Setup Global load balancing for your site using Open source nginx

 

 

Nginx, called engine-x is a high performance HTTP server and reverse proxy, with proxy capabilities for IMAP/POP3/SMTP. Nginx is the creation of Russian developer, Igor Sysoev, and has been running in production for over two years. The latest stable release at the time of writing is Nginx 0.5.30, and is the focus of this article. While Nginx is capable of proxying non-HTTP protocols, we’re going to focus on HTTP and HTTPS.

 

High Performance, Yet Lightweight

Nginx uses a master process and N+1 worker process model. The number of workers is controlled by the configuration, yet the memory footprint and resources used by Nginx are several orders of magnitude less than Apache. Nginx uses epoll() in Linux. In our lab, Nginx was handling hundreds of requests per second, while using about 16MB of ram and a consistent load average of about 1.00. This is considerably better than Apache 2.2, and Pound doesn’t scale well with this type of usage (high memory usage, lots of threads). In general, Nginx offers a very cost effective solution.

 

Lighttpd

Lighttpd is a great lightweight option, but it has a couple of drawbacks. Nginx has very good reverse proxy capabilities with integrated basic load balancing. This makes it a very good option as a front end to dynamic web applications, such as those running under Rails and using Mongrel. Lighttpd on the other hand, has an old and unmaintained proxy module. Now it does have a new proxy module with Lighttpd 1.5.x, but that is the other problem with Lighttpd, where its going. Lighttpd 1.4 is lightweight, relies on very few external libraries and is fast. Lighttpd 1.5.x on
the other hand requires many more external libraries, including glib, now I don’t know about you but anything using glibc is far from “lightweight”.

 

Basic Configuration

The basic configuration of Nginx specifies the unprivileged user to run as, the number of worker processes, error log, pid and events block. After this basic configuration block, you have per protocol blocks (http for example).

 

 

  • user nobody;
  • worker_processes 4;
  • error_log logs/error.log;
  • pid logs/nginx.pid;
  • events {
  • worker_connections 1024;
  • }

 

 

Basic HTTP server

Nginx is relatively easy to configure as a basic web server, it supports IP and Name based virtual hosts, and it uses a pcre based URI processing system. Configuring static hosting is very easy, you just specify a new server block:

 

 

  • server {
  • listen 10.10.10.100:80;
  • server_name www.foocorp.com foocorp.com;
  • access_log logs/foocorp.com.log main;
  • location / {
  • index index.html index.htm;
  • root /var/www/static/foocorp.com/htdocs;
  • }
  • }

 

 

Here we are listening on port 80 on 10.10.10.100, with name virtual hosting using www.foocorp.com and foocorp.com. The server_name option also supports wildcards, so you can specify *.foocorp.com and have it handled by the configuration. The usual access logs, and root specifies htdocs. If you have a large number of name virtual hosts, you’ll need to increase the size of the hash bucket with server_names_hash_bucket_size 128;

 

Gzip compression

Nginx like many other web servers, can compress content using gzip.

 

 

  • gzip on;
  • gzip_min_length 1100;
  • gzip_buffers 4 8k;
  • gzip_types text/plain text/html text/css text/js;

 

 

Here Nginx allows you to enable gzip, specify a minimum length to compress, buffers and the mime types that Nginx will compress. Gzip compression is supported by all modern browsers.

 

HTTP Load Balancing

Nginx can be used a simple HTTP load balancer, in this configuration, you would place Nginx in front of your existing web servers. The existing web servers can be running Nginx as well. In HTTP load balancer mode, you simply need to add an upstream block to the configuration :

 

 

  • upstream a.serverpool.foocorp.com {
  • server 10.80.10.10:80;
  • server 10.80.10.20:80;
  • server 10.80.10.30:80;
  • }
  • upstream b.serverpool.foocorp.com {
  • server 10.80.20.10:80;
  • server 10.80.20.20:80;
  • server 10.80.20.30:80;
  • }

 

 

Then in the server block, you add the line:

 

 

  • proxy_pass http://a.serverpool.foocorp.com;

 

 

Health Check Limitations

Nginx has only simple load balancing capabilities. It doesn’t have health checking capabilities and it uses a simple load balancing algorithm. However, Nginx is a relatively new project, so one would expect to see various load balancing algorithms and health checking support added over time. While it might not be wise to replace your commercial load balancer with Nginx anytime soon, Nginx is almost there in terms of a very competitive solution. Monit, and other monitoring applications offer good options to compensate for a lack of health checking capabilities in Nginx.

