nginx + keepalived implements HA master-slave mode

1. Install keepalived

Official download the latest version:

keepalived-1.2.17.tar.gz

tar -zxvf keepalived-1.2.17.tar.gz Unzip

cd keepalived-1.2.17

Install tools in advance yum install -y popt-devel The others have already been installed during nginx installation.

Then:

./configure
make && make install

The following steps must be done. When keepalived starts, it will read files in the specified directory by default: (Service You can use service to start)

cp /usr/local/etc/rc.d/init.d/keepalived /etc/init.d/
cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig /
chmod +x /etc/init.d/keepalived
chkconfig --add keepalived
chkconfig keepalived on
mkdir /etc/keepalived
#Modify the configuration file to modify the one in this directory
cp /usr/local/etc/ keepalived/keepalived.conf /etc/keepalived/
ln -s /usr/local/sbin/keepalived /usr/sbin/

2. To install nginx, you can refer to the documentation for nginx installation (nginx Corresponding to multiple tomcats)

Note: nginx needs to be installed on two machines respectively. At the same time, the server_name in the configuration file needs to correspond to the IP of the corresponding machine, not the same. In this way, after one machine crashes, you can Locate another machine. The machine corresponding to upstream.

Start nginx separately and use different access methods to test whether the two nginx services are normal.

3. Configure keepalived (use master-slave mode) In this case, you only need to change the virtual host IP, and keepalived will automatically access the IP of the local machine.

vi /etc/keepalived/keepalived.conf

Edit file (master):

! Configuration File for keepalived
global_defs {
router_id nginx_master
}
#Monitoring service.NGINX mysql etc.
vrrp_script chk_nginx {
script "/usr/local/nginx/check_nginx.sh"
interval 2
weight 2
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 101
advert_int 1
       authentication {
             auth_type PASS
         auth_pass 1111
           
                  virtual_ipaddress                                                                                                                                                             track_script


vi
/etc/keepalived/
keepalived.conf

Edit file (From):

! Configuration File for keepalivedglobal_defs { router_id nginx_backup}

#Monitoring service.NGINX mysql, etc.

vrrp_script chk_nginx {

script "/usr/local/nginx/check_nginx.sh" interval 2 weight 2

}

vrrp_instance VI_1 {

 state BACKUP

 interface eth0
 virtual_router_id 51
 priority 99
 advert_int 1
 authentication {
 pass 1111
}
virtual_ipaddress {
192.168.1.254
}
track_script {
chk_nginx #Detection script
}
}








script

/usr/local/nginx/check_nginx.sh" configured above: Remember to change the execution permissions

#!/bin/bash

if [ "$( ps -ef | grep "nginx: master process"| grep -v grep )" == "" ]then

/usr/local/nginx/sbin/nginxsleep 5if [ "$(ps -ef | grep "nginx: master process"| grep -v grep )" == "" ]

then

killall keepalivedfifi

4. Start and test:

First start nginx on the two machines,

Secondly start keepalived on the two machines

service keepalived start (stop)

Use the command ip addr at this time Check the virtual IP binding and you can see that the master has it but not the slave. Turn off the keepalived of the host and you can see that the vip is bound to the slave. Use other machines to access and use wget to access:

wget http://192.168.1.254/recommend/api/recommend/p2l?userid=20003829

Check whether it can be accessed, then turn off the local nginx, continue to use wget to see whether it can be accessed, if so If accessed, the HA configuration is successful.

5. Description of keepalive related parameters (for reference only)

 ! Configuration File for keepalived

global_defs {
   notification_email {
     admin@lvtao.net             #设置报警邮件地址，可以设置多个，每行一个。 需开启本机的<span>sendmail</span>服务
   }
   notification_email_from  admin@lvtao.net        #设置邮件的发送地址
   smtp_server 127.0.0.1                                #设置smtp server地址
   smtp_connect_timeout 30                              #设置连接smtp server的超时时间
   router_id LVS_DEVEL                                  #表示运行keepalived服务器的一个标识。发邮件时显示在邮件主题的信息
}

vrrp_instance VI_1 {
    state MASTER              #指定keepalived的角色，MASTER表示此主机是主服务器，BACKUP表示此主机是备用服务器
    interface eth0            #指定HA监测网络的接口
    virtual_router_id 51      #虚拟路由标识，这个标识是一个数字，同一个vrrp实例使用唯一的标识。即同一vrrp_instance下，MASTER和BACKUP必须是一致的
    priority 100              #定义优先级，数字越大，优先级越高，在同一个vrrp_instance下，MASTER的优先级必须大于BACKUP的优先级
    advert_int 1              #设定MASTER与BACKUP负载均衡器之间同步检查的时间间隔，单位是秒
    authentication {          #设置验证类型和密码
        auth_type PASS        #设置验证类型，主要有PASS和AH两种
        auth_pass 1111        #设置验证密码，在同一个vrrp_instance下，MASTER与BACKUP必须使用相同的密码才能正常通信
    }
    virtual_ipaddress {       #设置虚拟IP地址，可以设置多个虚拟IP地址，每行一个
        10.0.0.148
    }
}

