This post is adapted from a presentation at nginx.conf 2016 by Yichun Zhang, Founder and CEO of OpenResty, Inc. This is the first of two parts of the adaptation. In this part, Yichun describes OpenResty’s capabilities and goes over web application use cases built atop OpenResty. In Part 2, Yichun looks at what a domain-specific language is in more detail.
You can view the complete presentation on YouTube.
Gixy is a tool to analyze Nginx configuration. The main goal of Gixy is to prevent security misconfiguration and automate flaw detection.
Currently supported Python versions are 2.7 and 3.5+.
This deployment guide explains how to configure global load balancing (GLB) of traffic for web domains hosted in Amazon Web Services (AWS) Elastic Compute Cloud (EC2). For high availability and improved performance, you set up multiple backend servers (web servers, application servers, or both) for a domain in two or more AWS regions. Within each region, NGINX Plus load balances traffic across the backend servers.
The AWS Domain Name System (DNS) service, Amazon Route 53, performs global load balancing by responding to a DNS query from a client with the DNS record for the region hosting the domain that is closest to the client. For best performance and predictable failover between regions, “closeness” is measured in terms of network latency rather than the actual geographic location of the client.
On the fly (and free) SSL registration and renewal inside OpenResty/nginx with Let’s Encrypt.
This OpenResty plugin automatically and transparently issues SSL certificates from Let’s Encrypt (a free certificate authority) as requests are received. It works like:
- A SSL request for a SNI hostname is received.
- If the system already has a SSL certificate for that domain, it is immediately returned (with OCSP stapling).
- If the system does not yet have an SSL certificate for this domain, it issues a new SSL certificate from Let’s Encrypt. Domain validation is handled for you. After receiving the new certificate (usually within a few seconds), the new certificate is saved, cached, and returned to the client (without dropping the original request).
This uses the
ssl_certificate_by_lua functionality in OpenResty 18.104.22.168+.
A pure Lua client library for Apache Cassandra (2.0+), compatible with ngx_lua/OpenResty and plain Lua.
It is implemented following the example of the official Datastax drivers, and tries to offer the same behaviors, options and features.