Lightweight Keepalived for Nginx and LVS High Availability

Lightweight Keepalived for Nginx and LVS High Availability

The keepalived routing software is written in C language and provides simple and robust high availability for the loadbalance Linux system. keepalive dynamically checks, automatically maintains, and manages the health of the loadbalance server pool. On the other hand, high availability is achieved through VRRP. VRRP is the basic brick failover for routers. In addition, keepalive implements a set of hook VRRP finite state machines to provide low-level and high-speed protocol interaction. The keepalive framework can be used independently or together to provide elastic infrastructure.

VRRP is an "election" protocol that dynamically assigns the responsibility of a vro to other vrouters in the same VRRP group, thus eliminating single point of failure in static routing configuration, the router to which the router is directed is the MASTER router, and the rest is the BACKUP router ).

Advantages of VRRP:
Redundancy: Multiple router devices can be used as the default gateway of the LAN client, greatly reducing the possibility that the default gateway becomes a single point of failure;
Load Sharing: allow traffic from LAN clients to be shared by multiple router devices;
Multiple VRRP groups: up to 255 VRRP groups can be configured on one vro physical interface;
Multi-IP Address: You can configure multiple IP addresses on the same physical interface based on the Interface alias to allow access to multiple subnets on the same physical interface;
Preemption: when the master node fails, higher priority backup is allowed to become the master node;
Announcement Protocol: Use the multicast address 224.0.0.18 specified by IANA to advertise VRRP;
VRRP tracing: changes the VRRP priority based on the interface status to determine the optimal VRRP router as the master;

It probably means that the watchdog timer is used to check whether the checkers module and vrrp module are writing data regularly. If one side is detected to stop writing, the server is switched from master to backup.
Netlink: Network
S: ipvs rules and the real-server
Checkers: Checks processes running on each server through protocols such as tcp http ssl
VRRP Stack: vrrp protocol

Install
[Root @ marvin ~] # Yum install keepalived

Configuration:
[Root @ marvin keepalived] # man keepalived. conf

Configuration File description
[Root @ marvin ~] # Vim/etc/keepalived. conf

! Configuration File for keepalived
Global_defs {
Notification_email {
Root @ localhost # sender
}

Notification_email_from keepalived @ localhost # recipient
Smtp_server 127.0.0.1 # sender Server
Smtp_connect_timeout 30
Router_id LVS_DEVEL
}

Vrrp_instance VI_1 {# Instance name
State MASTER # using startup to become a master, other nodes can only be backup
Interface eth0 # interface required for announcement
Virtual_router_id 51 # virtual route id, also determines the same instance of the vmac index, the same route id, generally not greater than 255
Priority 100 # initial priority
Advert_int 1 # interval between nodes in a VRRP instance
Authentication {
Auth_type PASS # plaintext authentication
Auth_pass 1111 # Random Password
}
Virtual_ipaddress {
192.168.1.199 # vip
}
}

Configure nginx:
Master. conf
----------------------------------------
! Configuration File for keepalived
Global_defs {
Notification_email {
Root @ localhost
}
Notification_email_from keepalived @ localhost
Smtp_server 127.0.0.1
Smtp_connect_timeout 30
Router_id LVS_DEVEL
}
Vrrp_script chk_nginx {
Script "pidof nginx"
Interval 1
Weight-3
Fall 2
Rise 1

}
Vrrp_instance VI_1 {
State MASTER
Interface eth0
Virtual_router_id 51
Priority100
Advert_int 1
Authentication {
Auth_type PASS
Auth_pass 1111
}
Virtual_ipaddress {
192.168.1.199
}
Track_script {
Chk_nginx
}
Notify_master "/etc/keepalived/notify. sh master"
Notify_backup "/etc/keepalived/notify. sh backup"
Notify_fault "/etc/keepalived/notify. sh fault"
}


Backup. conf
----------------------------------------
! Configuration File for keepalived
Global_defs {
Notification_email {
Root @ localhost
}
Notification_email_from keepalived @ localhost
Smtp_server 127.0.0.1
Smtp_connect_timeout 30
Router_id LVS_DEVEL
}
Vrrp_script chk_nginx {
Script "pidof nginx"
Interval 1
Weight-1
Fall 2
Rise 1
}
Vrrp_instance VI_1 {
State BACKUP
Interface eth0
Virtual_router_id 51
Priority 99
Advert_int 1
Authentication {
Auth_type PASS
Auth_pass 1111
}
Virtual_ipaddress {
192.168.1.199
}
Track_script {
Chk_nginx
}
Notify_master "/etc/keepalived/notify. sh master"
Notify_backup "/etc/keepalived/notify. sh backup"
Notify_fault "/etc/keepalived/notify. sh fault"
}

