NGINX.COM
Web Server Load Balancing with NGINX Plus

User Summit Highlights

A week ago we hosted our first NGINX User Summit, and it was a blast.

We started with a half day of training given by our training partner Service Rocket. Forty people new or relatively new to NGINX participated in our new “Fundamentals of NGINX” class. Three hours of “what’s a location block?”, “how do I configure an upstream?”, and setting up proxies, load balancers, and caches! It was our first step in an ongoing program of training, webinars, documentation improvements, and adding content about the many things that NGINX can do.

After the fundamentals, there was a full afternoon of talks for existing and experienced users curious about the breadth of NGINX. This included a talk by NGINX’s original author and founder, Igor Sysoev. Some of the NGINX engineeering team was in San Francisco for the summit and joined Igor on stage before his talk, NGINX: Past, Present, and Future.

T79A0265_a

Following Igor’s talk, there was a series of lightning talks:

  • Jeff Kaufman talked about the ngx_pagespeed module.
  • Andrew Fong shared Dropbox’s tips and tricks for monitoring NGINX.
  • John Watson discussed OS‑level tuning for massive concurrency.
  • Dmitry Galperin of Runa Capital talked about the growth of Wallarm from an NGINX module to an application security service built on NGINX.
  • Vanessa Ramos and Nicolas Grenié described how NGINX is at the core of 3Scale’s APITOOLs product.
  • Phil Pennock concluded the speed round with an overview of Apcera’s dynamic provisioning using NATS and NGINX.

For those familiar with the NGINX module ecosystem, it would seem odd if we ended the day there. Amazing companies and people talked about NGINX and the many ways they use NGINX, but there is a community member and module developer who deserved the stage. We closed the afternoon’s talks with an overview of the modules that Yichun Zhang has contributed to the NGINX ecosystem. A few of the earlier lightning talks made mention of his most common modules, including Lua and OpenResty. Much of his talk centered on profiling tools for NGINX and using flame graphs to identify bottlenecks.

These talks were recorded, and we will be publishing them over the upcoming weeks. Keep an eye on our Twitter accounts @nginxorg and @nginx for those links and information about upcoming events.

I can’t close out this post without a mention of our sponsor MaxCDN – many thanks to them for the beverages during the networking happy hour.

How Many Websites Run NGINX? February 2014

Based on figures from the February 2014 Netcraft survey, almost 140 million of the websites they surveyed run NGINX – sites like Box and Dropbox, Instragram, Netflix, Pinterest, Tumblr, and WordPress. That’s an increase of over 10% in one month.

Netcraft report on web server market share, February 2014

W3Techs surveys the top million websites, based on Alexa traffic rank. They’ve found that 19% of them run NGINX. But as you drill down on the busiest sites (Alexa’s top 10,000 or even top 1,000) – the sites that invest really heavily to make sure they get their infrastructure right – the percentage grows to 38%, greater than any other web server. NGINX is fast becoming the platform of choice for the most demanding sites on the Internet:

W3Techs ranking of web server usage, February 2014

And, NGINX’s adoption rate is so fast that in the time you took to read this, another 4 of the top million websites moved to NGINX.

Load Balancing with NGINX and NGINX Plus, Part 1

NGINX is a capable accelerating proxy for a wide range of HTTP‑based applications. Its caching, HTTP connection processing, and offload significantly increase application performance, particularly during periods of high load.

Editor – NGINX Plus Release 5 and later can also load balance TCP-based applications. TCP load balancing was significantly extended in Release 6 by the addition of health checks, dynamic reconfiguration, SSL termination, and more. In NGINX Plus Release 7 and later, the TCP load balancer has full feature parity with the HTTP load balancer. Support for UDP load balancing was introduced in Release 9.

You configure TCP and UDP load balancing in the stream context instead of the http context. The available directives and parameters differ somewhat because of inherent differences between HTTP and TCP/UDP; for details, see the documentation for the HTTP and TCP Upstream modules.

NGINX Plus extends the capabilities of NGINX by adding further load‑balancing capabilities: health checks, session persistence, live activity monitoring, and dynamic configuration of load‑balanced server groups.

This blog post steps you through the configuring NGINX to load balance traffic to a set of web servers. It highlights some of the additional features in NGINX Plus.

For further reading, you can also take a look at the NGINX Plus Admin Guide and the follow‑up article to this one, Load Balancing with NGINX and NGINX Plus, Part 2.

Proxying Traffic with NGINX

We’ll begin by proxying traffic to a pair of upstream web servers. The following NGINX configuration is sufficient to terminate all HTTP requests to port 80, and forward them in a round‑robin fashion across the web servers in the upstream group:

http {
    server {
        listen 80;

        location / {
            proxy_pass http://backend;
        }
    }

    upstream backend {
        server web-server1:80;
        server web-server2:80;
    }
}

With this simple configuration, NGINX forwards each request received on port 80 to web-server1 and web-server2 in turn, establishing a new HTTP connection in each case.

