Show HN: Top, but for Nginx (opens in new tab)

(github.com)

219 pointssquiguy75y ago67 comments

67 comments

Monitoring capabilities are missing from Nginx on purpose. They are not and will never be available for free because there is "NGINX Plus".

This is why I recommend switching to HAProxy.

heipei5y ago

I'd love to just "switch to X", but there is no X which provides all of the above in one great package: Static file serving, load-balanced proxying (TCP/HTTP), fine-grained caching, automatic Let's Encrypt update, API-based configuration (for dynamic upstreams etc), monitoring. Maybe there shouldn't be such a tool. For all other use-cases I go with nginx since it at least provides decent proxying, caching and static file serving.

brightball5y ago

Correct me if I’m wrong, but doesn’t Caddy 2 do almost all if that?

heipei5y ago

Had to check, Caching is still missing from Caddy 2, everything else seems to be there [1]. Now if there's no missing minor feature that I rely on in nginx, I might be able to switch eventually, fingers crossed.

[1] https://github.com/caddyserver/cache-handler/issues/1

4111111111111115y ago

You mean the software which wouldn't start when let's encrypts acme server was offline and which developers said this is working as intended?

I mean, I'd definitely encourage people to use it for hobby projects, but if that's how the developers see their software, I would never trust them with anything serious.

1 more reply

mmm_grayons5y ago

Nginx does automatic let's encrypt? Since when?

atoav5y ago

certbot --nginx foo.bar.com works like a charm

jimjag5y ago

X == Apache httpd 2.4

SEJeff5y ago

I was thinking the exact same thing ironically.

Static file serving? Sure!

Load balanced proxying? mod_proxy_balancer is great!

Fine grained caching? mod_disk_cache is also great

Updating loadbalancer bits via the api?

mod_proxy_balancer supports a balancer-manager endpoint for that to do live updates

monitoring? mod_status + prometheus exporter or

mod_prometheus_status

native LE support? https://github.com/icing/mod_md is going to be rolled into upstream apache

2 more replies

kawsper5y ago

Do you know if it's the same with Openresty?

shockinglytrue5y ago

Wish all distros shipped https://github.com/vozlt/nginx-module-vts by default. It's a minor pain to self-build

throwaway888abc5y ago

This is cool!

cinericius5y ago

HAProxy also has an 'enterprise' offering[1], what makes this different from nginx plus?

[1] https://www.haproxy.com/products/haproxy-enterprise-edition/

sciurus5y ago

Haproxy's full monitoring capabilities are available in the open source version. Nginx's are not. The stub_status module is very limited. Compare https://www.haproxy.com/blog/exploring-the-haproxy-stats-pag... with https://nginx.org/libxslt/en/docs/http/ngx_http_stub_status_...

cyberpunk5y ago

What exactly do you need to monitor on your nginxes? We collect logs, scrape metrics from the nginx pods and... that's enough..

mklepaczewski5y ago

I always wonder - why no one from open source community has created better stats module? Is there something in the license that prohibits creation of modules that overlap with Nginx Plus?

mekster5y ago

I would assume it's the lack of dynamic module support for nginx and you need to compile your own build even if someone creates a module.

mklepaczewski5y ago

That's true for any functionality provided by modules and there's plethora of them. Also, Nginx has support for dynamic modules. Recompiling Nginx always worked out of the box for me too, so it's not like a big issue.

One thing that comes to my mind is that maybe this can't be solved by a module due to missing API in open source Nginx.

markstos5y ago

And why others would recommend Nginx Plus.

drngdds5y ago

If you can afford to pay four figures per instance per year, yeah

gregoriol5y ago

Maybe not as lightweight, but GoAccess (https://github.com/allinurl/goaccess) does an awesome job at parsing the logs and displaying statistics, works for nginx and other webservers too

squiguy7OP5y ago

I hadn't heard of this tool but it looks much more complete! Thanks for sharing.

guanzo5y ago

Goaccess used to work perfectly, but recently when ever I try to run the real time HTML command, it exits without any error messages after ~2 million records. Maybe out of memory.. any ideas?

joshyi5y ago

Doubt very much that ~2M will be a memory issue (unless you got less than ~130MB). https://goaccess.io/faq#performance

We're running v1.4 in production and it has been working pretty nice for us.

mekster5y ago

Last time I tried it was a pain to set it up to keep up with log rotations and retain all the records.

joshyi5y ago

For us it was literately an `apt install goaccess`, picked the COMBINED log format and it's been running for over a month in prod without issues (rotating weekly).

