Moving To NGINX From Apache

2000px-Nginx_logo.svg

I’ve been a longtime user of the Apache webserver. I think I first installed and configured a 1.x release somewhere in the late 90s, which is longer ago than I often realise.

The last time I looked at NGINX as an alternative to Apache was, similarly, quite a while ago. At the time, the feature parity wasn’t sufficient for it to replace what I needed my Apache install to do, which was a combination of outbound webserving and reverse-proxying of internal services.

A lot has changed. NGINX is now absolutely a viable alternative to Apache for basically everything I thought I needed Apache for.

It’s also just… easier.

The configuration syntax makes more sense to me. Name-based virtual servers just work. SSL setup is easy. I didn’t have to muck about to get reverse proxying working. Putting specific bits of configuration in a certain context (global HTTP server, virtual server, URI location) seems much more intuitive. The documentation is largely clear and to the point, and it’s easy enough to find what I need to look up.

To be fair, a lot of this was made easier because I was coming from Apache and already knew how a lot of this should work, even if I didn’t necessarily know what the syntax I needed was. It was just a matter of quickly Googling Apache to NGINX migration guides scattered around the place, and checking of some documentation.

Why Move?

Apache is pretty heavy. My main corporate site is hosted on a small virtual server to keep costs down, but the same VM also hosts a bunch of other services, like email. The VM only has 1GB of RAM, which should be a lot, but these days it unfortunately isn’t. Apache hogging a bunch of memory to serve up some pretty lightweight pages didn’t really make sense, but I hadn’t bothered to change because a) it worked, and b) why fix what isn’t broken?, and c) laziness.

Alas, the rise in spam meant spamassassin was chewing up a lot of memory learning new tokens (a topic for another day) and running out of RAM, or MySQL would run out and die when something got a bit too popular. It wasn’t worth building a multi-VM scale-out solution, because that would be massive overkill (which means I totally should do it as an exercise one of these days) but I don’t like operational headaches.

Recently I spoke to NGINX Head of Products, Owen Garrett about the open source NGINX webserver/proxy/cache/load-balancer, and the commercial offering NGINX Plus. Did you know there’s a commercial version? There is, and it’s about a lot more than just webserving. Oh, and the CEO, Gus Robertson, is a fellow Aussie.

So NGINX was top of mind, and I figured I may as well give it a go.

Easy Move

Installation is easy, because NGINX is part of Ubuntu, so just:

apt-get install nginx

Basic configuration was straightforward: add a site in /etc/nginx/sites-available, port the Apache configuration across, link to /etc/nginx/sites-enabled and then reload the server config. Here’s a decent place to start with how to port your config. It’s quite easy, really.

You can check syntax first, just like with Apache:

nginx -t
service nginx reload

I already had SSL keys organised (check out LetsEncrypt if you need some) so the main change was to concatenate existing server certificates and the CA chain certificate, because NGINX wants them to be in the one file (unlike Apache’s SSLCertificateChainFile syntax). More info on configuring SSL is here.

Setting up a reverse proxy is easy with the proxy_pass setup:

        location / {
                proxy_pass http://internal.server.net:11034;
                proxy_pass_header Server;
        }

The servername and port are changed for this example, but that’s honestly all there is to it. I only need the proxy_pass_header Server; part because the application server this is in front of happens to need the requested hostname because reasons.

WordPress With FastCGI

This blog runs WordPress, and moving that to NGINX meant adding something to process the PHP, much like adding libapache_mod_php5 to Apache.

Again, this is easy:

apt-get install php5-fpm

And then configure your NGINX server to call php5-fpm as described in this article on the NGINX site. There are security implications for how you allow code to be executed on your webserver, which isn’t specifically related to NGINX, but basically don’t allow files that can be uploaded to the site to be executed as code.

Resources

For tips on the basics of migrating a config, check out this guide over at DigitalOcean. Also take a look at the Beginner’s Guide in the open-source documentation

The basics in the NGINX Admin Guide are easy to read as well, and you can refer to the detailed command references where you want to.

