Question
Is it possible to use private ip address instead of domain for nginx load balancer setup?
- Posted on June 17, 2018
- NginxLoad BalancingUbuntu 16.04
Asked by mefav
Hi, I try to create one nginx load balancer and 1 apache php backend server by refer to nginx load balancing.
I want to limit all public access to the backend server. Only load balancer can accept public access (like http or https). Then I want my load balancer pass the query to the backend server via private network.
So I setup both servers with private network. I successfully query the nginx welcome page from load balancer. I also successfully get the apache welcome page from backend before I restrict public access with digitalocean firewall.
Then I setup the upstream directive for nginx like what it showed from the article except I use the backend server’s Private IP instead of a domain name in config file like:
upstream backend{ server 10.130.20.01; <== in the article this is backend1.example.com } server { … location / { proxy_pass http://backend; } }
At this time I assume I should see the apache page when I visit the load balancer public IP but it did not show up. I wonder if this is because of the backend private IP which I place in the nginx config file? Is it possible to use ip instead of domain to setup nginx load balancer? Thanks
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Want to learn more? Join the DigitalOcean Community!
Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.
I disabled ufw completely and use only iptables. well, since the last time I posted this question, I have rebuild another pair of servers, A and B, with private network setup this time and still, I have problem ssh from A to B with private ip. Here is the post with more detail of my iptables setting.
https://www.digitalocean.com/community/questions/iptables-ssh-not-working
Later I realized none of the arp entry is related to private network interface. I added arp entry for private network interface for both server, A and B. It does not work .
Yes you should be able to use the Private IP address to communicate between droplets as this is the intended purpose and providing they reside in the same datacenter.
You may need to ensure that the firewall does not block the Private IP address as well or if you have something like UFW running to ensure you correctly set the rules.