Configure high-availability Web sites for nginx + keepalived in CentOS

High-availability Web site configuration for nginx + keepalived in CentOS, support for Rewrite and a series of other software products has become the preferred software for websites. At the same time, the biggest feature of Nginx is its own load balancing function. You can define the Upstream address pool, the most basic requirement of the current website is to ensure stability and efficiency. The Keepalived + Nginx architecture described here is based on this, here we use two Nginx servers as the front-end, one master and one slave, and Keepalived for status monitoring to ensure that Nginx can provide external services normally, that is, after the main Nginx service process dies, keepalived can switch Website access from Nginx through its own detection mechanism. System Environment: CentOS 5.5 Open Source Software: nginx-1.2.1.tar.gz; keepalived-1.2.2.tar.gz master server IP: 211.151.138.2 from service IP: 211.151.138.3 virtual IP: 211.151.138.5 you can resolve your website domain name to 211.151.138.5 this public IP, in this way, the master and slave servers can take over the virtual IP in turn to ensure that the website can normally provide external access to keepalived. To install keepalived, you must rely on openssl and directly install yum, yum install openssl-devel nginx is not described here. There are many related documents on the Internet. Here we will introduce the implementation of keepalived + nginx.
1. Install keepalived Master/Slave server operation: Download The keepalived package wget http://www.keepalived.org/software/keepalived-1.2.2.tar.gz tar zxvf keepalived-1.2.2 .tar.gz. /configure make & make install by default, keepalived is installed in/usr/local/keepalived, you can use -- prefix to direct the installation location to www.2cto.com cp/usr/local/keepalived/etc/rc. d/init. d // etc/init. d/mkdir/etc/keepalived (by default, keepalived reads keepalived under/etc/keepalived. conf file. Keepalived does not report errors, but you will find that the parameters related to keepalived you created are not reflected at all. keepalived is confusing.) 2: in this case, we create keepalived. conf file master server configuration: vim/etc/keepalived. conf, type the following content global_defs {icationication_email {admin@company.com (multiple alarm mailboxes can be defined here)} icationication_email_from alarm@company.com (ALARM Person) smtp_server 127.0.0.1smtp _ connect_timeout 30router_id LVS_DEVEL} vrrp_script chk_http_port {script "/opt/tools/bin/check_n G. sh "interval 2 (detection interval) weight 2} www.2cto.com vrrp_instance VI_1 {state MASTER (display definition as MASTER server) interface eth1 (bound network port, this network port is the interface of the two IP addresses mentioned above) virtual_router_id 51 (defined ID, official 51, Master/Slave server must always) mcast_src_ip 211.151.138.2 (master server IP) priority 100 (priority, defined at will, but must be higher than the slave server) advert_int 1 authentication {auth_type PASS auth_pass 1111 (default)} track_script {chk_http_port (call detection script )} virtual_ipaddress {211.151.137.5 (bound virtual IP address)} slave server Configure vim/etc/keepalived. conf, type the following content global_defs {icationication_email {admin@company.com (multiple alarm mailboxes can be defined here)} icationication_email_from alarm@company.com (ALARM Person) smtp_server 127.0.0.1smtp _ connect_timeout 30router_id LVS_DEVEL} vrrp_script chk_http_port {script "/opt/tools/bin/check_ng.sh" interval 2 (interval of script execution) weight 2} vrrp_instance VI_1 {state BACKUP (display defined as slave server) interface eth1 (bound network port, which is the two I mentioned above P Interface) virtual_router_id 51 (defined ID, officially 51, Master/Slave server must always) mcast_src_ip 