The basics of configuring NGINX for SSL is here.

Tips

  • There’s a difference between root and alias, which is important.
  • If you want to debug how your location matching is working, put your error logging at level notice, and enable rewrite logging, e.g.:
    rewrite_log on;
    error_log /var/log/nginx/mysite.errors.log notice;
    
  • debug level output is very verbose.
  • Move stuff you use in multiple places into a separate file and use include <commonfile>; so you don’t have to write the same thing over and over.

 

The Eigencast 015: Spare5 and the Human Machine Hybrid

The Eigencast

Justin talks to Matt Benke, CEO and Founder of Spare5, and Andy Ganse, Principal Data Scientist, about how they use humans to complement machine learning and data analysis techniques.

Andy Ganse, Principal Data Scientist, Spare5

Andy Ganse, Principal Data Scientist, Spare5

matt-benke-IMG_5461-270x270

Matt Benke, CEO and co-founder, Spare5

Spare5 is so-named because people can take a spare five minutes out of their day to do a task allocated to them by Spare5’s system, a bit like Amazon’s Mechanical Turk, but a task that they are good at and enjoy. And unlike playing a game or checking in to Facebook or Twitter for the twenty-third time this morning, you get paid for your time.

But unlike the exploitative nature of other platforms (*cough* sharing economy *cough*), Spare5 doesn’t see this as an alternative source of a primary income. It’s very much geared towards people spending an odd minute here and there to do something they actually like doing, not something they feel they have to do just to survive. It’s an alternative to playing Candy Crush, but you get paid instead of paying to be entertained.

There are some interesting implications to Spare5’s approach, for how machine learning and modelling is done, the role of humans in a machine/human hybrid future, and how we design systems to provide end companies with the benefits of human labour but in a way that values the humans at least as much as the machines.

Links

Sponsors

PivotNine-cropped-logo

This episode of The Eigencast was sponsored by PivotNine. Research, analysis, advice.

 

 

Digital Adds Nothing

finger-man-451209_1920

I’m fed up with everything being digital.

Digital Marketing, Digital Business, Digital Economy. Pick a noun, whack the word ‘digital’ in front of it, et voilà, it’s now completely different and special!

Except it isn’t. The only time the word digital adds meaning is when you’re contrasting it with something that is analog. You know, like the difference between vinyl records and compact discs. Or discrete and continuous mathematics. Or electric circuitry.

That’s where it came from, I know. Digital computers. As distinct from analog computers, and how many of those do you see these days? Digital is shorthand for saying “involving computers somehow”.

Computers. That have been around for over 70 years now. The 1980s was thirty years ago.

What’s The Difference?

Here’s the thing: what’s the difference between a business, and a digital business? A business that uses computers?

Spreadsheets have been used for running businesses since at least VisiCalc, which was first released in 1979. “Using computers in your business” isn’t new and special.

Ok, so maybe digital is shorthand for “business that uses the Internet”? The dot-com boom/bust was in 1999, seventeen years ago. Try again.

Calling something digital is actively harmful when it clouds people’s thinking that using a computer somehow makes an existing business process magic.

It doesn’t.

Digital Marketing

Sloppy marketers are the biggest abusers of this digital-prefix mania. I guess they ran out of ideas after putting the letter e in front of everything. Remember e-marketing?

Let’s use them to show how whacking digital in front of everything makes otherwise smart people stupid.

AdAge loses its mind

Jason John doesn’t read his own article.

This article in AdAge has been marked up by my old biz school professor, Mark Ritson, to show how adding computers or the Internet doesn’t change the principles of marketing. The article directly contradicts itself.

What people seem to have forgotten in all the excitement about computers is that there are an awful lot of humans out there doing things. Marketing is all about influencing humans, not computers. Digital marketing, if there really was such a thing, should probably be about convincing your fridge that it needs a new toaster as a companion in the coming utopia of the Internet of Things (as distinct from the Internet of non-Things, whatever that is).

