Terry : Nginx

What is nginx?

nginx [engine x] is an HTTP and reverse proxy server, as well as a mail proxy server, written by Igor Sysoev. For a long time, it has been running on many heavily loaded Russian sites including Yandex, Mail.Ru, VKontakte, and Rambler. According to Netcraft nginx served or proxied 12.77% busiest sites in January 2013. Here are some of the success stories: Netflix, Wordpress.com, FastMail.FM.

The sources and documentation are distributed under the 2-clause BSD-like license.

Basic HTTP features

  • Serving static and index files, autoindexing; open file descriptor cache;
  • Accelerated reverse proxying with caching; simple load balancing and fault tolerance;
  • Accelerated support with caching of FastCGI, uwsgi, SCGI, and memcached servers; simple load balancing and fault tolerance;
  • Modular architecture. Filters include gzipping, byte ranges, chunked responses, XSLT, SSI, and image transformation filter. Multiple SSI inclusions within a single page can be processed in parallel if they are handled by proxied or FastCGI servers;
  • SSL and TLS SNI support.

Other HTTP features

  • Name-based and IP-based virtual servers
  • Keep-alive and pipelined connections support;
  • Flexible configuration;
  • Reconfiguration and upgrade of an executable without interruption of the client servicing;
  • Access log formats, buffered log writing, and fast log rotation;
  • 3xx-5xx error codes redirection;
  • The rewrite module: URI changing using regular expressions;
  • Executing different functions depending on the client address;
  • Access control based on client IP address and HTTP Basic authentication;
  • Validation of HTTP referer;
  • The PUT, DELETE, MKCOL, COPY, and MOVE methods;
  • FLV and MP4 streaming;
  • Response rate limiting;
  • Limiting the number of simultaneous connections or requests coming from one address;
  • Embedded Perl.

Mail proxy server features

  • User redirection to IMAP/POP3 backend using an external HTTP authentication server;
  • User authentication using an external HTTP authentication server and connection redirection to an internal SMTP server;
  • Authentication methods:
  • SSL support;
  • STARTTLS and STLS support.

Architecture and scalability

  • One master process and several workers processes. The workers run as unprivileged user;
  • The notification methods: kqueue (FreeBSD 4.1+), epoll (Linux 2.6+), rt signals (Linux 2.2.19+), /dev/poll (Solaris 7 11/99+), event ports (Solaris 10), select, and poll;
  • The support of the various kqueue features including EV_CLEAR, EV_DISABLE (to disable event temporalily), NOTE_LOWAT, EV_EOF, number of available data, error codes;
  • sendfile (FreeBSD 3.1+, Linux 2.2+, Mac OS X 10.5), sendfile64 (Linux 2.4.21+), and sendfilev (Solaris 8 7/01+) support;
  • File AIO (FreeBSD 4.3+, Linux 2.6.22+);
  • Accept-filters (FreeBSD 4.1+) and TCP_DEFER_ACCEPT (Linux 2.4+) support;
  • 10,000 inactive HTTP keep-alive connections take about 2.5M memory;
  • Data copy operations are kept to a minimum.

Tested OS and Platforms

  • FreeBSD 3 — 10 / i386; FreeBSD 5 — 10 / amd64;
  • Linux 2.2 — 3 / i386; Linux 2.6 — 3 / amd64;
  • Solaris 9 / i386, sun4u; Solaris 10 / i386, amd64, sun4v;
  • AIX 7.1 / powerpc;
  • HP-UX 11.31 / ia64;
  • Mac OS X / ppc, i386;
  • Windows XP, Windows Server 2003.