Hands on with the New NGINX Plus.

by Rhommel Lamas

Here at 3scale we’ve been using NGINX for a long time now in our production environments and yesterday the team at NGINX have released a new commercial version of NGINX - NGINX Plus. Since we’re huge fans of the open-source version we were eager to get our hands on it and they kindly gave us access. After some early testing it’s already clear that there are some very cool new features here:

  • App monitoring and upstream health check both look awesome.
  • Streaming also looks like a great addition.
  • API upstream management on the fly.

The new version also comes with more commercial support which a lot of our customers will be interested in.

While many of our customers will continue deploying the Open Source version since it already rocks, this is definitely a great option for bigger, more complex deployments.

Drilling down into some of the features:

New status module and monitoring dashboard

The new status dashboard is more powerful than before, and the process for setting it up is still really easy.

location = /nginx_status {
    status;
    allow WHITE.LIST.IP.ADDRESS;
    deny all;
}

After you set this parameters on your Vhost, you can get your nginx status information using cURL of a simple request from your favorite browser.

{ "version":1,
  "nginx_version":"1.5.3",
  "address":"10.197.35.108",
  "timestamp":1377183333887,
  "connections":{"accepted":54,
                 "dropped":0,
                 "active":50,
                 "idle":2},
  "requests":{"total":1191,
              "current":50},
  "upstreams":{"nginx_blog":[{}]}

Upstream health checks

This new feature extends the features of the new monitoring dashboard, providing you with realtime information about each one of the upstream servers you have. (and you should definitely ensure that your status dashboard access is restricted!)

location / {
    proxy_pass http://backend;
    health_check;
}

Once you have everything in place, you will be able to see all this detailed information about each one of your upstreams and upstream servers. This is very helpful if you want to integrate nginx monitoring to your favorite monitoring dashboard.

{ "version":1,
  "nginx_version":"1.5.3",
  "address":"10.197.35.108",
  "timestamp":1377183333887,
  "connections":{"accepted":54,
                 "dropped":0,
                 "active":50,
                 "idle":2},
  "requests":{"total":1191,
              "current":50},
  "upstreams":{"nginx_blog":[{
               "server":"10.171.89.61:80",
               "state":"up",
               "weight":100,
               "backup":false,
               "active":1,
               "keepalive":0,
               "requests":288,
               "fails":0,
               "unavail":0,
               "downstart":0,
               "sent":31570,
               "received":714630,
               "downtime":0,
               "responses": {
               "1xx":0,
               "2xx":287,
               "3xx":0,
               "4xx":0,
               "5xx":0,
               "total":287},
  "health_checks":{"checks":42,
                   "fails":0,
                   "unhealthy":0,
                   "last_passed":true }},
{
  "server":"10.172.14.183:80",
  "state":"up",
  "weight":200,
  "backup":false,
  "active":26,
  "keepalive":0,
  "requests":447,
  "fails":0,
  "unavail":0,
  "downstart":0,
  "sent":46310,
  "received":1052079,
  "downtime":0,
  "responses":{"1xx":0,
               "2xx":421,
               "3xx":0,
               "4xx":0,
               "5xx":0,
               "total":421},
  "health_checks":{"checks":14,
                   "fails":0,
                   "unhealthy":0,
                   "last_passed":true}},
  {
  "server":"10.172.14.183:80",
  "state":"up",
  "weight":200,
  "backup":false,
  "active":22,
  "keepalive":0,
  "requests":447,
  "fails":0,
  "unavail":0,
  "downstart":0,
  "sent":46750,
  "received":1062075,
  "downtime":0,
  "responses":{"1xx":0,
               "2xx":425,
               "3xx":0,
               "4xx":0,
               "5xx":0,
               "total":425},
  "health_checks":{"checks":13,
                   "fails":0,
                   "unhealthy":0,
                   "last_passed":true}}]}
}

Logging to syslog ability

This feature can help to override the current need on Nginx servers for syslog parsers like syslog-ng or Rsyslog, because now it has the ability to directly send logs to any external log server we configure. This feature can be configured even on each Vhost separately, creating tags and more.

access_log syslog:server=192.168.1.1;
access_log syslog:server=unix:/var/log/nginx.sock;
access_log syslog:server=[2001:db8::1]:12345,facility=local7,tag=nginx,severity=info combined;

Backend slow start feature

This is one of the features that took us sometime figure out completely. If you know Nginx, you should know by now that it can work as a powerful load balancer, routing traffic to healthy instances of your cluster and distributing load to backup instances in case you have huge traffic peak.

Many of us have experimented corner cases were you handle a really big traffic peak during long periods of time and your boxes literally freeze. With this new feature, nginx provides a new way to help failing servers come back to the battle.

Session affinity functionality

This feature works like session stickiness on which the webserver locks a server to a user from the first and until the last request. This becomes helpful for applications that don’t manage cookies of sessions natively.

API for on-the-fly upstreams configuration management

We’ve left one of the coolest features for the end, our folks at Nginx had worked in a way to let us manage upstream configurations with a API on the fly. When we saw this feature, we were very happy with how well it worked. You can list, add, modify, and of course remove upstream servers from your pool.

location = /upstream {
  allow WHITE.LIST.IP.ADDRESS;
  deny all;
  upstream_conf;
}

Now let’s suppose that we have: * A upstream called nginx_cluster * New server ip 10.172.14.183 * New server port * New server weight 100 requests * New server fail timeout 5 seconds * Slow start of 5000 seconds.

curl "http://nginx-server.3scale.net/upstream?add=&upstream=nginx_cluster&server=10.172.14.183:80&weight=100&fail_timeout=5s&slow_start=5000s"

Hence you can manage you your upstream server configuration in real time. However, take into consideration that any change that you have done using the API won’t be available when you restart the Nginx server.

(Once again, features like status dashboard, upstream health and API management should be protected with basic auth or ip restrictions.)

Open Source vs Commercial?

These great new features require commerciel NGINX PLUS to use, so they might not apply to everybody. Clearly when you favorite open source tools “go commercial” sometimes there can be concerns that the free versions get left behind, but we’re sure the NGINX team will manage this well since they are still Open Source at heart. No doubt some of the new features will eventually make it down to the open source version as well. Not least, having some users pay for these features will help the team keep building!

More to come once we get the chance to dig deeper and thanks to the NGINX team for the access!

Published: August 23 2013

  • category:
blog comments powered by Disqus