 

Global Server Load Balancing

Nginx has a very interesting capability. With a little configuration can provide Global Server Load Balancing. Now Global Server Load Balancing (GSLB) is a feature you’ll find on high-end load balancing switches such as those from F5, Radware, Nortel, Cisco etc. Typically GSLB is an additional license you have to purchase for a few thousand dollars, on top of a switch that typically start around US$10,000.

 

GSLB works by having multiple sites distributed around the world, so you might have a site in Europe, a site in Asia and a site in North America. Normally, you would direct traffic by region by using different top level domains (TLD). So www.foocorp.com might go to North America, www.foocorp.co.uk to Europe, www.foocorp.com.cn to the server in Asia. This isn’t a very effective solution because it relies on the user to visit the proper domain. A user in Asia, might see a print advertisement for the North American market, hitting the .com address means they aren’t visiting the closest and fastest server.

 

GSLB works by looking at the source IP address of the request, and then determines which site is closest to that source address. The simplest method is to break the Internet address space down per region, then to route
traffic to the local site in that region. When we say region, we mean – North America, South America, EMEA (Europe, Middle East and Africa) and APAC (Asia-Pacific).

 

Configuring Nginx for GSLB

The geo {} block is used to configure GSLB in Nginx, the geo block causes Nginx to look at the source IP, and set a variable based on the configuration. The nice thing with Nginx is that you can set a default.

 

 

  • geo $gslb {
  • default na;
  • include conf/gslb.conf
  • }

 

 

Here in our configuration, we’re setting the default to na (North America) and then including the gslb.conf. The configuration file gslb.conf is a basic file consisting of subnet variable. Here is an excerpt from gslb.conf:

 

 

  • 32.0.0.0/8 emea;
  • 41.0.0.0/8 emea;
  • 43.0.0.0/8 apac;

 

 

When Nginx receives a request from a source IP in 32.0.0.0/8 (for those of you unfamiliar with slash notation, this is the entire Class A, 32.0.0.0 thru 32.255.255.255), it sets the variable $gslb to emea. We then use that later in the configuration to redirect.

 

Inside the location block of our server configuration in Nginx, we add a number of if statements before the proxy_pass (if used) statement. These instruct the server to do a HTTP 302 Redirect (temporary redirect).

 

 

  • if ($gslb = emea) {
  • rewrite ^(.*) http://europe.foocorp.com$1 redirect;
  • }
  • if ($gslb = apac) {
  • rewrite ^(.*) http://asia.foocorp.com$1 redirect;
  • }

 

 

These are configured under the www.foocorp.com named virtual server, if someone from North America hits www.foocorp.com, it hits the default and simply loads from the same server. If the user is from Europe, the request should match one of the subnets listed in gslb.conf, and sets the gslb variable to emea. This request causes the North American site hosting the .com domain to redirect the client to the server(s) at the site in Europe.

 

On the European server, the configuration is slightly different. Instead of the emea check, you check for NA and redirect to the US site. This is to handle the situation when someone in North America hits the .eu or .co.uk site.

 

 

  • if ($gslb = na) {
  • rewrite ^(.*) http://www.foocorp.com$1 redirect;
  • }

 

 

Traffic Control: In-region not always faster

The problem with commercial solutions is that they are too generalized. In our example configurations so far, we make some pretty wild assumptions. The problem with the Internet is that a user in Asia, might not for example, have a faster connection to servers in Asia. A good example of this is India and Pakistan. A server hosted in Hong Kong or Singapore, is in Asia, and would be considered “in region” for customers in India and Pakistan. The reality though is that traffic from those countries to Hong Kong, is actually routed through Europe, so packets from India to Hong Kong, go from India thru Europe, across the United States and hit Hong Kong from the Pacific. However, in the same subnet, customers in Australia are only a few hops away from Hong Kong.

 

In such a situation, with commercial solutions, you are just out of luck, but with Nginx you can fine tune how traffic is directed. Here we know 120.0.0.0/6 is mainly APAC, but 122.162.0.0/16 and 122.163.0.0/16 have faster connections to Europe. So, we simply add these subnets to the configuration. Nginx will use the closest match to the source IP. So 122.162.0.0/16 is
finer grained than 120.0.0.0/6, so Nginx will use it.

