What is: NginX
What is: NginX
Lately I have been writing a lot about NginX so I thought I would write a small post to describe NginX and what it is.Although I like to write it NginX because its origins are in the Linux world they write it all in lower case nginx (I know, boring right). The name stands for Engine X, well, engine x… It is an HTTP server, reverse proxy server and a mail proxy server. It was written by Igot Sysoev who I believe is Russian. Maybe that’s why some very popular Russian sites like Yandex, Mail.Ru (VKontakte and Rambler) have been using it for a while. On this side of the world we have sites like Netflix and WordPress.com using NginX as their web / proxy server.
Below is the information obtained from NginX.org covering the details of what NginX can do and its features. What I can talk about is how it fits in with our overall architecture when hosting web sites.
We primarily use WordPress so seeing the guys at WordPress.com using NginX told us this was probably if not the best at least the right direction to go. We deployed an architecture that uses a front end reverse proxy with caching, and a back end PHP-FMP web server to serve the dynamic content from WordPress. The results were good, we were able to cache static content serving it much faster and preventing downtime while we make changes to our back end, while the back end is able to handle more traffic without a considerable spike in resource usage.
NginX sources and documentation are distributed under the 2-clause BSD-like license.
Basic HTTP server features
- Serving static and index files, autoindexing; open file descriptor cache;
- Accelerated reverse proxying with caching; simple load balancing and fault tolerance;
- Accelerated support with caching of FastCGI, uwsgi, SCGI, and memcached servers; simple load balancing and fault tolerance;
- Modular architecture. Filters include gzipping, byte ranges, chunked responses, XSLT, SSI, and image transformation filter. Multiple SSI inclusions within a single page can be processed in parallel if they are handled by proxied or FastCGI servers;
- SSL and TLS SNI support.
Other HTTP server features
- Name-based and IP-based virtual servers;
- Keep-alive and pipelined connections support;
- Flexible configuration;
- Reconfiguration and upgrade of an executable without interruption of the client servicing;
- Access log formats, buffered log writing, and fast log rotation;
- 3xx-5xx error codes redirection;
- The rewrite module: URI changing using regular expressions;
- Executing different functions depending on the client address;
- Access control based on client IP address, by password (HTTP Basic authentication) and by the result of subrequest;
- Validation of HTTP referer;
- The PUT, DELETE, MKCOL, COPY, and MOVE methods;
- FLV and MP4 streaming;
- Response rate limiting;
- Limiting the number of simultaneous connections or requests coming from one address;
- Embedded Perl.
Mail proxy server features
- User redirection to IMAP or POP3 server using an external HTTP authentication server;
- User authentication using an external HTTP authentication server and connection redirection to an internal SMTP server;
- Authentication methods:
- SSL support;
- STARTTLS and STLS support.
Architecture and scalability
- One master and several worker processes; worker processes run under an unprivileged user;
- Support for kqueue (FreeBSD 4.1+), epoll (Linux 2.6+), rt signals (Linux 2.2.19+), /dev/poll (Solaris 7 11/99+), event ports (Solaris 10), select, and poll;
- The support of the various kqueue features including EV_CLEAR, EV_DISABLE (to temporarily disable events), NOTE_LOWAT, EV_EOF, number of available data, error codes;
- sendfile (FreeBSD 3.1+, Linux 2.2+, Mac OS X 10.5+), sendfile64 (Linux 2.4.21+), and sendfilev (Solaris 8 7/01+) support;
- File AIO (FreeBSD 4.3+, Linux 2.6.22+);
- DIRECTIO (FreeBSD 4.4+, Linux 2.4+, Solaris 2.6+, Mac OS X);
- Accept-filters (FreeBSD 4.1+, NetBSD 5.0+) and TCP_DEFER_ACCEPT (Linux 2.4+) support;
- 10,000 inactive HTTP keep-alive connections take about 2.5M memory;
- Data copy operations are kept to a minimum.