This guide provides step-by-step instructions on setting up load balancing for a static website using Nginx.
- Prerequisites
- Installation
- Configuration
- Testing
- SSL/TLS Configuration for Load Balanced Servers
- Updating DNS Records for Nginx Load Balancer Servers
- Additional Considerations
- License
- Linux servers with Nginx installed (at least two servers)
- Basic understanding of Linux commands
- Static website content ready for deployment
-
Install Nginx on each server:
sudo apt update sudo apt install nginx
-
Configure your static website:
- Place your static website content in a directory on each server (e.g.,
/var/www/html).
- Place your static website content in a directory on each server (e.g.,
-
Configure Nginx for Load Balancing:
-
Edit the Nginx configuration file on each server (usually
/etc/nginx/nginx.conf). -
Add the following block within the
httpblock:http { upstream mywebsite { server <server1_ip>; server <server2_ip>; # Add more servers as needed } server { listen 80; server_name <your_domain.com>; location / { proxy_pass http://mywebsite; } } }
Replace
<server1_ip>and<server2_ip>with the actual IP addresses of your servers.
-
-
Test Nginx Configuration:
-
Run the following command to check for syntax errors:
sudo nginx -t
-
If successful, you should see
nginx: configuration file /etc/nginx/nginx.conf test is successful.
-
-
Restart Nginx:
-
Apply the changes by restarting Nginx:
sudo service nginx restart
-
-
Update DNS:
- Point your domain's DNS records to the IP addresses of your Nginx load balancer servers.
-
Test Load Balancing:
- Visit your website using the domain name, and Nginx should distribute traffic evenly between your servers.
If your static website uses HTTPS and you have multiple servers set up for load balancing, you need to configure SSL/TLS certificates on each server. The following steps guide you through obtaining and configuring SSL certificates for Nginx with load balancing.
-
Option 1: Let's Encrypt (Recommended)
-
Install Certbot, the Let's Encrypt client:
sudo apt install certbot
-
Obtain SSL certificates for your domain:
sudo certbot certonly --nginx -d <your_domain.com>
-
Follow the prompts to complete the certificate generation process.
-
-
Option 2: Use Existing Certificates
- If you have SSL certificates from a certificate authority, make sure you have the certificate and private key files.
-
Open the Nginx configuration file for editing:
sudo nano /etc/nginx/nginx.conf
-
Add the SSL server block within the existing server block, including all servers in the
upstreamblock:http { upstream mywebsite { server server1_ip; server server2_ip; # Add more servers as needed } server { listen 80; server_name <your_domain.com>; location / { proxy_pass http://mywebsite; } } server { listen 443 ssl; server_name <your_domain.com>; ssl_certificate /etc/letsencrypt/live/<your_domain.com>/fullchain.pem; # Update path accordingly ssl_certificate_key /etc/letsencrypt/live/<your_domain.com>/privkey.pem; # Update path accordingly ssl_protocols TLSv1.2 TLSv1.3; ssl_prefer_server_ciphers off; ssl_ciphers 'TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384'; # Other SSL/TLS settings (optional) ssl_session_timeout 1d; ssl_session_cache shared:MozSSL:10m; ssl_session_tickets off; location / { proxy_pass http://mywebsite; } } }
- Update
<your_domain.com>,server1_ip, andserver2_ipwith your actual domain and server IP addresses. - If you used Let's Encrypt, replace
/etc/letsencrypt/live/<your_domain.com>with the correct path.
- Update
-
Save the configuration file.
-
Run the following command to check for syntax errors:
sudo nginx -t
-
If successful, restart Nginx to apply the changes:
sudo service nginx restart
- Point your domain's DNS records to the IP addresses of your Nginx load balancer servers.
- Visit your website using
https://<your_domain.com>. Your browser should show a secure connection.
To ensure that your domain correctly points to the IP addresses of your Nginx load balancer servers, you need to update the DNS records at your domain registrar. Follow the steps below to achieve this.
- Visit the website of the company where you registered your domain (e.g., GoDaddy, Namecheap).
- Log in to your account.
- Navigate to the domain management or DNS settings section of your account. Look for options like "DNS Management" or "Domain Settings."
- Look for a section that displays your domain's DNS records. This might be labeled as "DNS Records" or "Name Servers."
- Locate the A records or DNS entries associated with your domain. These records specify the IP addresses where your domain points.
- Update the IP addresses to the ones of your Nginx load balancer servers. You will typically find fields for the hostname (usually '@' or your domain name) and IP address.
- After updating the A records, save your changes. This process may take some time to propagate throughout the internet.
- To confirm the update, you can use online DNS lookup tools or wait for the changes to propagate and then visit your website using your domain name in a web browser.
- Before:
- A Record:
@points toOld_IP_Address
- A Record:
- After:
- A Record:
@points toNew_Load_Balancer_IP
- A Record:
Remember that DNS changes might take some time to propagate, and during this period, some users might still be directed to the old IP address. It's generally a good practice to make DNS changes during periods of low traffic or with a low TTL (Time To Live) setting for faster propagation.
If you are unsure about any step, it's recommended to check the documentation of your specific domain registrar or contact their support for assistance.
- Monitoring: Implement monitoring tools to keep an eye on server health and performance.
- Automation: Consider using configuration management tools like Ansible, Puppet, or Chef for automating the SSL/TLS setup process across multiple servers.
This project is licensed under the MIT License. See the LICENSE file for details.