A brief tutorial of using keepalived to build nginx high availability server in CentOS 7

To install nginx, see Course.

The native test environment is CentOS7. Main server 192.168.126.130, slave server 192.168.126.129, VIP IP 192.168.126.188.

Install keepalived.

[root@promote ~]# yum install -y keepalived
[root@promote ~]# cd /etc/keepalived/
#The master server is not required to modify the web page information
[root@promote ~]# echo "master nginx web server." > /usr/local/nginx/html/index.html 
#Modifying web page information from the server is not required
[root@promote ~]# echo "slave nginx web server." > /usr/local/nginx/html/index.html 
[root@promote ~]# vim keepalived.conf

The main server configuration information is as follows:

[root@promote ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived

global_defs {
   notification_email {
     acassen@firewall.loc
     failover@firewall.loc
     sysadmin@firewall.loc
   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 192.168.200.1
   smtp_connect_timeout 30
   router_id LVS_DEVEL
   vrrp_skip_check_adv_addr
   vrrp_strict
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}

vrrp_instance VI_1 {
    state MASTER
    interface ens33
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.126.188
    }
}
[root@promote ~]
# 
vrrp_instance VI_1 {
    state MASTER #Primary and secondary server status, switch to backup after the primary server is down
    interface ens33 #NIC name
    virtual_router_id 51
    priority 100 #Server priority
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.126.188 #VIP address
    }
}

Configure from server.

[root@promote sbin]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived

global_defs {
   notification_email {
     acassen@firewall.loc
     failover@firewall.loc
     sysadmin@firewall.loc
   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 192.168.200.1
   smtp_connect_timeout 30
   router_id LVS_DEVEL
   vrrp_skip_check_adv_addr
   vrrp_strict
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}

vrrp_instance VI_1 {
    state BACKUP
    interface ens33
    virtual_router_id 51
    priority 90
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.126.188
    }
}
[root@promote sbin]# 

Careful readers will find that the email address is 192.168.200.1, which is not used in this article. You can try to delete or modify it.

The master and slave servers start the maintained service.

[root@promote sbin]# service keepalived start

Browser access 192.168.126.130. Linux view server information.

[root@promote ~]# curl -i 192.168.126.130
HTTP/1.1 200 OK
Server: nginx/1.14.2
Date: Mon, 08 Apr 2019 04:23:24 GMT
Content-Type: text/html
Content-Length: 25
Last-Modified: Mon, 08 Apr 2019 04:19:05 GMT
Connection: keep-alive
ETag: "5caacbb9-19"
Accept-Ranges: bytes

master nginx web server.
[root@promote ~]# 
#The information from the server is basically consistent.

Turn off the main server and check the browser information again. The nginx server accesses normally. View server IP information.

#master
[root@promote ~]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:f0:04:39 brd ff:ff:ff:ff:ff:ff
    inet 192.168.126.130/24 brd 192.168.126.255 scope global noprefixroute dynamic ens33
       valid_lft 1796sec preferred_lft 1796sec
    inet 192.168.126.188/32 scope global ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::ccc2:d1b:1fc4:8ce2/64 scope link tentative noprefixroute dadfailed 
       valid_lft forever preferred_lft forever
    inet6 fe80::c354:a1e1:869f:7ae1/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
[root@promote ~]# 
#slave
[root@promote ~]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:c3:f7:cb brd ff:ff:ff:ff:ff:ff
    inet 192.168.126.129/24 brd 192.168.126.255 scope global noprefixroute dynamic ens33
       valid_lft 1673sec preferred_lft 1673sec
    inet6 fe80::ccc2:d1b:1fc4:8ce2/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
[root@promote ~]# 

Try enabling the master server to shut down the slave server to view the server IP information.

#Simulate master server down
[root@promote ~]# service keepalived stop
Redirecting to /bin/systemctl stop keepalived.service
[root@promote ~]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:f0:04:39 brd ff:ff:ff:ff:ff:ff
    inet 192.168.126.130/24 brd 192.168.126.255 scope global noprefixroute dynamic ens33
       valid_lft 1717sec preferred_lft 1717sec
    inet6 fe80::ccc2:d1b:1fc4:8ce2/64 scope link tentative noprefixroute dadfailed 
       valid_lft forever preferred_lft forever
    inet6 fe80::c354:a1e1:869f:7ae1/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
[root@promote ~]# 
#Auto switch to master
[root@promote ~]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:c3:f7:cb brd ff:ff:ff:ff:ff:ff
    inet 192.168.126.129/24 brd 192.168.126.255 scope global noprefixroute dynamic ens33
       valid_lft 1564sec preferred_lft 1564sec
    inet 192.168.126.188/32 scope global ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::ccc2:d1b:1fc4:8ce2/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
[root@promote ~]# 

The operation experiment perfectly realizes the automatic switch of nginx web server.

Tags: Nginx firewall Web Server yum

Posted on Sat, 30 Nov 2019 07:33:14 -0800 by the_ut_tick