Even the most secure data center cannot prevent hardware from failing from time to time. Therefore, for business-critical processes, it is useful to set up servers redundantly so that if one server fails, your entire infrastructure does not go down.
In this guide, we will show you how to set up an Nginx server redundantly and with load balancing. We will use:
- two VPSs
- HA-IP Pro (Proxy)
- one SSL certificate
- one domain name
You can also scale this setup to multiple VPSs and domains. The process described in this article remains the same.
- Do you host dynamic websites and are looking for how to set up your database server redundantly as well? Check out our redundancy tutorial series.
- The goal of this setup is redundancy so that if an availability zone becomes unreachable, your website remains online. Therefore, we recommend geographically separating your VPSs, for example, placing one in Amsterdam and one in Delft (RTM).
Configuring HA-IP Pro
TL;DR: Set up your HA-IP Pro as shown in the screenshot in step 1.
In your control panel, go to your HA-IP Pro and click on the gear icon next to 'Overview'.
Step 2
Check the boxes under 'Attached' for the VPSs you want to use.
If you are using many VPSs, you can use the 'Search VPS' options to search by VPS name or click on 'All available VPSs' to display an overview of all your VPSs.
Step 3
Go back to the previous page and now click on the gear icon next to 'HA-IP Settings'.
Step 4
Adjust your HA-IP Pro settings as follows:
-
Load balancing: determines the load balancing method. You are free to choose any option here.
-
Port settings: Add the following port settings:
Name: HTTP HA-IP port: 80 Mode: PROXY VPS port: 80 SSL to VPS: off
Name: HTTPS HA-IP port: 443 Mode: PROXY VPS port: 443 SSL to VPS: off
In PROXY mode, all traffic including all information from the original request is forwarded. In this Knowledge Base article, we explain the differences between the forwarding modes in more detail.
-
IPv6 configuration: You are also free to choose here, see this guide for more information. VPSs using DHCP network configuration can use the default option 'IPv6 enabled'.
-
Health checks: this option checks whether the ports of the linked VPSs are accepting traffic. Enter a value between 2 and 5 seconds here. You can also optionally use HTTP health checks, see this article.
-
Reverse DNS: Set a subdomain here for reverse DNS checks. Don't forget to actually point this subdomain to your HA-IP Pro in your DNS settings.
Now proceed to the next section. Thanks to the use of PROXY mode, you do not need to set up an SSL certificate in your HA-IP Pro settings.
Configuring DNS
Set up the DNS records for your domain to point to your HA-IP Pro.
- The root (@) and wildcard (*) records point to your HA-IP Pro. Use the IPv4 and IPv6 addresses of your HA-IP Pro, see step 1 in the previous section. This ensures your domain (e.g. example.com), Reverse DNS (e.g. mail.example.com) and any other subdomains (e.g. www.example.com) are covered.
- Any other records such as MX records or records to point to the hostnames of your VPSs are optional.
Configuring your VPSs
For the configuration of your VPSs, we will set up one VPS. Then you create a snapshot and restore it to the second VPS. Finally, you adjust the network configuration on the second VPS.
Step 1
Connect to your VPS via SSH or the VPS console in the TransIP control panel.
Step 2
Install Nginx with PHP support on your VPS, see for example our guides for Ubuntu or CentOS Stream/AlmaLinux/RockyLinux (don't forget to open ports 80 and 443 in your firewall(s)).
Then install a (Sectigo) SSL certificate on your server, see this guide.
Step 3
Open the server block of your domain, for example:
nano /etc/nginx/sites-available/example.com
Step 4
Adjust the server block as shown in this example. Replace example.com with your own domain name. Tip: use SSH instead of the VPS console, so you can copy the code below and paste it into the opened file.
server {
root /var/www/example.com/html;
index index.php index.html index.htm index.nginx-debian.html;
server_name example.com www.example.com;
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/run/php-fpm/www.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
listen [::]:443 ssl ipv6only=on proxy_protocol;
listen 443 ssl proxy_protocol;
ssl_certificate /etc/pki/nginx/example.com/ssl-bundle.crt;
ssl_certificate_key /etc/pki/nginx/example.com/certificate.key;
ssl_prefer_server_ciphers on;
## OCSP Stapling
resolver 127.0.0.1;
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/pki/nginx/example.com/ssl-bundle.crt;
}
server {
if ($host = example.com) {
return 301 https://$host$request_uri;
}
listen 80 proxy_protocol;
listen [::]:80 proxy_protocol;
server_name example.com www.example.com;
return 404;
}- With this setup, HTTP traffic is redirected to HTTPS
- Nginx has excellent PROXY support for load balance setups. The listen directive addition proxy_protocol is the only thing needed in an already correctly configured server block to enable PROXY support.
Step 5
Save the changes and close the file (ctrl + x > y > enter). Then restart Nginx to apply the changes.
systemctl restart nginxGetting an error message? Then check your configuration with:
nginx -t
Step 6
Create a snapshot of your VPS and restore it to the second VPS.
Testing
Your setup is now ready! A fun way to test it is to create a test file on your server, e.g., /var/www/example.com/html/test.html and add the following content:
<!DOCTYPE html>
<html>
<head>
<title>HA-IP Sample</title>
</head>
<body>
<p>Server 1</p>
</body>
</html>On server 2, give the file the same content but with the text Server 2. You can now test the operation of your setup in your browser by going to the test.html page on your domain (e.g., example.com/test.html) and reloading the page several times. If you are not using a round-robin load balancing method, turn off Nginx on one of the VPSs to test the operation.
This concludes our guide for setting up a redundant Nginx setup with two VPSs and HA-IP Pro.
Should you have any questions based on this article, please do not hesitate to contact our support department. You can reach them via the 'Contact Us' button at the bottom of this page.