Nginx+keepalived realizes high availability of dual-machine hot standby

This article briefly introduces the use of keepalived software to achieve high availability of nginx servers, that is, automatic failover. Assuming you have installed nginx , the following describes the installation and use of keepalived.

keepalived installation

1. yum install openssl-devel
2. cd /tmp
3. wget http://www.keepalived.org/software/keepalived-1.2.2.tar.gz
4. tar xzf keepalived-1.2.2.tar.gz
5. cd keepalived-1.2.2
6. ./configure
7. make && make install
8. cp /usr/local/etc/rc.d/init.d/keepalived /etc/init.d/
9. cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/
10. chmod +x /etc/init.d/keepalived
11. chkconfig --add keepalived
12. chkconfig keepalived on
13. mkdir /etc/keepalived
14. ln -s /usr/local/sbin/keepalived /usr/sbin/

keepalived configuration

A more detailed description of the keepalived configuration file can be viewed by executing man keepalived.conf.
We assume that the master server IP: 192.168.1.103, the slave server ip: 192.168.1.101 virtual ip: 192.168.1.110
configure the keepalived of the master server:

1. vi /etc/keepalived/keepalived.conf

1. global_defs {
2.    notification_email {
3.      [email protected]
4.    }
5.    notification_email_from [email protected]
6.    smtp_server 127.0.0.1
7.    smtp_connect_timeout 30
8.    router_id LVS_DEVEL
9. }
10. vrrp_script chk_http_port {
11.                 script "/opt/nginx_pid.sh"
12.                 interval 2
13.                 weight 2
14. }
15. vrrp_instance VI_1 {
16.     state MASTER ############ Auxiliary machine is BACKUP
17.     interface eth0
18.     virtual_router_id 51
19.     mcast_src_ip 192.168.1.103
20.     priority 102 ########### weight is higher than back
21.     advert_int 1
22.     authentication {
23.         auth_type PASS
24.         auth_pass 1111
25.     }
26. track_script { 
27.         chk_http_port ### Perform monitoring service 
28.         }
29.     virtual_ipaddress {
30.        192.168.1.110
31.     }
32. }

From server:

1. global_defs {
2.    notification_email {
3.      [email protected]
4.    }
5.    notification_email_from [email protected]
6.    smtp_server 127.0.0.1
7.    smtp_connect_timeout 30
8.    router_id LVS_DEVEL
9. }
10. vrrp_script chk_http_port {
11.                 script "/opt/nginx_pid.sh"
12.                 interval 2
13.                 weight 2
14. }
15. vrrp_instance VI_1 {
16.     state BACKUP
17.     interface eth0
18.     virtual_router_id 51
19.     mcast_src_ip 192.168.1.101
20.     priority 101 ########## weight is lower than master. .
21.     advert_int 1
22.     authentication {
23.         auth_type PASS
24.         auth_pass 1111
25.     }
26. track_script { 
27.         chk_http_port ### Perform monitoring service 
28.         }
29.     virtual_ipaddress {
30.        192.168.1.110
31.     }
32. }

Then create nginx monitoring scripts on the master and slave servers respectively:

1. vi /opt/nginx_pid.sh

1. #!/bin/bash
2. A=`ps -C nginx --no-header |wc -l`               
3. if [ $A -eq 0 ];then                                       
4.                 /usr/local/nginx/sbin/nginx
5.                 sleep 3
6.                 if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then
7.                        killall keepalived
8.                 be
9. be

Then start the keepalived of the master and slave servers respectively:

1. service keepalived start

keepalived test

We execute the command ip a on the master server, which is displayed as follows:

1. 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000
2.     link / ether 00: 0c: 29: aa: a1: e4 brd ff: ff: ff: ff: ff: ff
3.     inet 192.168.1.103/24 brd 255.255.255.255 scope global eth0
4.     inet 192.168.1.110/32 scope global eth0

Prove that the master server has bound the virtual ip 192.168.1.110
and execute the command ip a on the slave server, as shown below:

1. 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000
2.     link / ether 00: 0c: 29: 2b: 94: 3b brd ff: ff: ff: ff: ff: ff
3.     inet 192.168.1.101/24 brd 255.255.255.255 scope global eth0

The display shows that there is no vip 192.168.1.110 bound to the slave server, only the real ip192.168.1.101 of the local machine.
Next, we stop the nginx process of the master server, and then look at the ip binding situation:
the situation of the master server:

1. 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000
2.     link / ether 00: 0c: 29: aa: a1: e4 brd ff: ff: ff: ff: ff: ff
3.     inet 192.168.1.103/24 brd 255.255.255.255 scope global eth0

Slave server situation:

1. 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000
2.     link / ether 00: 0c: 29: 2b: 94: 3b brd ff: ff: ff: ff: ff: ff
3.     inet 192.168.1.101/24 brd 255.255.255.255 scope global eth0
4.     inet 192.168.1.110/32 scope global eth0

It can be seen that vip has pointed to the slave server.
Reference: http://www.keepalived.org/pdf/UserGuide.pdf