Nginx+keepalived Building high-availability load Balancing clusters

I. Environmental planning

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/73/53/wKiom1X6SEax6HlpAAEImIcTpPA588.jpg "title=" planning. png "alt=" Wkiom1x6seax6hlpaaeimictppa588.jpg "/>

• Operating system: CentOS6.5 x86_64

• Kernel version: 2.6.32-504.el6.x86_64

• Nginx Version: nginx-1.8.0-1.el6.ngx.x86_64
  

• Keepalived version: keepalived-1.2.19

Front-end dual Nginx+keepalived,nginx reverse proxy to back-end tomcat cluster to achieve load balancing, keepalived realize cluster high availability, the virtual IP automatically drifts to the Nginx after the main nginx fault.

Main nginx:192.168.60.48

Prepared nginx:192.168.60.49

Virtual ip:192.168.60.50

Back-end Tomcat cluster: 192.168.60.51, 192.168.60.52, 192.168.60.53

Each host on the backend has two ports open for business: 16915, 16916

Second, installation

Two front-end consoles are installed nginx and keepalived respectively.

1) Compile and install keepalived

# Install dependent yum install kernel-* gcc make openssl-*# download Keepalived-1.2.19.tar.gzwget http://www.keepalived.org/software/ keepalived-1.2.19.tar.gz# Unzip the tar xvzf keepalived-1.2.19.tar.gz CD keepalived-1.2.19# configuration./configure--sysconfdir=/etc-- with-kernel-dir=/usr/src/kernels/2.6.32-504.el6.x86_64# compile and install make && make install# view keepalived version, Verify that the installation is successful keepalived-v# set the boot from Chkconfig keepalived on

Note: Keepalived can also be installed with Yum, although the version is lower.

2) RPM Package installation Nginx

Official Nginx Yum Source:

[Nginx]name=nginx repobaseurl=http://nginx.org/packages/centos/$releasever/$basearch/enabled=1gpgcheck=0

When the Yum source is set up, it can be installed directly:

Yum Install Nginxchkconfig Nginx on

Third, the configuration

1) Front-end two host Nginx configuration exactly the same

# vim /etc/nginx/conf.d/upstream.conf upstream tomcatclu_16915 {         server 192.168.60.51:16915;         server 192.168.60.52:16915;        server  192.168.60.53:16915;        ip_hash;} upstream tomcatclu_16916 {        server  192.168.60.51:16916;        server 192.168.60.52:16916;         server 192.168.60.53:16916;         ip_hash;} # vim /etc/nginx/conf.d/server.confserver {    listen 16915;     server_name _;    location / {         proxy_pass http://tomcatclu_16915;    }    location /nginx_status{         stub_status on;        access_log off;         allow 127.0.0.1;         #  to allow corporate IP access nginx status        allow  192.168.252.0/24;        deny all;    }} server {    listen 16916;    server_name _;     location / {        proxy_pass http:// tomcatclu_16916;    }    location /nginx_status{         stub_status on;        access _log off;        allow 127.0.0.1;        #  to allow corporate IP access nginx  status        allow 192.168.252.0/24;         deny all;    }}

    2) nginx_master keepalived configuration

[[email protected]_master ~]# vim /etc/keepalived/keepalived.conf !  CONFIGURATION FILE FOR KEEPALIVEDGLOBAL_DEFS {   ROUTER_ID NGINX-HA1} vrrp_script check_nginx {    #  Check the Nginx status of the script, after the article gives      script  "/data/script/check_nginx.sh"     #  execution interval 2 seconds     interval  2}vrrp_instance VI_1 {    #  two hosts are backup    state  BACKUP    interface eth0    #  Virtual_ of the same keepalived cluster router_id  must be the same, default 51    virtual_router_id 55    #  master priority high     priority 100    advert_int 1    #   does not preempt: If a host with a master state already exists in the cluster, it is not preempted to master even if the priority is higher than master. Set only on hosts with high priority.     nopreempt    authentication {        auth_type pass         auth_pass 1111    }    virtual_ipaddress {         #  Virtual ip         192.168.60.50    }    track_script {         check_nginx    }}

