The dual main mode uses two VIP, the front section has 2 servers, the main from each other, two servers working simultaneously, there is no waste of resources. At the same time in the front-end DNS server to the site long a record, to achieve the load balancing Nginx, when a server failure, the resources will be transferred to another server, continue to provide services, most of the large-scale Web site Use this kind of architecture. The high availability of the nginx+keepalived is configured here using the main main mode.
Two nginx, two web, front-end DNS provided by the operator.
IP Address
nginx1:10.10.10.11
nginx2:10.10.10.12
vip1:10.10.10.21
vip2:10.10.10.22
real1:10.10.10.13
real2:10.10.10.14
1, deploy the environment on 2 web hosts, install Nginx+php+mysql, refer to my previous article
2, respectively, in two Nginx load balancer installed Nginx, configuration
Install the GCC compiler and other tools:
Yum install-y gcc gcc-c++ autoconf automake libtool make OpenSSL openssl-devel
Install Nginx:
wget http://exim.mirror.fr/pcre/pcre-8.38.tar.gz
TAR-ZXVF pcre-8.38.tar.gz
CD pcre-8.38
./configure
Make && make install
wget http://zlib.net/zlib-1.2.8.tar.gz
TAR-ZXVF zlib-1.2.8.tar.gz
CD zlib-1.2.8
./configure
Make && make install
wget http://nginx.org/download/nginx-1.6.3.tar.gz
TAR-ZXVF nginx-1.6.3.tar.gz
CD nginx-1.6.3/
./configure--prefix=/usr/local/nginx--sbin-path=/usr/local/nginx/sbin/nginx--conf-path=/usr/local/nginx/conf/ nginx.conf--pid-path=/usr/local/nginx/logs/nginx.pid--with-http_ssl_module--with-http_stub_status_module-- With-http_gzip_static_module
Make && make install
nginx.conf config file, same as two nginx load balancer files
User nobody;
Worker_processes 1;
Error_log/usr/local/nginx/logs/error.log notice;
Pid/usr/local/nginx/logs/nginx.pid;
Worker_rlimit_nofile 51200;
Events {
Use Epoll;
Worker_connections 51200;
}
HTTP {
Include Mime.types;
Default_type Application/octet-stream;
Log_format Main ' $remote _addr-$remote _user [$time _local] "$request" '
' $status $body _bytes_sent ' $http _referer '
' "$http _user_agent" "$http _x_forwarded_for";
Access_log Logs/access.log Main;
Server_names_hash_bucket_size 128;
Client_header_buffer_size 32k;
Large_client_header_buffers 4 32k;
Client_max_body_size 8m;
Sendfile on;
Tcp_nopush on;
Server_tokens off;
Keepalive_timeout 60;
Fastcgi_connect_timeout 300;
Fastcgi_send_timeout 300;
Fastcgi_read_timeout 300;
Fastcgi_buffer_size 64k;
Fastcgi_buffers 4 64k;
Fastcgi_busy_buffers_size 128k;
Fastcgi_temp_file_write_size 128k;
gzip on;
Upstream Backend
{
Server 10.10.10.13;
Server 10.10.10.14;
}
server {
Listen 80;
server_name 10.10.10.21; #Nginx2改为10.10.10.22
Location/{
root HTML;
Index index.php index.html index.htm;
Proxy_redirect off;
Proxy_set_header Host $host;
Proxy_set_header X-real-ip $remote _addr;
#后端的Web服务器可以通过X-forwarded-for Get the user real IP
Proxy_set_header x-forwarded-for $proxy _add_x_forwarded_for;
Proxy_pass Http://backend;
}
Error_page 502 503 504/50x.html;
Location =/50x.html {
root HTML;
}
Location/nginx_status {
Stub_status on;
Auth_basic "Nginxstatus";
AUTH_BASIC_USER_FILE/USR/LOCAL/NGINX/HTPASSWD;
#allow 127.0.0.1;
#deny all;
}
Location ~* \. (ini|docx|txt|doc|pdf) $ {
#禁止访问文档性文件
root/usr/share/nginx/html;
Deny all;
}
Location ~. *\. (GIF|JPG|JPEG|PNG|BMP|SWF|JS|HTML|HTM|CSS) $ {
Root/home/image;
Proxy_store on;
Proxy_store_access USER:RW GROUP:RW ALL:RW;
Proxy_temp_path/home/image;
if (!-e $request _filename) {
Proxy_pass Http://backend;
}
}
}
}
Configuration Complete Start Service
[Email protected] sbin]#./nginx
./nginx:error while loading shared libraries:libpcre.so.1:cannot open Shared object file:no such file or directory
Cd/lib
[[email protected] lib]# ls
[[email protected] lib]# ls *pcre*
libpcre.so.0 libpcre.so.0.0.1
[Email protected] lib]# ln-s/lib/libpcre.so.0.0.1/lib/libpcre.so.1
[Email protected] lib]#
[Email protected] sbin]#./nginx
Install and configure the keepalived on the two Nginx devices:
wget http://www.keepalived.org/software/keepalived-1.2.15.tar.gz
TAR-ZXVF keepalived-1.2.15.tar.gz
CD keepalived-1.2.15
./configure--sysconf=/etc/--with-kernel-dir=/usr/src/kernels/2.6.32-358.el6.i686
