Site icon 지락문화예술공작단

Announcing NGINX Plus R8

NGINX, Inc. is proud to announce the availability of NGINX Plus Release 8 (R8), the latest release of our application delivery platform. Prominent among the features in NGINX Plus R8 is the OAuth Technology Preview, an implementation of OAuth-based authentication. OAuth 2.0 is the industry standard for authentication and authorization. It can be used to add Single Sign On (SSO) to your applications as well as control access to your APIs.

In addition, this release includes a fully production-ready and hardened implementation of HTTP/2, a persistent on-the-fly reconfiguration API, scalable caching for large video files, and many more features to ensure flawless application delivery.

The key new features in NGINX Plus R8 are:

NGINX Plus R8 Features in Detail

This section provides a detailed overview of all the new features and functionality in NGINX Plus R8.

OAuth Technology Preview

OAuth 2.0 has emerged as the common standard for managing user authentication and access controls on the web. Rather than having a separate account and password for each app we use, we store our relevant information with a central authentication server, such as Facebook or Google. A resource server, such as a music streaming service, then gets our personal information from the authentication server, including whether or not we authenticated successfully. OAuth defines the protocol for exchanging this information securely between the authentication server and the resource server.

OAuth uses an access token to represent the user’s personal information. If users attempt to access an OAuth-enabled site without a valid access token, they are first redirected to the authentication server to log in and obtain the access token. The authentication server then redirects them back to the original resource server, now with the access token. The resource server then validates the access token with the authentication server before granting access.

NGINX Plus simplifies your OAuth Deployment

With NGINX Plus R8 you can add OAuth support to your existing sites and apps with ease. NGINX Plus performs the OAuth authentication procedure and returns the access token in the form of HTTP headers that your application already understands. This means that your application code does not have to implement any of the OAuth protocol flow.

If a user attempts to access a restricted resource without a valid token, NGINX Plus redirects the user to your login page, which in turn can offer the user a choice of authentication servers from which to obtain the token. NGINX Plus also validates the token before resubmitting the request to the application. Offloading this work to NGINX Plus reduces the load on application servers, and enables developers to focus on core application logic rather than supporting OAuth in each application.

Production-Ready HTTP/2 Implementation

HTTP/2 is the latest version of the HTTP protocol. It fixes a lot of the problems in the original version of the HTTP protocol, leading to better overall performance and more efficient resource utilization.

The usage of HTTP/2 has been steadily increasing since the standard was ratified in February 2015. As of this writing, 6% of all websites use HTTP/2 and 69% of users on the Internet use a browser that supports HTTP/2.

With NGINX Plus R8, you are getting the most battle-tested, stable, and reliable implementation of HTTP/2 available today. 71% of HTTP/2-enabled websites are powered by NGINX and NGINX Plus, and we’ve incorporated feedback from our early adopters into the product. Our HTTP/2 implementation is fully supported for production use and can scale to handle the toughest workloads.

NGINX acts as an HTTP/2 Gateway

NGINX Plus acts as an “HTTP/2 gateway” to ease transition to the new protocol. On the frontend, NGINX Plus talks HTTP/2 to client web browsers that support it. On the backend, NGINX Plus talks HTTP/1.x (or FastCGI, SCGI, uwsgi, etc.), just as before. In between, NGINX Plus translates between HTTP/2 and HTTP/1.x (or FastCGI, etc). This means that servers and applications proxied by NGINX Plus are unaffected by the move to HTTP/2, and don’t really even need to know whether their clients are using HTTP/2. Websites and applications that service HTTP/2 clients must use TLS/SSL, however, as required by all web browsers that support HTTP/2.

The only NGINX Plus or NGINX configuration change you need to make is adding the http2 parameter to listen directives:

listen 443 ssl http2 default_server;

For more details on HTTP/2 in NGINX Plus and NGINX, please see our white paper and on-demand webinar.

Persistent On-the-Fly Reconfiguration

NGINX Plus provides an HTTP-based API for adding, removing, and modifying backend servers dynamically and without having to reload the configuration. This is a great feature for service discovery, autoscaling, and other applications that require adding and removing servers on demand.

With NGINX Plus R8, changes made using this API can now be persistent across NGINX Plus restarts and configuration reloads. Add the new state directive in an upstream block to name the file in which NGINX Plus stores state information for the servers in the upstream group. Changes that you make with the on-the-fly reconfiguration API are recorded in the file. NGINX Plus reads the file at startup, which is how your changes persist across restarts.

upstream backend {
zone backend 64k;
state /etc/nginx/conf.d/backend.state;
}

Scalable Caching for Large Video Files

Caching is one of the quickest ways to accelerate delivery of web content. Not only does caching place content closer to the end user, reducing latency, it also reduces the number of requests to the upstream origin server, lowering bandwidth usage and effectively increasing capacity. Video, especially HTML5 video, is a prime target for caching, because the content is static and tends to be heavily requested when first published.

With HTML5 video, the browser pseudostreams content by making HTTP byte-range requests. It requests the first minute of video, for example, and then the second minute, and so on. Streaming in this way also makes it easy to implement fast-forward and rewind functionality, as the browser can just skip over sections of video it doesn’t need, instead beginning the requested byte range at the point the user fast-forwarded or rewinded to.

NGINX Plus R8 includes the new Slice module to better support this style of browser-server interaction for cached video files. The module breaks up files into smaller fragments and then caches those fragments. Structuring the cache in this way better aligns with modern video streaming techniques, such as those used by HTML5 video.

To enable cache slicing, include the slice directive:

proxy_cache_path /tmp/mycache keys_zone=mycache:10m;

location / {
slice 1m;
proxy_cache mycache;
proxy_cache_key $uri$is_args$args$slice_range;
proxy_set_header Range $slice_range;
proxy_cache_valid 200 206 1h;
proxy_pass http://localhost:8000;
}

In this sample configuration, NGINX Plus breaks video files into 1-MB fragments. You must also set the cache key to differentiate between the fragments of the original file, by including the proxy_cache_key directive with the new $slice_range variable in the defined key. Also include the proxy_set_header directive to overwrite the Range header in the HTTP request with $slice_range. This is required because the byte range requested by the client might not line up with the boundaries between the fragments created by NGINX Plus, in which case NGINX Plus needs to make multiple subrequests to get all the data in the client’s byte-range request.

Additional Features

NGINX Plus R8 also introduces a number of additional improvements to aid you in flawless application delivery, including:

The following modules in the NGINX Plus Extras package have been updated:

The following packages are no longer available:

Upgrade or Try NGINX Plus

If you’re running NGINX Plus, we strongly encourage you to upgrade to Release 8 as soon as possible. You’ll pick up a number of fixes and improvements, and it will help us to help you if you need to raise a support ticket. Installation and upgrade instructions can be found at the customer portal.

If you’ve not tried NGINX Plus, we encourage you to try it out for web acceleration, load balancing, and application delivery, or as a fully supported web server with enhanced monitoring and management APIs. You can get started for free today with a 30-day evaluation and see for yourself how NGINX Plus can help you deliver and scale out your applications.

The post Announcing NGINX Plus R8 appeared first on NGINX.

Source: nginx

Exit mobile version