Configure high-availability Web sites for nginx + keepalived in CentOS

High-availability Web site configuration for nginx + keepalived in CentOS, support for Rewrite and a series of other preferred software on the Web end of the website. at the same time, the biggest feature of Nginx is... high-availability Web site configuration for nginx + keepalived in CentOS, support for Rewrite and a series of other software products has become the preferred software for websites. at the same time, the biggest feature of Nginx is its own load balancing function. you can define the Upstream address pool, the most basic requirement of the current website is to ensure stability and efficiency. the Keepalived + Nginx architecture described here is based on this, here we use two Nginx servers as the front end, one master and one slave, and Keepalived for status monitoring to ensure normal Nginx To provide external services, that is, after the main Nginx service process dies, keepalived can switch website access to Nginx through its own detection mechanism. System environment: CentOS 5.5 open source software: nginx-1.2.1.tar.gz; keepalived-1.2.2.tar.gz master server IP: 211.151.138.2 from service IP: 211.151.138.3 virtual IP: 211.151.138.5 you can resolve your website domain name to 211.151.138.5 this public IP, in this way, the master and slave servers can take over the virtual IP in turn to ensure that the website can normally provide external access to keepalived. to install keepalived, you must rely on openssl and directly install yum, yum install openssl-devel nginx is not described here. There are many related documents on the internet. here we will introduce the implementation of keepalived + nginx.
1. install the keepalived master/slave server: Download the keepalived package wget. http://www.keepalived.org/software/keepalived-1.2.2.tar.gz Tar zxvf keepalived-1.2.2 .tar.gz. /configure make & make install by default, keepalived is installed in/usr/local/keepalived, you can use -- prefix to direct the installation location to www.2cto.com cp/usr/local/keepalived/etc/rc. d/init. d // etc/init. d/mkdir/etc/keepalived (by default, keepalived reads keepalived under/etc/keepalived. conf file. if you have not created this file, keepalived will not report an error, but you will find that the parameters you have created for keepalived are not reflected at all, keepalived is confusing.) 2. create keepalived. conf file Master server configuration: vim/etc/keepalived. conf, type the following content global_defs {icationication_email {admin@company.com (multiple alarm mailboxes can be defined here)} icationication_email_from alarm@company.com (alarm person) smtp_server 127.0.0.1smtp _ connect_timeout 30router_id LVS_DEVEL} vrrp_script chk_http_port {script "/opt/tools/bin/check_ng.sh" interval 2 (detection interval) weight 2} www.2cto.com vrrp_instance VI_1 {state MASTER (display definition as the MASTER server) interface eth1 (bound Network port, which is the interface of the two IP addresses mentioned above) virtual_router_id 51 (defined ID, officially 51, master/slave server must always) mcast_src_ip 211.151.138.2 (master server IP) priority 100 (priority, defined at will, but must be higher than the slave server) advert_int 1 authentication {auth_type PASS auth_pass 1111 (default)} track_script {chk_http_port (call detection script )} virtual_ipaddress {211.151.137.5 (bound virtual IP address)} configure vim/etc/keepalived from the server. conf, type the following content global_defs {icationication_email {admin@company.com (here you can define multiple Alert email)} alert alarm@company.com (alert contact) smtp_server 127.0.0.1smtp _ connect_timeout 30router_id LVS_DEVEL} vrrp_script chk_http_port {script "/opt/tools/bin/check_ng.sh" interval 2 (interval between script execution) weight 2} vrrp_instance VI_1 {state BACKUP (Display defined as slave server) interface eth1 (bound network port, which is the interface of the two IP addresses