Alexsamad,
I might not have been clear, allow me to try again:
* currently 2 NGINX revproxy nodes, 1 active the other on standby in case node 1 fails.
* Since I am injecting an authentication header into the request, the HTTPS request has to be offloaded at the node and introduces additional load compared to injecting into non-encrypted requests.
* Current peak load ~60 concurrent requests, ~100% load on CPU. Concurrent requests expected to more than double, so revproxy will be bottleneck.
The NGINX revproxies run as a VM and I can ramp up the machine specs a little bit, but I do not expect this to completely solve the issue here.
Therefore I am looking for some method of spreading the requests over multiple backend revproxies, without the load balancer frontend having to deal with SSL offloading.
From the KEMP LoadMaster documentation I found that this technique is called SSL Passthrough. I am currently looking if that is also supported by NGINX.
What do you think? Will this solve my issue? Am I on the wrong track?