Setup NGINX as Proxy Forward and Load Balancer

You can use NGINX to proxy all requests for port 80 to 8080 or setup a Load Balancer across multiple EnterMediaDB instances. In CentOS 7, install NGINX from Entermedia's public Github repository. This version will have an NGINX module that adds a sticky cookie to always forward to the same upstream server:

 

1. Enable the EnterMedia RPM repository

2. Install our custom NGINX build that includes a sticky load balancing code snippet that can be found here.

$ sudo yum clean all
$ sudo yum -y remove nginx
$ sudo yum -y install nginx-1.10.0-1.el7.centos.ngx
$ sudo systemctl enable nginx

3. Now, create a configuration file:

$ sudo vi /etc/nginx/conf.d/entermedia.conf

4. Put this content in the file replacing your own config:

server {
  listen        80;
  server_name   *.domain.com domain.com;
  location / {
                    proxy_max_temp_file_size 2048m;
                    proxy_read_timeout 1200s;
                    proxy_send_timeout 1200s;
                    proxy_connect_timeout 1200s;
                    client_max_body_size 100G;
                    proxy_set_header Upgrade $http_upgrade;
                    proxy_set_header Connection "upgrade";
                    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                    proxy_set_header Host $http_host;
                    proxy_pass http://cluster_nodes;
  }
}

upstream cluster_nodes {
  sticky;
  server 172.18.0.100:8080;
  server 10.0.0.2:8080;
}

5. Delete any default NGINX configuration files:

$ sudo rm /etc/nginx/conf.d/default.conf

6. Reload NGINX:

$ sudo nginx -s reload

Test it:

$ curl http://xyz.domain.com/

7. Block access to port 8080 for external clients:

$ sudo /sbin/iptables -A INPUT -p tcp -i eth0 --dport 8080 -j REJECT --reject-with tcp-reset

8. Make sure NGINX autostarts on server reboot:

$ chkconfig nginx on

9. On RHEL or CentOS systems with SELinux activated, you need to edit permissions to allow HTTPD scripts to access the network:

$ sudo setsebool -P httpd_can_network_connect 1