Preparations:

192.168.16.128

192.168.16.129

Two virtual machines, or a server. Install Nginx

Install Nginx

Update yum source file:

Copyrpm -ivh http://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
Copy the code

Install Nginx:

Copyyum -y install  nginx
Copy the code

Operation command:

Copysystemctl start nginx; Nginx systemctl stop Nginx; # stop NginxCopy the code

What is high availability? High Availability (HA) is one of the factors that must be considered in the architecture design of distributed systems. It usually refers to the design to reduce the time when the system is not available for services. If a system can provide service all the time, then the availability is 100 percent, but the weather can change. So we can only minimize service failures as much as possible.

Problem solved? # In the production environment, most of the time, Nginx is used as a reverse proxy to provide external services. However, one day, Nginx inevitably encounters failures, such as server downtime. When Nginx goes down, all external interfaces become inaccessible.

Although we cannot guarantee 100% availability of the server, we have to avoid this tragedy. Today we use Keepalived to make Nginx highly available.

Dual-system hot backup Solution # This solution is the most common high availability solution in domestic enterprises. Dual-system hot backup actually means that one server is providing services and the other one is the standby state of a service. When one server is unavailable, another one will replace it.

What is Keepalived?

Keepalived was originally designed for LVS load balancing software to manage and monitor the status of each service node in an LVS cluster system. The highly available Virtual Router Redundancy Protocol (VRRP) was later added. Therefore, Keepalived is not only able to manage LVS software, but also can be used as a high availability solution for other services such as Nginx, Haproxy, MySQL etc

Failover mechanism

Keepalived Failover between high availability services is implemented through VRRP.

While Keepalived is working correctly, the Master node sends heartbeat messages to the standby node continuously (in multicast mode) to tell the standby node that it is still alive. When the Master node fails, it cannot send heartbeat messages. Therefore, the standby node cannot detect the heartbeat of the Master node and invokes its own takeover program to take over the IP resources and services of the Master node. When the active Master node recovers, the standby Backup node releases the IP resources and services that the active Master node takes over when the active Master node fails and restores to the original standby role.

Implementation process # Install Keepalived

Yum can be installed directly, which will automatically install dependencies:

Copyyum -y install keepalived
Copy the code

Example Modify the Keepalived configuration file of the host 192.168.16.128

/etc/keepalived: /etc/keepalived:

Copyvi keepalived.conf
Copy the code

keepalived.conf:

Vrrp_script chk_http_port {script "/usr/local/ SRC /check_nginx_pid.sh" Check whether nginx is started interval 2 # Vrrp_instance VI_1 {state MASTER # Specifies keepalived roles, MASTER as the primary, Use ifconfig to query your network interface card virtual_Router_id 66 # Priority 100 # advert_int 1 # Check interval, The default value is 1s(VRRP multicast interval seconds) # Authentication {auth_type PASS # Set the authentication type and password. MASTER and BACKUP must use the same password to communicate auth_pass 1111} track_script {chk_http_port #} virtual_ipaddress { 192.168.16.130 # define virtual IP address (VIP)}}Copy the code

Virtual_ipaddress allows you to configure viPs to access services online.

Interface This parameter needs to be set based on the server nic. Common View Mode IP addr

Authentication Configuration The same configuration is required for authorized access to the standby machine

Example Modify the Keepalived configuration file of the standby server (192.168.16.129)

keepalived.conf:

Vrrp_script chk_http_port {script "/usr/local/ SRC /check_nginx_pid.sh" Vrrp_instance VI_1 {state BACKUP # Specifies keepalived roles, Ens33 # ens33 # ens33 # ifconfig virtual_Router_id 66 # ens33 # ens33 Priority 99 # advert_int 1 # Check interval, The default value is 1s(VRRP multicast interval seconds) # Authentication {auth_type PASS # Set the authentication type and password. MASTER and BACKUP must use the same password to communicate auth_pass 1111} track_script {chk_http_port #} virtual_ipaddress { 192.168.16.130 # define virtual IP address (VIP)}}Copy the code

Detection script:

Copy#! / bin/bash # test whether nginx launched A = ` ps - C nginx - no - the header | wc -l ` if [$A - eq 0]; Then # if there is no start will start nginx nginx systemctl start nginx # restart nginx if [` ps - C nginx - no - the header | wc -l ` - eq 0]; Keepalived service killall Keepalived Fi fiCopy the code

Script authorization :chmod 775 check_nginx_pid.sh

Note: The script must be authorized, otherwise there is no permission to access ah, here we two servers to execute, VIP(virtual_ipaddress:192.168.16.130), we in the production environment is directly through the VIP to access the service.

Simulating nginx failures:

Modify the default Nginx HTML page accessed by both servers as a difference.

First access 192.168.16.130, through the VIP access, the page displays 192.168.16.128; The service is provided by the primary server.

192.168.16.128 The primary server runs the following command:

Copysystemctl stop nginx; # stop nginxCopy the code

192.168.16.128:192.168.16.128:192.168.16.128:192.168.16.128:192.168.16.128:192.168.16.128:192.168.16.128

Keepalived is automatically fail-over and a high availability solution for an enterprise production environment is set up.

Keepalived also has many functions such as email reminders, etc., you can go to the official website to see the documentation.

※ Some articles from the network, if any infringement, please contact to delete; More articles and materials | click behind the text to the left left left 100 gpython self-study data package Ali cloud K8s practical manual guide] [ali cloud CDN row pit CDN ECS Hadoop large data of actual combat operations guide the conversation practice manual manual Knative cloud native application development guide OSS Operation and maintenance actual combat manual cloud native architecture white paper Zabbix enterprise distributed monitoring system source document 10G large factory interview questions