NGINX in a serverless worldHow to keep control while moving to the cloud

- Oliver Gutperl

oliver.gutperl@digital-sailors.de @Digitalkapitaen #nginx #nginxconf

About meOliver Gutperl, Germany

Background: Software Dev

former CTO@parku, VP, Technology@StayFriends

Now Kapitän@

Author: „Nginx richtig konfigurieren“ - „Configure Nginx correctly“

2

oliver.gutperl@digital-sailors.de @Digitalkapitaen #nginx #nginxconf

Journey to the Center of the Cloud: The Serverless World

oliver.gutperl@digital-sailors.de @Digitalkapitaen #nginx #nginxconf

The „traditional“ approachServers go from a closet in your office… 🏠

…to a datacenter… 🏢

…and get virtualized ☁

4

oliver.gutperl@digital-sailors.de @Digitalkapitaen #nginx #nginxconf

The „serverless“ approachHistory: classical SaaS (Salesforce)

• highly integrated, big value proposition, big prices • no software installation, no servers

Then Amazon, Google, Microsoft • lower level of integration • e.g. e-mail sending, databases, CDNs, ...

5

oliver.gutperl@digital-sailors.de @Digitalkapitaen #nginx #nginxconf

Current serverless offersLowest level of integration

• just storage (S3) • just computing (Lambda) • AWS Lambda: REaaS for Java, Node.js, Python

6

oliver.gutperl@digital-sailors.de @Digitalkapitaen #nginx #nginxconf

Serverless cloud: a factory for raw storage space and computing power

oliver.gutperl@digital-sailors.de @Digitalkapitaen #nginx #nginxconf

ResultStorage and computing power become

🔌 Commodities

They have

⚖ No competitive advantage

💰 cost 8

oliver.gutperl@digital-sailors.de @Digitalkapitaen #nginx #nginxconf

Assessing your infrastructure🔌 Commodity

💵 Core Business

🏪 Gateway

9

oliver.gutperl@digital-sailors.de @Digitalkapitaen #nginx #nginxconf

CommodityServer, SSD, RAID, SAN, UPS, Router, Switch, etc.

😴 Not important

10

oliver.gutperl@digital-sailors.de @Digitalkapitaen #nginx #nginxconf

Core Business📀 Business logic as software, data

🔌 Depends on commodities

📞 Communication: HTTP

Going Serverless: 🛠 DevOps⚙ Microservices

11

oliver.gutperl@digital-sailors.de @Digitalkapitaen #nginx #nginxconf

Gateway to your product or service💯 Domain Names

🎖 SSL Certificates

📇 URL-Space

🏆 Golden URLs

Use Nginx to manage them

12

oliver.gutperl@digital-sailors.de @Digitalkapitaen #nginx #nginxconf

f()00101010 11010110 11010110 00101010 00101010 11010110 11010110 00101010 00101010 11010110 11010110 00101010 11010110 00101010

Cloud

💻 On Premise

13

oliver.gutperl@digital-sailors.de @Digitalkapitaen #nginx #nginxconf

Some ideas

oliver.gutperl@digital-sailors.de @Digitalkapitaen #nginx #nginxconf

URL-Space / Routinglocation /oldURL/ {   rewrite ^/oldURL/(.*) /image/heatmap/$1; }

location /image/heatmap/ {   proxy_method POST;   proxy_set_body ' { "width": "400px" } ';   proxy_pass http://heatmapService.internal/heatmap/date/; }

X-Accel-Redirect: /storageGateway/heatmap/2016-09-01.png

15

oliver.gutperl@digital-sailors.de @Digitalkapitaen #nginx #nginxconf

Error Handlinglocation /warmbeverage/ {  proxy_intercept_errors on;  error_page 418 =404 /nocoffee.html; proxy_pass http://beverageService.internal;}

16

oliver.gutperl@digital-sailors.de @Digitalkapitaen #nginx #nginxconf

Authenticationlocation /private/ { auth_request /subrequest/authentication; }

location = /subrequest/authentication {   internal;   proxy_method POST;   proxy_set_body '{ "service": "$uri", "token": "$http_authorization" }';   proxy_ssl_certificate certificate.file;   proxy_ssl_certificate_key secret.key   proxy_pass https://authService.internal/user; }

17

oliver.gutperl@digital-sailors.de @Digitalkapitaen #nginx #nginxconf

A/B Testingsplit_clients "${remote_addr}AAA" $variant {   1% "mainline";   * "stable"; }

location /someurl/ {   proxy_pass http://someService.internal/version/$variant/; }

18

oliver.gutperl@digital-sailors.de @Digitalkapitaen #nginx #nginxconf

Integration/Transclusionssi on;

<div id="menu"> <!--# include virtual=„/menuService/mainMenu" --> </div> ... <div id="recommendations">   <!--# include virtual="/recommendationService/books" --> </div>

19

oliver.gutperl@digital-sailors.de @Digitalkapitaen #nginx #nginxconf

Caching🏃💨 Speed 💰 Cost

proxy_cache nginxcache;

Microservice controls nginx cache: X-Accel-Expires: 3600 X-Accel-Expires: @1504789450 -> next year

20

oliver.gutperl@digital-sailors.de @Digitalkapitaen #nginx #nginxconf

Team skills🌎 HTTP

🚥 Monitoring

💰 Cost management

⚗ Experimentation

21

oliver.gutperl@digital-sailors.de @Digitalkapitaen #nginx #nginxconf

🌎 HTTPCommon language for services in the cloud Lots of innovation

• TLS (OCSP, Forward Secrecy, Connection Caching)

• HTTP/2 (significant HTML delivery improvements) Tangible rewards: Speed, better UX on Mobile, SEO

22

oliver.gutperl@digital-sailors.de @Digitalkapitaen #nginx #nginxconf

🚥 Monitoring & 💰 Cost ManagementMonitoring

• from IP to URL Cost management

• Cloud turns CAPEX into OPEX • Consult pricing tables before making

architectural decisions 23

oliver.gutperl@digital-sailors.de @Digitalkapitaen #nginx #nginxconf

⚗ ExperimentationEverybody is experimenting

Systems architectures change quickly

Manage vendor-lock-in

Take risks

24

oliver.gutperl@digital-sailors.de @Digitalkapitaen #nginx #nginxconf

💣About risk takingCloud services: zero lead time, near zero obligations

PLAN a rollback and EXPERIMENT with new things

Problems: IMPROVISE & roll forward

If nothing works: EXECUTE the rollback plan

25

oliver.gutperl@digital-sailors.de @Digitalkapitaen #nginx #nginxconf

This was our Journey to the Center of the Cloud

Thank you for joining me.

You’re AWESOME!

26

oliver.gutperl@digital-sailors.de @Digitalkapitaen #nginx #nginxconf

A lot of this is uncharted territory, there is much more to discover.

Questions?

✉ oliver.gutperl@digital-sailors.de

@Digitalkapitaen 🌍 https://www.digital-sailors.de

27