Setting the Load‑Balancing Method

By default, NGINX uses the Round Robin method to spread traffic evenly between servers, informed by an optional “weight” assigned to each server to indicate its relative capacity.

The IP Hash method distributes traffic based on a hash of the source IP address. Requests from the same client IP address are always sent to the same upstream server. This is a crude session persistence method that is recalculated whenever a server fails or recovers, or whenever the upstream group is modified; NGINX Plus offers better solutions if session persistence is required.

The Least Connections method routes each request to the upstream server with the fewest active connections. This method works well when handling a mixture of quick and complex requests.

All load‑balancing methods can be tuned using an optional weight parameter on the server directive. This makes sense when servers have different processing capacities. In the following example, NGINX directs four times as many requests to web-server2 than to web-server1:

upstream backend {
    zone backend 64k;
    least_conn;

    server web-server1 weight=1;
    server web-server2 weight=4;
}

In NGINX, weights are managed independently by each worker process. NGINX Plus uses a shared memory segment for upstream data (configured with the zone directive), so weights are shared between workers and traffic is distributed more accurately.

Failure Detection

If there is an error or timeout when NGINX tries to connect with a server, pass a request to it, or read the response header, NGINX retries the connection request with another server. (You can include the proxy_next_upstream directive in the configuration to define other conditions for retrying the request.) In addition, NGINX can take the failed server out of the set of potential servers and occasionally try requests against it to detect when it recovers. The max_fails and fail_timeout parameters to the server directive control this behavior.

NGINX Plus adds a set of out‑of‑band health checks that perform sophisticated HTTP tests against each upstream server to determine whether it is active, and a slow‑start mechanism to gradually reintroduce recovered servers back into the load‑balanced group:

server web-server1 slow_start=30s;

A Common ‘Gotcha’ – Fixing the Host Header

Quite commonly, an upstream server uses the Host header in the request to determine which content to serve. If you get unexpected 404 errors from the server, or anything else that suggests it is serving the wrong content, this is the first thing to check. Then include the proxy_set_header directive in the configuration to set the appropriate value for the header:

location / {
    proxy_pass http://backend;

    # Rewrite the 'Host' header to the value in the client request
    # or primary server name
    proxy_set_header Host $host;

    # Alternatively, put the value in the config:
    #proxy_set_header Host www.example.com;
}

Advanced Load Balancing Using NGINX Plus

A range of advanced features in NGINX Plus make it an ideal load balancer in front of farms of upstream servers:

For details about advanced load balancing and proxying, see the follow‑up post to this one, Load Balancing with NGINX and NGINX Plus, Part 2.

To try NGINX Plus, start your free 30-day trial today or contact us to discuss your load‑balancing use cases.

Hello? Is This Thing On?

Welcome to the NGINX blog! We’ve started this to keep you all more informed about NGINX Open Source, the company NGINX, Inc., and our new commercial product NGINX Plus.

I’m Sarah Novotny, NGINX’s newly hired evangelist. You might know me from my work as co-chair of the O’Reilly Open Source Convention (OSCON), or within the MySQL community. I’m delighted to join and learn from the community and users of NGINX.

I’m going to kick off this first post by offering an overview of our progress in 2013, and make an exciting announcement for 2014.

The Product

In 2013, we released version 1.4 of NGINX, which added features such as support for SPDY and WebSocket. The engineering team continued to stomp out 14 major bugs and 2 security fixes, and made 4 additional dot releases to version 1.4.

There was lots of work on the 1.5 branch of the code as well. We saw the addition of cache revalidation for both proxying and FastCGI. There was also the addition of an HTTP authentication module which allows dependencies on subrequests.

We also released our first commercial product, NGINX Plus, targeted at enterprise customers who want the superior scalability of the NGINX Open Source server along with enterprise‑level support and services that let them sleep comfortably at night. At a recent event I attended, a number of CIOs said their number one infrastructure bet in 2014 was open source software. The enterprise is beginning to recognize that the F/OSS movement builds better software.

Early in 2013 we brought in a CEO, Gus Robertson, to support the amazing founders and engineering team that’s based in Russia. Gus came to NGINX from a long stint with Red Hat. His focus is to grow NGINX’s adoption, work that takes many forms. We’re committed to a robust open source product, and a thriving business to support it, as well as offering peace of mind through support and services to enterprise customers.

To that end, Gus’ first order of business was to make sure the company can continue to provide excellent software. During 2013 Gus and the founders spent time raising a round of funding. In October they closed our Series B round of venture funding, led by NEA, and including e.Ventures and long‑time supporters Runa Capital. This allows the engineering team to continue pushing the NGINX product forward and for the rest of the company to grow to support the community behind 140 million websites.

And the Community

The new funding means we’ve also been able to hire positions that directly benefit the user community, including a dedicated technical writer to focus on making our documentation more helpful and user friendly, and to revitalize the aging Wiki which was maintained for a long time by community member Cliff Wells. As Cliff’s volunteer time slimmed, many of our users noticed that the Wiki documentation hasn’t kept up with our new releases. While many community members still update the Wiki, we do miss Cliff’s stewardship.

