NGINX.COM

NGINX Plus can be configured into an active‑passive or active‑active high‑availability (HA) cluster to ensure application availability. In an active‑passive HA cluster, depicted below, there are two NGINX Plus servers: a master that actively processes traffic and a backup that monitors the health of the master and takes over as master automatically if the current master fails. In an active‑active HA cluster both servers handle traffic. Active‑active‑active and other N+1 configurations are also supported.

R6Blogvisual-03
An active‑passive NGINX Plus HA cluster uses VRRP to manage a floating virtual IP address, ensuring that the IP address is always available and traffic is not dropped

In addition to automatic failover for HA in a cluster, NGINX Plus supports configuration synchronization so that the configuration you create on one NGINX Plus server in a cluster is propagated to the other servers. State sharing is also supported so that features that make use of state information – such as sticky‑learn session persistence, rate limiting, and key‑value stores – work properly in a clustered environment.

HA Architecture for Web Applications

The advanced load balancing and application health monitoring features in NGINX Plus provide resiliency and scalability for your upstream application servers. Configuring NGINX Plus into an HA cluster provides further resiliency for applications, and eliminates any single points of failure in the application stack. If an NGINX Plus server becomes unable to process traffic, another server takes over.

You can also extend the configuration to support multiple active‑passive NGINX Plus instances for higher levels of redundancy, or if you need more throughput than a single active‑passive pair can provide.

How the HA Solution Works

The NGINX Plus active‑passive HA solution is based on keepalived, which itself uses an implementation of the Virtual Router Redundancy Protocol (VRRP). After you install the nginx-ha-keepalived package and configure keepalived, it runs as a separate process on each NGINX Plus server in the cluster and manages a shared virtual IP address. The virtual IP address is the IP address advertised to downstream clients, for example via a DNS record for your service or application.

Based on initial configuration, keepalived designates a master and assigns the virtual IP address to it. The master sends VRRP advertisement messages to the backup at regular intervals, confirming that it is healthy and has verified that keepalived and NGINX Plus are both running. If the backup doesn’t receive three consecutive advertisements, it becomes the new master and takes over the virtual IP address.

Installing and Configuring the HA Solution

Enabling NGINX Plus HA is very straightforward; it is implemented in the nginx-ha-keepalived package, which you install from the NGINX Plus repository. For Debian and Ubuntu systems, for example, the command is:

$ apt-get install nginx-ha-keepalived

Install the package on each NGINX Plus server in the HA cluster, then run the included nginx-ha-setup script to configure and run the HA software. For complete instructions, see the NGINX Plus Admin Guide.

HA failover takes place if the master NGINX Plus server stops functioning due to a catastrophic condition such as hardware failure, operating system shutdown, or termination of the NGINX Plus software. Internal health checks can be extended to identify more failure situations if necessary.

Synchronizing Configuration Across an HA Cluster

You can synchronize configuration across the NGINX Plus servers in a cluster, eliminating the need to manage servers individually. You simply make changes to a designated “master” server and then push them to the other servers in the cluster.

This functionality was introduced in NGINX Plus R12 and is implemented in the nginx-sync package distributed from the NGINX Plus repository. The command for Debian and Ubuntu systems is:

$ apt-get install nginx-sync

For details, see the NGINX Plus Admin Guide.

Sharing State Across an HA Cluster

The NGINX Plus servers in a cluster can share state information, as implemented in the Zone Synchronization module (introduced in NGINX Plus R15). This enables features that maintain state to work properly in a clustered environment. The following NGINX Plus features are cluster‑aware:

  • Sticky‑learn session persistence
  • Rate limiting
  • Key‑value stores

For details, see the NGINX Plus Admin Guide and the reference documentation for the zone_sync module.

HA for NGINX Plus in Cloud Environments

The keepalived‑based HA solution works only in on‑premises deployments of NGINX Plus, but there are HA solutions for cloud environments:

For Microsoft Azure, you can use its native load balancers as a frontend HA solution for NGINX Plus.

Further Reading