Understanding Nginx in detail

Nginx is an open source software which when installed helps to manage traffic efficiently. Nginx was initially developed to solve the C10k problem, which refers to the difficulty of handling 10,000 concurrent connections on a single server.

When a request comes it is firstly pointed to web server(nginx) then request is further redirected to the servers which can fulfil the request this is k/as reverse proxy.
Reverse proxy helps to distribute load equally, hide IP of the application server hence enhances security.

---

Key Features of Nginx
High scalability: Fast and can server multiple concurrent requests.
Lightweight: Requires less resources to operate.
Scalability: Horizontally scalable, i.e. add more servers in config as traffic grows.
Load balancing: Nginx acts as reverse proxy which helps in can distribute incoming traffic across multiple servers.
SSL termination: Can decrypt SSL (HTTPS) traffic and forward it to server over HTTP.
Caching: Storing frequently accessed content in memory to decrease load on backend servers
It can serve static and dynamic content

---

Nginx equivalent servers: While nginx is event driven model
1. Apache: is process based i.e. each request is handled by a thread/process.
more info at Nginx vs Apache - Nginx Tutorials
2. Microsoft IIS: Webserver suitable for windows applications and Microsoft technologies only.

---

Architecture: It worked on master-worker process model.
Master is responsible for taking incoming request from client, read the configuration file and forward request accordingly to one of the several worker process
Worker process is responsible for independently handling incoming request and sending response back. Worker node processes the request on the basis on config defined in server block. This configuration includes information such as the server name, port number, SSL settings, and proxy settings.

---

Nginx Configuration:

Nginx configuration is done in a conf file, which incase of linux machine is present in /etc/nginx . Directive is a configuration instruction which tells how nginx will act, it includes server blocks, proxy etc. Each directive is written on a separate line and ends with a semicolon. Modules are also used to extend functionality of nginx.

Basic blocks of nginx configuration:
I. Server Block: It usually contains
1. listen directive : It defines on which port the request will come
The listen directive can be set to:
An IP address/port combo.
A lone IP address which will then listen on the default port 80.
A lone port which will listen to every interface on that port.
2. server_name directive: It contains server name, usually when ip is not given on listen directive server_name is provided.
It can further include root(directive) path of content to be sent as response.
It may also contain path for log files, exp access logs, error logs.

server {
listen 80;
server_name example.com;
root /var/www/example.com;
access_log  /var/log/nginx/example/access.log
error_log   /var/log/nginx/example/error.log
}

II. HTTP directive
used in /etc/nginx/nginx.conf
It the most common use of Nginx. When configuring Nginx as a web server or reverse proxy, the “http” context will hold the majority of the configuration. This context will contain all of the directives and other contexts necessary to define how the program will handle HTTP or HTTPS connections.

http {
include /etc/nginx/mime.types;
include /etc/nginx/conf.d/*.conf;
...
}

There are many more directives which we will explore in further applications of nginx

---

Configuring Nginx as Load Balancer

To configure nginx as load balance we need to set upstream server block which contains the information of backend servers on which the incoming request can be distributed on the basis of algorithms used, commonly used algos are:

Round robin: send all request evenly 1 by 1 on each backend server.
Least connection: backend server having least request is given coming request.
Least time: backend server responding in minimum time is given coming request.
IP hash: Hash value is calculated on the basis of client's IP address and all requests of that client is redirected to the same backend server to maintain session persistence.

http {
upstream backend_servers {
server backend1.example.com;
server backend2.example.com;
server backend3.example.com;
}

...
}

Using Nginx for reverse proxy

A reverse proxy is a server that sits between client devices and backend servers, forwarding client requests to the appropriate server and returning responses to clients.

http {
...
server {
listen 80;
server_name your.server_name/ip_address;

location / {
proxy_pass http://"name_of_upstream_block";
}
}
}

Also in case you have multiple upstream blocks you can use proxy_pass directive in server block's location block to define which backend server should handle upcoming request.

SSL/TLS Termination

Incase you application is hosted on https, nginx handles decryption of incoming requests and distribute the traffic to the backend servers in unencrypted form.

To setup a secure connection between client and nginx you need to obtain SSL certificate form trusted certificate authority (CA), they usually share a certificate(.crt) and (private key) .pem file and place in the http block of your conf file as described below.

http {
...
# Configure SSL/TLS termination
server {
listen 443 ssl;
server_name your_domain.com;

ssl_certificate /path/to/your_certificate.crt;
ssl_certificate_key /path/to/your_private_key.key;

Set Nginx server blocks as virtual hosts: Below article has detailed description which i believe cannot be explained in short hence adding it directly.
How To Set Up Nginx Server Blocks (Virtual Hosts) on Ubuntu 16.04 | DigitalOcean

Nginx Logging:
Nginx can also be used to collect logs and use it for debugging errors delays etc.
It can be easily configured in the server block itself by using various directives.

access_log : This directive specifies the log file path and format for recording access logs.

access_log /var/log/nginx/access.log;

error_log: This directive sets the log file path for recording error logs.

error_log /var/log/nginx/error.log;

logs can be extracted in multiple formats such as
combined: it gives detailed info like client ip, access timestamp , requested url etc
common: This format gives concise information.
JSON: It can also be extracted it json format which can further be used.

example:

error_log /var/log/nginx/error.log combined;

Nginx logs have different levels like
alert, warn, debug, info, Error, Crit (critical)

http {
error_log /var/log/nginx/error.log warn;
...
}