Driving Success in the cloud with
NGINX
February 2019
Agenda
• Who is NGINX?
• Solution Overview
• Why move to the Cloud?
• Moving to the Cloud with NGINX
• Overview of Controller and Unit
• Close
“... when I started NGINX,
I focused on a very specific
problem – how to handle more
customers per a single server.”
- Igor Sysoev, NGINX creator and founder
NGINX Adoption – Key stats
W3techs:
• 64.7% of 10k busiest sites
• Market leader for 1m busiest sites
NetCraft:
• 300m+ sites
• 2.0m+ public IPs hosting NGINX
Dockerhub:
• NGINX is the most widely pulled and starred
application from the DockerHub repository
DigitalOcean Stream:
• 65% of the webservers on DigitalOcean
are NGINX
From: https://w3techs.com/technologies/cross/web_server/ranking
0%
10%
20%
30%
40%
50%
60%
70%
06
/12
12
/12
06
/13
12
/13
06
/14
12
/14
06
/15
12
/15
06
/16
12
/16
06
/17
12
/17
06
/18
Market Share of major webserversTop 10,000 sites (source: W3Techs)
Apache Microsoft IIS NGINX
The Busiest Sites on the Internet…
7
Solution Overview
01
9
Three Common Patterns
10
Monolithic Hybrid Microservices
Application modernization
>60%
Core, legacy
business apps
~30%
Legacy with micro-
services add-ons
~10%
Modern apps
optimized for digital
Statistics from 2018 NGINX Brand Survey
NGINX Aligns Well
11
Monolithic Hybrid services Microservices
Load Balancing
API Management
Service Mesh
Today’s App Infrastructure Is Complex
12
Fast, Durable, Consistent, Cost Effective
13
Dynamic Application Gateway
Why move to the cloud?
02
Modern Apps Require a Modern Architecture
What holds you back… … and propels you forwards
Three-tier, J2EE-style architectures
Complex, formal protocols (HTML, SOAP)
Persistent deployments
Fixed, static Infrastructure
Big-bang releases
Silo’ed teams (Dev, Test, Ops)
Microservices
Lightweight, informal (REST, Messaging)
VMs, Containers, Functions
Infrastructure as Code
Continuous Integration / Continuous Delivery
DevOps Culture
Your roadmap for modernizing apps
Prepare
Replace
hardware
appliances
Position
Migrate to the
cloud
Re-Platform
Move to
microservices
architectureDigital transformation
Reality Check…When the Cloud not right for you?
• You have sufficient resource and expertise to host services yourself; Cloud
may be more expensive
• Compliance Reasons mean data must remain on-premises
• Cloud Provider can’t meet your internal security or forensics requirements
• You’re not comfortable with the SLA provided for critical apps
• Your application is hardware-bound, or has performance requirements that
can’t be met on the cloud (e.g. it can only be scaled vertically)
Moving to the Cloud with NGINX
03
Why use NGINX in cloud environments?
• It’s lightweight – requires very little CPU/Memory
• It’s portable – it will run anywhere
• It’s easy to deploy and configure
• It’s rock-solid reliable
• It’s the HTTP endpoint of choice for many of the world’s
biggest, most high-profile services
On-Prem Datacenter
Datacenter
Load
Balancer
Application
Per-Application
Load Balancer
Per-Service
Load
Balancer
Web and Media server
Cloud Datacenter
Cloud
Platform
Load
Balancer
Per-Application
Load Balancer
Per-Service
Load
Balancer
Web and Media server
Begin with a partial migration?
Begin with a partial migration
• Use Different Domains◦ Clients connect directly to the
location of the service they are
using
• Use X-Accel-Redirect◦ All traffic is handled through the
same NGINX cluster, and
internally routed to cloud
• You need to route traffic to the correct datacenter:
X-Accel-Redirect• A more sophisticated alternative to a simple
proxy_pass
• Request goes to local server
• Local server internally redirects to remote
server
Ideal for moving content to cloud storage or
serverless, while retaining NGINX-based
authentication and logging .
Client can never access remote server directly.
24
GET /resourceGET /resource
GET /resource
X-Accel-Redirect
Now focus on the cloud…
04
How do we deploy NGINX HA in a cloud?
Four methods:
• External DNS-based load balancing – GSLB
• Use Cloud Provider’s load balancer
• Keepalived with Elastic IP addresses
• External serverless monitoring (AWS Lambda)
Sometimes the Cloud Load Balancer does not cut it…
• NGINX developed Keepalived and Serverless monitoring
solutions because sometimes AWS CLB or ALB could not
meet users’ needs:
◦ Reliance on Route53 for DNS; necessary for root domain names
◦ Can be slow to scale, dropping traffic, when traffic levels increased
◦ Often needed to fall back to TCP-based load balancing
Range of AWS load-balancing options
Route53 Classic Load Balancer Application Load
Balancer
Network Load Balancer
GSLB (DNS) load balancer to direct each user to closest available AZ.
Previously ELB; Cost-effective, basic HTTP/HTTPS/TCP load balancer. Slow to scale.
More advanced version
of CLB. Adds H2,
WebSocket, Routing.
No TCP.
Slow to scale.
L3 packet-based load balancer. Much more scalable, lower latency, supports static IPs
https://aws.amazon.com/elasticloadbalancing/details/
Range of AWS load-balancing options
Route53 Classic Load Balancer Application Load
Balancer
Network Load Balancer
GSLB (DNS) load balancer to direct each user to closest available AZ.
