Nginx Reverse Proxy & Load Balancer

Today we’re going to be talking about reverse proxy/load balancing with Nginx. Why is this important? It comes down to not wanting your web apps to have one single point of failure. Performance also plays a big role here. With reverse proxying, there are 3 load balancing methods:

  1. Round Robin (goes around in a circle of servers essentially).
  2. Least-connected (goes to the server with the least amount of load)
  3. IP Hash (chooses what server should be used for the next request

For our testing purposes, we will have 3 servers. Two of them are RedHat 7.5 and the third is Ubuntu 18.04. All of these servers will have Nginx configured.
The first thing we want to do is confirm connection between all servers. In a production environment, you would confirm they’re all on the same subnet and have communication between one-another. In something cloud based like AWS, you would want to confirm they’re in proper security groups that allow certain types of connection and communication. This is out of the scope of this blog, but there is a ton of information out there. A good note to keep in mind is ICMP is NOT turned on by default in security groups if you are trying to ping other hosts for communication testing.
After we have confirmed communication between the servers, update those bad boys so we can get to the fun stuff.

Screen-Shot-2018-08-26-at-6.56.23-PM

First things first, we need to install Nginx. To install Nginx on RedHat, do the following;

sudo rpm -ivh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
Yum update –y
yum install nginx –y

Aptitude made it easy for us and put it right in the package manager, so for Ubuntu, do the following;

Apt-get install nginx
After that, confirm Nginx is running. On RedHat;

Systemctl status nginx

On Ubuntu;

Service nginx status

After that, do a curl to localhost and confirm you see HTML;

Curl localhost

As RedHat 7.5 will be our Reverse Proxy host, we want to cd (change directory) to the following location;

Cd /etc/nginx

You’re going to see several configuration files here. Run a cat on nginx.conf.

This is the default Nginx configuration file. In production, we need to create a new Nginx config file. On RedHat, it will be in /etc/nginx/conf.d. In Debian based systems, it will be in /etc/nginx/sites-enabled
Lets cd (change directory) to the conf.d file and run;

touch myserver.conf

Use vim or vi and paste in your first block;

server {
Listen 80;
}

Above is the beginning to your configuration. This says “hey Mr. RedHat server, listen to traffic on port 80 on this server”.
Remember this config block, because we will be coming back here shortly. The next thing we want to do is put in an “upstream server” block. This allows the reverse proxy/load balancer to look at all of the servers in the block and point to them. For our purposes, we are going to use IP addresses. You can use hostnames as well. This block is going to be posted ABOVE the server block.
upstream mynewserver { server 192.168.1.10; server 192.168.1.9; }

Screen-Shot-2018-08-26-at-7.34.21-PM

The last thing we are going to do is our proxy_pass line. The proxy_pass is what makes all of the magic happen in a reverse proxy. It’s saying “hey, push the traffic to the upstream blog”
At the end, your config should look like the below;

Screen-Shot-2018-08-26-at-7.47.48-PM

PLEASE pay attention to the opening and closing brackets. These are very important and one wrong placement will throw your config out of wack.
Now it’s time to test!
Run the following;

nginx –t
Your output should show something similar to the following. If not, please go back and see if you missed any steps;

nginx: configuration file /etc/nginx/nginx.conf test is successful```

Next, restart nginx;

```Systemctl restart nginx```

You should see the following: 
![Screen-Shot-2018-08-26-at-8.07.31-PM](/content/images/2018/08/Screen-Shot-2018-08-26-at-8.07.31-PM.png)
Nginx Reverse Proxy & Load Balancer
Share this