Nginx+keepalived Dual main polling load balancing

Source: Internet
Author: User
Tags nginx server

The dual main mode uses two VIP, the front section has 2 servers, the main from each other, two servers working simultaneously, there is no waste of resources. At the same time in the front-end DNS server to the site long a record, to achieve the load balancing Nginx, when a server failure, the resources will be transferred to another server, continue to provide services, most of the large-scale Web site Use this kind of architecture. The high availability of the nginx+keepalived is configured here using the main main mode.

Two nginx, two web, front-end DNS provided by the operator.

IP Address

nginx1:10.10.10.11

nginx2:10.10.10.12

vip1:10.10.10.21

vip2:10.10.10.22

real1:10.10.10.13

real2:10.10.10.14

1, deploy the environment on 2 web hosts, install Nginx+php+mysql, refer to my previous article

2, respectively, in two Nginx load balancer installed Nginx, configuration

Install the GCC compiler and other tools:

Yum install-y gcc gcc-c++ autoconf automake libtool make OpenSSL openssl-devel

Install Nginx:

wget http://exim.mirror.fr/pcre/pcre-8.38.tar.gz

TAR-ZXVF pcre-8.38.tar.gz

CD pcre-8.38

./configure

Make && make install

wget http://zlib.net/zlib-1.2.8.tar.gz

TAR-ZXVF zlib-1.2.8.tar.gz

CD zlib-1.2.8

./configure

Make && make install

wget http://nginx.org/download/nginx-1.6.3.tar.gz

TAR-ZXVF nginx-1.6.3.tar.gz

CD nginx-1.6.3/

./configure--prefix=/usr/local/nginx--sbin-path=/usr/local/nginx/sbin/nginx--conf-path=/usr/local/nginx/conf/ nginx.conf--pid-path=/usr/local/nginx/logs/nginx.pid--with-http_ssl_module--with-http_stub_status_module-- With-http_gzip_static_module

Make && make install

nginx.conf config file, same as two nginx load balancer files

User nobody;

Worker_processes 1;

Error_log/usr/local/nginx/logs/error.log notice;

Pid/usr/local/nginx/logs/nginx.pid;

Worker_rlimit_nofile 51200;

Events {

Use Epoll;

Worker_connections 51200;

}

HTTP {

Include Mime.types;

Default_type Application/octet-stream;

Log_format Main ' $remote _addr-$remote _user [$time _local] "$request" '

' $status $body _bytes_sent ' $http _referer '

' "$http _user_agent" "$http _x_forwarded_for";

Access_log Logs/access.log Main;

Server_names_hash_bucket_size 128;

Client_header_buffer_size 32k;

Large_client_header_buffers 4 32k;

Client_max_body_size 8m;

Sendfile on;

Tcp_nopush on;

Server_tokens off;

Keepalive_timeout 60;

Fastcgi_connect_timeout 300;

Fastcgi_send_timeout 300;

Fastcgi_read_timeout 300;

Fastcgi_buffer_size 64k;

Fastcgi_buffers 4 64k;

Fastcgi_busy_buffers_size 128k;

Fastcgi_temp_file_write_size 128k;

gzip on;

Upstream Backend

{

Server 10.10.10.13;

Server 10.10.10.14;

}

server {

Listen 80;

server_name 10.10.10.21; #Nginx2改为10.10.10.22

Location/{

root HTML;

Index index.php index.html index.htm;

Proxy_redirect off;

Proxy_set_header Host $host;

Proxy_set_header X-real-ip $remote _addr;

#后端的Web服务器可以通过X-forwarded-for Get the user real IP

Proxy_set_header x-forwarded-for $proxy _add_x_forwarded_for;

Proxy_pass Http://backend;

}

Error_page 502 503 504/50x.html;

Location =/50x.html {

root HTML;

}

Location/nginx_status {

Stub_status on;

Auth_basic "Nginxstatus";

AUTH_BASIC_USER_FILE/USR/LOCAL/NGINX/HTPASSWD;

#allow 127.0.0.1;

#deny all;

}

Location ~* \. (ini|docx|txt|doc|pdf) $ {

#禁止访问文档性文件

root/usr/share/nginx/html;

Deny all;

}

Location ~. *\. (GIF|JPG|JPEG|PNG|BMP|SWF|JS|HTML|HTM|CSS) $ {

Root/home/image;

Proxy_store on;

Proxy_store_access USER:RW GROUP:RW ALL:RW;

Proxy_temp_path/home/image;

if (!-e $request _filename) {

Proxy_pass Http://backend;

}

}

}

}

Configuration Complete Start Service

[Email protected] sbin]#./nginx

./nginx:error while loading shared libraries:libpcre.so.1:cannot open Shared object file:no such file or directory

