NGINX Plus can be configured into an active‑passive or active‑active high‑availability (HA) cluster to ensure application availability. In an active‑passive HA cluster, depicted below, there are two NGINX Plus servers: a primary that actively processes traffic and a backup that monitors the health of the primary and takes over as primary automatically if the current primary fails. In an active‑active HA cluster both servers handle traffic. Active‑active‑active and other N+1 configurations are also supported.
In addition to automatic failover for HA in a cluster, NGINX Plus supports configuration synchronization so that the configuration you create on one NGINX Plus server in a cluster is propagated to the other servers. State sharing is also supported so that features that make use of state information – such as sticky‑learn session persistence, rate limiting, and key‑value stores – work properly in a clustered environment.
HA Architecture for Web Applications
The advanced load balancing and application health monitoring features in NGINX Plus provide resiliency and scalability for your upstream application servers. Configuring NGINX Plus into an HA cluster provides further resiliency for applications, and eliminates any single points of failure in the application stack. If an NGINX Plus server becomes unable to process traffic, another server takes over.
You can also extend the configuration to support multiple active‑passive NGINX Plus instances for higher levels of redundancy, or if you need more throughput than a single active‑passive pair can provide.
How the HA Solution Works
The NGINX Plus active‑passive HA solution is based on
keepalived, which itself uses an implementation of the Virtual Router Redundancy Protocol (VRRP). After you install the nginx-ha-keepalived package and configure
keepalived, it runs as a separate process on each NGINX Plus server in the cluster and manages a shared virtual IP address. The virtual IP address is the IP address advertised to downstream clients, for example via a DNS record for your service or application.
Based on initial configuration,
keepalived designates a primary and assigns the virtual IP address to it. The primary sends VRRP advertisement messages to the backup at regular intervals, confirming that it is healthy and has verified that
keepalived and NGINX Plus are both running. If the backup doesn’t receive three consecutive advertisements, it becomes the new primary and takes over the virtual IP address.
Installing and Configuring the HA Solution
Enabling NGINX Plus HA is very straightforward; it is implemented in the nginx-ha-keepalived package, which you install from the NGINX Plus repository. For Debian and Ubuntu systems, for example, the command is:
$ apt-get install nginx-ha-keepalived
Install the package on each NGINX Plus server in the HA cluster, then run the included nginx-ha-setup script to configure and run the HA software. For complete instructions, see the NGINX Plus Admin Guide.
HA failover takes place if the primary NGINX Plus server stops functioning due to a catastrophic condition such as hardware failure, operating system shutdown, or termination of the NGINX Plus software. Internal health checks can be extended to identify more failure situations if necessary.
Synchronizing Configuration Across an HA Cluster
You can synchronize configuration across the NGINX Plus servers in a cluster, eliminating the need to manage servers individually. You simply make changes to a designated “primary” server and then push them to the other servers in the cluster.
This functionality was introduced in NGINX Plus R12 and is implemented in the
nginx-sync package distributed from the NGINX Plus repository. The command for Debian and Ubuntu systems is:
$ apt-get install nginx-sync
For details, see the NGINX Plus Admin Guide.
Sharing State Across an HA Cluster
The NGINX Plus servers in a cluster can share state information, as implemented in the Zone Synchronization module (introduced in NGINX Plus R15). This enables features that maintain state to work properly in a clustered environment. The following NGINX Plus features are cluster‑aware:
- Sticky‑learn session persistence
- Rate limiting
- Key‑value stores
For details, see the NGINX Plus Admin Guide and the reference documentation for the zone_sync module.
HA for NGINX Plus in Cloud Environments
keepalived‑based HA solution works only in on‑premises deployments of NGINX Plus, but there are HA solutions for cloud environments:
- Active-Active HA for NGINX Plus on AWS Using AWS Network Load Balancer
- Active-Passive HA for NGINX Plus on AWS Using Elastic IP Addresses
- All-Active HA for NGINX Plus on the Google Cloud Platform
For Microsoft Azure, you can use its native load balancers as a frontend HA solution for NGINX Plus.
- High Availability Support for NGINX Plus in the NGINX Plus Admin Guide – Full instructions for configuring NGINX Plus for high availability in on‑premises deployments
- Virtual Router Redundancy Protocol on Wikipedia – Overview of VRRP
keepalivedhome page – Details about extending and customizing