Openresty’s current situation, trend, usage and learning methods


1. What is openresty and what scenarios are suitable for use

Unlike most of the well-known open source software in Europe and the United States, openresty itself and its main components are invented by developers in BRICs countries, which is quite interesting.

Nginx was invented by Russia, Lua was invented by several Brazilian professors. Zhang Yichun, a Chinese, embedded luajit VM into nginx, and realized openresty, a high-performance server-side solution.

Through openresty, you can freely splice various functions of nginx. More importantly, the development threshold is not high. All these are controlled by the powerful and lightweight Lua language.

Its main usage scenarios are as follows:

Knead and process various nginx upstream outputs in Lua (proxy, Postgres, redis, memcached, etc.)

Before the request reaches the upstream service, Lua can do complex access control and security detection at will

Control the information in the response head at will

Get back-end information from external storage services (such as redis, memcached, mysql, Postgres), and use this information to select which backend to complete business access in real time

In the content handler, complex web applications are written randomly, and the back-end database and other storage are accessed in a synchronous but still non blocking way

In the rewrite phase, a very complex URL dispatch is completed through Lua

Lua can be used to implement advanced caching mechanism for nginx sub requests and arbitrary locations

Before organizing the openresty technology conference, I always thought of myself as a lonely openresty user, feeling that I was using an unfamiliar technology.

Although you’ve all heard of openresty or NGX_ Lua, however, it seems that there are very few companies using it in the production environment. Apart from a few CDN companies, it seems that no well-known Internet company is using it. Many of the reasons why the CDN industry uses it are due to the influence of cloudflare technology stack. The author of openresty is also in this CDN company abroad.

But after the conference, I found that there are really many users. All the server-side teams of Qihoo 360 are using it, and the Internet companies such as Jingdong, Baidu, Meizu, Zhihu, Youku and Sina are using it. Some are used to write WAF, CDN scheduling, advertising system, message push system, and API server like our department. Some of them are also used in very critical businesses. For example, the Jingdong product details page shared by Kaitao in the highly available architecture is NGX, which I know_ Lua’s largest application.

2. Qihoo enterprise security server technology selection standard

First of all, why did I choose openresty when I chose the architecture more than three years ago?

In fact, how to design the architecture is not important, because each company, each team, and their company culture and technical background are different, so mechanically copying will be counterproductive. What matters is why we chose this way at the beginning and why we adjusted it halfway.

Our products require high-performance API interfaces provided by the server on a single machine. The QPS is at least 10000, and it needs to support up to 100000 in the future. Instead of rushing to use PHP, python, or any other language to implement functions, we first outlined an idealized technical model.

This model should have:

Non blocking access to network io. When connecting mysql, redis and initiating HTTP requests, the worker process can’t wait for the return of network IO foolishly. Instead, it needs to support event driven and use the way of coroutine to make CPU resources process other requests more effectively. Many languages do not have this ability and peripheral library.

There is a complete caching mechanism. It is not only necessary to support external caches such as redis and memcached, but also to have a cache system in its own process. We hope that most requests can get data in a process and return it. This is the most efficient method. Once there is network IO and interaction between processes, the performance will be greatly affected.

Synchronous code writing logic, do not let developers feel callback and asynchronous. This is also very important. Programmers are also human beings. Code should be more in line with people’s thinking habits. Explicit callbacks and asynchronous keywords will interrupt ideas and bring difficulties to debugging.

It is best to stand on the shoulders of giants and build on mature technology. To adopt a new language and technology, we need to experience the pain of frequent adjustment in the development period of language itself, and may also stand in the wrong team.

It not only supports the Linux platform, but also supports the windows platform. This is a very special requirement of our products. Many small and medium-sized enterprise users are still accustomed to the operation of windows and do not have the maintenance ability of Linux.

Based on the above considerations, some of the solutions were investigated and openresty was selected.

First of all, its biggest feature is to use synchronous code logic to realize non blocking calls. Secondly, it has LRU cache in a single process and share dict cache between processes. Moreover, it is produced by combining nginx and luajit. Moreover, nginx has Windows version. Although there are many restrictions, these restrictions can be solved. For the features that are not supported in the official Windows version of nginx, we have solved all the open source versions.

Seeing such a solution for the first time, I think it will definitely subvert the development of high-performance server. Why? In my previous company, there were nearly 10 billion requests per day, and only 10 servers were used.

We use nginx C module + K-V database built in nginx (developed by ourselves) to achieve all business logic and achieve this goal. It sounds very simple, but the process is very hard. It took two or three big bulls with more than ten years of work experience to stabilize for more than a year. The vast majority of the development capacity is insufficient, which is beyond our reach. And follow up debugging and maintenance, will also spend a lot of energy.

But the appearance of openresty has changed all this. Openresty is very Python and suitable for normal human thinking. After a month or two of learning, novice API can achieve the performance of nginx C module, and the amount of code is greatly reduced, which is also convenient for debugging.

