Load balancers

You can use load balancers in high-availability scenarios to manage the distribution of requests in Access Gateway. Use Access Gateway as the load balancer to distribute requests across multiple Access Gateway instances. You can use either Access Gateway or third-party products as the load balancer to distribute requests to multiple instances of a back-end protected web resource.

  • Any load balancer that you use with Access Gateway must support session affinity. Access Gateway uses sticky sessions, or persistence, to route second and subsequent requests to the same replicated back-end protected web resource.
  • The preferred configuration strategy for an Access Gateway load balancer is round-robin or weighted round-robin.
  • The Access Gateway admin node is typically not included as part of the worker pool when you configure load balancing.

See Reference architectures for more examples of architectures that include load balancers.

Typical Access Gateway Load Balancer Architecture

Check the status of cluster members

Load balancers can determine whether Access Gateway cluster members are up using the /status REST endpoint.

This check only determines whether the worker node NGINX service is up. It doesn’t determine whether downstream resources are up and available.

Run this command to check the status of cluster members:

curl -X GET -v -k https://{node.ip}/status -H 'Host:{gw.yourhost.tld}'

See Status monitoring.

Upgrade a high-availability cluster with load balancing

  1. Back up the Access Gateway configuration. See Backup and restore operations.
  2. Use Secure Shell (ssh oag-mgmt@gw.gateway.tld) to access the Access Gateway Management console.
  3. Upgrade the Access Gateway appliance. See Upgrade Access Gateway .
  4. Take each worker node out of the load balancer rotation.
  5. Update each worker node.
  6. Return the worker node to the load balancer rotation.