Keepalived+nginx dual master Model for high-availability services

First, the working principle of keepalived

Keepalived is based on the VRRP protocol, the VRRP full name virtual Router Redundancy Protocol, that is, dummy routing redundancy protocol.

Virtual Routing Redundancy Protocol, can be considered to implement a high-availability router protocol, will be n to provide the same function of the router to form a virtual router group, the group has a master and multiple backup, Master has an external service VIP (which is the default route for other machines in the LAN), Master sends multicast, and when backup does not receive the VRRP package, it thinks that the master is faulty. At this point, you need to elect a master from backup based on the priority level of the VRRP. This will ensure that the router is highly available.

Keepalived has three main modules, namely core, checkers and VRRP. The core module is the kernel of keepalived, which is responsible for initiating, maintaining, and loading and parsing the global configuration file for the main process. Checkers is responsible for health checks, including common check methods (TCP, HTTP, SSL). The VRRP module is to implement the VRRP protocol.

ii. configuration files for keepalivedkeepalived has only one configuration file keepalived.conf, which consists of the following configuration areas, Global_defs, Vrrp_script, Vrrp_instance and Virtual_server, respectively.

three, keepalived dual master Model high-availability Nginx service

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/74/8E/wKioL1YhKHviYhdYAAGjBD2RS08250.jpg "title=" Qq20151015222537.png "alt=" Wkiol1yhkhviyhdyaagjbd2rs08250.jpg "/>

3.1. Environment setting

keepalived-nginx1:172.16.16.11

keepalived-nginx2:172.16.16.12

vip1:172.16.16.9

vip2:172.16.16.10

upstream_server1:172.16.16.3

upstream_server2: 172.16.16.4

3.2. Preparatory work

(1) Set NGINX1, nginx2 off SELinux and iptables

Sed-i ' [email protected]^selinux=.*@[email protected] '/etc/selinux/config setenforce 0iptables-fservice iptables stop &>/dev/null chkconfig iptables off

(2) Configure the Epel source to see the Yum source of the relevant package

[[email protected] ~]# vim/etc/resolv.conf//configure domain Name server nameserver 172.16.0.1 [[email protected] ~]# yum list all ke             epalivedkeepalived.x86_64 1.2.13-4.el6 centos6.6[[email protected] ~]# Yum List all nginxnginx.x86_64 1.0.15-12.el6 Epel

(3) Modify the host name of the keepalived primary and standby node

Sed-i ' [email protected]=.*@[email protected] '/etc/sysconfig/network//set hostname sed-i ' [email protected]=.*@[email Protected] '/etc/sysconfig/networkhostname nginx1hostname nginx2

(4) Host Trust

vim /etc/hosts                       //add domain name resolution 172.16.16.11 nginx1172.16.16.12 nginx2172.16.16.3  web1.bengbengtu.com web1172.16.16.4 web2.bengbengtu.com web2[[email protected]  ~]# yum install openssh-clients                [[email protected] ~]# ssh-keygen -t rsa -P  ' '                //generates a pair of keys generating  public/private rsa key pair. enter file in which to save the key  (/ROOT/.SSH/ID_RSA):  Created  directory  '/root/.ssh '. Your identification has been saved in /root/.ssh/id_rsa. your public key has been saved in /root/.ssh/id_rsa.pub.the key fingerprint is:fa:14:8d:95:f3:48:bf:d1:b8:13:b4:dd:89:0e:51:97  [email protected]    the key ' s randomart image is:+--[  RSA 2048]----+|             .  ..| |           &NBSP, ....  . e | |           =.     | |          = *.=...| |         s o.b.o..| |        . .  o=   | |       . .   +.   | |        o     .   | |         .        |+-----------------+[[email protected] ~]# ssh-copy-id -i .ssh/id_rsa.pub nginx2    //public key sent to nginx2[[email protected] ~]# ssh-keygen -t rsa -p  "     [[email protected] ~]# ssh-copy-id -i .ssh/id_rsa.pub  nginx1    //public key issued to NGINX1

(5) Synchronization time

# yum Install ntpdate [[email protected] ~]# ntpdate ntp.sjtu.edu.cn//sync time [[email protected] ~ ]# hwclock-w [[email protected] ~]# date; SSH nginx2 ' date '//view nginx1 and Nginx2 time synchronization Thu Oct 22:44:40 CST Thu Oct 2015 22:44:41 CST