3. Taking Qihu and Sina as examples, how to introduce new technology into the project

Technology selection is only the first step. How can we introduce openresty into a product or project? I take Qihoo enterprise security and Sina mobile the two real cases to show you. Zhou Jing of sina mobile and I are both in a department with mature products. With the strength of one or two people, we have replaced the original technical framework with a new technology. However, due to the difference between enterprise products and personal products, the methods are quite different.

First of all, let’s talk about the safety of Qihu enterprise where I work. I joined this department in early 2012, when the main product was free, and the target users were small businesses. Therefore, in terms of architecture design, only a few dozen or hundreds of terminal requests are considered, and the windows platform technology with strong binding is used. Moreover, it tends to build a new framework more suitable for itself without open source software. Including the web server developed with C + +, PHP routing and framework written by myself, and the data is stored in SQLite.

I helped fix PHP bugs for two months. After understanding the technical architecture, I went to a new product line. This is an experimental product, mainly facing central enterprises and private networks. There are millions of terminals in a network.

At the beginning, no one paid attention to it, so I directly adopted the open source components of Linux + openresty + redis + Postgres, and the performance test dropped the previous n streets. The latter experimental product and the previous product are merged into one product, and the technology is divided into two sets of architectures. New architecture, old functions.

With the increase of more and more large users, the original technical architecture is in short supply, and the technical debt is more and more overstocked. As users complained, SQLite was abandoned and replaced with Postgres. But for the framework of their own development is still some humble.

During the period, through comparative testing, openresty training, and many user performance troubleshooting, let the development students know the advantages of this technology. The development students who are overwhelmed by overtime gradually choose to use openresty instead of self-developed framework to develop new functions and migrate old functions to avoid overtime.

In the process of product reconfiguration, the server-side framework developed by ourselves was completely abandoned, and the number of students who developed the server side was reduced from 8 or 9 to 3. In the process of introducing new technologies, we did not adopt mandatory measures, because the enterprise products need to be stable, and the version updates deployed by users are very slow.

But Sina mobile Zhou Jing’s practice, has the reference significance to everybody. Sina mobile started with Apache, using PHP to process user requests. Apache is a synchronous multi process model, which has no problem when there are few concurrent requests.

But there will always be unexpected news, such as Malaysia Airlines lost contact, articles derailed, and the sudden high traffic has crushed the backstage several times. Moreover, it can be predicted that the world cup traffic will be very large, so Zhou Jing spent several months replacing Apache with nginx and using nginx’s fast_ cgi_ Cache and QPS have been improved by an order of magnitude.

Sina mobile back-end interface is using PHP to achieve, in the high and send under some of the strength. The simple cache of nginx can meet the performance, but it can not meet the requirements of business refinement and data consistency. We need to find a solution outside of PHP, and the premise is to make the development of PHP comfortable. node.js The callback hell, go debugging is not convenient, are a hindrance.

Finally, they chose openresty, and based on openresty, they open-source a web framework called vanilla (vanilla), which imitates YAF’s usage habits, making the development of PHP easier to accept and start. Vanilla has been used in Sina mobile, and some core businesses, such as high-definition graphics and sports live broadcasting, are moving to this framework.

4. Entry pain points, and the correct way to learn

Zhou Jing and I were both crossing the river by feeling the stones. At that time, we could not find any other information except the usage article of “aunt” in Python community.

Qihoo and Sina have successfully replaced the previous technologies with openresty, but the problem is still quite obvious, that is, everyone thinks that they are lonely users, and there are few colleagues who agree with them. In terms of key and supporting services, openresty is a little uneasy and will try and verify on the edge business first.

Although openresty’s performance is very good, which is comparable to or better than all other high-performance solutions, I’m worried that there is no learning materials, I’m worried that I can’t recruit people, I’m afraid that no one can communicate with me. Maybe I’m worried that the author Zhang Yichun will give up his job, and the project will be yellow.

All of you in the high availability architecture group are architects and technical decision makers. When introducing a new technology, you will definitely consider these risks. For example, Xiaomi technology and malichao shared the high availability architecture. They used NGX in the rush purchase system_ Lua, although the performance meets the requirements, but there are few people familiar with it in the team. Finally, it is implemented in go language.

How do you address these concerns? There have been thoughts and discussions in the community. Let’s talk about it at the end of sharing. First of all, from the perspective of a developer who tries to use this technology, openresty’s basic work is not perfect and friendly enough

It can only be installed from the source code, and there are no installation methods for software warehouses such as apt get and brew. To install a third-party library, there is no package management tool such as PIP and NPM. You need to go to Google first, and then copy the code file to the specified directory before you can use it.

The code needs to be modified nginx.conf And the corresponding Lua code, even Hello world. Of course, you can write the code in the nginx configuration file, but the production environment must be separated. This way of writing code, unlike a programming language, is different from conventional programming.