You should post the issue on their https://github.com/allinurl/goaccess, they may be able to help you.

jrumbut5y ago

This is the tool I've wanted (and half written 3-4 times) my whole career. From reading the github it looks lightweight, not a big infrastructure addition, and that it helps you figure out wtf is going on with the web server.

Regarding the branding, for me top is a real-time tool rather than a logging tool. I was picturing something that may have been more useful for older style Apache httpd installs where you have several virtual hosts on a server and you'd want to know who is hogging the resources or causing the problems.

jluxenberg5y ago

Pro tip: you can make any command into a real-time one with `watch`:

  watch bash -c "topngx < /path/to/access.log"

Will run `topngx` against access.log every two seconds and display the output.

gregoriol5y ago

That's not "real time"! And definitely won't behave well if the processing takes more than 2 seconds (imagine log files of many millions rows)

cyberpunk5y ago

It'll just wait two seconds after the command returns, not spawn one every two seconds.....

squiguy7OP5y ago

Thanks for the feedback. I wanted to capture the same idea as the original tool I listed in the README. In the future I hope to add functionality to tail a log file in real time and do live updates of the stats. This is where the idea of top comes from.

1 more reply

markstos5y ago

Agreed. The defining feature of `top` is that it updates in real time.

randomstring5y ago

My last company had something like that and included response time percentiles (50th, 90th, 95th, 99th) and we had these values graphed and displayed on a big screen in our office. Along with a ton of other performance stats: queries per second, various measures of system load, etc.

Averages can lie, especially when something like an empty query can take close to zero time compared to a non-trivial transaction. If some robot or other artifact of your site is generating a some amount of null queries that will make your average response time look better than it actually is. Percentiles, particularly on the tail of 90th or above, tell a better story of how well and consistently you're responding to traffic under load.

harpratap5y ago

How "recent" are your percentiles? I have found that calculating percentiles is a pretty CPU heavy task. And you if you have a giant Grafana querying every 30s it can stress out your prometheus/graphite whatever. But if you take small data size, like 95th percentile of latencies in the last 2minutes, it's not really a very accurate representation either.

And ofcourse there is another problem of correctly storing all your latencies accurately which becomes pretty hard if you are using something like prometheus.

eterps5y ago

I wouldn't mind a screenshot before installing it.

fb035y ago

I thought the same thing. I was expecting to see some kind of screenshot so I could have a glimpse of the software.

EDIT:

1# I'm gonna compile it and provide a screenshot via a pull request.

2# Compilation failed because it needed sqlite3 headers and this is not reported in the app. I'm gonna edit that in the readme too :)

This year (specially with the whole covid thingy) I set a goal to contribute more to open source. I'm trying to find every little issue I can find and contribute to :P

squiguy7OP5y ago

Thanks for submitting a patch! I have been throwing around the idea of using the "bundled" feature flag listed here: https://github.com/rusqlite/rusqlite#optional-features. I was hesitant to initially because it would force users to have a specific version of SQLite.

fb035y ago

https://github.com/gsquire/topngx/pull/1

theblackcat10025y ago

It seems to be a rewrite of ngxtop

https://github.com/lebinh/ngxtop

dazzawazza5y ago

It does seem to be that except it doesn't "tail log files" like the original (see limitations at the bottom if the readme.

squiguy7OP5y ago

I can work on adding that into the README now.

jimjag5y ago

Hmmm... looks like nothing more than a weblog analyzer. Someone correct me if I'm wrong. It's not "real time" since it can only report on what the web-server has done not what it is doing. AFAIK, nginx has nothing like Apache httpd's mod_status... at least, nothing open source.

dijital5y ago

If you're in a Kubernetes environment, the NGINX Ingress Controller has a pretty decent set of realtime metrics: https://kubernetes.github.io/ingress-nginx/user-guide/monito...

Which presumably means those metrics are available in the OSS edition somehow...

oefrha5y ago

Open source nginx has stub_status. It's just not very (very not) featureful.

https://nginx.org/en/docs/http/ngx_http_stub_status_module.h...

cholmon5y ago

What frustrates me about Apache's mod_status is that it's powered by a normal request handler. If all the child workers are busy, your request for a status report will timeout, even if you're running it locally from the command line. Not super helpful when you're troubleshooting in real time.