virtual_server 10.0.0.148 80 {      #设置虚拟服务器，需要指定虚拟IP地址和服务端口，IP与端口之间用空格隔开
    delay_loop 6                    #设置运行情况检查时间，单位是秒
    lb_algo rr                      #设置负载调度算法，这里设置为rr，即轮询算法
    lb_kind DR                      #设置LVS实现负载均衡的机制，有NAT、TUN、DR三个模式可选
    persistence_timeout 50          #会话保持时间，单位是秒。这个选项对动态网页是非常有用的，为集群系统中的session共享提供了一个很好的解决方案。
                                    #有了这个会话保持功能，用户的请求会被一直分发到某个服务节点，直到超过这个会话的保持时间。
                                    #需要注意的是，这个会话保持时间是最大无响应超时时间，也就是说，用户在操作动态页面时，如果50秒内没有执行任何操作，
                                    #那么接下来的操作会被分发到另外的节点，但是如果用户一直在操作动态页面，则不受50秒的时间限制
    protocol TCP                    #指定转发协议类型，有TCP和UDP两种

    real_server 10.0.0.137 80 {     #配置服务节点1，需要指定real server的真实IP地址和端口，IP与端口之间用空格隔开
        weight 3                    #配置服务节点的权值，权值大小用数字表示，数字越大，权值越高，设置权值大小可以为不同性能的服务器
                                    #分配不同的负载，可以为性能高的服务器设置较高的权值，而为性能较低的服务器设置相对较低的权值，这样才能合理地利用和分配系统资源
        TCP_CHECK {                 #realserver的状态检测设置部分，单位是秒
            connect_timeout 10      #表示3秒无响应超时
            nb_get_retry 3          #表示重试次数
            delay_before_retry 3    #表示重试间隔
            connect_port 80
        }
    }
    real_server 10.0.0.139 80 {
        weight 3
        TCP_CHECK {
            connect_timeout 10
            nb_get_retry 3
            delay_before_retry 3
            connect_port 80
        }
    }
}

In addition, in order to ensure service reliability, we should run a shell script on each node to check whether the local service is normal. Once a service exception is detected , stop the keepalived of the local machine, so that the virtual IP is automatically transferred to the backup machine. For example, the service status of the local machine is detected every 3 seconds. If the connection fails to detect 3 times, the keepalived instance is stopped. At the same time, if the local service is normal but keepalived is not started (after fault recovery), keepalived is started to achieve fault recovery. check_service.sh file contents

#!/bin/bash

---

pidfile=/var/lock/subsys/`basename $0`.pid

if [ -f $pidfile ] && [ -e /proc/` cat $pidfile` ] ; then

exit 1

fi

trap "rm -fr $pidfile ; exit 0" 1 2 3 15

echo $$ > $pidfile

maxfails=3

fails=0

success=0

while [ 1 ]

do

/usr/bin/wget --timeout=3 --tries=1 http://127.0.0.1/ -q -O /dev/null

if [$? -NE 0];; then

Let Fails = $ [$ Fails+1]

SUCCESS = 0

Else

Fails = 0

Let SUCCESS = $ [$ SUCTSS+1]

FI

if [ $fails -ge $maxfails ] ; then

fails=0

success=0

#check keepalived is running ? try to stop it

service keepalived status | grep running

              if [ $? - eq 0 | if [$success-gt $maxfails ] ; then

                                                                                                                                                            Keepalived. "

Service Keepalived Start

Fi

Success = 0

Fi

Sleep 3

Done

The two nodes should run this script, please add this script to the CRON mission (this program A single-instance running mechanism has been implemented. The purpose of adding scheduled tasks is to prevent the detection function from failing after the script is unexpectedly interrupted). Achievable functions:

If the local service fails to detect three consecutive times, try to stop the keepalived service (if keepalived is running) )

If the local service connection is successfully detected three times, but keepalived is not started, the key execution points of the startup have been recorded in the system log (/var/log/messages)

Execute crontab -e, and add the following Content:

*/1 * * * * /root/check_service.sh

Stop the keepalived on this machine. After a while, the keepalived service will be automatically started (this is because the local service detection is normal)

Stop nginx on this machine. After a while, you will find that the keepalived service has also been stopped.

Then start nginx. After a while, you will find that keepalived is also started normally and the correct virtual IP is bound.

The above introduces nginx + keepalived to implement HA master-slave mode, including aspects of it. I hope it will be helpful to friends who are interested in PHP tutorials.