Notify. sh:
#! /Bin/bash

Case "$1" in
Master)
/Etc/init. d/nginx start
Exit 0
;;
Backup)
/Etc/init. d/nginx stop
Exit 0
;;
Fault)
/Etc/init. d/nginx stop
Exit 0
;;
*)
Echo 'usage: 'basename $ 0' {master | backup | fault }'
Exit 1
;;
Esac

Experiment Result Operation: If the master node nginx is restarted after it is upgraded from the master node to the master node, then the master node nginx is re-enabled and the master node is replied. This is not demonstrated here.

Configure lvs:
Description of the lvs Segment configuration file:
Virtual_server 192.168.200.100 443 {# vip port
Delay_loop 6 # interval of polling for the backend Real Server
Lb_algo rr # Scheduling Method
Lb_kind NAT # lvs Model
Nat_mask 255.255.255.0 # Subnet Mask
Persistence_timeout 50 # connection duration
Protocol TCP # protocol

Real_server 192.168.201.100 443 {
Weight 1 # weight
SSL_GET {# The method used to check the real server can be HTTP_GET
Url {
Path/# page obtained when detecting health status (default page)
Digest ff20ad2481f97b1754ef3e12ecd3a9cc # the expected response pattern can also be status_code 200
}
Url {
Path/mrtg/
Digest 9b3a0c85a887a256d6939da88aabd8cd
}
Connect_timeout 3 # connection timeout duration
Nb_get_retry 3 # Number of Retries after connection timeout
Delay_before_retry 3 # Retry Interval
}
}
}

Specific lvs segment Configuration:
Virtual_server 192.168.1.199 80 {
Delay_loop 6
Lb_algo rr
Lb_kind DR
Nat_mask 255.255.255.0
Persistence_timeout 0
Protocol TCP

Real_server 192.168.1.222 80 {
Weight 1
HTTP_GET {
Url {
Path/demo. php
Status_code 200
}
Connect_timeout 3
Nb_get_retry 3
Delay_before_retry 3
}
}
Real_server 192.168.1.223 80 {
Weight 1
HTTP_GET {
Url {
Path/demo. php
Status_code 200
}
Connect_timeout 3
Nb_get_retry 3
Delay_before_retry 3
}
}
}

Configure two real-server instances respectively:
[Root @ martin ~] # Ip addr add 192.168.1.199/32 label lo: 0 brd 192.168.1.199 dev lo
[Root @ martin ~] # Echo 1>/proc/sys/net/ipv4/conf/eth0/arp_ignore
[Root @ martin ~] # Echo 2>/proc/sys/net/ipv4/conf/eth0/arp_announce
[Root @ martin ~] # Echo 1>/proc/sys/net/ipv4/conf/all/arp_ignore
[Root @ martin ~] # Echo 2>/proc/sys/net/ipv4/conf/all/arp_announce

Lab results
[Root @ marvin keepalived] # ipvsadm-L-n
IP Virtual Server version 1.2.1 (size = 4096)
Prot LocalAddress: Port sched1_flags
-> RemoteAddress: Port Forward Weight ActiveConn InActConn
TCP 192.168.1.199: 80 rr
-> 192.168.1.222: 80 Route 1 0 0
-> 192.168.1.223: 80 Route 1 0 0

[Root @ sherry keepalived] # define SADM-L-n
IP Virtual Server version 1.2.1 (size = 4096)
Prot LocalAddress: Port sched1_flags
-> RemoteAddress: Port Forward Weight ActiveConn InActConn
TCP 192.168.1.199: 80 rr
-> 192.168.1.222: 80 Route 1 0 0
-> 192.168.1.223: 80 Route 1 0 0

HAProxy + Keepalived dual-host high availability solution in Linux

Haproxy + Keepalived build Weblogic high-availability server Load balancer Cluster

Keepalived + HAProxy configure high-availability Load Balancing

Haproxy + Keepalived + Apache configuration notes in CentOS 6.3

Haproxy + KeepAlived WEB Cluster on CentOS 6

Haproxy + Keepalived build high-availability Load Balancing

This article permanently updates the link address: