From 3d197e4db9d40277ec424112deb5cab639828ea1 Mon Sep 17 00:00:00 2001 From: MV <40579254+MV1205@users.noreply.github.com> Date: Sun, 4 May 2025 15:14:35 -0700 Subject: [PATCH 01/36] Update high-availability-keepalived.md Edit the text and titles to adhere to style guide rules. --- .../high-availability-keepalived.md | 157 ++++++++++++++---- 1 file changed, 122 insertions(+), 35 deletions(-) diff --git a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md index d47052c85..69c54ccb8 100644 --- a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md +++ b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md @@ -9,95 +9,126 @@ type: - how-to --- -This guide explains how to create a highly available (HA) active‑passive deployment of F5 NGINX Plus in the [Amazon Web Services](https://aws.amazon.com/) (AWS) cloud. It combines the `keepalived`‑based solution for high availability (provided by NGINX for on‑premises HA deployments) with the AWS Elastic IP address feature. +This guide shows how to set up a highly available (HA) active‑passive deployment of F5 NGINX Plus in the [Amazon Web Services](https://aws.amazon.com/) (AWS) cloud. The solution combines keepalived with AWS Elastic IP address features. -NGINX also provides a [solution for active‑active HA of NGINX Plus in AWS]({{< ref "high-availability-network-load-balancer.md" >}}), using AWS Network Load Balancer. +Refer to [AWS Network Load Balancer solution]({{< ref "high-availability-network-load-balancer.md" >}}) for active-active HA of NGINX Plus in AWS. + ## Overview -The [supported solution for HA deployment]({{< ref "nginx/admin-guide/high-availability/ha-keepalived.md" >}}) of NGINX Plus that uses `keepalived` is designed for on‑premises deployments. It is typically not viable in cloud environments, such as AWS, because of the networking restrictions they impose. +The [supported solution for HA deployment]({{< ref "nginx/admin-guide/high-availability/ha-keepalived.md" >}}) of NGINX Plus that uses `keepalived` is for on‑premises deployments. It is typically not viable in cloud environments, such as AWS, because of the networking restrictions they impose. -One method for deploying NGINX Plus in a highly available manner on AWS is to use ELB in front of NGINX Plus instances. However, the method has several disadvantages: +One method for deploying NGINX Plus in a highly available manner on AWS is to use ELB in front of NGINX Plus instances. But, the method has several disadvantages: - It increases the cost of your deployment. -- It limits the number of protocols NGINX Plus and your applications can support. In particular, ELB does not support UDP load balancing. -- It does not provide a single static IP address for NGINX Plus instances, which is a crucial requirement for some applications. -This guide explains how to create an active‑passive HA deployment of NGINX Plus on AWS that doesn’t require ELB and thus isn't subject to its disadvantages. It combines the `keepalived`‑based solution with AWS’s [Elastic IP address](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html) feature. Most importantly, this method addresses the requirement for a single IP address: as long as the primary NGINX Plus instance is operating correctly, it has the Elastic IP address. If the primary fails, the backup instance becomes the primary and reassociates the Elastic IP address with itself, as shown in the figure. +- It limits the number of protocols NGINX Plus and your applications can support. In particular, ELB does not support UDP load balancing. + +- It does not provide a single static IP address for NGINX Plus instances, which is a crucial need for some applications. + +This guide explains how to create an active‑passive HA deployment of NGINX Plus on AWS that doesn’t need ELB and thus isn't subject to its disadvantages. It combines the `keepalived`‑based solution with AWS’s [Elastic IP address](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html) feature. Most importantly, this method addresses the need for a single IP address: as long as the primary NGINX Plus instance is operating correctly, it has the Elastic IP address. If the primary fails, the backup instance becomes the primary and reassociates the Elastic IP address with itself, as shown in the figure. -When two NGINX Plus nodes hosted in AWS share an elastic IP address, the address switches to the backup automatically when the primary goes down, preserving high availability +When two NGINX Plus nodes hosted in AWS share an elastic IP address, the address switches to the backup automatically when the primary goes down, preserving high availability -As an alternative to ELB, you can use Route 53 to distribute traffic among NGINX Plus instances, relying only on DNS load balancing. However, clients as well as intermediate DNS servers often cache DNS records as specified by the TTL value in the record, so there can be a delay in propagation of the updated records to the clients. This can lead to increased downtime of your applications as observed by clients. Such an update can happen when Route 53 detects the failure of an NGINX Plus instance and removes the corresponding record. In contrast, when you use the HA solution along with Route 53, the record usually doesn’t change because the IP address stays the same, and there is no TTL‑related problem. +As an alternative to ELB, you can use Route 53 to distribute traffic among NGINX Plus instances, relying only on DNS load balancing. However, clients as well as intermediate DNS servers often cache DNS records as specified by the TTL value in the record, so there can be a delay in propagation of the updated records to the clients. This can lead to increased downtime of your applications as observed by clients. Such an update can happen when Route 53 detects the failure of an NGINX Plus instance and removes the corresponding record. In contrast, when you use the HA solution along with Route 53, the record usually doesn’t change because the IP address stays the same, and there is no TTL‑related problem. -**Notes:** +Notes: + +- We have successfully tested the instructions on Ubuntu 16.04 LTS (Xenial Xerus) and CentOS 7, with `keepalived` installed from the respective OS vendor repositories. -- We have successfully tested the instructions on Ubuntu 16.04 LTS (Xenial Xerus) and CentOS 7, with `keepalived` installed from the respective OS vendor repositories. - Except as noted, perform all steps on both the primary and backup instance. -- The solution is not covered by your NGINX Plus support contract. -- In addition to the [active‑active HA solution]({{< ref "high-availability-network-load-balancer.md" >}}) mentioned above, NGINX offers a solution based on [AWS Lambda](https://aws.amazon.com/lambda/) which does not require installation of any additional software on the NGINX Plus instances. The [NGINX Professional