I. Environmental planning
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/73/53/wKiom1X6SEax6HlpAAEImIcTpPA588.jpg "title=" planning. png "alt=" Wkiom1x6seax6hlpaaeimictppa588.jpg "/>
Operating system: CentOS6.5 x86_64
Kernel version: 2.6.32-504.el6.x86_64
Nginx Version: nginx-1.8.0-1.el6.ngx.x86_64
Keepalived version: keepalived-1.2.19
Front-end dual Nginx+keepalived,nginx reverse proxy to back-end tomcat cluster to achieve load balancing, keepalived realize cluster high availability, the virtual IP automatically drifts to the Nginx after the main nginx fault.
Main nginx:192.168.60.48
Prepared nginx:192.168.60.49
Virtual ip:192.168.60.50
Back-end Tomcat cluster: 192.168.60.51, 192.168.60.52, 192.168.60.53
Each host on the backend has two ports open for business: 16915, 16916
Second, installation
Two front-end consoles are installed nginx and keepalived respectively.
1) Compile and install keepalived
# Install dependent yum install kernel-* gcc make openssl-*# download Keepalived-1.2.19.tar.gzwget http://www.keepalived.org/software/ keepalived-1.2.19.tar.gz# Unzip the tar xvzf keepalived-1.2.19.tar.gz CD keepalived-1.2.19# configuration./configure--sysconfdir=/etc-- with-kernel-dir=/usr/src/kernels/2.6.32-504.el6.x86_64# compile and install make && make install# view keepalived version, Verify that the installation is successful keepalived-v# set the boot from Chkconfig keepalived on
Note: Keepalived can also be installed with Yum, although the version is lower.
2) RPM Package installation Nginx
Official Nginx Yum Source:
[Nginx]name=nginx repobaseurl=http://nginx.org/packages/centos/$releasever/$basearch/enabled=1gpgcheck=0
When the Yum source is set up, it can be installed directly:
Yum Install Nginxchkconfig Nginx on
Third, the configuration
1) Front-end two host Nginx configuration exactly the same
# vim /etc/nginx/conf.d/upstream.conf upstream tomcatclu_16915 { server 192.168.60.51:16915; server 192.168.60.52:16915; server 192.168.60.53:16915; ip_hash;} upstream tomcatclu_16916 { server 192.168.60.51:16916; server 192.168.60.52:16916; server 192.168.60.53:16916; ip_hash;} # vim /etc/nginx/conf.d/server.confserver { listen 16915; server_name _; location / { proxy_pass http://tomcatclu_16915; } location /nginx_status{ stub_status on; access_log off; allow 127.0.0.1; # to allow corporate IP access nginx status allow 192.168.252.0/24; deny all; }} server { listen 16916; server_name _; location / { proxy_pass http:// tomcatclu_16916; } location /nginx_status{ stub_status on; access _log off; allow 127.0.0.1; # to allow corporate IP access nginx status allow 192.168.252.0/24; deny all; }}
2) nginx_master keepalived configuration
[[email protected]_master ~]# vim /etc/keepalived/keepalived.conf ! CONFIGURATION FILE FOR KEEPALIVEDGLOBAL_DEFS {   ROUTER_ID NGINX-HA1} vrrp_script check_nginx { # Check the Nginx status of the script, after the article gives script "/data/script/check_nginx.sh" # execution interval 2 seconds interval 2}vrrp_instance VI_1 { # two hosts are backup state BACKUP interface eth0 # Virtual_ of the same keepalived cluster router_id must be the same, default 51 virtual_router_id 55 # master priority high priority 100 advert_int 1 # does not preempt: If a host with a master state already exists in the cluster, it is not preempted to master even if the priority is higher than master. Set only on hosts with high priority. nopreempt authentication { auth_type pass auth_pass 1111 } virtual_ipaddress { # Virtual ip 192.168.60.50 } track_script { check_nginx }}
3) nginx_slave keepalived configuration
[[Email protected]_slave ~]# vim /etc/keepalived/keepalived.conf ! configuration file for keepalivedglobal_defs { router_id nginx-ha2}vrrp_script check_nginx { script "/data/script/check_nginx.sh" interval 2}vrrp_instance VI_1 { state BACKUP interface eth0 virtual_router_id 55 # Low-priority priority 80 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.60.50 } track_script { check_nginx }}
4) Firewall settings
# iptables Release multicast address traffic: iptables-i input-d 224.0.0.18-j acceptservice iptables Save
The VRRP message is sent via IP multicast, and the multicast address 224.0.0.18 is the destination address of the VRRP message.