 

Manual Tuning

The initial tuning can be done by using the whois command, for example whois 120.0.0.0 will give you an idea which region it belongs to – ARIN, RIPE, etc. ARIN, RIP, APNIC, AFRINIC, and LACNIC are regional internet registries or RIR. An RIR is an organization overseeing the allocation and registration of Internet number resources within a particular region of the world. IP addresses both IPv4 and IPv6 are managed by these RIRs. However, as in our previous example, you’re going to need to fine tune the gslb configuration with traceroute and ping information. Probably the best approach is to do a general configuration and then fine tune the configuration based on feedback from customers.

 

Cost Savings vs. Features

Looking at a well known Layer 4-7 switching solution, you would need a minimum of $15k per site to purchase the necessary equipment and licensing. Commercial solutions do have some additional fault tolerant measures, such as the ability to measure load and availability of servers at remote sites. However, with Nginx offering a very close solution which is available for FREE with the source code, it is only a matter of time before such features are part of Nginx or available thru other projects.

 

gslb.conf

The following is an initial example of gslb.conf, it should be sufficient for most users.

 

 

  • 25.0.0.0/8 uk;
  • 32.0.0.0/8 emea;
  • 41.0.0.0/8 emea;
  • 43.0.0.0/8 apac;
  • 51.0.0.0/8 uk;
  • 53.0.0.0/8 emea;
  • 57.0.0.0/8 emea;
  • 58.0.0.0/8 apac;
  • 59.0.0.0/8 apac;
  • 60.0.0.0/8 apac;
  • 61.0.0.0/8 apac;
  • 62.0.0.0/8 emea;
  • 77.0.0.0/8 emea;
  • 78.0.0.0/7 emea;
  • 80.0.0.0/5 emea;
  • 88.0.0.0/6 emea;
  • 90.192.0.0/11 uk;
  • 91.104.0.0/13 uk;
  • 91.125.0.0/16 uk;
  • 92.0.0.0/8 emea;
  • 93.0.0.0/8 emea;
  • 116.0.0.0/6 apac;
  • 120.0.0.0/6 apac;
  • 122.162.0.0/16 uk;
  • 122.163.0.0/16 uk;
  • 124.0.0.0/7 apac;
  • 126.0.0.0/8 apac;
  • 129.0.0.0/8 emea;
  • 130.0.0.0/8 emea;
  • 131.0.0.0/8 emea;
  • 133.0.0.0/8 apac;
  • 134.0.0.0/8 emea;
  • 139.0.0.0/8 emea;
  • 141.0.0.0/8 emea;
  • 145.0.0.0/8 emea;
  • 150.0.0.0/8 apac;
  • 151.0.0.0/8 emea;
  • 157.0.0.0/8 apac;
  • 162.0.0.0/8 emea;
  • 163.0.0.0/8 emea;
  • 164.0.0.0/8 emea;
  • 171.0.0.0/8 emea;
  • 188.0.0.0/8 emea;
  • 193.0.0.0/8 emea;
  • 194.0.0.0/8 emea;
  • 195.0.0.0/8 emea;
  • 196.0.0.0/8 emea;
  • 202.0.0.0/7 apac;
  • 210.0.0.0/7 apac;
  • 212.0.0.0/7 emea;
  • 217.0.0.0/8 emea;
  • 218.0.0.0/6 apac;
  • 219.0.0.0/8 apac;
  • 220.0.0.0/7 apac;
  • 222.0.0.0/8 apac;

 

 

how to improve PC performance

Here are some simple tips which can boost your PC speed.

1. CLEAN UP DISK ERRORS

Whenever a programme crashes or you experience some power outage, your PC may create some errors on hard disk. This slows down computer speed.
For this, check and clean any errors on the computer hard disk.
To run Disk Check go to My Computer. Now, right-click on the drive you want to check for errors and click Properties.

In Properties dialogue box, click on the Tools tab. In the Error-Checking section, press the Check Now button. Access Check Disk to check for errors on your computer.
Depending on the errors, it may take up to an hour to check and clean. This must be followed at least once a week.

2. Remove temporary files

Your PC stores temporary files whenever you browse through the Web. Also, your PC stores temporary files when you work on programmes like Microsoft Word or Excel. This ends up slowing down your PC speed. To overcome it you can use the Windows Disk Cleanup screen to rid your PC of these dead files.

To run Disk Cleanup go to My Computer. Right click on the drive you wish to check for errors and click Properties. In the Properties dialogue box, click Disk Cleanup. You can also use Disk Cleanup to clear unused files from your PC.
After scanning, the Disk Cleanup dialogue box lists the files you can remove from your computer.

3. Organise your data

Often when you search files your PC takes a lot of time to track them. This is because computer breaks files into pieces to increase the speed of access and retrieval. However, once updated, computer saves these files on the space available on the hard drive, which results in fragmented files. This makes your PC go slow because it then searches for all of the file’s parts.

