nginx study (three, keepalived availability)

Introduction

keepalived program is based on high availability VRRP protocol implemented, the VRRP (Virtual Router Redundancy Protocol) or virtual routing redundancy protocol, the same router multiple functions make up a routing group, in the group there will be a master and multiple backup Foreign seems as if a virtual router has a virtual IP (VIP), possession of master response and the IP forwarding IP packets. master will send packets to other routers backup, if backup is not received within the timeout data packets is considered master is down, as a master on a backup to ensure high availability by routing priority elected.

Installation and deployment

Installation Environment

yum install -y gcc

yum install -y openssl openssl-devel

yum install -y libnl libnl-devel

yum install -y libnfnetlink-devel

Decompression keepalived

tar -zxvf keepalived-2.0.20.tar.gz

Check the installation environment and specify the installation path

cd  keepalived-2.0.20

./configure --prefix=/usr/local/keepalived

Compile

make && make install

boot

Because the default is not installed, the need to move files themselves

mkdir /etc/keepalived

cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/

cp /usr/local/keepalived-2.0.20/keepalived/etc/init.d/keepalived /etc/rc.d/init.d/keepalived

cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/keepalived

Start Service

systemctl start keepalived

View Log

Start here may be error, because the configuration file in question, you can view the log in / var / log / message inside

Set boot

systemctl enable keepalived

Cancellation boot

systemctl disable keepalived

Profiles

/etc/keepalived/keepalived.conf

! The Configuration File for keepalived 

# Global configuration deleted mailbox portion being less than 
global_defs {
    # load balancing uniquely identifies, in fact, a logo, here I use the IP 
   router_id 10.32 . 16.195 
   # health checks user group 
   script_user root
    # think script to perform a health check, you must add this configuration, otherwise no authority 
   enable_script_security
    # default is not to skip the check. All addresses in the received VRRP advertisement inspection may be time consuming, this command setting means, if the received advertisement on a router advertisement from the same master, no check is performed (skip the check). 
   Vrrp_skip_check_adv_addr # 
   # strict compliance with VRRP protocol. The following conditions will prevent the start Keepalived:. 1 no VIP address. 2. Unicast neighbors. 3. There IPv6 address in VRRP version 2. 
   Vrrp_strict # 
} 

# VRRP configuration 
# 1.vrrp_script timing of execution of the script 
vrrp_script nginx_check {
    # Execute script path 
    Script " /etc/keepalived/nginx_check.sh " 
    # default execution interval between lS 
    interval The . 1 
    # timeout time to failure 
    timeout 10 
    # priority (-254 ~ 254) Default 2 
    weight - 20 is 
} 

# 2.vrrp_instance node information 
vrrp_instance VI_1 {
     # specified node status premises MASTER | the bACKUP 
    state MASTER
     # card information see ip address card information 
    interface ens33
     # let the master and backup in the same virtual routing, id must be the same 
    virtual_router_id 51 
    # priority is higher or who will become Master 
    priority 100 
    #Set up not to seize. The default is preempted, when the high-priority machine back, will preempt the machine becomes MASTER, rather than seize, it allows low-priority machines continue to be MASTER, even if the machine has high priority on the line. To use this feature, you must initialize the state is BACKUP. 
    # Nopreempt 
    # specified time transmission vrrp advertisement interval lS 
    advert_int . 1 
    authentication { 
        # authentication the PASS (simple password authentication, recommended) | AH (IPSEC authentication is not recommended) 
        AUTH_TYPE the PASS
         # password up to 8 
        AUTH_PASS 1111 
    } 
    # specified VIP address, VIP addresses may be a plurality of virtual 
    virtual_ipaddress {
         10.32 . 16.200 
    } 
    track_script { 
        nginx_check 
    } 
} 

# original configuration and there virtual_server like, generally used in the LVS large, not described here

/etc/keepalived/check_nginx.sh (here the file permissions to 755, do not know why 777 error)

#!/bin/bash
run=`ps -C nginx --no-header | wc -l`
if [ $run -eq 0 ]
then
/usr/local/nginx/sbin/nginx -s stop
/usr/local/nginx/sbin/nginx
sleep 3
if [ `ps -C nginx --no-header | wc -l` ]
then
killall keepalived
fi
fi

Cluster configuration

The 195 node as master, node 196 is defined as a backup

Start two servers keepalived, see also followed nginx started in nginx80 adjust the page to be marked for testing.

 

 

 

 And we passed a VIP keepalived virtual address is 10.32.16.200, we visit the VIP address

 

 We see that this can be accessed by visiting our virtual IP to nginx 196, so that the cluster is established success.

Here you can put 195 keepalived close look at the results:

systemctl stop keepalived

 

 Visible After 196 service hang up, switch to the 195, thus achieving high availability nginx.