People, Not Digits

In fact, most businesses are about people. You’re making products, or services, that people want or need. You tell people about those things through advertising. You try to understand what people want by conducting market research. You hire and pay people to create the stuff your business sells. People talk to other people about the stuff and convince them to exchange money for the stuff. People use your stuff and hopefully tell other people about how great it is and that they should but some too.

It’s all about people. Companies aren’t autonomous intelligences that wander the landscape, occasionally spurting out a new kind of chocolate bar. They’re run by people. People make the decisions. People decide to kill a popular product line, or to move production to Mexico, or to hide their investments in offshore tax havens.

Until we really do have AI, it’s people all the way down.

Digital To Finger

In a fit of pique, I quickly hacked up a Chrome browser extension to replace every occurrence of the word digital with finger.

You can grab the code from my Github here. It’s based on the Snake People-to-Snake-People extension, which is worth a go as well. You could also use the XKCD substitutions extension, which can now do arbitrary string replacements.

Run it for a day, and be amazed at how silly people sound as they prattle on about Finger Marketing, or Finger Businesses.

And then have a think about what the digital prefix is hiding. Strip it away, and then ask yourself:

Is this really any different?

The Eigencast 014: Pure Startup

The Eigencast

Scott Dietzen, CEO of Pure Storage, with Blue Cow

From left: Justin Warren, Blue Cow, Scott Dietzen, CEO of Pure Storage (Photo: Justin Warren)

Justin talks to Scott Dietzen, CEO of Pure Storage, about keeping a startup culture inside a public company. They discuss the storage market, and all-flash in particular, given the nature of Pure’s products.

They talk about why Pure chose to develop its newly announced FlashBlade product line as an “internal startup”, and how the group was organised, managed, and motivated. Scott shares his views on how product development inside large companies should be done, and there are some good lessons here for anyone interested in innovation, startups, and high tech.

Scott shares his experiences of entrepreneurship from four different companies, and suggests that Pure Storage will be the last time he plays a hands-on role in leading a startup. He provides a few tips for anyone thinking of trying the entrepreneurship route.

Links

Sponsors

PivotNine-cropped-logo

This episode of The Eigencast was sponsored by PivotNine. Research, analysis, advice.

 

 

Disclosure Post, Pure Accelerate and SFD9 Edition

This is part of a series of posts about Storage Field Day 9.

Another tech event, another bunch of branded merch and corporate largesse to disclose. If you haven’t seen these before, take a look at previous disclosure posts.

This post covers the period from Sunday 13 March 2016 to Sunday 20 March 2016, and both the Pure Storage //Accelerate conference and Storage Field Day 9.

Travel and Accommodation

My flights to and from San Francisco, CA (on Qantas) were paid for by Pure Storage. My accommodation in San Francisco itself for the first two nights was also paid for by Pure Storage, and Pure also paid for a car to take me from SFO airport to the hotel.

Tech Field Day paid for a car to take us all from the Pure Storage event on Tuesday afternoon down to Santa Clara for SFD9, which was the same huge limo that’s usually used for Tech Field Day events in the Valley. Ramon, our usual driver (and owner of the company, I believe), is awesome.

As an aside, a limousine is a ridiculous way to travel, as they’re not very comfortable. But, it does fit almost the entire group in one car, including luggage, so it’s logistically simpler than a small fleet of town cars.

Food and Drink

My belt is now too tight, thanks to excellent noms.

  • Airline food on the planes to SFO.
  • Lunch on Sunday was Clam Chowder and a couple of beers with some other Tech Field Day peeps down at one of the Piers at Fisherman’s Wharf in San Francisco. We paid for this ourselves. The place had a nice view of Alcatraz when there wasn’t too much mist. I now know what it’s like to get rained on with a shaved head, which is actually a lot nicer than it might sound.

