writes can now be offloaded to threads to avoid blocking the NGINX core and improve performance.
• An extension of the thread pool improvements we announced last year, which offloaded blocking reads from the NGINX core.
● DNS lookups over TCP - NGINX Plus can use DNS to locate servers. Prior to R9 this was restricted to UDP. In large environments UDP may not offer sufficient space for large DNS responses. From this release, NGINX Plus will immediately retry the request using TCP if it detects a truncated UDP response.
Even More Features
MORE INFORMATION AT NGINX.COM
● Idempotency - NGINX Plus automatically retries failed HTTP requests on a different server within the same upstream group. For non-idempotent operations, such as the HTTP POST request, this can potentially be dangerous as NGINX Plus does not know how much of the operation was completed before an error was received or the operation timed out.
From this release onwards, non-idempotent HTTP requests (POST, LOCK, PATCH) are not automatically retried if they fail.
Even More Features
MORE INFORMATION AT NGINX.COM
The following modules have been updated. Applies to both the nginx-plus-extras and dynamic modules:
● The Headers-More module is updated to 0.29● The Lua module is updated to 0.10.2● The Phusion Passenger Open Source module is updated to 5.0.26
Housekeeping
MORE INFORMATION AT NGINX.COM
Summary
● Dynamic modules enable NGINX Plus to be extended at runtime○ Managed module repository for us to distribute certified extensions○ New modules can be released “off cycle”
● UDP load balancing allows NGINX Plus to load balance (almost) any applications
○ Positions NGINX Plus as an IoT gateway○ Lots of UDP applications existing which can benefit from NGINX Plus
■ Reduced costs■ Software flexibility
● DNS SRV records gives us the ability to easily discover new services○ Supported by most service discovery platforms
● NGINX Plus App Pricing gives us a better fit into microservice environments