Services](https://www.nginx.com/services/) team can deploy and configure the Lambda‑based solution for you and provide support. + +- The solution is not covered by your NGINX Plus support contract. + +- Also the [active‑active HA solution]({{< ref "high-availability-network-load-balancer.md" >}}) mentioned above, NGINX offers a solution based on [AWS Lambda](https://aws.amazon.com/lambda/) which does not need installation of any extra software on the NGINX Plus instances. The [NGINX Professional Services](https://www.nginx.com/services/) team can deploy and configure the Lambda‑based solution for you and provide support. -## Step 1 – Launch Two NGINX Plus Instances -The scripts in the HA solution use the AWS API to associate an Elastic IP address with an NGINX Plus instance, and so must have credentials for accessing the API. AWS uses _IAM roles_ to handle credentials, so you need to create a role and attach it to each NGINX Plus instance. Perform these steps (for step‑by‑step instructions, see the [AWS documentation](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html)): +## Step 1 – Launch two NGINX Plus instances + +The scripts in the HA solution use the AWS API to associate an Elastic IP address with an NGINX Plus instance, and so must have credentials for accessing the API. AWS uses IAM roles to handle credentials, so you need to create a role and attach it to each NGINX Plus instance. Perform these steps (for step‑by‑step instructions, see the [AWS documentation](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html)): 1. Create an IAM role and attach the following custom policy to it. The instance to which the policy applies can manipulate the Elastic IP address (adopt or release it) as well as perform the two indicated `Describe` actions. ```json + { + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Action": [ + "ec2:AssociateAddress", + "ec2:DescribeInstances", + "ec2:DescribeAddresses", + "ec2:DisassociateAddress" + ], + "Resource": "*" + } + ] + } + ``` - Alternatively, you can use the `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` environment variables to provide credentials to the HA scripts, as shown in [Step 5](#ha-aws_keepalived-configure). + Or, you can use the `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` environment variables to provide credentials to the HA scripts, as shown in [Step 5](#ha-aws_keepalived-configure). -2. Launch two instances and [install NGINX Plus]({{< ref "nginx/admin-guide/installing-nginx/installing-nginx-plus-amazon-web-services.md" >}}) on each. (As noted, we tested the instructions on Ubuntu 16.04 LTS and CentOS 7.) +2. Launch two instances and [install NGINX Plus]({{< ref "nginx/admin-guide/installing-nginx/installing-nginx-plus-amazon-web-services.md" >}}) on each. (As noted, we tested the instructions on Ubuntu 16.04 LTS and CentOS 7.) 3. Attach this IAM role to the instance. -## Step 2 – Allocate an Elastic IP Address + +## Step 2 – Allocate an Elastic IP address Allocate an Elastic IP address and remember its ID. For detailed instructions, see the [AWS documentation](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html#using-instance-addressing-eips-allocating). + ## Step 3 – Install `keepalived`, `wget`, and the AWS CLI -1. Install two packages from your OS vendor’s repository: the **keepalived** package and **wget**, which is used by the HA scripts. +1. Install two packages from your OS vendor’s repository: the keepalived and wget. The HA scripts will use these. - On Ubuntu systems: ```shell + sudo apt-get install keepalived wget + ``` - On CentOS systems: ```shell + sudo yum install keepalived wget + ``` -2. Follow the instructions in the [AWS documentation](https://docs.aws.amazon.com/cli/latest/userguide/installing.html) to install the AWS CLI. +2. Follow the instructions in the [AWS documentation](https://docs.aws.amazon.com/cli/latest/userguide/installing.html) to install the AWS CLI. -## Step 4 – Download the HA Scripts -The NGINX Plus HA solution uses two scripts, which are invoked by `keepalived`: +## Step 4 – Download the HA scripts + +The NGINX Plus HA solution uses two scripts, which are invoked by `keepalived`: + +- nginx-ha-check – Determines the health of NGINX Plus. -- nginx-ha-check – Determines the health of NGINX Plus. - nginx-ha-notify – Moves the Elastic IP address when a state transition happens, for example when the backup instance becomes the primary. 1. Create a directory for the scripts, if it doesn’t already exist. @@ -105,61 +136,93 @@ The NGINX Plus HA solution uses two scripts, which are invoked by `keepalived`: - On Ubuntu systems: ```shell + sudo mkdir -p /usr/lib/keepalived + ``` - On CentOS systems: ```shell + sudo mkdir -p /usr/libexec/keepalived + ``` 2. Download the scripts from our [GitHub repository](https://github.com/nginxinc/aws-ha-elastic-ip) into the created directory. + ## Step 5 – Configure `keepalived` and the HA Scripts There are two configuration files for the HA solution: -- **keepalived.conf** – The main configuration file for `keepalived`, slightly different for each NGINX Plus instance. -- nginx-ha-notify – The script you downloaded in [Step 4](#ha-aws_ha-scripts), with several user‑defined variables. +- keepalived.conf – The main configuration file for `keepalived`, slightly different for each NGINX Plus instance. + +- nginx-ha-notify – The script you downloaded in [Step 4](#ha-aws_ha-scripts), with several user‑defined variables. + ### Creating keepalived.conf -In the **/etc/keepalived** folder create a file named **keepalived.conf** with the following content. +In the /etc/keepalived folder create a file named keepalived.conf with the following content. ```nginx + vrrp_script chk_nginx_service { + script "" + interval 3 + weight 50 + } + vrrp_instance VI_1 { + interface eth0 + priority + virtual_router_id 51 + advert_int 1 + unicast_src_ip + unicast_peer { + + } + authentication { + auth_type PASS + auth_pass + } + track_script { + chk_nginx_service + } + notify "" + } + ``` -You must change values for the following configuration keywords (as you do so, also remove the angle brackets enclosing the placeholder value): +You must change values for the following configuration keywords. As you do so, remove the angle brackets enclosing the placeholder value: -- `script` in the `chk_nginx_service` block – The script that sends health checks to NGINX Plus. +- `script` in the `chk_nginx_service` block – The script that sends health checks to NGINX Plus. - On Ubuntu systems, /usr/lib/keepalived/nginx-ha-check + - On CentOS systems, /usr/libexec/keepalived/nginx-ha-check - `priority` – The value that controls which instance becomes primary, with a higher value meaning a higher priority. Use `101` for the primary instance and `100` for the backup. @@ -173,42 +236,59 @@ You must change values for the following configuration keywords (as you do so, a - `notify` – The