How to implement dual-machine hot backup with Nginx+Keepalived

一.keepalived

keepalived is a service software that ensures high availability of the cluster. The node with high priority in the network is the master responsible for responding to the vip's arp package and mapping the vip and mac addresses. The relationship tells other hosts in the network and will also send vrrp notifications to the network in the form of multicast to inform them of their priority. The backup node is only responsible for processing multicast packets sent by the master. When it finds that the master's priority is not as high as its own, or it does not receive the vrrp notification from the master, the backup node will switch itself to the master state.

2. Environment setup

1. Environment: qemu-kvm, client debian(9.4.0)

2. Virtual machine qemu-kvm installation: Introduction to virtualization technology qemu-kvm

1. Use temporary snapshots to create two virtual machines. The following operations need to be performed on both virtual machines.

faramita2016@linux-l9e6:~> qemu-kvm -cpu host -m 512 -hda vdisk.img -net nic -net bridge,br=br0 -snapshot -nographic

2. Set the virtual machine static ip

root@debian:~# cat /etc/network/interfaces
# the primary network interface
allow-hotplug ens3
#iface ens3 inet dhcp
iface ens3 inet static
address 10.0.0.3  // 设置ip
netmask 255.0.0.0
gateway 10.0.0.1
hwaddress ether 52:54:00:12:34:53  // 设置mac地址

3. Activate the network card ip

root@debian:~# ip addr del 10.0.0.8/8 dev ens3  // 删除客户机原有ip
root@debian:~# ifdown ens3
root@debian:~# ifup ens3

4. Install nginx and keepalived

root@debian:~# apt-get install -y nginx keepalived

5. Modify the /var/www/html/index.nginx-debian.html file and add the current virtual machine IP to mark the actual response server

root@debian:~# vi /var/www/html/index.nginx-debian.html 
……
<h1>welcome to nginx! 10.0.0.3</h1>
……

3. Software configuration

Primary node virtual machine (10.0.0.3), backup node virtual machine (10.0.0.4), virtual ip (10.0.0.100)

1. On the primary node virtual machine, edit the /etc/keepalived/keepalived.conf file

root@debian:~# cat /etc/keepalived/keepalived.conf 
global_defs {
  router_id ri_1  // 标识当前keepalived节点
}

vrrp_script chk_nginx {
  script "/root/chk_nginx.sh"  // 定义监控脚本
  interval 2  // 执行监控脚本的闹中间隔时间
}

vrrp_instance vi_1 {
  state master  // 设置节点为主节点，节点的初始状态
  interface ens3  // 设置绑定虚拟ip的网络接口
  virtual_router_id 50  // vrrp组名，指明节点同属一个组
  priority 100  // 节点优先级，主节点应当高于备用节点
  advert_int 1  // 组播信息发送间隔

  #nopreempt  // 禁止抢占服务，只对备用节点生效，主节点根据priority优先级进行抢占，不受nopreempty控制

  authentication {
    auth_type pass  // 设置认证方式
    auth_pass 123456  // 密码
  }

  virtual_ipaddress {
    10.0.0.100/24  // 设置vip
  }

  track_script {  // 调用监控脚本
    chk_nginx
  }
}

2. On the standby node virtual machine, edit the /etc/keepalived/keepalived.conf file, except the following items, Others are the same as the master node

state backup  // 设置节点为主节点，节点的初始状态
  priority 10  // 节点优先级

3. Execute on all nodes, create monitoring scripts, edit the /root/chk_nginx.sh file

root@debian:~# vi /root/chk_nginx.sh 
#!/bin/bash
a=`ps -c nginx --no-header | wc -l`
if [ $a -eq 0 ]
then
  /etc/init.d/keepalived stop
fi

4. Verify service

1. Master node virtual machine, start nginx and keepalived services

root@debian:~# /etc/init.d/nginx start
root@debian:~# /etc/init.d/keepalived start

Execute the ip a command, the master node network card ens3 has been bound to vip (10.0 .0.100)

2. On the backup node virtual machine, start nginx and keepalived services

root@debian:~# /etc/init.d/nginx start
root@debian:~# /etc/init.d/keepalived start

Execute the ip a command, the backup node network card ens3 Unbound vip (10.0.0.100)

3. The host browser accesses http://10.0.0.100

and 10.0 appears. 0.3 web page, indicating that the keepalived service has taken effect and vip has been bound to the main node

4. In the main node virtual machine, close the nginx service and simulate downtime

root@debian:~# /etc/init.d/nginx stop

Execute the ip a command, the main node network card ens3 is not bound to vip (10.0.0.100)

5. On the backup node virtual machine, query the ip

Execute the ip a command, and the backup node network card ens3 has been bound to vip (10.0.0.100)

6. The host browser accesses http://10.0.0.100

The 10.0.0.4 web page appears, indicating that the keepalived service has taken effect and the VIP has been bound to the backup node

The above is the detailed content of How to implement dual-machine hot backup with Nginx+Keepalived. For more information, please follow other related articles on the PHP Chinese website!