mentioned above) virtual_router_id 51 (defined ID, the official website is 51, and the master/slave server must always be) mcast_src_ip 211.151.138.3 (slave server IP address) priority 50 (priority, any definition, But it must be lower than the master server) advert_int 1 authentication {auth_type PASS auth_pass 1111 (default)} track_script {chk_http_port (call detection script )} virtual_ipaddress {211.151.137.5 (bound virtual IP address)} edit vim/opt/tools/bin/check_ng.sh #! /Bin/bash N = 'PS-C nginx -- no-header | wc-L' if [$ N-eq 0]; then/usr/local/nginx/sbin/nginx sleep 3 if ['PS-C nginx -- no-header | wc-L'-eq 0]; then killall keepalived fi this is a script for nginx status detection. when the nginx service dies for the first time, it will be restarted. if The Nginx service is still unavailable, it will kill keepalived process 3: start the keepalived process on the server/etc/init. d/keepalived start: Execute/sbin/ip a. Let's take a look at IP usage. master server: eth1: Mtu 1500 qdisc pfifo_fast qlen 1000 link/ether 80: c1: 6e: 71: f1: a2 brd ff: ff: ff inet 211.151.138.2/27 brd 211.151.138.31 scope global eth1 inet 211.151.138.5/32 scope global eth1 visible that the virtual IP address has been mounted and you can view the tail-f/var/log/message, the keepalived log is shown as follows: Jun 28 18:44:25 proxy1 Keepalived_vrrp: Using LinkWatch kernel netlink reflector... jun 28 18:44:25 proxy1 protocol: VRRP sockpool: [ifindex (3), proto (112), fd ()] www.2cto.com Jun 28 18:44:25 proxy1 Keepalived_vrrp: VRRP_Script (chk_http_port) listen 28 18:44:26 proxy1 failed: VRRP_Instance (VI_1) Transition to MASTER STATEJun 28 18:44:27 proxy1 Keepalived_vrrp: VRRP_Instance (VI_1) Entering master state (its role-based service is shown here) Jun 28 18:44:27 proxy1 resume: VRRP_Instance (VI_1) setting protocol VIPs. jun 28 18:44:27 proxy1 Keepalived_vrrp: VRRP_Instance (VI_1) Sending gratuitous ARPs on eth1 for logs simultaneously display from server logs as: Jun 28 18:42:14 proxy2 Keepalived: Starting Keepalived v1.2.2 (06/21, 2012) jun 28 18:42:14 proxy2 Keepalived: Starting VRRP child process, pid = 23588Jun 28 18:42:14 proxy2 protocol: Registering Kernel netlink protocol 28 18:42:14 proxy2 protocol: Registering Kernel netlink command channelJun 28 18:42:14 proxy2 protocol: registering gratutious ARP shared channelJun 28 18:42:14 proxy2 Keepalived_vrrp: Opening file '/etc/keepalived. conf '. jun 28 18:42:14 proxy2 Keepalived_vrrp: Configuration is using: 65440 BytesJun 28 18:42:14 proxy2 Keepalived_vrrp: Using LinkWatch kernel netlink reflector... jun 28 18:42:14 proxy2 Keepalived_vrrp: VRRP_Instance (VI_1) Entering backup state (displayed as BACKUP, from) Jun 28 18:42:14 proxy2 Keepalived_vrrp: VRRP sockpool: [ifindex (3), proto (112 ), fd ()] at this time, we disable the keepalived service on the MASTER, and the log changes from: Jun 28 18:43:49 proxy2 Keepalived_vrrp: VRRP_Instance (VI_1) Transition to MASTER STATEJun 28 18:43:50 proxy2 keepalived_vr: vrp_instance (VI_1) Entering MASTER STATEJun 28 18:43:50 proxy2 Keepalived_vrrp: VRRP_Instance (VI_1) setting protocol VIPs. jun 28 18:43:50 proxy2 Keepalived_vrrp: VRRP_Instance (VI_1) Sending gratuitous ARPs on eth1 for 211.151.138.5 it can be seen that he has taken over 211.151.138.5, in addition, if you set your status to the MASTER and then start the keepalived process on the original MASTER, the log is: www.2cto.com Jun 28 18:44:26 proxy2 Keepalived_vrrp: VRRP_Instance (VI_1) received higher prio advertJun 28 18:44:26 proxy2 Keepalived_vrrp: VRRP_Instance (VI_1) Entering backup state Jun 28 18:44:26 proxy2 Keepalived_vrrp: VRRP_Instance (VI_1) removing protocol VIPs. jun 28 18:44:26 proxy2 avahi-daemon [6552]: Withdrawing address record for 211.151.138.5 on eth1 indicates that a message with higher permissions is received, so he sets his status to slave, in addition, the 211.151.138.5 IP address is returned, and the high-availability HA author fairplay_li is realized.