3.3. Install and configure Nginx

The nginx here is used as a reverse proxy, and check the backend upstream

[[email protected] ~]# yum -y install nginx ; ssh nginx2  ' Yum -y install nginx ' #vim  /etc/nginx/nginx.confworker_processes  2;          //definition of 2 worker processes  upstream web {                   //defining an upstream server         server 172.16.16.3:80  weight=1 max_fails=2 fail_ Timeout=30s;       server 172.16.16.4:80  weight=2 max_ FAILS=3 FAIL_TIMEOUT=40S;  &NBSP,} #find  /etc/nginx/conf.d/ -name  ' *.conf '  - exec mv {} {}.bak \;# vim /etc/nginx/conf.d/webserver.conf            //  definition server           server {        listen 80;         server_name nginx1 nginx2;        location / {           proxy_pass     // Reverse proxy to the back end of the upstream server           }}

3.4, rear end of the Upstream_server installation httpd

web1.bengbengtu.com:172.16.16.3

web2.bengbengtu.com:172.16.16.4

Just install httpd

(1), set host name

# hostname web1.bengbengtu.com# hostname web2.bengbengtu.com

(2), Installation httpd service

# yum install-y httpd[[email protected] ~]# echo "

Test it first ~ ~ ~
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/74/92/wKiom1YhNDjwgiH7AAHTxzrgLHg463.jpg "style=" float: none; "title=" Qq20151015233353.png "alt=" Wkiom1yhndjwgih7aahtxzrglhg463.jpg "/>
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/74/8E/wKioL1YhNFuxuqsBAAGMPU1hzB4338.jpg "style=" float: none; "title=" Qq20151015233453.png "alt=" Wkiol1yhnfuxuqsbaagmpu1hzb4338.jpg "/>

3.5, installation configuration keepalived high-availability Nginx service
Note: If you want to monitor whether Nginx service is online, we need to use the monitoring system to realize the restart operation of Nginx service!!
The keepalived configuration on the NGINX1 server is as follows:
[[Email protected] ~]# vim /etc/keepalived/keepalived.conf! configuration file  for keepalivedglobal_defs {                                   //Global Definition    notification_email {                              [email protected]             //e-mail to root    }    notification_email_from [email  protected]         smtp_server 127.0.0.1           //Defining mail servers    smtp_connect_timeout 30       &nbsp //connection to the mail server timeout period    router_id LVS_DEVEL               //Routing id}vrrp_instance vi_1 {              //Defining Virtual Routing instances     state MASTER             //Main Route     interface  eth0    virtual_router_id 235        //Virtual route ID     priority 100                 //Priority     advert_int 1     authentication {              // PlainText Encryption authentication         auth_type PASS         auth_pass 2b316a978532    }    virtual_ipaddress {           //definition vip1        172.16.16.9/16     }}vrrp_instance VI_2 {                 state backup         //Standby Routing     interface eth0    virtual_router_id 236           priority 99          //Priority     advert_int 1    authentication {         auth_type PASS         auth_pass 24985cea886c    }    virtual_ipaddress {         172.16.16.10/16         //vip2    }} 
The keepalived configuration on the NGINX2 server is as follows:
[[Email protected] ~]# vim /etc/keepalived/keepalived.conf! configuration file  for keepalivedglobal_defs {   notification_email {         [email protected]                 }   notification_email_from [email protected]    smtp_server 127.0.0.1                 //Defining mail servers    smtp_connect_timeout 30              //the timeout period for connecting to the mail server    router_id lvs_devel              //Routing Id}vrrp_instance vi_1  {    state BACKUP            //Standby Routing     interface eth0    virtual_router_id 235     priority 99               // Priority     advert_int 1    authentication {         auth_type pass        auth_pass  2b316a978532    }    virtual_ipaddress {               //definition vip1         172.16.16.9/16    }}vrrp_instance VI_2 {     state master             //Main Route      interface eth0              virtual_router_id 236      //Virtual Routing id    priority 100                 //Priority     advert_ int 1    authentication {              //Clear Certification         auth_type PASS         auth_pass 24985cea886c    }     virtual_ipaddress {                172.16.16.10/16           //definition vip2     }}

Test:
(1) Stop nginx1 keepalived, check nginx2,vip1,vip2 are in;
[[Email protected] ~]# service keepalived stop
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/74/92/wKiom1YhM_2y9z-TAAJc7fKidYo037.jpg "title=" Qq20151017012931.png "alt=" Wkiom1yhm_2y9z-taajc7fkidyo037.jpg "/>
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/74/92/wKiom1YhNKjgH_ISAAQT5WSeqzM682.jpg "title=" Qq20151017013208.png "alt=" Wkiom1yhnkjgh_isaaqt5wseqzm682.jpg "/>
Test done! The high-availability nginx of the double-master model is introduced to this end ~ ~

This article is from the "Bengbengtu" blog, make sure to keep this source http://bengbengtu.blog.51cto.com/9505633/1703724
Keepalived+nginx dual master Model for high-availability services