In this experiment, two hosts are backup, and if you start the KEEPALIVED,VRRP protocol at the same time, run the high priority host as Master. If the firewall does not allow the VRRP message to pass, two backup will become master, and you will find that two hosts have started the virtual IP.
5) Deploy Nginx status check script check_nginx.sh
/data/script/check_nginx.sh Check the script contents as follows:
#!/bin/bash# check nginx server status# http://qicheng0211.blog.51cto.com # nginx Port ports= "16915 16916" Function check_ports { for port in $PORTS;d o nc -z 127.0.0.1 $port | grep -q succeeded [ "${pipestatus[1 ]} " -eq 0 ] && mark=${mark}1 done # If the mark value is null, both ports do not pass. # if Mark equals 1, it means that a port is a pass. # if Mark equals 11, both ports are pass-through. echo $mark}ret1=$ (check_ports) # If the Nginx port does not pass, it tries to restart nginxif [ "$ Ret1 " != 11 ];then /etc/init.d/nginx stop / etc/init.d/nginx start sleep 1 ret2=$ (Check_ports) # If there is a port does not work, indicating that the Nginx service is not normal, then stop keepalived, so that the VIP switch [ "$ret 2" != 11 ] && /etc/init.d/keepalived stopfi
To set executable permissions for a script:
chmod +x/data/script/check_nginx.sh
6) Turn on keepalived log
Edit/etc/sysconfig/keepalived:
Keepalived_options= "-d-d-S 0"
Edit/etc/rsyslog.conf:
# The configuration file is appended with the following line local0.*/var/log/keepalived.log
Restart Rsyslog:
Service Rsyslog Restart
When configured as above, keepalived logs the log to/var/log/keepalived.log.
7) Start the service
# first check the Nginx configuration file correctness nginx-t# start nginx Services service Nginx start# start the keepalived Services service keepalived start# a while to see if the virtual IP is in nginx_ IP A on master host
Iv. Verification
Nginx_master and Nginx_slave simultaneously start keepalived, observe the log/var/log/keepalived.log, you will find Nginx_master preemption as master, A virtual IP192.168.60.50 is bound.
Nginx_master:
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/73/51/wKioL1X6XViz_LVZAALUyIqxLDQ217.jpg "title=" Qq20150917141751.png "alt=" Wkiol1x6xviz_lvzaaluyiqxldq217.jpg "/>
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/73/51/wKioL1X6XEmwb8rbAAI2ptSMhEM234.jpg "title=" IP a 1. PNG "alt=" wkiol1x6xemwb8rbaai2ptsmhem234.jpg "/>
Nginx_slave:
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/73/54/wKiom1X6WkGjEhJWAAIL_4Ucuas845.jpg "title=" IP a 2. PNG "alt=" wkiom1x6wkgjehjwaail_4ucuas845.jpg "/>
Below we nginx_master the keepalived service to stop or restart the system, while constantly ping the virtual IP. After a request time-out interval, the virtual IP will drift to Nginx_slave:
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/73/51/wKioL1X6XkiDyYSuAAO93j-joEs063.jpg "title=" Ping.png "alt=" Wkiol1x6xkidyysuaao93j-joes063.jpg "/>
Nginx_slave:
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/73/54/wKiom1X6XDahLBXdAAH5kcUUJ0g730.jpg "title=" IP a 3. PNG "alt=" wkiom1x6xdahlbxdaah5kcuuj0g730.jpg "/>
Then the Nginx_master keepalived service is turned on, the virtual IP does not drift back to Nginx_master, this is because Nginx_master opened the non-preemptive mode, even if the priority is high, will not preempt master.
This article is from the "Start Linux blog" blog, make sure to keep this source http://qicheng0211.blog.51cto.com/3958621/1695674
Nginx+keepalived Building high-availability load Balancing clusters