Openresty has a unique concept of execution phase, because openresty is based on nginx, so it also inherits this concept. Your code logic may need to be run in different stages to get the expectations you want. How to transfer information between these stages, and which APIs can’t be used in some stages, will often block novices.

In case of problems, only mailing list is used to communicate, and mailing list is blocked. The document is only available in English, so many novice problems can not be solved.

There is no way to learn openresty systematically. Most of the functions that the business needs to realize are found in the documents and APIs. As for the right way, whether it can be optimized, I don’t know.

The Lua language itself has some special features

The subscript starts with 1, which is very different from other programming languages.

If array and dict are not distinguished, array and object cannot be distinguished when JSON is processed.

By default, global variables need to be added with local before all variables. If you forget, it may lead to all kinds of hard to find bugs.

The string regular matching rule is different from the common PCRE, so the learning cost is high.

Both Lua standard library and peripheral library are blocked. You need to identify which ones can be used with openresty. It is easy for novices to use blocked libraries, which leads to a sharp performance degradation.

Is there a good way to get started?

Our team is making efforts in this regard, trying to reduce the threshold of learning on the basis of existing. For beginners, check out stuq’s openresty series of video tutorials(… We plan to have four seasons, namely, introduction, advanced, actual combat and source code analysis. Now the first season is online and the second season is in post production. After watching the first two seasons, we can basically use it in the project.

For developers who have already used openresty, we have recorded the pitfalls encountered in the past two or three years in GitHub’s openresty best practices, which can be used as cookbooks.

5. Will nginscript replace openresty?

Nginscript is a new configuration language officially launched by nginx at this year’s nginx conference. It imitates the practice of openresty, embeds JavaScript VM into nginx, and provides simple nginx configuration function.

Let’s take a look at its Hello World:

    locationi / {
        js_run "
            var res;
            res = $r.response;
            res.status = 200;
            res.send("hello world!");

Compare openresty’s Hello World:

    location / {
        content_by_lua_block {
            ngx.say("hello world")

It looks almost the same, but openresty is simpler. According to the official instructions of nginx, nginscript just wants to provide a more convenient way to configure nginx, and does not want to replace NGX_ lua。

Considering the popularity of JavaScript itself and the strength of the development community, if it changes from a simple nginx configuration language to NGX like configuration language in the next two or three years_ It is possible to replace openresty with Lua.

The premise, of course, is that openresty is stagnant. Now openresty’s existing functions and planned functions tend to cover the functions of nginx plus. Therefore, there is a healthy competitive relationship between nginx and openresty, which we all like to see.

6. Key problems to be solved in the future and new features

In the short term, the goal is to reduce the difficulty of entry:

Provide official binary distribution package. Similar to the docker installation method, one line command, download a sh script, and add a source address. You can try it directly without manually solving dependency and source code compilation.
Moreover, it will release the binary package of windows to facilitate the developers of this platform to do some tests on their own.

Add package management. The command-line tool, called iresty, can be downloaded from Search and install the required Lua resty Library above to avoid finding the wrong library or putting the wrong directory.

Write a book “openresty programming”. This book will become an official introductory book. The framework and key content will be directly operated by the author Chunge, and I will complete it with the help of other students in the community.

After the above three points, openresty will be as difficult to get started as other programming languages.

In terms of functions, many exciting new features will be added:

Supports TCP and UDP. The latest stream subsystem of nginx supports TCP, openresty’s NGX_ stream_ Lua module is under development and will have the same Lua API as the existing nginx http modlue, so many applications and libraries can run on a new subsystem without modification.

Better support for push scenarios. Increase the shared list shared memory queue, which can be used for communication between workers; add semaphore feature for NGX_ Communication between Lua lightweight threads. Kugou music’s push service is based on these implementations, and these changes will be incorporated into the master this month. You can invite cool dog music students to share the details with you.

Build an open source WAF platform. Now, the WAFS of Alibaba cloud and cloudflare are doing very well and have withstood many practical tests. But there is no open source. We hope the best WAF is open source and based on openresty.

Add memory database in openresty. It can be persistent, or full memory, and support SQL queries. This is also for the sake of extreme performance. Sometimes we still need to use SQL to do some complex queries, but there are relational databases that we don’t want to use, and the data can be lost. Then this can come in handy.

Realize PHP, Python and other dialects, so that PHP, Python and other programmers can write openresty code in their favorite language, and convert the underlying into luajit bytecode.

Chunge said a lot of new features at the openresty technology conference, including streaming regex regular engine and so on, which are very high-end. I selected some interesting ones to introduce.

Recommended Today

How to share queues with hypertools 2.5

Share queue with swote To realize asynchronous IO between processes, the general idea is to use redis queue. Based on the development of swote, the queue can also be realized through high-performance shared memory table. Copy the code from the HTTP tutorial on swoole’s official website, and configure four worker processes to simulate multiple producers […]