script that is invoked during a state transition. - On Ubuntu systems, /usr/lib/keepalived/nginx-ha-notify + - On CentOS systems, /usr/libexec/keepalived/nginx-ha-notify + ### Creating nginx-ha-notify -Modify the user‑defined variables section of the nginx-ha-notify script, replacing each `` placeholder with the value specified in the list below: +Change the user‑defined variables section of the nginx-ha-notify script, replacing each `` placeholder with the value specified in the list below: ```none + export AWS_ACCESS_KEY_ID= + export AWS_SECRET_ACCESS_KEY= + export AWS_DEFAULT_REGION= + HA_NODE_1= + HA_NODE_2= + ALLOCATION_ID= + ``` - `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` – The credentials for accessing the AWS API. Set them only when an IAM instance profile isn’t used. Otherwise, delete the corresponding two lines. + - `AWS_DEFAULT_REGION` – The AWS region of your deployment. -- `HA_NODE_1` and `HA_NODE_2` – The internal or private DNS names of the two NGINX Plus instances. + +- `HA_NODE_1` and `HA_NODE_2` – The internal or private DNS names of the two NGINX Plus instances. + - `ALLOCATION_ID` – The ID of the allocated Elastic IP address. + ## Testing Run this command on both instances to start the `keepalived` daemon: ```shell + sudo service keepalived start + ``` -The instance with the higher priority becomes the primary. As a result, the Elastic IP address becomes associated with the primary instance, as confirmed on the AWS Console. +The instance with the higher priority becomes the primary. As a result, the Elastic IP address becomes associated with the primary instance, as confirmed on the AWS Console. To check the instance state, run: ```shell + cat /var/run/nginx-ha-keepalived.state + ``` The command outputs `STATE=MASTER` on the primary instance and `STATE=BACKUP` otherwise. @@ -216,29 +296,36 @@ The command outputs `STATE=MASTER` on the primary instance and `STATE=BACKUP` ot You can simulate the failure of the primary by stopping the `keepalived` daemon: ```shell + sudo service keepalived stop + ``` -Check the state on the backup instance, confirming that it has transitioned to `MASTER`. Additionally, in the AWS Console the Elastic IP address is now associated with the new primary instance. +Check the state on the backup instance, confirming that it has transitioned to `MASTER`. In the AWS Console, the Elastic IP address is now associated with the new primary instance. + ## Troubleshooting If the solution doesn’t work as expected, check the `keepalived` logs, which are written to /var/log/syslog. Also, you can manually run the commands that invoke the `awscli` utility in the nginx-ha-notify script to check that the utility is working properly. + ## Caveats -- In most of our tests it took 5 to 6 seconds for the Elastic IP address to be reassigned. +- In most of our tests it took five to six seconds for the Elastic IP address to be reassigned. + - Elastic IP address reassignment is not free; see [Amazon EC2 Pricing](https://aws.amazon.com/ec2/pricing/). -- Because the solution relies on the AWS APIs to reassociate the Elastic IP address, in some rare scenarios – such as flip‑flopping (the instances change state rapidly) or split‑brain (the instances lose connectivity with each other) – it is possible for the Elastic IP address not to end up associated with the primary. We were not able to reproduce these scenarios in our testing, however. If they occur, restart `keepalived` on both instances. + +- AWS API issues may prevent the Elastic IP from associating with the primary instance during flip-flopping or split-brain scenarios (though we couldn’t reproduce these in testing). If this happens, restart ‘keepalived’ on both instances.​​​​​​​​​​​​​​​​ + ## Resources [Download the HA solution from the NGINX GitHub repository](https://github.com/nginxinc/aws-ha-elastic-ip). ### Revision History -- Version 1 (May 2017) – Initial version (NGINX Plus Release 12) +- Version 1 (May 2017) – Initial version (NGINX Plus Release 12) From b139803a620c599091357597a2b23043cd6a6392 Mon Sep 17 00:00:00 2001 From: MV <40579254+MV1205@users.noreply.github.com> Date: Mon, 5 May 2025 17:34:03 -0700 Subject: [PATCH 02/36] Update high-availability-keepalived.md Co-authored-by: Mike Jang <3287976+mjang@users.noreply.github.com> --- .../amazon-web-services/high-availability-keepalived.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md index 69c54ccb8..c6149e2e5 100644 --- a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md +++ b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md @@ -9,7 +9,7 @@ type: - how-to --- -This guide shows how to set up a highly available (HA) active‑passive deployment of F5 NGINX Plus in the [Amazon Web Services](https://aws.amazon.com/) (AWS) cloud. The solution combines keepalived with AWS Elastic IP address features. +This guide shows how to set up a high availability (HA) active‑passive deployment of F5 NGINX Plus in the [Amazon Web Services](https://aws.amazon.com/) (AWS) cloud. The solution combines keepalived with AWS Elastic IP address features. Refer to [AWS Network Load Balancer solution]({{< ref "high-availability-network-load-balancer.md" >}}) for active-active HA of NGINX Plus in AWS. From 3890598bee6eb9efd320363c2152619dfe647e93 Mon Sep 17 00:00:00 2001 From: MV <40579254+MV1205@users.noreply.github.com> Date: Mon, 5 May 2025 17:35:37 -0700 Subject: [PATCH 03/36] Update high-availability-keepalived.md Co-authored-by: Mike Jang <3287976+mjang@users.noreply.github.com> --- .../amazon-web-services/high-availability-keepalived.md | 1 - 1 file changed, 1 deletion(-) diff --git a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md index c6149e2e5..e1c333d8c 100644 --- a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md +++ b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md @@ -24,7 +24,6 @@ One method for deploying NGINX Plus in a highly available manner on AWS is to us - It increases the cost of your deployment. - It limits the number of protocols NGINX Plus and your applications can support. In particular, ELB does not support UDP load balancing. - - It does not provide a single static IP address for NGINX Plus instances, which is a crucial need for some applications. This guide explains how to create an active‑passive HA deployment of NGINX Plus on AWS that doesn’t need ELB and thus isn't subject to its disadvantages. It combines the `keepalived`‑based solution with AWS’s [Elastic IP address](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html) feature. Most importantly, this method addresses the need for a single IP address: as long as the primary NGINX Plus instance is operating correctly, it has the Elastic IP address. If the primary fails, the backup instance becomes the primary and reassociates the Elastic IP address with itself, as shown in the figure. From edefa49c5e035d5081a332de24e3f4007e395bf3 Mon Sep 17 00:00:00 2001 From: MV <40579254+MV1205@users.noreply.github.com> Date: Mon, 5 May 2025 17:37:21 -0700 Subject: [PATCH 04/36] Update high-availability-keepalived.md Co-authored-by: Mike Jang <3287976+mjang@users.noreply.github.com> --- .../amazon-web-services/high-availability-keepalived.