Previously ELB; Cost-effective, basic HTTP/HTTPS/TCP load balancer. Slow to scale.
More advanced version
of CLB. Adds H2,
WebSocket, Routing.
No TCP.
Slow to scale.
L3 packet-based load balancer. Much more scalable, lower latency, supports static IPs
NGINX relies on a GSLB solution such as Route53.
Route53 Deployment Guide
NGINX adds HTTP/2 and WebSockets, plus inspection and routing, and SSL optimizations
“NGINX through a
keyhole”
NGINX Plus adds
much greater control
for Enterprise use case
Great counterpart tomake NGINX scalable, reliable, HA.
This is the load balancer AWS should have built!
https://aws.amazon.com/elasticloadbalancing/details/
Amazon Quickstart
Deployment Guide
Use the QuickStart to:
• “Set up a highly available, secure AWS
environment, and launch NGINX Plus
automatically to load-balance scalable
webapps”
Developed jointly by AWS and NGINX, Inc.
Use the Quick Start to bootstrap a
production deployment of NGINX Plus on
AWS, or as a starting point to build your
POC in a test environment
Other AWS-focused solutions
Integrations and
Solutions:
• CloudWatch Integration
• Autoscaling - nginx-asg-sync
• Route 53 Service Discovery
• PrivateLink - support for
PPv2
NGINX Controller Overview
05
NGINX Controller
Mission control for
your applications
What is NGINX Controller?
Centralized monitoring and management
• Alerting
• API management
• Configuration analysis
• Customizable dashboards
• Load balancer management
• Monitoring
Why NGINX Controller?
Strategic Command
Prevent outages by gaining
deep visibility and following
best practice performance and
security recommendations
Agility
Enable developers to deploy
new features and applications
faster
Simplified
Management
Effortlessly deploy, validate
and troubleshoot multiple
NGINX Plus instances
across a multi-cloud
environment
AlertingGet notified when your systems need attention
• Alert on more than 100 metrics based
on pre-defined thresholds
• CPU usage, 400/500 errors, health
check failures, and more
• Email notifications with rate limiting so
you inbox is not flooded
API ManagementLightweight solution for managing APIs
• API is first class citizen
• Define per API policies such as rate
limiting
• Direct APIs to appropriate upstream
server
• Policy-driven, create different
environments for Production,
Staging, etc.
Configuration AnalysisUse the built-in configuration analyzer to get
• Enhanced performance and
security based on learnings from
thousands of customers
• Better SLAs by following built-in
best practices.
• Preemptive and actionable
recommendations for:
• Configuration
• Security
• SSL status
Customizable DashboardsAll the metrics you want to see in one place
• An overview dashboard that
aggregates metrics across load
balancers
• An Application Health Score that
measures successful requests and
timely responses
• Customizable dashboards to
monitor metrics specific to your
environment
Load Balancer ManagementNavigate a simple and intuitive wizard-like user interface
• Guided workflow for NGINX Plus
load balancer configuration
• Push-button deployments
• Traffic routing to upstream servers
• SSL key and certificate
management
• Policy-driven, create environments
for production, staging, or specific
lines of business
MonitoringGet insights into application performance:
• Graphs of key metrics such as
requests per second, active
connections, bandwidth usage
• Alert on more than 100 metrics
such as CPU usage, 400/500
errors, and health check failures
based on pre-defined thresholds
• Easy integration with any
monitoring tool of your choice using
REST API
NGINX Unit Overview
06
NGINX Unit
The application server that
speaks your language
What Is NGINX Unit?Dynamic application server
• Multi-language: Go, Node.js, Perl, PHP,
Python, and Ruby
• Run multiple language versions on the
same server
• Dynamic REST API-driven configuration
• 30% faster than alternative, modern app
servers
Why NGINX Unit?
Dynamic by
design
Unit was created to adapt in
real time to the demands of
microservices applications
Reduce
complexity
No need to tangle with
multiple application servers
and the headaches that come
with them
Deploy with
confidence
Unit is developed by the
team behind NGINX, the
most reliable and trusted
name in application delivery
Multi-language SupportRun all of your applications together
• Full support for Go, Node.js, Perl, PHP,
Python, and Ruby
• Run multiple applications written in
different languages on the same server
• Use multiple language versions
simultaneously on the same server (PHP
5/7, Python 2.7/3)
Coming soon: Full Java Support
ProgrammableAdapt in real time to microservice needs
• REST API-driven configuration
• JSON configuration language
• Graceful application and configuration
updates eliminates service disruptions
• Seamless zero-downtime deployment
changes
Service MeshBuild your own service mesh
• Optimized network stack for fast
service-to-service communication
• Offload network configuration from
application code to NGINX Unit
• SSL/TLS support
Coming soon: HTTP/2 support
Close
06
Today’s App Infrastructure Is Complex
50
Fast, Durable, Consistent, Cost Effective
51
Dynamic Application Gateway
Summary
• Better application management◦ Standardise on configuration between on and off premise application stacks
• Faster content delivery◦ Improve performance of your applications
• Flexible Deployment ◦ Prepare you for the future, micro services, service mesh.
• Avoid vendor lock-in◦ Cutdown on application sprawl
• Better ROI