Shulou(Shulou.com)05/31 Report--

Today, I would like to share with you how to achieve high availability of Keepalived+Nginx related knowledge points, detailed content, clear logic, I believe that most people still know too much about this knowledge, so share this article for your reference, I hope you can learn something after reading this article, let's take a look at it.

1. Programme planning

Vipip Hostname nginx Port 192.168.1.210192.168.1.201nginx-0180192.168.1.210192.168.1.202nginx-0280

The vip of the two servers is 192.168.1.210

Install nginx and keepalived on two web servers:

1. To install nginx, please refer to "nginx source code installation"

2. To install keepalived, please refer to "keepalived installation and configuration"

3. Add arrp Multicast rules to the firewall or turn off the firewall

1 > iptables

Shell > vi / etc/sysconfig/iptables-an input-p vrrp-d 224.0.0.18 accept 32-j

2 > firewall

Firewall-cmd-direct-permanent-add-rule ipv4 filter input 0-in-interface enp4s0-destination 224.0.0.18-protocol vrrp-j acceptfirewall-cmd-reload

4. Close selinux

Shell > vi / etc/sysconfig/selinux# modify: selinux=disabled#setenforce 0

2. Preemption mode configuration

Edit / etc/keepalived/keepalived.conf configuration file

1 > master (192.168.1.201):

Global_defs {router_id nginx_01 # identifies the name of this node, usually hostname} # # keepalived will execute the script regularly and analyze the results of the script execution, and dynamically adjust the priority of the vrrp_instance. # # if the execution result of the script is 0 and the value configured by weight is greater than 0, the priority will be increased accordingly. If the result of the script execution is not 0 and the value of the weight configuration is less than 0, the priority is reduced accordingly. In other cases, the priority of the original configuration is maintained, that is, the corresponding value of priority in the configuration file. Vrrp_script chk_nginx {script "/ etc/keepalived/nginx_check.sh" interval 2 # failed to detect the running status of nginx every 2 seconds weight-20 # gave its priority-20} vrrp_instance vi_1 {state master # status, the primary node is master and the backup node is backup interface enp0s3 # network interface bound to vip Check the id number of your network interface virtual_router_id 51 # virtual route through ifconfig. The settings of the two nodes must be the same. You can choose the last section of ip to use. The same vrid is a group. He will determine the multicast mac address mcast_src_ip 192.168.1.201 # Native ip address priority 100 # Node priority. The value range of 0such 254 master is higher than that of backup 1 # Multicast message sending interval. The two nodes must be set the same, the default is 1 second # to set the authentication information, the two nodes must be consistent authentication {auth_type pass auth_pass 1111} # virtual ip, and the two node settings must be the same. One virtual_ipaddress {192.168.1.210} track_script {chk_nginx # nginx Survival status Detection script} can be set up one line.

2 > backup (192.168.1.202)

Global_defs {router_id nginx_02} vrrp_script chk_nginx {script "/ etc/keepalived/nginx_check.sh" interval 2 weight-20} vrrp_instance vi_1 {state backup interface enp0s3 virtual_router_id 51 mcast_src_ip 192.168.1.202 priority 90 advert_int 1 authentication {auth_type pass auth_pass 1111} virtual_ipaddress {192.168.1.210} track_script {chk_nginx}}

3 > create a nginx service detection script

Create the nginx_check.sh script under the master / slave server / etc/keepalived directory, and add the execution permission chmod + x / etc/keepalived/nginx_check.sh to it. It is used for keepalived to regularly check the service status of nginx. If nginx stops, it will try to restart nginx. If it fails, it will kill the keepalived process and drift vip to the backup machine.

#! / bin/basha= `ps-c nginx-- no-header | wc-l`if [$a-eq 0]; then / opt/nginx/sbin/nginx # attempted to restart nginx sleep 2 # sleep 2 seconds if [`ps-c nginx-- no-header | wc-l`-eq 0]; then killall keepalived # failed to start and killed the keepalived service. Drift vip to another backup node fifi

4 > start the keepalived service

Shell > service keepalived startshell > ps-ef | grep keepalived [root@localhost ~] # ps-ef | grep keepalivedroot 865 10 23:36? 00:00:00 keepalived-droot 869 865 0 23:36? 00:00:00 keepalived-droot 870 865 0 23:36? 00:00:00 keepalived-d

If you see the process information above, it means that keepalived has started successfully. Let's use the ip add command to view the vip binding, as shown in the following figure:

As you can see from the figure above, the vip address 192.168.1.210 is bound to the enp0s3 Nic of master (192.168.1.201).

5 > Test failover

Stop keepalived on master and see if vip drifts to 192.168.2.202.

Stop the keepalived service for 2011:

Shell > service keepalived stopshell > ip addr

As can be seen from the image above, vip has successfully drifted from 201 to 202. After the keepalived service of 2011is started at this time, the vip of 2012will be preempted because 2011is master.

Start the keepalived service of 2011:

Shell > service keepalived start

As a result, vip returns to 201, as shown in the following figure:

3. Non-preemptive mode

After master recovers from a failure, it does not preempt the vip of the backup node.

1 > master (192.168.1.201):

Global_defs {router_id nginx_01 # identifies the name of this node Usually hostname} vrrp_script chk_nginx {script "/ etc/keepalived/nginx_check.sh" interval 2 weight-20} vrrp_instance vi_1 {state backup interface enp0s3 virtual_router_id 51 mcast_src_ip 192.168.1.201 priority 100 advert_int 1 nopreempt authentication {auth_type pass auth_pass 1111} virtual_ipaddress {192.168.1.210} track_script {chk_nginx # nginx Survival status Detection script}

2 > backup (192.168.1.202)

Global_defs {router_id nginx_02} vrrp_script chk_nginx {script "/ etc/keepalived/nginx_check.sh" interval 2 weight-20} vrrp_instance vi_1 {state backup interface enp0s3 virtual_router_id 51 mcast_src_ip 192.168.1.202 priority 90 advert_int 1 nopreempt authentication {auth_type pass auth_pass 1111} virtual_ipaddress {192.168.1.210} track_script {chk_nginx}}

Compared with the configuration in non-preemptive mode, only two things have been changed:

1 > nopreempt instructions have been added to each of the two nodes under the vrrp_instance block to indicate that they do not compete for vip.

2 > the state of all nodes is backup

After both keepalived nodes are started, the default is backup. After sending multicast messages, both parties will elect a master according to their priority. Because both are configured with nopreempt, master does not preempt vip when it recovers from a failure. This avoids service delays that may be caused by vip handover.

These are all the contents of the article "how to achieve High availability of Keepalived+Nginx". Thank you for reading! I believe you will gain a lot after reading this article. The editor will update different knowledge for you every day. If you want to learn more knowledge, please pay attention to the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.