Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

High Availability in NGINX Plus R6

DZone's Guide to

High Availability in NGINX Plus R6

Free Resource

Transform incident management with machine learning and analytics to help you maintain optimal performance and availability while keeping pace with the growing demands of digital business with this eBook, brought to you in partnership with BMC.

[This article was written by Owen Garrett]

It’s no secret that with today’s always-on, always-connected society, users expect your sites and apps to be accessible 24×7. This is where NGINX and NGINX Plus have always helped you shine. One of the key benefits of deploying NGINX Plus as a reverse proxy and load balancer for your application servers is increased application availability and reliability, and you can improve app and website performance even further by adding high availability (HA) to NGINX Plus itself.

In NGINX Plus Release 6 (R6), we’ve introduced a new solution that makes it fast and easy to deploy NGINX Plus instances in an active-passive HA configuration. The solution is based on the open source keepalived project, which provides an HA solution for Linux systems with three components: the keepalived daemon, an implementation of the Virtual Router Redundancy Protocol (VRRP) to manage assignment of the virtual IP address for the HA pair, and a health-checking facility to determine whether a service (for example, a web server, PHP back end, or NGINX Plus) is up and operational.

How Does High Availability Work?

Based on an initial configuration (see Configuring NGINX Plus for HA below), keepalived designates one NGINX Plus node as the (active) master and the other as the (passive) backup. Each node has its own IP address, and the master node is also assigned a virtual IP address, which is the one advertised to clients in the Domain Name System (DNS). During operation, VRRP and the health-checking facility monitor the operation of the nodes and NGINX Plus so that the virtual IP address can be reassigned to the backup if the master fails:

  • The VRRP instance on the backup node listens for advertisement packets from its peer on the master node. If it does not receive an advertisement packet for a period longer than three times the configured advertisement interval, it takes over as master and assigns the virtual IP address to itself.
  • If health checks of NGINX Plus on the master node fail a configured number of times, keepalived reassigns the virtual IP address from the master node to the backup node.

Configuring NGINX Plus for HA

To configure an active-passive pair of NGINX Plus nodes for HA, perform the following steps on both nodes:

  1. Install or upgrade to the NGINX Plus R6 base package (nginx-plus) by following the instructions for your operating system at the NGINX Plus repository.
  2. Using the installation command specified at the NGINX Plus repository for your operating system, install the nginx-ha-keepalived package by replacing nginx-plus with nginx-ha-keepalived, as in this example for Ubuntu:
root# apt-get install nginx-ha-keepalived
  1. Run the nginx-ha-setup script (it’s installed from the nginx-ha-keepalived package into /usr/bin).
root# nginx-ha-setup
  1. We recommend that you run the script on both nodes at the same time in side-by-side terminal windows, performing each step on both nodes before proceeding to the next step. We also recommend that you use the Linux screen(1) command to start the terminal windows, so that installation can continue if a session gets disconnected.

    Before beginning, collect the following information to supply at the prompts:

    • The physical IP addresses of both nodes.
    • The virtual IP address, which is assigned initially to the master node. The script refers to it as the “cluster IP address (or endpoint)”. It must not be the actual IP address of either node.

The keepalived Configuration Script

On each node, the nginx-ha-setup script creates the local keepalived configuration file,/etc/keepalived/keepalived.conf, incorporating the values you provide in Step 3. The following is an example created on a node with IP address 192.168.100.100 (the other node’s address is 192.168.100.101 and the virtual IP address is 192.168.100.150). Note that although this looks a lot like NGINX Plus configuration, it isn’t – for one thing, semicolons are not used to delimit directives.

vrrp_script chk_nginx_service {
    script "/usr/libexec/keepalived/nginx-ha-check"
    interval 3
    weight 50
}

vrrp_instance VI_1 {
    interface eth0
    state BACKUP
    priority 101
    virtual_router_id 51
    advert_int 1
    unicast_src_ip 192.168.100.100
    unicast_peer {
           192.168.100.101
    }
    authentication {
           auth_type PASS
           auth_pass f8f0e5114cbe031a3e1e622daf18f82a
    }
    virtual_ipaddress {
           192.168.100.150
    }
    track_script {
            chk_nginx_service
    }
    notify "/usr/libexec/keepalived/nginx-ha-notify"
}

Explaining the purpose of every directive is beyond the scope of this post, but there are a few things to note.

  • There are two main configuration blocks in the file:
    • The vrrp_script block configures the health-checking facility to run a script that checks whether NGINX Plus is operational.

      The nginx-ha-check script is installed automatically from the nginx-ha-keepalived package into the indicated directory, which varies by operating system.

      The interval directive sets how often the script runs, in seconds.

    • The vrrp_instance block configures the VRRP instance on this node.

      The IP addresses you provide are recorded as the values of three directives: unicast_src_ip (the local node), unicast_peer (the other node), and virtual_ipaddress (the virtual IP address assigned to the master node).

      The advert_int directive controls how often the VRRP instance on the master node sends advertisements to its peer on the backup node, in seconds.

      The value 51 for the virtual_router_id directive is a sample value; change it as necessary to be unique in your environment (this becomes relevant if you are using VRRP to provide HA for multiple services).

  • Together, the weight directive in the vrrp_script block and the priority directive in thevrrp_instance block are used in determining which node becomes master. For more information, seeUsing a Health-Checking Script to Control Mastership in the NGINX Plus Admin Guide article about HA.
  • If you have multiple pairs of keepalived instances (or other VRRP instances) running in your local network, create a vrrp_instance block for each one, with a unique name (like VI_1 in the example) andvirtual_router_id number.

    Similarly, if you are using keepalived to provide HA for other services, for each one you need to create a separate health-check script and vrrp_script block.

More Information

For more details about the HA solution, see High Availabilty Support in NGINX Plus in the NGINX Plus Admin Guide. It explains how to find out which node is master, force a mastership change, manually reassign the virtual IP address, troubleshoot keepalived and VRRP, and add more virtual IP addresses. It also points you to sample configuration files for more complex HA setups.

Evolve your approach to Application Performance Monitoring by adopting five best practices that are outlined and explored in this e-book, brought to you in partnership with BMC.

Topics:

Published at DZone with permission of Patrick Nommensen, DZone MVB. See the original article here.

Opinions expressed by DZone contributors are their own.

THE DZONE NEWSLETTER

Dev Resources & Solutions Straight to Your Inbox

Thanks for subscribing!

Awesome! Check your inbox to verify your email so you can start receiving the latest in tech news and resources.

X

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}