X
Popular Searches

How to Configure NGINX for Basic Load Balancing

NGINX Logo
NGINX

NGINX is commonly used as a web server, but it also does a great job of acting as a reverse proxy and load balancer—a network device designed to handle the bulk of your traffic and route requests to multiple different web servers.

How NGINX Load Balancing Works

The basic principle of a Load Balancer is that it sits between the user and a set of servers, and proxies requests for them. Usually this is done with two or more servers, so that traffic can be distributed more easily between them.

An NGINX Load Balancer.

Most of the configuration happens in how NGINX selects which server to route to. The default is round-robin, which will send requests to each server in order, ensuring an equal load distribution.

However, it’s not always that simple. Many web applications require some form of session persistence, which means that the user must be accessing the same server for their whole session. For example, a shopping cart might be stored locally on one application server, and if the user switches servers mid-session, the application could glitch out. Of course, many of these scenarios can be fixed with better application infrastructure and centralized datastores, but session persistence is required by many people.

In NGINX, the set of servers that you route to is known as an upstream, and is configured like an enumerated list of addresses:

upstream backend {
    server backend1.example.com weight=5;
    server backend2.example.com;
}

These upstreams have a lot of options; here, we’ve set a weight, which will prioritize this server more often (particularly useful if you have different sizes). You can also set the max connnections and various timeouts. If you’re using NGINX Plus, you can also set up health checks so that connections don’t get routed to unhealthy servers.

The most basic form of session persistence is using an IP hash. NGINX will use the IP to identify users and then make sure that these users don’t switch servers mid-session:

upstream backend {
    ip_hash;
    server backend1.example.com;
    server backend2.example.com;
}

The IP hash is required for socket-based applications and anything requiring persistence. If you don’t want to use the IP address, you can customize this hash:

upstream backend {
    hash $scheme$request_uri consistent;
    server backend1.example.com;
    server backend2.example.com;
}

If you don’t need any kind of session persistence, you can make the round-robin selection a little smarter by selecting which server has the least connections:

upstream backend {
    least_conn;
    server backend1.example.com;
    server backend2.example.com;
}

Or, based on which one is currently responding fastest:

upstream backend {
    least_time (header | last_byte);
    server backend1.example.com;
    server backend2.example.com;
}

NGINX Plus has a few other forms of session persistence, but IP hashing will work for most applications.

Proxying to s Backend

Once you’ve got your backend configured, you can send requests to it from within your location blocks, using proxy_pass with a URI to the backend.

server {
    listen 80;
    server_name example.com;
    location / {
        proxy_pass http://backend;
    }
}

Of course, if you’re using HTTPS, you’ll need to send the request with HTTPS:

server {
    listen      443 ssl;
    server_name example.com;

    ssl_certificate        /etc/ssl/certs/server.crt;
    ssl_certificate_key    /etc/ssl/certs/server.key;
    ssl_client_certificate /etc/ssl/certs/ca.crt;

    location /{
       proxy_pass https://backend;
    }
}
Anthony Heddings Anthony Heddings
Anthony Heddings is the resident cloud engineer for LifeSavvy Media, a technical writer, programmer, and an expert at Amazon's AWS platform. He's written hundreds of articles for How-To Geek and CloudSavvy IT that have been read millions of times. Read Full Bio »

The above article may contain affiliate links, which help support CloudSavvy IT.