Anyone know if there's a "deeper" way to get the same stats info about what Apache is doing without having to basically wait in line with all the other incoming requests?

mrits5y ago

the latency between weblog and web server is a lot more real time than most things

hk__25y ago

> This tool is a rewrite of ngxtop to make it more easily installed and hopefully quicker.

Why make a whole new tool with limitations instead of improving the existing one?

ccmcarey5y ago

Original maintainers of a project probably wouldn't just accept a PR of a complete rewrite.

kreetx5y ago

Might also be an exercise in learning.

dheera5y ago

Interesting, but I would have thought "top" for nginx would be a tool that shows you all the connections, paths, and resource usage live, like the "top" command. Is there a tool that does that?

deft5y ago

How does this compare to goaccess? Similar tool that I've used briefly. One issue I had was how complicated it was, I'm assuming since this is nginx specific it's simpler.

madsmtm5y ago

I made something similar in Python [0], but for parsing the error_log directive. Just for the odd time you need to parse that.

[0] https://github.com/madsmtm/nginx-error-log

superkuh5y ago

>a rewrite of ngxtop to make it more easily installed and hopefully quicker.

What world does this guy live in that a program in Rust is easier to get running on any random machine than python script?

Kaze4045y ago

I've never had issues shipping Rust binaries to people, unlike in Python where they usually have to install dependencies.

jblarneyforward5y ago

I had the vague sense that it was as easy to cross-compile rust binaries as it is for go.

Distributing single binary would be easier, but `cargo install xyz` seems harder than python script

squiguy7OP5y ago

I made a new GitHub release with binaries for Mac and Linux pretty recently. In this sense, you can just download the binary and get up and running.

1 more reply

j / k navigate · click thread line to collapse

67 comments

maxmalysh5y ago

Monitoring capabilities are missing from Nginx on purpose. They are not and will never be available for free because there is "NGINX Plus".

This is why I recommend switching to HAProxy.

heipei5y ago

brightball5y ago

Correct me if I’m wrong, but doesn’t Caddy 2 do almost all if that?

heipei5y ago

[1] https://github.com/caddyserver/cache-handler/issues/1

4111111111111115y ago

You mean the software which wouldn't start when let's encrypts acme server was offline and which developers said this is working as intended?

I mean, I'd definitely encourage people to use it for hobby projects, but if that's how the developers see their software, I would never trust them with anything serious.

1 more reply

mmm_grayons5y ago

Nginx does automatic let's encrypt? Since when?

atoav5y ago

certbot --nginx foo.bar.com works like a charm

jimjag5y ago

X == Apache httpd 2.4

SEJeff5y ago

I was thinking the exact same thing ironically.

Static file serving? Sure!

Load balanced proxying? mod_proxy_balancer is great!

Fine grained caching? mod_disk_cache is also great

Updating loadbalancer bits via the api?

mod_proxy_balancer supports a balancer-manager endpoint for that to do live updates

monitoring? mod_status + prometheus exporter or

mod_prometheus_status

native LE support? https://github.com/icing/mod_md is going to be rolled into upstream apache

2 more replies

kawsper5y ago

Do you know if it's the same with Openresty?

shockinglytrue5y ago

Wish all distros shipped https://github.com/vozlt/nginx-module-vts by default. It's a minor pain to self-build

throwaway888abc5y ago

This is cool!

cinericius5y ago

HAProxy also has an 'enterprise' offering[1], what makes this different from nginx plus?

[1] https://www.haproxy.com/products/haproxy-enterprise-edition/

sciurus5y ago

cyberpunk5y ago

What exactly do you need to monitor on your nginxes? We collect logs, scrape metrics from the nginx pods and... that's enough..

mklepaczewski5y ago

I always wonder - why no one from open source community has created better stats module? Is there something in the license that prohibits creation of modules that overlap with Nginx Plus?

mekster5y ago

I would assume it's the lack of dynamic module support for nginx and you need to compile your own build even if someone creates a module.

mklepaczewski5y ago

One thing that comes to my mind is that maybe this can't be solved by a module due to missing API in open source Nginx.

markstos5y ago

And why others would recommend Nginx Plus.

drngdds5y ago

If you can afford to pay four figures per instance per year, yeah

gregoriol5y ago

Maybe not as lightweight, but GoAccess (https://github.com/allinurl/goaccess) does an awesome job at parsing the logs and displaying statistics, works for nginx and other webservers too

squiguy7OP5y ago

I hadn't heard of this tool but it looks much more complete! Thanks for sharing.

guanzo5y ago

Goaccess used to work perfectly, but recently when ever I try to run the real time HTML command, it exits without any error messages after ~2 million records. Maybe out of memory.. any ideas?

joshyi5y ago

Doubt very much that ~2M will be a memory issue (unless you got less than ~130MB). https://goaccess.io/faq#performance

We're running v1.4 in production and it has been working pretty nice for us.

mekster5y ago

Last time I tried it was a pain to set it up to keep up with log rotations and retain all the records.

joshyi5y ago

For us it was literately an `apt install goaccess`, picked the COMBINED log format and it's been running for over a month in prod without issues (rotating weekly).