211.151.138.3 (slave server IP) priority 50 (priority, any definition, but it must be lower than the master server) advert_int 1 authentication {auth_type PASS auth_pass 1111 (default)} track_script {chk_http_port (call detection script )} virtual_ipaddress {211.151.137.5 (bound virtual IP address)} edit vim/opt/tools/bin/check_ng.sh #! /Bin/bash N = 'ps-C nginx -- no-header | wc-l' if [$ N-eq 0]; then/usr/local/nginx/sbin/nginx sleep 3 if ['ps-C nginx -- no-header | wc-l'-eq 0]; then killall keepalived fi this is a script for nginx status detection. When the nginx service dies for the first time, it will be restarted. If the Nginx service is still unavailable, it will kill keepalived process 3: start the keepalived process on the server/etc/init. d/keepalived start: Run/sbin/ip a. Let's take a look at IP usage. master server: eth1: <BROADCAST, MULTICAST, UP, LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000 link/ether 80: c1: 6e: 71: f1: a2 brd ff: ff inet 211.151.138.2/27 brd 211.151.138.31 scope global eth1 inet 211.151.138.5/32 scope global eth1 visible that the virtual IP address has been mounted and you can view the tail-f/var/log/message, the keepalived log is shown as follows: Jun 28 18:44:25 proxy1 Keepalived_vrrp: Using LinkWatch kernel netlink reflector... jun 28 18:44:25 proxy1 Protocol: VRRP sockpool: [ifindex (3), proto (112), fd ()] www.2cto.com Jun 28 18:44:25 proxy1 Keepalived_vrrp: VRRP_Script (chk_http_port) listen 28 18:44:26 proxy1 failed: VRRP_Instance (VI_1) Transition to MASTER STATEJun 28 18:44:27 proxy1 Keepalived_vrrp: VRRP_Instance (VI_1) Entering master state (its role-based service is shown here) Jun 28 18:44:27 proxy1 resume: VRRP_Instance (VI_1) setting protocol VIPs. jun 28 18:44:27 proxy1 Keepalived_vrrp: VRRP_Instance (VI_1) Sending gratuitous ARPs on eth1 for logs simultaneously display from server logs as: Jun 28 18:42:14 proxy2 Keepalived: Starting Keepalived v1.2.2 (06/21, 2012) jun 28 18:42:14 proxy2 Keepalived: Starting VRRP child process, pid = 23588Jun 28 18:42:14 proxy2 Protocol: Registering Kernel netlink Protocol 28 18:42:14 proxy2 Protocol: Registering Kernel netlink command channelJun 28 18:42:14 proxy2 protocol: registering gratutious ARP shared channelJun 28 18:42:14 proxy2 Keepalived_vrrp: Opening file '/etc/keepalived. conf '. jun 28 18:42:14 proxy2 Keepalived_vrrp: Configuration is using: 65440 BytesJun 28 18:42:14 proxy2 Keepalived_vrrp: Using LinkWatch kernel netlink reflector... jun 28 18:42:14 proxy2 Keepalived_vrrp: VRRP_Instance (VI_1) Entering backup state (displayed as BACKUP, from) Jun 28 18:42:14 proxy2 Keepalived_vrrp: VRRP sockpool: [ifindex (3), proto (112 ), fd ()] at this time, we disable the keepalived service on the MASTER, and the log changes from: Jun 28 18:43:49 proxy2 Keepalived_vrrp: VRRP_Instance (VI_1) Transition to MASTER STATEJun 28 18:43:50 proxy2 keepalived_vr: vrp_instance (VI_1) Entering MASTER STATEJun 28 18:43:50 proxy2 Keepalived_vrrp: VRRP_Instance (VI_1) setting protocol VIPs. jun 28 18:43:50 proxy2 Keepalived_vrrp: VRRP_Instance (VI_1) Sending gratuitous ARPs on eth1 for 211.151.138.5 it can be seen that he has taken over 211.151.138.5, in addition, if you set your status to the MASTER and then start the keepalived process on the original MASTER, the log is: www.2cto.com Jun 28 18:44:26 proxy2 Keepalived_vrrp: VRRP_Instance (VI_1) received higher prio advertJun 28 18:44:26 proxy2 Keepalived_vrrp: VRRP_Instance (VI_1) Entering backup state Jun 28 18:44:26 proxy2 Keepalived_vrrp: VRRP_Instance (VI_1) removing protocol VIPs. jun 28 18:44:26 proxy2 avahi-daemon [6552]: Withdrawing address record for 211.151.138.5 on eth1 indicates that a message with higher permissions is received, so he sets his status to slave, in addition, the 211.151.138.5 IP address is returned, and the high-availability HA author fairplay_li is realized.