Stop Double Monitoring: NGINX Plus API Helping BIG-IP
How do you prevent double monitoring when a Load Balancer load balances a Load Balancer? Using the NGINX Plus API we can leverage a BIG-IP to monitor the state of your applications and avoid monitoring your applications twice!
The Double Monitoring Problem
You decide on an architecture of having a BIG-IP load balance your NGINX Plus load balancer.
In this topology how does the BIG-IP know whether an application that is running behind NGINX Plus is “healthy”?
One solution is to configure both NGINX Plus and BIG-IP to monitor the health of the application. This leads into log entries on your backend server that look like the following:
… …17:13:46 …] "GET / HTTP/1.0" 200 139 "-" "nginx/1.17.3 (health check)" … …17:13:47 …] "GET / HTTP/1.0" 200 139 "-" "Custom BIG-IP Monitor”
In this example you can see the application is being polled twice, once by the BIG-IP and once by NGINX Plus.
NGINX Plus API
NGINX Plus has an API that can return the status of its upstreams (equivalent to a BIG-IP pool). An example of the output
Using this API we can configure the BIG-IP to monitor the NGINX Plus API instead of the backend application (and avoid double monitoring).
BIG-IP Monitoring NGINX Plus
The configuration for the BIG-IP is straightforward, create a monitor that queries the NGINX API.
In this Local Traffic Manager (LTM) example we are querying the “app001” upstream and looking for the string “state”:”up” that indicates at least one server is available.
This can also apply to DNS as well.
No more double monitoring
This is an example of how to use BIG-IP and NGINX Plus together.
Additional considerations that you should think about is how to secure access to the NGINX Plus API (IP restriction, Basic Auth, etc…).
Ideally you should automate/template the configuration of both devices to avoid double configuration; a topic for another article.