Nginx - TCP balancer
ezmobius at gmail.com
Thu Jun 12 00:00:00 MSD 2008
On Jun 11, 2008, at 12:09 PM, Kamil Gorlo wrote:
> Hi all,
> I have question about Nginx "features". Is it possible to run Nginx as
> a transparent load balancer (which works on TCP layer, not HTTP)??
> My case is that I have 5 of backends (strong, 4 core machines) which
> communicates with users over HTTPS (it's some kind of authentication
> service - user sends short https requests, get response, and does not
> keep connection any more; so user spends only few seconds on this
> service, but there are many users). Till today I was using simple dns
> balancing between those machines, but now I need something more
> So, I have another 2 machines (this time, they have only single core)
> which I want to be load balancers. But they cannot work on HTTP layer,
> as a standard load balancer, because of SSL - they simply does not
> have resources to do this SSL stuff. My idea is to use some kind of
> transparent load balancer on those machines - they should only forward
> requests to backends and all resource consuming work should be done on
> backends (SSL handshake, etc.).
> Can Nginx do that? If not, do you know any tools which can work as TCP
> balancers (I found HAProxy, but haven't tested it)?
> Do you have any experience in similar situations?
> Best regards,
We run a setup similar to this where we have hundreds of VM's running
nginx and doing ssl and we run a pair of boxes in front of these with
LVS(linux virtual server) and heartbeat/keepalived to do the raw tcp
load balancing. This scales very well, in each cluster we have 500 or
so VM's running nginx fronted by a pair of LVS machines balancing all
traffic to all the slices.
Haproxy is good for this as well and may be a bit simpler to setup,
but LVS outperforms haproxy in this situation and scales *very* well.
- Ezra Zygmuntowicz
-- Founder & Software Architect
-- ezra at engineyard.com
More information about the nginx