    3) nginx_slave keepalived configuration

[[Email protected]_slave ~]# vim /etc/keepalived/keepalived.conf ! configuration  file for keepalivedglobal_defs {   router_id nginx-ha2}vrrp_script  check_nginx {    script  "/data/script/check_nginx.sh"      interval 2}vrrp_instance VI_1 {    state BACKUP     interface eth0    virtual_router_id 55    #   Low-priority     priority 80    advert_int 1     authentication {        auth_type PASS         auth_pass 1111    }     virtual_ipaddress {        192.168.60.50    }     track_script {        check_nginx    }} 

4) Firewall settings

# iptables Release multicast address traffic: iptables-i input-d 224.0.0.18-j acceptservice iptables Save

The VRRP message is sent via IP multicast, and the multicast address 224.0.0.18 is the destination address of the VRRP message.
In this experiment, two hosts are backup, and if you start the KEEPALIVED,VRRP protocol at the same time, run the high priority host as Master. If the firewall does not allow the VRRP message to pass, two backup will become master, and you will find that two hosts have started the virtual IP.
5) Deploy Nginx status check script check_nginx.sh

/data/script/check_nginx.sh Check the script contents as follows:

#!/bin/bash# check nginx server status# http://qicheng0211.blog.51cto.com #  nginx Port ports= "16915 16916" Function check_ports {    for port  in  $PORTS;d o        nc -z 127.0.0.1  $port  | grep -q succeeded        [  "${pipestatus[1 ]} " -eq 0 ] && mark=${mark}1    done     #  If the mark value is null, both ports do not pass.     #  if Mark equals 1, it means that a port is a pass.     #  if Mark equals 11, both ports are pass-through.     echo  $mark}ret1=$ (check_ports) #  If the Nginx port does not pass, it tries to restart nginxif [  "$ Ret1 " != 11 ];then    /etc/init.d/nginx stop    / etc/init.d/nginx start    sleep 1    ret2=$ (Check_ports)     #  If there is a port does not work, indicating that the Nginx service is not normal, then stop keepalived, so that the VIP switch     [  "$ret 2"  != 11 ] && /etc/init.d/keepalived stopfi

To set executable permissions for a script:

chmod +x/data/script/check_nginx.sh

6) Turn on keepalived log

Edit/etc/sysconfig/keepalived:

Keepalived_options= "-d-d-S 0"

Edit/etc/rsyslog.conf:

# The configuration file is appended with the following line local0.*/var/log/keepalived.log

Restart Rsyslog:

Service Rsyslog Restart

When configured as above, keepalived logs the log to/var/log/keepalived.log.

7) Start the service

# first check the Nginx configuration file correctness nginx-t# start nginx Services service Nginx start# start the keepalived Services service keepalived start# a while to see if the virtual IP is in nginx_ IP A on master host

Iv. Verification

Nginx_master and Nginx_slave simultaneously start keepalived, observe the log/var/log/keepalived.log, you will find Nginx_master preemption as master, A virtual IP192.168.60.50 is bound.

Nginx_master:

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/73/51/wKioL1X6XViz_LVZAALUyIqxLDQ217.jpg "title=" Qq20150917141751.png "alt=" Wkiol1x6xviz_lvzaaluyiqxldq217.jpg "/>

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/73/51/wKioL1X6XEmwb8rbAAI2ptSMhEM234.jpg "title=" IP a 1. PNG "alt=" wkiol1x6xemwb8rbaai2ptsmhem234.jpg "/>

Nginx_slave:

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/73/54/wKiom1X6WkGjEhJWAAIL_4Ucuas845.jpg "title=" IP a 2. PNG "alt=" wkiom1x6wkgjehjwaail_4ucuas845.jpg "/>

Below we nginx_master the keepalived service to stop or restart the system, while constantly ping the virtual IP. After a request time-out interval, the virtual IP will drift to Nginx_slave:

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/73/51/wKioL1X6XkiDyYSuAAO93j-joEs063.jpg "title=" Ping.png "alt=" Wkiol1x6xkidyysuaao93j-joes063.jpg "/>

Nginx_slave:

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/73/54/wKiom1X6XDahLBXdAAH5kcUUJ0g730.jpg "title=" IP a 3. PNG "alt=" wkiom1x6xdahlbxdaah5kcuuj0g730.jpg "/>

Then the Nginx_master keepalived service is turned on, the virtual IP does not drift back to Nginx_master, this is because Nginx_master opened the non-preemptive mode, even if the priority is high, will not preempt master.

This article is from the "Start Linux blog" blog, make sure to keep this source http://qicheng0211.blog.51cto.com/3958621/1695674

Nginx+keepalived Building high-availability load Balancing clusters