How Apache & Nginx is implemented in Timeweb
For many companies, Nginx + Apache + PHP is a very typical and common combination, and Timeweb is no exception here. However, it can be interesting and useful to figure out exactly how it is implemented.
The use of such a bundle is, of course, dictated by the needs of our customers. Both Nginx and Apache play a special role, each solves a specific task.
The basic configuration Apache are performed in the configuration files of Apache itself, and settings for client sites occur through htaccess file. .htaccess is a configuration file in which the client can independently configure the rules and behavior of the web server. This setting will apply specifically to his site. For example, thanks to the Apache functionality, users can change the mode of operation within the same PHP version from mod_php to mod_cgi; you can set up redirects, SEO optimization, friendly URL, some limits for PHP.
Nginx used as a proxy server to redirect traffic to Apache and as a web server to serve static content. We also developed security modules for Nginx that allow us to protect our users' data, for example, to separate access rights.
Let's imagine that some user visits our client's website. First, the user gets to Nginx, which gives static content. It happens instantly. Then, when it comes to downloading PHP, Nginx forwards the request to Apache. And Apache together with PHP already generates dynamic content.
Features of the Apache & Nginx bundle in Timeweb
On our virtual hosting, 2 main schemes for Apache & Nginx are implemented: Shared and Dedicated.
Scheme Shared
This scheme is used by most users. It is distinguished by simplicity and resource intensity: the Shared scheme uses fewer resources, so its tariff is also cheaper. According to this scheme, one Nginx is running on the server, which allows you to serve all user requests, and several instances of Apache.
The Shared scheme has been improved for a long time: we gradually corrected the shortcomings. It is convenient that it can be done without the need to modify the source code.
scheme Shared
Scheme Dedicated
Dedicated requires more resources, so its rate is more expensive for customers. In the Dedicated scheme, a separate Apache rises for each client. Resources here are reserved for the client, they are allocated exclusively. How it works: There are multiple versions of PHP on the server. We support versions 5.3, 5.4, 5.6, 7.1, 7.2, 7.3, 7.4. So, each version of PHP runs its own Apache.
Dedicated scheme
safezone. Setting up zones in Nginx
Previously, for Nginx, we used many shared memory zones (zones) - one server block per domain. This setup requires a lot of resources, as a separate zone is created for each site. However, in the Nginx settings, most sites are of the same type, so they can be placed in one zone thanks to the use of the map directives in the module ngx_http_map_module, which allow you to specify matches. For example, we have a zone template in which we must supply variables: the path to the site, the PHP version, the user. Thus, the re-reading of the Nginx configuration, that is, the reload, has accelerated.
This configuration saves a lot of RAM resources and speeds up Nginx.
Reload will not work!
In the Shared scheme, we got rid of the need to restart (reload) Apache when changing site settings. Previously, when one client wanted to add a domain or change the PHP version, a mandatory Apache reload was required, which led to delays in responses and negatively affected site performance.
We got rid of reloads by creating dynamic configurations. Thanks to (Apache module), each process runs as a separate user, which improves security. This method allows you to transfer data about the user and his document_root from Nginx to Apache2. So Apache doesn't contain site configurations, it gets them dynamically, and reloads are no longer required.
Schema Configuration Shared
But what about Docker?
Many companies have moved to a container-based system. Timeweb is currently considering such a transition. Of course, there are pros and cons to every decision.
Along with undeniable advantages, fewer resources are provided to the user in a container system. In Timeweb, thanks to the described scheme of hosting, the user has no limit in RAM. It gets more resources than in the container. In addition, the user may have more Apache modules loaded.
Timeweb powers over 500 websites. We take great responsibility and do not make instant, unjustified changes to a complex architecture. The Apache & Nginx bundle is reliable and time-tested. We, in turn, try to achieve maximum performance through unique configurations.
For high-quality and fast work of a large number of sites, it is required to use the template and dynamic configuration of Apache and Nginx. It allows you to easily and quickly administer a large number of servers of the same type.
Source: habr.com