This article briefly introduces the use of keepalived software to achieve high availability of nginx servers, that is, automatic failover. Assuming you have installed nginx , the following describes the installation and use of keepalived.
keepalived installation
- yum install openssl-devel
- cd /tmp
- wget http://www.keepalived.org/software/keepalived-1.2.2.tar.gz
- tar xzf keepalived-1.2.2.tar.gz
- cd keepalived-1.2.2
- ./configure
- make && make install
- cp /usr/local/etc/rc.d/init.d/keepalived /etc/init.d/
- cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/
- chmod +x /etc/init.d/keepalived
- chkconfig --add keepalived
- chkconfig keepalived on
- mkdir /etc/keepalived
- ln -s /usr/local/sbin/keepalived /usr/sbin/
keepalived configuration
A more detailed description of the keepalived configuration file can be viewed by executing man keepalived.conf.
We assume that the master server IP: 192.168.1.103, the slave server ip: 192.168.1.101 virtual ip: 192.168.1.110
configure the keepalived of the master server:
- vi /etc/keepalived/keepalived.conf
- global_defs {
- notification_email {
- [email protected]
- }
- notification_email_from [email protected]
- smtp_server 127.0.0.1
- smtp_connect_timeout 30
- router_id LVS_DEVEL
- }
- vrrp_script chk_http_port {
- script "/opt/nginx_pid.sh"
- interval 2
- weight 2
- }
- vrrp_instance VI_1 {
- state MASTER ############ Auxiliary machine is BACKUP
- interface eth0
- virtual_router_id 51
- mcast_src_ip 192.168.1.103
- priority 102 ########### weight is higher than back
- advert_int 1
- authentication {
- auth_type PASS
- auth_pass 1111
- }
- track_script {
- chk_http_port ### Perform monitoring service
- }
- virtual_ipaddress {
- 192.168.1.110
- }
- }
From server:
- global_defs {
- notification_email {
- [email protected]
- }
- notification_email_from [email protected]
- smtp_server 127.0.0.1
- smtp_connect_timeout 30
- router_id LVS_DEVEL
- }
- vrrp_script chk_http_port {
- script "/opt/nginx_pid.sh"
- interval 2
- weight 2
- }
- vrrp_instance VI_1 {
- state BACKUP
- interface eth0
- virtual_router_id 51
- mcast_src_ip 192.168.1.101
- priority 101 ########## weight is lower than master. .
- advert_int 1
- authentication {
- auth_type PASS
- auth_pass 1111
- }
- track_script {
- chk_http_port ### Perform monitoring service
- }
- virtual_ipaddress {
- 192.168.1.110
- }
- }
Then create nginx monitoring scripts on the master and slave servers respectively:
- vi /opt/nginx_pid.sh
- #!/bin/bash
- A=`ps -C nginx --no-header |wc -l`
- if [ $A -eq 0 ];then
- /usr/local/nginx/sbin/nginx
- sleep 3
- if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then
- killall keepalived
- be
- be
Then start the keepalived of the master and slave servers respectively:
- service keepalived start
keepalived test
We execute the command ip a on the master server, which is displayed as follows:
- 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000
- link / ether 00: 0c: 29: aa: a1: e4 brd ff: ff: ff: ff: ff: ff
- inet 192.168.1.103/24 brd 255.255.255.255 scope global eth0
- inet 192.168.1.110/32 scope global eth0
Prove that the master server has bound the virtual ip 192.168.1.110
and execute the command ip a on the slave server, as shown below:
- 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000
- link / ether 00: 0c: 29: 2b: 94: 3b brd ff: ff: ff: ff: ff: ff
- inet 192.168.1.101/24 brd 255.255.255.255 scope global eth0
The display shows that there is no vip 192.168.1.110 bound to the slave server, only the real ip192.168.1.101 of the local machine.
Next, we stop the nginx process of the master server, and then look at the ip binding situation:
the situation of the master server:
- 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000
- link / ether 00: 0c: 29: aa: a1: e4 brd ff: ff: ff: ff: ff: ff
- inet 192.168.1.103/24 brd 255.255.255.255 scope global eth0
Slave server situation:
- 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000
- link / ether 00: 0c: 29: 2b: 94: 3b brd ff: ff: ff: ff: ff: ff
- inet 192.168.1.101/24 brd 255.255.255.255 scope global eth0
- inet 192.168.1.110/32 scope global eth0
It can be seen that vip has pointed to the slave server.
Reference: http://www.keepalived.org/pdf/UserGuide.pdf