keepalived Configuration
------------------------
Keepalived version:1.2.15
compiler:gcc
Compiler Flags:-G-O2
Extra Lib:-lssl-lcrypto-lcrypt
Use IPVS Framework:yes
IPVS Sync Daemon Support:yes
IPVS Use Libnl:no
Fwmark Socket Support:yes
Use VRRP Framework:yes
Use VRRP Vmac:yes
SNMP Support:no
SHA1 Support:no
Use Debug Flags:no
Make && make install
Ln-s/usr/local/sbin/keepalived/sbin/
#这一步很重要, do not execute Ln-s will error "Starting keepalived:/bin/bash:keepalived:command not Found"
Service keepalived Start
Two nginx on the keepalived.conf configuration as follows, after the configuration is completed, respectively service keepalived start, detection keepalived configuration is successful
NGINX1:
Global_defs {
Notification_email {
[Email protected]
}
Notification_email_from [email protected]
Smtp_server 127.0.0.1
Smtp_connect_timeout 30
router_id Nginx_vip1
}
Vrrp_script Chk_http_port {
Script "/usr/local/src/check_nginx_pid.sh"
Interval 2 # (detects the interval of script execution)
Weight 2
}
Vrrp_instance Vi_1 {
State MASTER
Interface eth1
VIRTUAL_ROUTER_ID 51
Priority 100
Advert_int 1
Authentication {
Auth_type PASS
Auth_pass 1111
}
Track_script {
Chk_http_port # (Invoke detection script)
}
virtual_ipaddress {
10.10.10.21/24 broadcast 10.10.10.255 Dev eth1 label eth1:1
}
}
Vrrp_instance Vi_2 {
State BACKUP
Interface eth1
VIRTUAL_ROUTER_ID 52
Priority 99
Advert_int 1
Authentication {
Auth_type PASS
Auth_pass 1111
}
Track_script {
Chk_http_port # (Invoke detection script)
}
virtual_ipaddress {
10.10.10.22/24 broadcast 10.10.10.255 Dev eth1 label Eth1:2
}
}
NGINX2:
Global_defs {
Notification_email {
[Email protected]
}
Notification_email_from [email protected]
Smtp_server 127.0.0.1
Smtp_connect_timeout 30
router_id NGINX_VIP2
}
Vrrp_script Chk_http_port {
Script "/usr/local/src/check_nginx_pid.sh"
Interval 2 # (detects the interval of script execution)
Weight 2
}
Vrrp_instance Vi_1 {
State BACKUP
Interface eth1
VIRTUAL_ROUTER_ID 51
Priority 99
Advert_int 1
Authentication {
Auth_type PASS
Auth_pass 1111
}
Track_script {
Chk_http_port # (Invoke detection script)
}
virtual_ipaddress {
10.10.10.21/24 broadcast 10.10.10.255 Dev eth1 label eth1:1
}
}
Vrrp_instance Vi_2 {
State MASTER
Interface eth1
VIRTUAL_ROUTER_ID 52
Priority 100
Advert_int 1
Authentication {
Auth_type PASS
Auth_pass 1111
}
Track_script {
Chk_http_port # (Invoke detection script)
}
virtual_ipaddress {
10.10.10.22/24 broadcast 10.10.10.255 Dev eth1 label Eth1:2
}
}
The following is a script for detecting nginx status
vim/usr/local/src/check_nginx_pid.sh
#!/bin/bash
A= ' ps-c nginx--no-header |wc-l '
If [$A-eq 0];then
/usr/local/nginx/sbin/nginx
If [' Ps-c nginx--no-header |wc-l '-eq 0];then
Killall keepalived
Fi
Fi
Script Plus executable permissions
chmod +x/usr/local/keepalived/sbin/check_nginx.sh
Network card status after service is turned on
[[Email protected] keepalived-1.2.15]# IP addr
1:lo: <LOOPBACK,UP,LOWER_UP> MTU 16436 qdisc noqueue State UNKNOWN
Link/loopback 00:00:00:00:00:00 BRD 00:00:00:00:00:00
inet 127.0.0.1/8 Scope host Lo
INET6:: 1/128 Scope Host
Valid_lft Forever Preferred_lft Forever
2:eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> MTU qdisc pfifo_fast State UNKNOWN Qlen 1000
Link/ether 00:50:56:22:04:B1 BRD FF:FF:FF:FF:FF:FF
inet 10.10.10.12/24 BRD 10.10.10.255 Scope Global eth1
inet 10.10.10.22/24 BRD 10.10.10.255 scope Global Secondary Eth1:2
Inet6 FE80::250:56FF:FE22:4B1/64 Scope link
Valid_lft Forever Preferred_lft Forever
3:pan0: <BROADCAST,MULTICAST> MTU Qdisc NoOp State down
Link/ether BE:88:BE:D6:81:A6 BRD FF:FF:FF:FF:FF:FF
[Email protected] keepalived-1.2.15]#
==================================== Test ============================
After testing that the Web Primary node service is down, the standby node service is functioning properly, and kill-9 Xxxxx,web still has access to
Analog keepalived node fails, Nginx server can automatically transfer
[[Email protected] sbin]# service keepalived stop
stopping keepalived: [OK]
Result Access VIP 21 is inaccessible, but 22 is still able to provide service as expected
Nginx+keepalived Dual Primary poll load balancing