The ngx_stream_upstream_hc_module
module (1.9.0) allows enabling periodic health checks of the servers in a group. The server group must reside in the shared memory.
If a health check fails, the server will be considered unhealthy. If several health checks are defined for the same group of servers, a single failure of any check will make the corresponding server be considered unhealthy. Client connections are not passed to unhealthy servers and servers in the “checking” state.
This module is available as part of our commercial subscription.
upstream tcp { zone upstream_tcp 64k; server backend1.example.com:12345 weight=5; server backend2.example.com:12345 fail_timeout=5s slow_start=30s; server 192.0.2.1:12345 max_fails=3; server backup1.example.com:12345 backup; server backup2.example.com:12345 backup; } server { listen 12346; proxy_pass tcp; health_check; }
With this configuration, nginx will check the ability to establish a TCP connection to each server in the tcp
group every five seconds. When a connection to the server cannot be established, the health check will fail, and the server will be considered unhealthy.
Health checks can be configured for the UDP protocol:
upstream dns_upstream { zone dns_zone 64k; server dns1.example.com:53; server dns2.example.com:53; server dns3.example.com:53; } server { listen 53 udp; proxy_pass dns_upstream; health_check udp; }
In this case, the absence of ICMP “Destination Unreachable
” message is expected in reply to the sent string “nginx health check
”.
Health checks can also be configured to test data obtained from the server. Tests are configured separately using the match directive and referenced in the match
parameter of the health_check directive.
Syntax: | health_check [parameters]; |
---|---|
Default: | — |
Context: | server |
Enables periodic health checks of the servers in a group.
The following optional parameters are supported:
interval
=time
jitter
=time
fails
=number
passes
=number
mandatory
match
=name
match
block configuring the tests that a successful connection should pass in order for a health check to pass. By default, for TCP, only the ability to establish a TCP connection with the server is checked. For UDP, the absence of ICMP “Destination Unreachable
” message is expected in reply to the sent string “nginx health check
”. Prior to version 1.11.7, by default, UDP health check required a match block with the send and expect parameters.
port
=number
udp
UDP
protocol should be used for health checks instead of the default TCP
protocol (1.9.13). Syntax: | health_check_timeout timeout; |
---|---|
Default: | health_check_timeout 5s; |
Context: | stream , server |
Overrides the proxy_timeout value for health checks.
Syntax: | match name { ... } |
---|---|
Default: | — |
Context: | stream |
Defines the named test set used to verify server responses to health checks.
The following parameters can be configured:
send
string
; string
to the server; expect
string
| ~
regex
; ~*
” modifier (for case-insensitive matching), or the “~
” modifier (for case-sensitive matching). Both send
and expect
parameters can contain hexadecimal literals with the prefix “\x
” followed by two hex digits, for example, “\x80
” (1.9.12).
Health check is passed if:
string
from the send
parameter, if specified, was sent; expect
parameter, if specified; Example:
upstream backend { zone upstream_backend 10m; server 127.0.0.1:12345; } match http { send "GET / HTTP/1.0\r\nHost: localhost\r\n\r\n"; expect ~ "200 OK"; } server { listen 12346; proxy_pass backend; health_check match=http; }
Only the first proxy_buffer_size bytes of data obtained from the server are examined.
© 2002-2019 Igor Sysoev
© 2011-2019 Nginx, Inc.
Licensed under the BSD License.
https://nginx.org/en/docs/stream/ngx_stream_upstream_hc_module.html