Yaroslav Zhuravlev
Our intrepid technical writer, Yaroslav Zhuravlev

Fear not! Yaroslav is on the job now, and we’ll be focusing on improving our documentation across the board.

Last year also saw the release of a few NGINX books, which the engineering team had the privilege of reviewing (and even one that Andrew contributed to). There’s Packt’s Mastering NGINX by Dimitri Aivaliotis, and Creative Commons published The Architecture of Open Source Applications: Volume II.

In the physical world, 2013 saw the first NGINX meetup in the San Francisco area, as well as our first conference sponsorship. Five of us attended AWS re:Invent in Las Vegas, staffed a booth, and sponsored drinks one evening in the expo hall. Re:Invent was my first introduction to the user community that exists around NGINX. It was amazing to have a steady influx of people in the booth just asking to shake the hands of our engineers. They were effusive in their praise and excitement about the product. It was immediately after that event that I accepted a position with NGINX, to be sure there was continued focus on outreach and to provide a conduit for user feedback and community engagement. We want to make sure your voice is heard and prioritized in our product planning.

Announcing the NGINX User and Developer Summit

Now for some fun in 2014! Please join us at our first User and Developer Summit, on February 25 in San Francisco. This won’t be the last event we host, or your only opportunity to meet and talk with our team, but there is no better time to hear what we’re working on and let us know what you think about our plans. Later in 2014 is the tenth anniversary of the version 0.1.0 public release of NGINX, and we need your help to be sure it only improves from here.

Why Do I See “Welcome to nginx!” on My Favorite Website?

“I’m trying to go to a website. Instead getting to the site, I see a page that refers to nginx:

Welcome to NGINX screen

What’s going on?”

What Is the “Welcome to nginx!” Page?

The Welcome to nginx! page is the default web page that is presented when a website operator has installed the NGINX web server software on a computer on the Internet, and either the NGINX configuration is not yet complete or a problem at the website itself is preventing the correct content from appearing.

The NGINX web server software is used by millions of websites worldwide. It’s open source and free to use, so anyone can download and install the software and use it to host a website.

The NGINX software has not been installed on your computer – it runs only on computers that are serving web pages. NGINX is not a virus and has nothing to do with determining which websites your browser accesses. Read on for more details.

Why Am I Seeing this Page?

When you see the Welcome to nginx! page, the mostly likely reason is that there is a configuration or other problem at the website. In this case, about all you can do is wait for the problem to be fixed by the website administrator.

Less often, there might be a problem on your computer that is causing your web browser to go to the wrong website.

  • It might be a temporary problem, in which case it might help to clear your browser cache and history, then restart your computer and home router if necessary. See What Should I Do?.

  • It is also possible that your computer has a virus or other malware that is intercepting your web requests and directing you to the wrong website.

    For example, some viruses and malware can control how your computer uses a system called DNS. This system translates website names (such as www.google.com) into computer addresses, just like the contacts list on your mobile phone translates people’s names into phone numbers. When you try to access a website, the virus causes your browser to route your request to an impostor website that might try to steal personal information.

Again, the NGINX software has not been installed on your computer – it runs only on computers that are serving web pages. NGINX is not a virus and has nothing to do with determining which websites your browser accesses.

What Should I Do?

To investigate whether the problem is on your computer, we recommend that you do the following. After each step, test whether the problem is fixed:

  1. Clear your browser cache and delete your browsing history. Restart your web browser.
  2. Restart your computer and home router.
  3. If you don’t want to investigate the problem yourself, contact a qualified expert – your ISP or support representative – and ask for help scanning your computer for malware and verifying your DNS and network configuration.

If you feel like investigating further, below are some other things for a knowledgeable user to try.

Run a Reputable Virus Scanner

Run a scanner or anti-malware application from a security software company. Users of Windows 8.1 and later can use Windows Defender, which is free antimalware software included with Windows. Windows 7 users can use Microsoft Security Essentials.

Verify and Reset your Internet Configuration

  1. Clear your operating system’s DNS cache.
    • On Microsoft Vista, Windows 7, and Windows 8: Click on the Start logo, follow All Programs > Accessories, right-click on Command Prompt, choose Run As Administrator, type ipconfig /flushdns, and press Enter.
    • On Microsoft Windows XP, go to Start > Run, type ipconfig /flushdns in the new terminal window, and press Enter.
  2. Go to your TCP settings (on Windows, Control Panel > Network), and locate the section that lists the DNS servers. Make a note of the current values, and then replace them with 8.8.8.8 and 8.8.4.4. You will then be using Google Public DNS instead of your previous DNS server. For more details, see Get Started page for Google Public DNS.
  3. Check the hosts file on your computer. Windows users, see How to reset the Hosts file back to the default at the Microsoft Support website.
  4. Check the plug-ins and extensions installed with your browser. Re-install your browser or try a different one if possible.

Other Useful Resources

Get Started

Rocketship

Try Out NGINX Plus on Your Turf

Get Started
head with a headset

Ask Us a Question

Contact Sales