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md index e1c333d8c..56e3557e3 100644 --- a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md +++ b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md @@ -11,7 +11,7 @@ type: This guide shows how to set up a high availability (HA) active‑passive deployment of F5 NGINX Plus in the [Amazon Web Services](https://aws.amazon.com/) (AWS) cloud. The solution combines keepalived with AWS Elastic IP address features. -Refer to [AWS Network Load Balancer solution]({{< ref "high-availability-network-load-balancer.md" >}}) for active-active HA of NGINX Plus in AWS. +NGINX also provides a [solution for active‑active HA of NGINX Plus in AWS]({{< ref "high-availability-network-load-balancer.md" >}}), using AWS Network Load Balancer. From b68a90c4f18abdec6c25c847b5ee90b0a4f7495d Mon Sep 17 00:00:00 2001 From: MV <40579254+MV1205@users.noreply.github.com> Date: Mon, 5 May 2025 17:37:28 -0700 Subject: [PATCH 05/36] Update high-availability-keepalived.md Co-authored-by: Mike Jang <3287976+mjang@users.noreply.github.com> --- .../amazon-web-services/high-availability-keepalived.md | 1 - 1 file changed, 1 deletion(-) diff --git a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md index 56e3557e3..4411708bb 100644 --- a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md +++ b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md @@ -14,7 +14,6 @@ This guide shows how to set up a high availability (HA) active‑passive deploym NGINX also provides a [solution for active‑active HA of NGINX Plus in AWS]({{< ref "high-availability-network-load-balancer.md" >}}), using AWS Network Load Balancer. - ## Overview The [supported solution for HA deployment]({{< ref "nginx/admin-guide/high-availability/ha-keepalived.md" >}}) of NGINX Plus that uses `keepalived` is for on‑premises deployments. It is typically not viable in cloud environments, such as AWS, because of the networking restrictions they impose. From b9dd8e6ed3d972883d975b6ad0564a0e237beb01 Mon Sep 17 00:00:00 2001 From: MV <40579254+MV1205@users.noreply.github.com> Date: Mon, 5 May 2025 17:37:40 -0700 Subject: [PATCH 06/36] Update high-availability-keepalived.md Co-authored-by: Mike Jang <3287976+mjang@users.noreply.github.com> --- .../amazon-web-services/high-availability-keepalived.md | 1 - 1 file changed, 1 deletion(-) diff --git a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md index 4411708bb..101794719 100644 --- a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md +++ b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md @@ -21,7 +21,6 @@ The [supported solution for HA deployment]({{< ref "nginx/admin-guide/high-avail One method for deploying NGINX Plus in a highly available manner on AWS is to use ELB in front of NGINX Plus instances. But, the method has several disadvantages: - It increases the cost of your deployment. - - It limits the number of protocols NGINX Plus and your applications can support. In particular, ELB does not support UDP load balancing. - It does not provide a single static IP address for NGINX Plus instances, which is a crucial need for some applications. From 85f435d3f84a0cf1e89c683a21dee10194501157 Mon Sep 17 00:00:00 2001 From: MV <40579254+MV1205@users.noreply.github.com> Date: Mon, 5 May 2025 17:38:10 -0700 Subject: [PATCH 07/36] Update high-availability-keepalived.md Co-authored-by: Mike Jang <3287976+mjang@users.noreply.github.com> --- .../amazon-web-services/high-availability-keepalived.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md index 101794719..a2997e928 100644 --- a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md +++ b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md @@ -30,7 +30,7 @@ This guide explains how to create an active‑passive HA deployment of NGINX Plu As an alternative to ELB, you can use Route 53 to distribute traffic among NGINX Plus instances, relying only on DNS load balancing. However, clients as well as intermediate DNS servers often cache DNS records as specified by the TTL value in the record, so there can be a delay in propagation of the updated records to the clients. This can lead to increased downtime of your applications as observed by clients. Such an update can happen when Route 53 detects the failure of an NGINX Plus instance and removes the corresponding record. In contrast, when you use the HA solution along with Route 53, the record usually doesn’t change because the IP address stays the same, and there is no TTL‑related problem. -Notes: +**Notes:** - We have successfully tested the instructions on Ubuntu 16.04 LTS (Xenial Xerus) and CentOS 7, with `keepalived` installed from the respective OS vendor repositories. From 188bcc73e170c12b6fce2857bc1e6440ccb1ff82 Mon Sep 17 00:00:00 2001 From: MV <40579254+MV1205@users.noreply.github.com> Date: Mon, 5 May 2025 17:38:24 -0700 Subject: [PATCH 08/36] Update high-availability-keepalived.md Co-authored-by: Mike Jang <3287976+mjang@users.noreply.github.com> --- .../amazon-web-services/high-availability-keepalived.md | 1 - 1 file changed, 1 deletion(-) diff --git a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md index a2997e928..78d73ad16 100644 --- a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md +++ b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md @@ -33,7 +33,6 @@ As an alternative to ELB, you can use Route 53 to distribute traffic among NGINX **Notes:** - We have successfully tested the instructions on Ubuntu 16.04 LTS (Xenial Xerus) and CentOS 7, with `keepalived` installed from the respective OS vendor repositories. - - Except as noted, perform all steps on both the primary and backup instance. - The solution is not covered by your NGINX Plus support contract. From 7cac7ae9ccdbfc853ec14baf57603e4639f8386f Mon Sep 17 00:00:00 2001 From: MV <40579254+MV1205@users.noreply.github.com> Date: Mon, 5 May 2025 17:38:38 -0700 Subject: [PATCH 09/36] Update high-availability-keepalived.md Co-authored-by: Mike Jang <3287976+mjang@users.noreply.github.com> --- .../amazon-web-services/high-availability-keepalived.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md index 78d73ad16..c0449dac2 100644 --- a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md +++ b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md @@ -34,9 +34,7 @@ As an alternative to ELB, you can use Route 53 to distribute traffic among NGINX - We have successfully tested the instructions on Ubuntu 16.04 LTS (Xenial Xerus) and CentOS 7, with `keepalived` installed from the respective OS vendor repositories. - Except as noted, perform all steps on both the primary and backup instance. - - The solution is not covered by your NGINX Plus support contract. - - Also the [active‑active HA solution]({{< ref "high-availability-network-load-balancer.md" >}}) mentioned above, NGINX offers a solution based on [AWS Lambda](https://aws.amazon.com/lambda/) which does not need installation of any extra software on the NGINX Plus instances. The [NGINX Professional Services](https://www.nginx.com/services/) team can deploy and configure the Lambda‑based solution for you and provide support. From 7982d8e81ec313b963609f258ed97a71c9722e89 Mon Sep 17 00:00:00 2001 From: MV <40579254+MV1205@users.noreply.github.com> Date: Mon, 5 May 2025 17:40:11 -0700 Subject: [PATCH 10/36] Update high-availability-keepalived.md Co-authored-by: Mike Jang <3287976+mjang@users.noreply.github.com> --- .../high-availability-keepalived.md | 15 --------------- 1 file changed, 15 deletions(-) diff --git a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md index c0449dac2..febaa3f15 100644 --- a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md +++ b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md @@ -48,35 +48,20 @@ The scripts in the HA solution use the AWS API to associate an Elastic IP addres ```json { - "Version": "2012-10-17", - "Statement": [ - { - "Effect": "Allow", - "Action": [ - "ec2:AssociateAddress", - "ec2:DescribeInstances", - "ec2:DescribeAddresses", - "ec2:DisassociateAddress" - ], - "Resource": "*" - } - ] - } - ``` Or, you can use the `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` environment variables to provide credentials to the HA scripts, as shown in [Step 5](#ha-aws_keepalived-configure). From 6abf14c570587ae2174aece01f870c73ef55f967 Mon Sep 17 00:00:00 2001 From: MV <40579254+MV1205@users.noreply.github.com> Date: Mon, 5 May 2025 17:40:23 -0700 Subject: [PATCH 11/36] Update high-availability-keepalived.md Co-authored-by: Mike Jang <3287976+mjang@users.noreply.github.com> --- .../amazon-web-services/high-availability-keepalived.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md index febaa3f15..3216ed6ec 100644 --- a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md +++ b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md @@ -64,7 +64,7 @@ The scripts in the HA solution use the AWS API to associate an Elastic IP addres } ``` - Or, you can use the `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` environment variables to provide credentials to the HA scripts, as shown in [Step 5](#ha-aws_keepalived-configure). + Alternatively, you can use the `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` environment variables to provide credentials to the HA scripts, as shown in [Step 5](#ha-aws_keepalived-configure). 2. Launch two instances and [install NGINX Plus]({{< ref "nginx/admin-guide/installing-nginx/installing-nginx-plus-amazon-web-services.md" >}}) on each. (As noted, we tested the instructions on Ubuntu 16.04 LTS and CentOS 7.) From 7af0825e7e664337289cc9b8911e6c216fee4127 Mon Sep 17 00:00:00 2001 From: MV <40579254+MV1205@users.noreply.github.com> Date: Mon, 5 May 2025 17:40:39 -0700 Subject: [PATCH 12/36] Update high-availability-keepalived.md Co-authored-by: Mike Jang <3287976+mjang@users.noreply.github.com> --- .../amazon-web-services/high-availability-keepalived.md | 1 - 1 file changed, 1 deletion(-) diff --git a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md index 3216ed6ec..d18b6a06f 100644 --- a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md +++ b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md @@ -71,7 +71,6 @@ The scripts in the HA solution use the AWS API to associate an Elastic IP addres 3. Attach this IAM role to the instance. - ## Step 2 – Allocate an Elastic IP address Allocate an Elastic IP address and remember its ID. For detailed instructions, see the [AWS documentation](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html#using-instance-addressing-eips-allocating). From f1c846eb7942bc81405f0b7cb1b4154eb0cad0d0 Mon Sep 17 00:00:00 2001 From: MV <40579254+MV1205@users.noreply.github.com> Date: Mon, 5 May 2025 17:40:46 -0700 Subject: [PATCH 13/36] Update high-availability-keepalived.md Co-authored-by: Mike Jang <3287976+mjang@users.noreply.github.com> --- .../amazon-web-services/high-availability-keepalived.md | 1 - 1 file changed, 1 deletion(-) diff --git a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md index d18b6a06f..4be453c27 100644 --- a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md +++ b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md @@ -76,7 +76,6 @@ The scripts in the HA solution use the AWS API to associate an Elastic IP addres Allocate an Elastic IP address and remember its ID. For detailed instructions, see the [AWS documentation](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html#using-instance-addressing-eips-allocating). - ## Step 3 – Install `keepalived`, `wget`, and the AWS CLI 1. Install two packages from your OS vendor’s repository: the keepalived and wget. The HA scripts will use these. From 321956eb867c7f050560cd7ccb4898058d5cf8c3 Mon Sep 17 00:00:00 2001 From: MV <40579254+MV1205@users.noreply.github.com> Date: Mon, 5 May 2025 17:41:06 -0700 Subject: [PATCH 14/36] Update high-availability-keepalived.md Co-authored-by: Mike Jang <3287976+mjang@users.noreply.github.com> --- .../amazon-web-services/high-availability-keepalived.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md index 4be453c27..50cbafed4 100644 --- a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md +++ b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md @@ -78,7 +78,7 @@ Allocate an Elastic IP address and remember its ID. For detailed instructions, s ## Step 3 – Install `keepalived`, `wget`, and the AWS CLI -1. Install two packages from your OS vendor’s repository: the keepalived and wget. The HA scripts will use these. +1. Install two packages from your OS vendor’s repository: keepalived and wget. The HA scripts will use these. - On Ubuntu systems: From ac6b51f2dbc4c9084f42d9f6cbc623fd2dba4bee Mon Sep 17 00:00:00 2001 From: MV <40579254+MV1205@users.noreply.github.com> Date: Mon, 5 May 2025 17:41:15 -0700 Subject: [PATCH 15/36] Update high-availability-keepalived.md Co-authored-by: Mike Jang <3287976+mjang@users.noreply.github.com> --- .../amazon-web-services/high-availability-keepalived.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md index 50cbafed4..ce4da9640 100644 --- a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md +++ b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md @@ -83,9 +83,7 @@ Allocate an Elastic IP address and remember its ID. For detailed instructions, s - On Ubuntu systems: ```shell - sudo apt-get install keepalived wget - ``` - On CentOS systems: From 6ee872a3a97f4e72096ef7936de3df15ddcd9106 Mon Sep 17 00:00:00 2001 From: MV <40579254+MV1205@users.noreply.github.com> Date: Mon, 5 May 2025 17:41:25 -0700 Subject: [PATCH 16/36] Update high-availability-keepalived.md Co-authored-by: Mike Jang <3287976+mjang@users.noreply.github.com> --- .../amazon-web-services/high-availability-keepalived.