Category Archives: Server

What is nginx?

Posted on by
48

nginx [engine x] is an HTTP and reverse proxy server, as well as a mail proxy server, written by Igor Sysoev. For a long time, it has been running on many heavily loaded Russian sites including Yandex, Mail.Ru, VKontakte, and Rambler. According to Netcraft nginx served or proxied 7.84% busiest sites in October 2011. Here are some of the success stories: FastMail.FM, WordPress.com.

The sources are distributed under the 2-clause BSD-like license.

Basic HTTP server features

  • Serving static and index files, and autoindexing; open file descriptor cache;
  • Accelerated reverse proxying with caching; simple load balancing and fault tolerance;
  • Accelerated support with caching of FastCGI, uwsgi, SCGI, and memcached servers; simple load balancing and fault tolerance;
  • Modular architecture. Filters include gzipping, byte ranges, chunked responses, XSLT, SSI, and image resizing filter. Multiple SSI inclusions within a single page can be processed in parallel if they are handled by proxied or FastCGI servers;
  • SSL and TLS SNI support.

 

Other HTTP server features

  • Name-based and IP-based virtual servers;
  • Keep-alive and pipelined connections support;
  • Flexible configuration;
  • Reconfiguration and upgrade of an executable without interruption of the client servicing;
  • Access log formats, buffered log writing, and fast log rotation;
  • 3xx-5xx error codes redirection;
  • The rewrite module: URI changing using regular expressions;
  • Executing different functions depending on the client address;
  • Access control based on client IP address and HTTP Basic authentication;
  • The PUT, DELETE, MKCOL, COPY, and MOVE methods;
  • FLV and MP4 streaming;
  • Response rate limiting;
  • Limiting the number of simultaneous connections or requests coming from one address;
  • Embedded Perl.

 

Mail proxy server features

  • User redirection to IMAP/POP3 backend using an external HTTP authentication server;
  • User authentication using an external HTTP authentication server and connection redirection to an internal SMTP backend;
  • Authentication methods:
    • POP3: USER/PASS, APOP, AUTH LOGIN/PLAIN/CRAM-MD5;
    • IMAP: LOGIN, AUTH LOGIN/PLAIN/CRAM-MD5;
    • SMTP: AUTH LOGIN/PLAIN/CRAM-MD5;
  • SSL support;
  • STARTTLS and STLS support.

 

Architecture and scalability

  • One master and several worker processes; worker processes run under an unprivileged user;
  • The notification methods: kqueue (FreeBSD 4.1+), epoll (Linux 2.6+), rt signals (Linux 2.2.19+), /dev/poll (Solaris 7 11/99+), event ports (Solaris 10), select, and poll;
  • The support of the various kqueue features including EV_CLEAR, EV_DISABLE (to temporarily disable events), NOTE_LOWAT, EV_EOF, number of available data, error codes;
  • sendfile (FreeBSD 3.1+, Linux 2.2+, Mac OS X 10.5+), sendfile64 (Linux 2.4.21+), and sendfilev (Solaris 8 7/01+) support;
  • File AIO (FreeBSD 4.3+, Linux 2.6.22+);
  • DIRECTIO (FreeBSD 4.4+, Linux 2.4+, Solaris 2.6+, Mac OS X);
  • Accept-filters (FreeBSD 4.1+) and TCP_DEFER_ACCEPT (Linux 2.4+) support;
  • 10,000 inactive HTTP keep-alive connections take about 2.5M memory;
  • Data copy operations are kept to a minimum.

 

Tested OS and platforms

  • FreeBSD 3  — 9 / i386; FreeBSD 5  — 9 / amd64;
  • Linux 2.2  — 2.6 / i386; Linux 2.6 / amd64;
  • Solaris 9 / i386, sun4u; Solaris 10 / i386, amd64, sun4v;
  • Mac OS X / ppc, i386;
  • Windows XP, Windows Server 2003.