    San Francisco Clam Chowder

    San Francisco Clam Chowder

  • Dinner Sunday was a turkey sandwich and a local beer at the hotel, courtesy of Vaughn Stewart (@vStewed), as I caught up with him and Nick Howell (@datacenterdude) for dinner.
  • Breakfast on Monday was your standard buffet thing, put on by Pure Storage at a blogger briefing at AT&T stadium in some corporate function rooms they have on the side. I had a pastry, some scrambled eggs, and several coffees because timezones.
  • Lunch on Monday was food trucks at the Pure //Accelerate conference venue at Pier 48. This was a good arrangement compared to the usual function catered lunch box/bain-marie thing. I had a pretty delicious burrito and a diet coke.
  • Dinner on Monday was courtesy of Pure, at a restaurant called Marlowe, which was better than the venue surroundings might suggest. I tried one of the fancy cocktails, which has an excellent name that I unfortunately didn’t note down and can’t remember. It was the kind of lethally tasty drink that you’d easily have four of them without noticing the booze and then your legs wouldn’t work when you decided to go to the restroom. I wisely stopped at one.
    There were some sort of flash-fried peels Brussels sprouts as an appetiser, which were surprisingly good given that I don’t really like Brussels sprouts. There were also some crumbed oysters, which is a waste of a perfectly good oyster, in my opinion. For main I had a steak, which was delicious, paired with a quite decent pinot noir, which is not my preferred choice for steak (I’m Australian, so I like a hearty shiraz/syrah or cabernet sauvignon) but it was still better than most of the Australian pinot I’ve tried. New Zealand make much better ones, IMHO. I also had dessert, which was a decadent chocolate mousse, which I totally didn’t need, but it was amazing and I regret nothing.
  • A few of us had a nightcap (a single malt scotch for me) and a chat at the bar back at the hotel, which was paid for by Tech Field Day.
  • Tuesday breakfast was a coffee and snacks at the //Accelerate venue before I walked back to the hotel to pick up a package that was helpfully* delivered twelve minutes after I’d left. However, it was a gorgeous day in San Francisco, and I had a good chat with Matt Lieb (@MBLeib) on the way.
  • Tuesday lunch was at Pure //Accelerate, but a different food truck this time. I decided to try chicken and waffles after hearing about it from various of my American friends. It was… tasty, but an unusual combination of savoury and sweet. I’d eat it again, but it was hyped up waaaay too much and couldn’t live up to the inflated expectations. B-.