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md index ce4da9640..ce720c024 100644 --- a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md +++ b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md @@ -111,9 +111,7 @@ The NGINX Plus HA solution uses two scripts, which are invoked by `keepalived`: - On Ubuntu systems: ```shell - sudo mkdir -p /usr/lib/keepalived - ``` - On CentOS systems: From da850883bc5e14ed352806c0ac64fc3d7877fae1 Mon Sep 17 00:00:00 2001 From: MV <40579254+MV1205@users.noreply.github.com> Date: Mon, 5 May 2025 17:43:43 -0700 Subject: [PATCH 17/36] Update high-availability-keepalived.md Co-authored-by: Mike Jang <3287976+mjang@users.noreply.github.com> --- .../amazon-web-services/high-availability-keepalived.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md index ce720c024..cda8e9d03 100644 --- a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md +++ b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md @@ -117,9 +117,7 @@ The NGINX Plus HA solution uses two scripts, which are invoked by `keepalived`: - On CentOS systems: ```shell - sudo mkdir -p /usr/libexec/keepalived - ``` 2. Download the scripts from our [GitHub repository](https://github.com/nginxinc/aws-ha-elastic-ip) into the created directory. From 473a03b2215a7b844b4e129bb13dbf10518a43c5 Mon Sep 17 00:00:00 2001 From: MV <40579254+MV1205@users.noreply.github.com> Date: Mon, 5 May 2025 17:43:51 -0700 Subject: [PATCH 18/36] Update high-availability-keepalived.md Co-authored-by: Mike Jang <3287976+mjang@users.noreply.github.com> --- .../amazon-web-services/high-availability-keepalived.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md index cda8e9d03..4e6c43285 100644 --- a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md +++ b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md @@ -89,9 +89,7 @@ Allocate an Elastic IP address and remember its ID. For detailed instructions, s - On CentOS systems: ```shell - sudo yum install keepalived wget - ``` 2. Follow the instructions in the [AWS documentation](https://docs.aws.amazon.com/cli/latest/userguide/installing.html) to install the AWS CLI. From ade6f6d07b3203d98df9bea02a6ef949776d1482 Mon Sep 17 00:00:00 2001 From: MV <40579254+MV1205@users.noreply.github.com> Date: Mon, 5 May 2025 17:43:59 -0700 Subject: [PATCH 19/36] Update high-availability-keepalived.md Co-authored-by: Mike Jang <3287976+mjang@users.noreply.github.com> --- .../amazon-web-services/high-availability-keepalived.md | 1 - 1 file changed, 1 deletion(-) diff --git a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md index 4e6c43285..c1e505a27 100644 --- a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md +++ b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md @@ -121,7 +121,6 @@ The NGINX Plus HA solution uses two scripts, which are invoked by `keepalived`: 2. Download the scripts from our [GitHub repository](https://github.com/nginxinc/aws-ha-elastic-ip) into the created directory. - ## Step 5 – Configure `keepalived` and the HA Scripts There are two configuration files for the HA solution: From 42aeb88c931502c779a24aee0f5f1c864109230b Mon Sep 17 00:00:00 2001 From: MV <40579254+MV1205@users.noreply.github.com> Date: Mon, 5 May 2025 17:44:12 -0700 Subject: [PATCH 20/36] Update high-availability-keepalived.md Co-authored-by: Mike Jang <3287976+mjang@users.noreply.github.com> --- .../amazon-web-services/high-availability-keepalived.md | 1 - 1 file changed, 1 deletion(-) diff --git a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md index c1e505a27..309b33429 100644 --- a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md +++ b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md @@ -126,7 +126,6 @@ The NGINX Plus HA solution uses two scripts, which are invoked by `keepalived`: There are two configuration files for the HA solution: - keepalived.conf – The main configuration file for `keepalived`, slightly different for each NGINX Plus instance. - - nginx-ha-notify – The script you downloaded in [Step 4](#ha-aws_ha-scripts), with several user‑defined variables. From f42e56094cf5d64a1ac550f88da70a8eda6af46c Mon Sep 17 00:00:00 2001 From: MV <40579254+MV1205@users.noreply.github.com> Date: Mon, 5 May 2025 17:44:19 -0700 Subject: [PATCH 21/36] Update high-availability-keepalived.md Co-authored-by: Mike Jang <3287976+mjang@users.noreply.github.com> --- .../amazon-web-services/high-availability-keepalived.md | 1 - 1 file changed, 1 deletion(-) diff --git a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md index 309b33429..f34655145 100644 --- a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md +++ b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md @@ -129,7 +129,6 @@ There are two configuration files for the HA solution: - nginx-ha-notify – The script you downloaded in [Step 4](#ha-aws_ha-scripts), with several user‑defined variables. - ### Creating keepalived.conf In the /etc/keepalived folder create a file named keepalived.conf with the following content. From 17d7e3ec7b22f9c688ff32c616692076f1a2f4bf Mon Sep 17 00:00:00 2001 From: MV <40579254+MV1205@users.noreply.github.com> Date: Mon, 5 May 2025 17:44:38 -0700 Subject: [PATCH 22/36] Update high-availability-keepalived.md Co-authored-by: Mike Jang <3287976+mjang@users.noreply.github.com> --- .../amazon-web-services/high-availability-keepalived.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md index f34655145..58d42ab6e 100644 --- a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md +++ b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md @@ -131,7 +131,7 @@ There are two configuration files for the HA solution: ### Creating keepalived.conf -In the /etc/keepalived folder create a file named keepalived.conf with the following content. +In the **/etc/keepalived** folder create a file named **keepalived.conf** with the following content. ```nginx From d2723f5dcbe03131daeb72b4e4b9cb908a794d2a Mon Sep 17 00:00:00 2001 From: MV <40579254+MV1205@users.noreply.github.com> Date: Mon, 5 May 2025 17:44:49 -0700 Subject: [PATCH 23/36] Update high-availability-keepalived.md Co-authored-by: Mike Jang <3287976+mjang@users.noreply.github.com> --- .../amazon-web-services/high-availability-keepalived.md | 1 - 1 file changed, 1 deletion(-) diff --git a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md index 58d42ab6e..09b0065d3 100644 --- a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md +++ b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md @@ -202,7 +202,6 @@ You must change values for the following configuration keywords. As you do so, r - `notify` – The script that is invoked during a state transition. - On Ubuntu systems, /usr/lib/keepalived/nginx-ha-notify - - On CentOS systems, /usr/libexec/keepalived/nginx-ha-notify From 4cec26dedd86163e08ad0c2a14629b6e86d586a4 Mon Sep 17 00:00:00 2001 From: MV <40579254+MV1205@users.noreply.github.com> Date: Mon, 5 May 2025 17:45:02 -0700 Subject: [PATCH 24/36] Update high-availability-keepalived.md Co-authored-by: Mike Jang <3287976+mjang@users.noreply.github.com> --- .../amazon-web-services/high-availability-keepalived.