ProfitsBricks is a cloud‑based Infrastructure as a Service (IaaS) platform that launched in 2012. It lets you easily and quickly deploy high‑performance yet cost‑effective solutions in the cloud. It is easy to deploy NGINX Plus on ProfitBricks for use as a complete application delivery platform with advanced load balancing, caching, web serving, and media streaming capabilities, and with support provided by the experts at NGINX, Inc.
This post describes how to set up a highly available pair of NGINX Plus instances in the ProfitBricks environment.
ProfitBricks provides an easy‑to‑use graphical user interface (GUI), called the Data Center Designer, for building an environment, and that is what we are using in this blog post.
To get NGINX Plus installed and deployed in the ProfitBricks cloud, you need a Data Center object. You can use an existing one or follow the instructions in Step 1 to create one. Within the Data Center you create Linux instances on which you install NGINX Plus in the normal way. For the following example, we deploy a pair of NGINX Plus instances in a highly available active‑passive pair with a virtual IP address (VIP) provisioned for assignment to the active primary instance.
These instructions assume you are logged into a ProfitBricks account.
If you don’t already have a Data Center, create one:
Click Data Center in the main ProfitBricks menu bar at the top of the page. The Start Center tab opens.
To create an active‑passive pair of NGINX Plus instances we need at least three public IP addresses: one static public IP address for each NGINX Plus instance and one virtual IP address to be assigned to the active NGINX Plus instance.
Click IP Manager in the main ProfitBricks menu bar above the My Data Center tab. The Manage IP Addresses window pops up.
In the Inspector column to the right of work area, name the server. For this example we are using HA Primary.
Click Add HDD Storage. The Create new attached Storage window pops up.
Leave all the other fields as they are. ProfitBricks automatically associates a private IP address with eth1; it appears in the Primary IP field after you launch the instance in Step 5.
Draw a line between the two icons by clicking on the circle on the bottom edge of the Internet Access icon and dragging the cursor to the leftmost circle on the top edge of the HA Primary icon, which corresponds to the eth0 interface. In our example, the circle for eth0 is red and the one for eth1 is green.
You can ignore the following warning in the popup window, because we’ll finish configuring the eth1 interface in Step 10:
NIC 1 [eth1] on "HA Primary" is unconnected and has no peers
When the instance launches successfully, you will receive an email from ProfitBricks with details about your setup, including the root password.
ssh
to connect to the newly created NGINX Plus instance, using the root password provided in the email from ProfitBricks. Follow the prompts to set a new password.In the same terminal window, install the NGINX Plus HA package on the primary NGINX Plus instance. This command is appropriate for Ubuntu:
$ apt-get install nginx-ha-keepalived
Now that we have a working NGINX Plus instance, we take a snapshot to use as the basis for the second (backup) instance in our HA pair. This way we don’t have to install NGINX Plus on the second instance.
Snapshot creation can take some time. You can track the progress by clicking Image Manager in the main ProfitBricks menu bar above the My Data Center tab, and opening the Snapshot tab in the Manage Images and Snap Shots window that pops up.
During snapshot creation you see the message in
process
. Once it is complete, you see a date and timestamp.
Click Add HDD Storage. The Create new attached Storage window pops up.
Leave all the other fields as they are. ProfitBricks automatically associates a private IP address with eth1; it appears in the Primary IP field after you launch the instance in Step 11.
ssh
to connect to the backup NGINX Plus instance. Because we used the snapshot of the primary instance as the basis for this instance, the root password is the same for both.In Step 7 you installed the NGINX Plus high availability package on the primary instance. The package is also available on the backup instance because you created the backup from a snapshot of the primary. In this step you configure high availability on both instances by running the nginx-ha-setup script included in the package.
Run the nginx-ha-setup command in both of the separate terminal windows for the primary and backup NGINX Plus instances, at the same time:
$ nginx-ha-setup
Follow the prompts, using the public IP addresses assigned to each instance.
When the configuration succeeds, you have a working, highly available, active‑passive pair of NGINX Pus instances. When both instances are healthy, the VIP is assigned to the primary. If the primary goes down, keepalived transfers the VIP to the backup.
Keep in mind that the NGINX Plus configuration must be the same on the primary and backup instances for functioning to remain the same when roles change. If you make changes to the NGINX Plus configuration on one instance, remember to make the same change on the other instance.
For complete information about NGINX Plus HA, see the NGINX Plus Admin Guide.
There are multiple ways you can test an NGINX Plus HA configuration. In the following example, we use the standard ip
command to force the primary instance to drop both IP addresses (its static address and the VIP) from its public interface (eth0), and confirm that the VIP moves to the backup instance.
Dropping both IP addresses makes the primary’s eth0 interface inaccessible, so instead of connecting directly to it, we connect first to the backup instance and from there to the internal eth1 interface on the primary instance. That is why we created eth1 interfaces on the primary and backup instances (in Step 3 and Step 9), then connected them in Step 10.
Working in one terminal, open an SSH connection to the internal IP address (mapped to eth1) of the primary instance. (To obtain the address in ProfitBricks, click on the HA Primary icon in the work area, open the Network tab in the Inspector column, and look in the Primary IP field for the eth1 interface.)
In the following steps, we will refer to this terminal as B2P (for “backup to primary”) and the other terminal as B (for “backup”).
Run this command in both terminals to check the HA state of each instance:
# Terminal B2P
$ cat /var/run/nginx-ha-keepalived.state
STATE=MASTER
# Terminal B
$ cat /var/run/nginx-ha-keepalived.state
STATE=BACKUP
In terminal B2P, run this command to list the IP addresses of eth0 on the primary instance:
# Terminal B2P$ ip addr show
The output confirms that the VIP is assigned to the primary instance.
Another way to verify the assignment of the VIP is to direct a request to it (either from a browser or with the curl
command). If the VIP is assigned to the primary, an entry corresponding to the request appears in the primary’s NGINX access log file, which is /var/log/nginx/access.log by default.
In terminal B2P, run this command to make the primary instance drop both IP addresses from eth0 (the primary’s static public address and the VIP):
# Terminal B2P$ ifdown eth0
As a result, keepalived moves the VIP to the backup instance.
Run this command in both terminals to check the HA state of each instance. The output is reversed from Step 3, indicating that the original backup is now the primary.
# Terminal B2P$ cat /var/run/nginx-ha-keepalived.state
STATE=BACKUP
# Terminal B
$ cat /var/run/nginx-ha-keepalived.state
STATE=MASTER
In terminal B, run this command:
# Terminal B$ ip addr show
The output verifies that the VIP is now assigned to the original backup instance. Again, you can direct a request to the VIP and verify that a corresponding entry appears in the NGINX access log file of the original backup instance rather than the original primary.
If you want to return to the original assignments of primary and backup, in terminal B2P run this command to have the primary reclaim the VIP:
# Terminal B2P$ ifup eth0
ProfitBricks is an easy‑to‑use cloud platform and with the addition of NGINX Plus you can create a highly available, full‑featured application delivery platform.
Want to get started with NGINX Plus? Sign up for a free 30-day trial today or contact us to discuss your use cases.
"This blog post may reference products that are no longer available and/or no longer supported. For the most current information about available F5 NGINX products and solutions, explore our NGINX product family. NGINX is now part of F5. All previous NGINX.com links will redirect to similar NGINX content on F5.com."