You should post the issue on their https://github.com/allinurl/goaccess, they may be able to help you.

jrumbut5y ago

jluxenberg5y ago

Pro tip: you can make any command into a real-time one with `watch`:

  watch bash -c "topngx < /path/to/access.log"

Will run `topngx` against access.log every two seconds and display the output.

gregoriol5y ago

That's not "real time"! And definitely won't behave well if the processing takes more than 2 seconds (imagine log files of many millions rows)

cyberpunk5y ago

It'll just wait two seconds after the command returns, not spawn one every two seconds.....

squiguy7OP5y ago

1 more reply

markstos5y ago

Agreed. The defining feature of `top` is that it updates in real time.

randomstring5y ago

harpratap5y ago

And ofcourse there is another problem of correctly storing all your latencies accurately which becomes pretty hard if you are using something like prometheus.

eterps5y ago

I wouldn't mind a screenshot before installing it.

fb035y ago

I thought the same thing. I was expecting to see some kind of screenshot so I could have a glimpse of the software.

EDIT:

1# I'm gonna compile it and provide a screenshot via a pull request.

2# Compilation failed because it needed sqlite3 headers and this is not reported in the app. I'm gonna edit that in the readme too :)

This year (specially with the whole covid thingy) I set a goal to contribute more to open source. I'm trying to find every little issue I can find and contribute to :P

squiguy7OP5y ago

fb035y ago

https://github.com/gsquire/topngx/pull/1

theblackcat10025y ago

It seems to be a rewrite of ngxtop

https://github.com/lebinh/ngxtop

dazzawazza5y ago

It does seem to be that except it doesn't "tail log files" like the original (see limitations at the bottom if the readme.

squiguy7OP5y ago

I can work on adding that into the README now.

jimjag5y ago

dijital5y ago

If you're in a Kubernetes environment, the NGINX Ingress Controller has a pretty decent set of realtime metrics: https://kubernetes.github.io/ingress-nginx/user-guide/monito...

Which presumably means those metrics are available in the OSS edition somehow...

oefrha5y ago

Open source nginx has stub_status. It's just not very (very not) featureful.

https://nginx.org/en/docs/http/ngx_http_stub_status_module.h...

cholmon5y ago

Anyone know if there's a "deeper" way to get the same stats info about what Apache is doing without having to basically wait in line with all the other incoming requests?

mrits5y ago

the latency between weblog and web server is a lot more real time than most things

hk__25y ago

> This tool is a rewrite of ngxtop to make it more easily installed and hopefully quicker.

Why make a whole new tool with limitations instead of improving the existing one?

ccmcarey5y ago

Original maintainers of a project probably wouldn't just accept a PR of a complete rewrite.

kreetx5y ago

Might also be an exercise in learning.

dheera5y ago

Interesting, but I would have thought "top" for nginx would be a tool that shows you all the connections, paths, and resource usage live, like the "top" command. Is there a tool that does that?

deft5y ago

How does this compare to goaccess? Similar tool that I've used briefly. One issue I had was how complicated it was, I'm assuming since this is nginx specific it's simpler.

madsmtm5y ago

I made something similar in Python [0], but for parsing the error_log directive. Just for the odd time you need to parse that.

[0] https://github.com/madsmtm/nginx-error-log

superkuh5y ago

>a rewrite of ngxtop to make it more easily installed and hopefully quicker.

What world does this guy live in that a program in Rust is easier to get running on any random machine than python script?

Kaze4045y ago

I've never had issues shipping Rust binaries to people, unlike in Python where they usually have to install dependencies.

jblarneyforward5y ago

I had the vague sense that it was as easy to cross-compile rust binaries as it is for go.

Distributing single binary would be easier, but `cargo install xyz` seems harder than python script

squiguy7OP5y ago

I made a new GitHub release with binaries for Mac and Linux pretty recently. In this sense, you can just download the binary and get up and running.

1 more reply

j / k navigate · click thread line to collapse