If you're involved in Linux and Web stuff you may heard sometime about Nginx. Well Nginx is a "state of the art" platform. It differs from your common web server because it can be used also as a reverse proxy, load balancer, email proxy or even for video streaming.
In this article we will examine the set-up and configuration of Nginx starting using it as a simple web server and then scaling up to web proxy and load balancer.
So lets start the installation, but first ,if you use a CentOS box like me, you have to make sure you have the "epel" repository installed. It's a very useful extra repository created for the enterprise Linux, which contains plenty of extra software including Nginx as well.
To obtain and install that repo just give
#yum install epel-release-latest-7.noarch.rpm
Now we're ready for Nginx. On my CentOS server to install I just give the command:
#yum install nginx
Now if you just navigate to /etc/nginx you can see the nginx.conf which is the main configuration file.
Nginx as a web server
We can start with the case which Nginx is used as a simple webserver. The basic configuration inside the nginx.conf is the following:
The http stanza contains some default information about logging and the server block information which goes as follows:
Here the "listen" directive defines the listening port of the web server, root the root html directory of the web server, location and at last there are some default error pages defined to be displayed in case of an HTTP error request.
Nginx as a reverse proxy
Now we want to use the Nginx so that it can handle all incoming http requests and distribute them among the servers in the insight network. So on the main nginx.conf inside the server stanza we add the following:
The "server_name" directive is essential if you have multiple servers, with different server-names apparently. If this is defined ,Nginx processes the host header according to the configuration stated below server_name.
"location" directive checks the request URI, and forwards all the requests to the address specified by "proxy_pass" directive". In that case where mywebserver.local you can also put IP address and port e.g: 192.168.1.200:8080.
Nginx as a load balancer
As it was mentioned above Nginx can be a very effective load balancer using several different load balancing algorithms (round robin by default). So to set up a simple load balancer, on the nginx.conf, we must go under the http stanza configuration and give the following:
All the magic here is been done by the upstream directive which defines the upstream servers where the traffic is distributed. Those servers are listed below defined by the classic server directive. By default uses the round robin algorithm but you can simply change that , by adding under the upstream directive.
for the least connected load balancing or
for ip hash load balancing.
Nginx SSL
It is essential to use https in your server http is insecure, obsolete and is going to be abandoned soon. You can count on Nginx to handle all the SSL procedure whether is a webserver or a proxy. To do this under the server stanza on the main configuration you need to add the following lines.
Now the "listen" directive is on 443 (SSL), it follows the "SSL on", and then we simply declare the directory that we hold the SSL bundle certificate and the SSL key.
Nginx management and control.
After every configuration change you have to restart the nginx service in order for that to be applied, to do this simply give:
# systemctl restart nginx
But..beware, you have to be very sure that your configuration is correct otherwise the server will fail to start resulting your website or websites to be down. To avoid this you have the option to test your configuration before the restart by giving.
# nginx -t
You can also apply your configuration changes without restarting by giving.
# nginx -s reload
And don't forget to make sure that you have Nginx to run on system startup.
# systemctl enable nginx
So this is enough info for a good start, for additional plenty of information you can always visit https://www.nginx.com/.
enjoy
In this article we will examine the set-up and configuration of Nginx starting using it as a simple web server and then scaling up to web proxy and load balancer.
So lets start the installation, but first ,if you use a CentOS box like me, you have to make sure you have the "epel" repository installed. It's a very useful extra repository created for the enterprise Linux, which contains plenty of extra software including Nginx as well.
To obtain and install that repo just give
#yum install epel-release-latest-7.noarch.rpm
Now we're ready for Nginx. On my CentOS server to install I just give the command:
#yum install nginx
Now if you just navigate to /etc/nginx you can see the nginx.conf which is the main configuration file.
Nginx as a web server
We can start with the case which Nginx is used as a simple webserver. The basic configuration inside the nginx.conf is the following:
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
server{
#server stanza configuration section
}
}
The http stanza contains some default information about logging and the server block information which goes as follows:
server {
listen 80 default_server;
root /usr/share/nginx/html;
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
Here the "listen" directive defines the listening port of the web server, root the root html directory of the web server, location and at last there are some default error pages defined to be displayed in case of an HTTP error request.
Nginx as a reverse proxy
Now we want to use the Nginx so that it can handle all incoming http requests and distribute them among the servers in the insight network. So on the main nginx.conf inside the server stanza we add the following:
server_name mywebserver.com
location /uri/path/ {
proxy pass http://mywebserver.local;
}
The "server_name" directive is essential if you have multiple servers, with different server-names apparently. If this is defined ,Nginx processes the host header according to the configuration stated below server_name.
"location" directive checks the request URI, and forwards all the requests to the address specified by "proxy_pass" directive". In that case where mywebserver.local you can also put IP address and port e.g: 192.168.1.200:8080.
Nginx as a load balancer
As it was mentioned above Nginx can be a very effective load balancer using several different load balancing algorithms (round robin by default). So to set up a simple load balancer, on the nginx.conf, we must go under the http stanza configuration and give the following:
upstream mywebsite {
server mywebserver1.com;
server mywebserver2.com;
server mywebserver3.com;
server mywebserver4.com;
}
All the magic here is been done by the upstream directive which defines the upstream servers where the traffic is distributed. Those servers are listed below defined by the classic server directive. By default uses the round robin algorithm but you can simply change that , by adding under the upstream directive.
least conn;
for the least connected load balancing or
ip hash;
for ip hash load balancing.
Nginx SSL
It is essential to use https in your server http is insecure, obsolete and is going to be abandoned soon. You can count on Nginx to handle all the SSL procedure whether is a webserver or a proxy. To do this under the server stanza on the main configuration you need to add the following lines.
listen 443;
ssl on;
ssl_certificate /etc/nginx/conf/mywebsite.com-bundle.crt
ssl_certificate_key /etc/nginx/conf/mywebsite.key;
Now the "listen" directive is on 443 (SSL), it follows the "SSL on", and then we simply declare the directory that we hold the SSL bundle certificate and the SSL key.
Nginx management and control.
After every configuration change you have to restart the nginx service in order for that to be applied, to do this simply give:
# systemctl restart nginx
But..beware, you have to be very sure that your configuration is correct otherwise the server will fail to start resulting your website or websites to be down. To avoid this you have the option to test your configuration before the restart by giving.
# nginx -t
You can also apply your configuration changes without restarting by giving.
# nginx -s reload
And don't forget to make sure that you have Nginx to run on system startup.
# systemctl enable nginx
So this is enough info for a good start, for additional plenty of information you can always visit https://www.nginx.com/.
enjoy