Cd/lib

[[email protected] lib]# ls

[[email protected] lib]# ls *pcre*

libpcre.so.0 libpcre.so.0.0.1

[Email protected] lib]# ln-s/lib/libpcre.so.0.0.1/lib/libpcre.so.1

[Email protected] lib]#

[Email protected] sbin]#./nginx

Install and configure the keepalived on the two Nginx devices:

wget http://www.keepalived.org/software/keepalived-1.2.15.tar.gz

TAR-ZXVF keepalived-1.2.15.tar.gz

CD keepalived-1.2.15

./configure--sysconf=/etc/--with-kernel-dir=/usr/src/kernels/2.6.32-358.el6.i686

keepalived Configuration

------------------------

Keepalived version:1.2.15

compiler:gcc

Compiler Flags:-G-O2

Extra Lib:-lssl-lcrypto-lcrypt

Use IPVS Framework:yes

IPVS Sync Daemon Support:yes

IPVS Use Libnl:no

Fwmark Socket Support:yes

Use VRRP Framework:yes

Use VRRP Vmac:yes

SNMP Support:no

SHA1 Support:no

Use Debug Flags:no

Make && make install

Ln-s/usr/local/sbin/keepalived/sbin/

#这一步很重要, do not execute Ln-s will error "Starting keepalived:/bin/bash:keepalived:command not Found"

Service keepalived Start

Two nginx on the keepalived.conf configuration as follows, after the configuration is completed, respectively service keepalived start, detection keepalived configuration is successful

NGINX1:

Global_defs {

Notification_email {

[Email protected]

}

Notification_email_from [email protected]

Smtp_server 127.0.0.1

Smtp_connect_timeout 30

router_id Nginx_vip1

}

Vrrp_script Chk_http_port {

Script "/usr/local/src/check_nginx_pid.sh"

Interval 2 # (detects the interval of script execution)

Weight 2

}

Vrrp_instance Vi_1 {

State MASTER

Interface eth1

VIRTUAL_ROUTER_ID 51

Priority 100

Advert_int 1

Authentication {

Auth_type PASS

Auth_pass 1111

}

Track_script {

Chk_http_port # (Invoke detection script)

}

virtual_ipaddress {

10.10.10.21/24 broadcast 10.10.10.255 Dev eth1 label eth1:1

}

}

Vrrp_instance Vi_2 {

State BACKUP

Interface eth1

VIRTUAL_ROUTER_ID 52

Priority 99

Advert_int 1

Authentication {

Auth_type PASS

Auth_pass 1111

}

Track_script {

Chk_http_port # (Invoke detection script)

}

virtual_ipaddress {

10.10.10.22/24 broadcast 10.10.10.255 Dev eth1 label Eth1:2

}

}

NGINX2:

Global_defs {

Notification_email {

[Email protected]

}

Notification_email_from [email protected]

Smtp_server 127.0.0.1

Smtp_connect_timeout 30

router_id NGINX_VIP2

}

Vrrp_script Chk_http_port {

Script "/usr/local/src/check_nginx_pid.sh"

Interval 2 # (detects the interval of script execution)

Weight 2

}

Vrrp_instance Vi_1 {

State BACKUP

Interface eth1

VIRTUAL_ROUTER_ID 51

Priority 99

Advert_int 1

Authentication {

Auth_type PASS

Auth_pass 1111

}

Track_script {

Chk_http_port # (Invoke detection script)

}

virtual_ipaddress {

10.10.10.21/24 broadcast 10.10.10.255 Dev eth1 label eth1:1

}

}

Vrrp_instance Vi_2 {

State MASTER

Interface eth1

VIRTUAL_ROUTER_ID 52

Priority 100

Advert_int 1

Authentication {

Auth_type PASS

Auth_pass 1111

}

Track_script {

Chk_http_port # (Invoke detection script)

}

virtual_ipaddress {

10.10.10.22/24 broadcast 10.10.10.255 Dev eth1 label Eth1:2

}

}

The following is a script for detecting nginx status

vim/usr/local/src/check_nginx_pid.sh

#!/bin/bash

A= ' ps-c nginx--no-header |wc-l '

If [$A-eq 0];then

/usr/local/nginx/sbin/nginx

If [' Ps-c nginx--no-header |wc-l '-eq 0];then

Killall keepalived

Fi

Fi

Script Plus executable permissions

chmod +x/usr/local/keepalived/sbin/check_nginx.sh

Network card status after service is turned on

[[Email protected] keepalived-1.2.15]# IP addr

1:lo: <LOOPBACK,UP,LOWER_UP> MTU 16436 qdisc noqueue State UNKNOWN

Link/loopback 00:00:00:00:00:00 BRD 00:00:00:00:00:00

inet 127.0.0.1/8 Scope host Lo

INET6:: 1/128 Scope Host

Valid_lft Forever Preferred_lft Forever

2:eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> MTU qdisc pfifo_fast State UNKNOWN Qlen 1000

Link/ether 00:50:56:22:04:B1 BRD FF:FF:FF:FF:FF:FF

inet 10.10.10.12/24 BRD 10.10.10.255 Scope Global eth1

inet 10.10.10.22/24 BRD 10.10.10.255 scope Global Secondary Eth1:2

Inet6 FE80::250:56FF:FE22:4B1/64 Scope link

Valid_lft Forever Preferred_lft Forever

3:pan0: <BROADCAST,MULTICAST> MTU Qdisc NoOp State down

Link/ether BE:88:BE:D6:81:A6 BRD FF:FF:FF:FF:FF:FF

[Email protected] keepalived-1.2.15]#

==================================== Test ============================

After testing that the Web Primary node service is down, the standby node service is functioning properly, and kill-9 Xxxxx,web still has access to

Analog keepalived node fails, Nginx server can automatically transfer

[[Email protected] sbin]# service keepalived stop

stopping keepalived: [OK]

Result Access VIP 21 is inaccessible, but 22 is still able to provide service as expected

Nginx+keepalived Dual Primary poll load balancing

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.