You need a Disk Defragmenter programme to needle all your files back together.
For this, go to My Computer and right click on the drive you want to check for error and click Properties.

In the Properties dialogue box, click the Tools tab, and then in the Defragmentation section, click Defragment. In the Disk Defragmenter dialog box, select the disk and then click Analyse.

After analysing your PC, the Disk Defragmenter pops up a message asking whether you need to defragment your computer or not. Once you defragement your PC, it will reorganise files by programme and size.

4. INSTALL ANTIVIRUS.

Biggest culprits behind slow PC performance are viruses and spyware. Both end up reducing your PC speed. Not only this they can also destroy your data and tamper files.

Also, with the 24X7 online environment, it is important to have anti-virus and anti-spyware programmes installed for secure online experience.

These programmes need to be frequently updated to avoid any attack on your computer.

You can do a recee of the Net for popular anti-virus and anti-spyware solutions. There are also several paid options like McAfee, Norton Anti-virus and Trend Micro.

5. REDUCE PAGE HISTORY

Is your PC giving you trouble while accessing the Internet? Don’t worry. For Internet Explorer users, Microsoft has some rescue options for faster Web browsing.

To improve your PC speed, first reduce the size of your Web page history. For this go to Internet Explorer, and on the Tools menu click on Internet Options. Then go to the History section and type in the number of days you want to keep pages in history.

Preferably reduce the number of days as this will reduce the size of your Web page history.

6. AUTOMATE MICROSOFT UPDATES

For Windows users, Microsoft frequently release updates which may help boost up your PC speed. For this activate automate Microsoft Update so that your computer downloads and installs all the latest updates without giving you any trouble of finding any new releases.

Go to Start menu and click Control Panel. In the Automatic Updates dialog box, check the Automatic check box. If your PC finds any new updates, it will automatically download and install them. This will help you keep your computer up to date.

Enjoy!!

How to check the installed mod_jk version

2 ways you can do that.

1. Better approach is
# strings /PATH/TO/APACHE/modules/mod_jk.so |grep -i mod_jk
mod_jk.so
mod_jk.c
mod_jk/1.2.18 <-- There you go. 2. If you have that already installed then if you have enable mod_jk log then you can check from that log file or you can do http://Your_SERVER/ApplicationURL/SomeFOLDER/@#@#CS<>>$#$#$% You will get internal serever error over there at the bottom you will get the mod_jk version with apache version. e.g. Apache/2.0.59 (Unix) mod_jk/1.2.28

Steps to create SSL certificate

Change directory to conf/cert of your Apache SSL instance home

Generate key and CSR using the CN as the name of the web-site this apache instance will host. (Check the end of the doc to create csr)

Now you will have to give this CSR to the third party company and purchase the SSL certificate from them.

Steps to follow once we get the signed certificate:

Take the backup of previous certificate and then copy
EntrustSecureServerCA.crt
TrustedSecureCertificateAuthority.crt

ssl_home_ge_com.crt and replace the MY_SERVER1.key ( which gets created from step 3)

Restart the apachessl after all the changes. To use this certificate on other server2 , copy all the certificates there and rename MY_SERVER1.key to MY_SERVER2.key )

# openssl req -new -nodes -keyout MY_SERVER1.key -out MY_SERVER1csr

Internet Explorer shortcut keys

Shortcut Keys Description
Alt + Left Arrow Back a page.
Backspace Back a page.
Alt + Right Arrow Forward a page.
F5 Refresh current page, frame, or tab.
F11 Display the current website in full screen mode. Pressing F11 again will exit this mode.
Esc Stop page or download from loading.
Ctrl + (- or +) Increase or decrease the font size, pressing ‘-‘ will decrease and ‘+’ will increase.
Ctrl + Enter Quickly complete an address. For example, type tcs in the address bar and press CTRL + ENTER to get http://www.tcs.com/
Ctrl + D Add a Favorite for the page currently opened.
Ctrl + I Display available bookmarks.
Ctrl + N Open New browser window.
Ctrl + P Print current page / frame.
Ctrl + T Opens a new tab.
Ctrl + F4 Closes the currently selected tab.
Ctrl + Tab Moves through each of the open tabs.
Spacebar Moves down a page at a time.
Shift + Spacebar Moves up a page at a time.
Alt + Down arrow Display all previous text entered in a text box and/or available options on drop down menu.
Alt + D Highlights the text in the address bar