    Chicken and Waffles

    Chicken and Waffles

  • Tuesday dinner was courtesy of Tech Field Day, at Cucina Venti. We had various shared appetisers, and I had a roast chicken main that was quite tasty. I drank Chianti.
  • Wednesday breakfast was hotel buffet and SFD9 delegate meeting. I had the usual coffee and eggs.
  • Wednesday lunch was at NetApp, in their cafeteria, but with a special catered selection for us. I had roast beef, chicken breast and some steamed vegetables, and a NetApp+Solidfire branded chocolate cookie that was not overly sweet. And a diet coke.
  • Wednesday dinner was at Mezcal as a serve-yourself buffet. I had some chicken and salmon, and some vegetables, rice and beans, plus some corn chips and salsa. To drink I had a few margaritas, which were reasonable but not the best I’ve had.
  • Thursday breakfast was at Violin Memory. It was a kind of Mexican buffet, which I think was intended as a “make your own breakfast taco” type thing. I had a kind of open taco attempt at migas which was not a complete failure, though to call it a success. I also tried a hazelnut flavoured Keurig coffee machine thing, which smelled nicer than it tasted, but was sweetened so it was less bad than normal drip coffee. Honestly, what is it with America and drip coffee?
  • Thursday lunch was at Intel, a catered buffet thing. I had some roast beef, chicken, and some grilled asparagas that was really quite good. The espresso coffee machine made a decent cup, too.
  • Thursday dinner was at The Farmer’s Union in San Jose, courtesy of Tech Field Day. We had some shared appetisers, and I highly recommend the mushroom cigars. For main I had the pan roasted duck, which was very yummy. To drink I had a couple of Mai Tais.
  • Back at the hotel a few of us stayed up for a nightcap, which was polishing off Mark May’s (@cincystorage) delegate gift of a bottle of scotch. There may have been some sporadic plotting of world domination.
  • Friday breakfast was at VMware, a buffet thing and the best drip style coffee I’ve yet had. I believe the coffee was selected by Christos Karamanolis (@XtosK), so kudos. Also the pain au chocolat was delicious.
  • Friday lunch was Chinese food, San Jose style, and a wind-down from Tech Field Day after all the presentations. We ate family style, so I had a try of a bit of everything. The Mapo Tofu, one of my favourite dishes, was pretty decent, and the jasmine tea was just right.
  • Friday dinner was at Mexicali with Stephen Foskett, Matt Lieb, Dave Henry (@DaveMHenry), Enrico Signoretti (@ESignoretti), and Vipin V.K. (@VipinVK111). I ate waaay too much guacamole and chips but it was so fresh and tasty and you can’t get chips like that in Australia. Also the mole with the enchiladas was outstanding. I’m still full.
  • Airline food offerings on the way home, which I mostly skipped due to having gained 2kgs in a week or something.

    Blue Cow knows what a real coffee is.

    Blue Cow knows what a real coffee is.

  • Sunday morning: the first proper coffee in a week, thanks to Qantas club Sydney and Craig Waters (@cswaters1) getting me into the lounge because I am still just a lowly Silver status frequent flyer.

Vendor Branded Schwag

In order of reception, I was given the following gifts by vendors.

Pure Storage

  • A set of Pure Storage cuff-links, which I wore to do a video thing at the //Accelerate event. I now have two sets.
  • A pair of Rayban Wayfarer imitation plastic sunglasses, co-branded with Datalink.
  • An Outdoor Tech rugged wireless speaker. It’s a bluetooth speaker that’s weather resistant for strapping to the handlebars of your bike.

NetApp

  • A couple of SolidFire stickers.
  • A SolidFire branded 4GB USB thumbdrive which glows red when you plug it in.
  • A NetApp branded bluetooth speaker, but it’s red, so SolidFire are being cheeky.
  • A pair of SolidFire Socks v3.0.
  • A NetApp branded Lumo Lift posture coach thing. I guess it’s supposed to vibrate when you slouch or something, and has an app because of course it does.
  • A copy of Hybrid Cloud & Data Fabric for Dummies (NetApp Special Edition).

Plexistor

  • A branded 32GB (!) USB thumb drive with a bunch of marketing materials and the SFD9 presentation deck pre-loaded onto it.

Violin Memory

  • A branded notepad, about A6 size, which is small enough to be useful.
  • A branded 16GB USB thumb drive, pre-loaded with marketing materials.
  • A vmem.com branded bottle opener.

Intel Storage

  • Nothing I can recall.

Cohesity

  • A Cohesity logo sticker.
  • A six month subscription to Lootcrate, which means apparently they’ll send me a t-shirt and some other nerd stuff each month.
  • A branded tiki mug.
  • A branded notepad, about A5 size.
  • A branded pen.

VMware Storage

  • A couple of “I am Captain VSAN” stickers.
  • An LED flashlight (torch) with “VMware Virtual SAN All Flash” written on it. Get it? It’s surprisingly bright, and takes AAA batteries, so this might actually be useful, however, the best torch is one that has a winding recharge mechanism. We have a few around the house, in cars, etc. They’re great because you don’t have to remember to charge the batteries for your torch, because you always find out they’re flat when you need to use the torch, and who needs more maintenance routines in their life?

If I’ve missed anything out, do let me know.