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md index 09b0065d3..31c0ba73a 100644 --- a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md +++ b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md @@ -208,7 +208,7 @@ You must change values for the following configuration keywords. As you do so, r ### Creating nginx-ha-notify -Change the user‑defined variables section of the nginx-ha-notify script, replacing each `` placeholder with the value specified in the list below: +Modify the user‑defined variables section of the nginx-ha-notify script, replacing each `` placeholder with the value specified in the list below: ```none From 8e4ec7a29a493d598ea6319ede7b120db8117ae3 Mon Sep 17 00:00:00 2001 From: MV <40579254+MV1205@users.noreply.github.com> Date: Mon, 5 May 2025 17:45:18 -0700 Subject: [PATCH 25/36] Update high-availability-keepalived.md Co-authored-by: Mike Jang <3287976+mjang@users.noreply.github.com> --- .../amazon-web-services/high-availability-keepalived.md | 9 --------- 1 file changed, 9 deletions(-) diff --git a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md index 31c0ba73a..6e31846bd 100644 --- a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md +++ b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md @@ -211,21 +211,12 @@ You must change values for the following configuration keywords. As you do so, r Modify the user‑defined variables section of the nginx-ha-notify script, replacing each `` placeholder with the value specified in the list below: ```none - export AWS_ACCESS_KEY_ID= - export AWS_SECRET_ACCESS_KEY= - export AWS_DEFAULT_REGION= - HA_NODE_1= - HA_NODE_2= - ALLOCATION_ID= - -``` - - `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` – The credentials for accessing the AWS API. Set them only when an IAM instance profile isn’t used. Otherwise, delete the corresponding two lines. - `AWS_DEFAULT_REGION` – The AWS region of your deployment. From 8b4414a9f8af193adfa89668b093935008c39dc5 Mon Sep 17 00:00:00 2001 From: MV <40579254+MV1205@users.noreply.github.com> Date: Mon, 5 May 2025 17:45:25 -0700 Subject: [PATCH 26/36] Update high-availability-keepalived.md Co-authored-by: Mike Jang <3287976+mjang@users.noreply.github.com> --- .../amazon-web-services/high-availability-keepalived.md | 1 - 1 file changed, 1 deletion(-) diff --git a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md index 6e31846bd..3ca47c3b8 100644 --- a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md +++ b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md @@ -218,7 +218,6 @@ HA_NODE_1= HA_NODE_2= ALLOCATION_ID= - `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` – The credentials for accessing the AWS API. Set them only when an IAM instance profile isn’t used. Otherwise, delete the corresponding two lines. - - `AWS_DEFAULT_REGION` – The AWS region of your deployment. - `HA_NODE_1` and `HA_NODE_2` – The internal or private DNS names of the two NGINX Plus instances. From 3658240edbc02a77b7f388c812b035fa023ecead Mon Sep 17 00:00:00 2001 From: MV <40579254+MV1205@users.noreply.github.com> Date: Mon, 5 May 2025 17:45:37 -0700 Subject: [PATCH 27/36] Update high-availability-keepalived.md Co-authored-by: Mike Jang <3287976+mjang@users.noreply.github.com> --- .../amazon-web-services/high-availability-keepalived.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md index 3ca47c3b8..23500e5b7 100644 --- a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md +++ b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md @@ -219,9 +219,7 @@ HA_NODE_2= ALLOCATION_ID= - `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` – The credentials for accessing the AWS API. Set them only when an IAM instance profile isn’t used. Otherwise, delete the corresponding two lines. - `AWS_DEFAULT_REGION` – The AWS region of your deployment. - - `HA_NODE_1` and `HA_NODE_2` – The internal or private DNS names of the two NGINX Plus instances. - - `ALLOCATION_ID` – The ID of the allocated Elastic IP address. From cd0c5640980ecd58a1aeb20fda66f734f37d15c4 Mon Sep 17 00:00:00 2001 From: MV <40579254+MV1205@users.noreply.github.com> Date: Mon, 5 May 2025 17:45:55 -0700 Subject: [PATCH 28/36] Update high-availability-keepalived.md Co-authored-by: Mike Jang <3287976+mjang@users.noreply.github.com> --- .../amazon-web-services/high-availability-keepalived.md | 1 - 1 file changed, 1 deletion(-) diff --git a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md index 23500e5b7..c0652a095 100644 --- a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md +++ b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md @@ -223,7 +223,6 @@ ALLOCATION_ID= - `ALLOCATION_ID` – The ID of the allocated Elastic IP address. - ## Testing Run this command on both instances to start the `keepalived` daemon: From 09f39932b756e2a27f20d3c524b6133892af6df5 Mon Sep 17 00:00:00 2001 From: MV <40579254+MV1205@users.noreply.github.com> Date: Mon, 5 May 2025 17:46:04 -0700 Subject: [PATCH 29/36] Update high-availability-keepalived.md Co-authored-by: Mike Jang <3287976+mjang@users.noreply.github.com> --- .../amazon-web-services/high-availability-keepalived.md | 4 ---- 1 file changed, 4 deletions(-) diff --git a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md index c0652a095..a254c8888 100644 --- a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md +++ b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md @@ -228,11 +228,7 @@ ALLOCATION_ID= Run this command on both instances to start the `keepalived` daemon: ```shell - sudo service keepalived start - -``` - The instance with the higher priority becomes the primary. As a result, the Elastic IP address becomes associated with the primary instance, as confirmed on the AWS Console. To check the instance state, run: From 5c1083046a2a95f37e06f8fe1e542c2adfc3edf1 Mon Sep 17 00:00:00 2001 From: MV <40579254+MV1205@users.noreply.github.com> Date: Mon, 5 May 2025 17:46:12 -0700 Subject: [PATCH 30/36] Update high-availability-keepalived.md Co-authored-by: Mike Jang <3287976+mjang@users.noreply.github.com> --- .../amazon-web-services/high-availability-keepalived.md | 4 ---- 1 file changed, 4 deletions(-) diff --git a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md index a254c8888..85d59f804 100644 --- a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md +++ b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md @@ -234,11 +234,7 @@ The instance with the higher priority becomes the primary. As a result, the Elas To check the instance state, run: ```shell - cat /var/run/nginx-ha-keepalived.state - -``` - The command outputs `STATE=MASTER` on the primary instance and `STATE=BACKUP` otherwise. You can simulate the failure of the primary by stopping the `keepalived` daemon: From 0b021f99ef829a6ce83df62db40b69e94904bbb4 Mon Sep 17 00:00:00 2001 From: MV <40579254+MV1205@users.noreply.github.com> Date: Mon, 5 May 2025 17:46:21 -0700 Subject: [PATCH 31/36] Update high-availability-keepalived.md Co-authored-by: Mike Jang <3287976+mjang@users.noreply.github.com> --- .../amazon-web-services/high-availability-keepalived.md | 3 --- 1 file changed, 3 deletions(-) diff --git a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md index 85d59f804..7146d0d52 100644 --- a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md +++ b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md @@ -240,11 +240,8 @@ The command outputs `STATE=MASTER` on the primary instance and `STATE=BACKUP` ot You can simulate the failure of the primary by stopping the `keepalived` daemon: ```shell - sudo service keepalived stop -``` - Check the state on the backup instance, confirming that it has transitioned to `MASTER`. In the AWS Console, the Elastic IP address is now associated with the new primary instance. From 818507d46d587450448e7a5d09c76fa9de9984ae Mon Sep 17 00:00:00 2001 From: MV <40579254+MV1205@users.noreply.github.com> Date: Mon, 5 May 2025 17:46:27 -0700 Subject: [PATCH 32/36] Update high-availability-keepalived.md Co-authored-by: Mike Jang <3287976+mjang@users.noreply.github.com> --- .../amazon-web-services/high-availability-keepalived.md | 1 - 1 file changed, 1 deletion(-) diff --git a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md index 7146d0d52..b83baca61 100644 --- a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md +++ b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md @@ -245,7 +245,6 @@ sudo service keepalived stop Check the state on the backup instance, confirming that it has transitioned to `MASTER`. In the AWS Console, the Elastic IP address is now associated with the new primary instance. - ## Troubleshooting If the solution doesn’t work as expected, check the `keepalived` logs, which are written to /var/log/syslog. Also, you can manually run the commands that invoke the `awscli` utility in the nginx-ha-notify script to check that the utility is working properly. From 0b17a54f991512bea9902808efc52ac36b6555d5 Mon Sep 17 00:00:00 2001 From: MV <40579254+MV1205@users.noreply.github.com> Date: Mon, 5 May 2025 17:46:35 -0700 Subject: [PATCH 33/36] Update high-availability-keepalived.md Co-authored-by: Mike Jang <3287976+mjang@users.noreply.github.com> --- .../amazon-web-services/high-availability-keepalived.md | 1 - 1 file changed, 1 deletion(-) diff --git a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md index b83baca61..a372d4b43 100644 --- a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md +++ b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md @@ -250,7 +250,6 @@ Check the state on the backup instance, confirming that it has transitioned to ` If the solution doesn’t work as expected, check the `keepalived` logs, which are written to /var/log/syslog. Also, you can manually run the commands that invoke the `awscli` utility in the nginx-ha-notify script to check that the utility is working properly. - ## Caveats - In most of our tests it took five to six seconds for the Elastic IP address to be reassigned. From c24b7d050107fdd3eb278eb2d627de214de2f443 Mon Sep 17 00:00:00 2001 From: MV <40579254+MV1205@users.noreply.github.com> Date: Mon, 5 May 2025 17:46:42 -0700 Subject: [PATCH 34/36] Update high-availability-keepalived.md Co-authored-by: Mike Jang <3287976+mjang@users.noreply.github.com> --- .../amazon-web-services/high-availability-keepalived.md | 1 - 1 file changed, 1 deletion(-) diff --git a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md index a372d4b43..e974acf67 100644 --- a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md +++ b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md @@ -253,7 +253,6 @@ If the solution doesn’t work as expected, check the `keepalived` logs, which a ## Caveats - In most of our tests it took five to six seconds for the Elastic IP address to be reassigned. - - Elastic IP address reassignment is not free; see [Amazon EC2 Pricing](https://aws.amazon.com/ec2/pricing/). - AWS API issues may prevent the Elastic IP from associating with the primary instance during flip-flopping or split-brain scenarios (though we couldn’t reproduce these in testing). If this happens, restart ‘keepalived’ on both instances.​​​​​​​​​​​​​​​​ From 73890a38ab57826e0fdcaf87a34c1f42d3753001 Mon Sep 17 00:00:00 2001 From: MV <40579254+MV1205@users.noreply.github.com> Date: Mon, 5 May 2025 17:46:51 -0700 Subject: [PATCH 35/36] Update high-availability-keepalived.md Co-authored-by: Mike Jang <3287976+mjang@users.noreply.github.com> --- .../amazon-web-services/high-availability-keepalived.md | 1 - 1 file changed, 1 deletion(-) diff --git a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md index e974acf67..72e499d5a 100644 --- a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md +++ b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md @@ -254,7 +254,6 @@ If the solution doesn’t work as expected, check the `keepalived` logs, which a - In most of our tests it took five to six seconds for the Elastic IP address to be reassigned. - Elastic IP address reassignment is not free; see [Amazon EC2 Pricing](https://aws.amazon.com/ec2/pricing/). - - AWS API issues may prevent the Elastic IP from associating with the primary instance during flip-flopping or split-brain scenarios (though we couldn’t reproduce these in testing). If this happens, restart ‘keepalived’ on both instances.​​​​​​​​​​​​​​​​ From 74ab20f4c70564c3358cb8d7b3f60ebe6160ddda Mon Sep 17 00:00:00 2001 From: MV <40579254+MV1205@users.noreply.github.com> Date: Mon, 5 May 2025 17:47:00 -0700 Subject: [PATCH 36/36] Update high-availability-keepalived.md Co-authored-by: Mike Jang <3287976+mjang@users.noreply.github.com> --- .../amazon-web-services/high-availability-keepalived.md | 1 - 1 file changed, 1 deletion(-) diff --git a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md index 72e499d5a..9ceed8eb5 100644 --- a/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md +++ b/content/nginx/deployment-guides/amazon-web-services/high-availability-keepalived.md @@ -257,7 +257,6 @@ If the solution doesn’t work as expected, check the `keepalived` logs, which a - AWS API issues may prevent the Elastic IP from associating with the primary instance during flip-flopping or split-brain scenarios (though we couldn’t reproduce these in testing). If this happens, restart ‘keepalived’ on both instances.​​​​​​​​​​​​​​​​ - ## Resources [Download the HA solution from the NGINX GitHub repository](https://github.com/nginxinc/aws-ha-elastic-ip).