• notice
  • Congratulations on the launch of the Sought Tech site

How to achieve high-availability load balancing of Nginx?

A brief introduction to Keepalived

Keepalived is a high-performance server high-availability or hot-standby solution. Keepalived can be used to prevent the occurrence of a single point of failure of the server. By cooperating with Nginx, the high availability of web front-end services can be achieved.

Keepalived is based on the VRRP protocol, and uses the VRRP protocol to achieve high availability (HA). The VRRP (Virtual Router Redundancy Protocol) protocol is a protocol used to implement router redundancy. The VRRP protocol virtualizes two or more router devices into one device and provides virtual router IP (one or more) to the outside world. Inside the router group, If the router that actually owns the external IP is working normally, it is MASTER, or it is elected through an algorithm. MASTER implements various network functions for the virtual router IP, such as ARP request, ICMP, and data forwarding, etc.; other devices do not have This virtual IP, whose status is BACKUP, does not perform external network functions except to receive VRRP status notification information from MASTER.

When the host fails, BACKUP will take over the network function of the original MASTER. The VRRP protocol uses multicast data to transmit VRRP data. VRRP data uses a special virtual source MAC address to send data instead of the MAC address of its own network card. When VRRP is running, only the MASTER router regularly sends VRRP advertisement information, indicating that the MASTER is working normally and the virtual router IP address (group), BACKUP only receives VRRP data and does not send data. If it does not receive the notification information of MASTER within a certain period of time, each BACKUP will announce itself as a MASTER, send notification information, and re-elect the MASTER state.

program planning


The operating system and installation software are as follows:

  • CentOS 6.8 x64

  • keepalived-1.2.18.tar.gz

  • nginx-1.19.1.tar.gz

Install Nginx

1. Install the dependent environment

yum -y install wget gcc-c++ ncurses ncurses-devel cmake make perl bison openssl openssl-devel gcc* libxml2 libxml2-devel curl-devel libjpeg* libpng* freetype* autoconf automake zlib* fiex* libxml* libmcrypt* libtool-ltdl-devel* libaio libaio-devel  bzr libtool

2. Install openssl

wget https://www.openssl.org/source/openssl-1.0.2s.tar.gz
tar -zxvf openssl-1.0.2s.tar.gzcd /usr/local/src/openssl-1.0.2s
./config --prefix=/usr/local/openssl-1.0.2s
make
make install

3. Install pcre

wget https://ftp.pcre.org/pub/pcre/pcre-8.43.tar.gz
tar -zxvf pcre-8.43.tar.gzcd /usr/local/src/pcre-8.43
./configure --prefix=/usr/local/pcre-8.43
make
make install

4. Install zlib

wget https://sourceforge.net/projects/libpng/files/zlib/1.2.11/zlib-1.2.11.tar.gz
tar -zxvf zlib-1.2.11.tar.gzcd /usr/local/src/zlib-1.2.11
./configure --prefix=/usr/local/zlib-1.2.11
make
make

5. Download nginx-rtmp-module

The official github address of nginx-rtmp-module: https://github.com/arut/nginx-rtmp-module

Use the command:

git clone https://github.com/arut/nginx-rtmp-module.git  

6. Install Nginx

wget http://nginx.org/download/nginx-1.19.1.tar.gz
tar -zxvf nginx-1.19.1.tar.gzcd /usr/local/src/nginx-1.19.1
./configure --prefix=/usr/local/nginx-1.19.1 --with-openssl=/usr/local/src/openssl-1.0.2s --with-pcre=/usr/local/src/pcre-8.43 --with-zlib=/usr/local/src/zlib-1.2.11 --add-module=/usr/local/src/nginx-rtmp-module --with-http_ssl_module
make
make install

It should be noted here: when installing Nginx, the source code decompression directory of openssl, pcre and zlib is specified. After the installation is complete, the full path of the Nginx configuration file is: /usr/local/nginx-1.19.1/conf/nginx.conf .

Configure Nginx

Enter the following command on the command line to edit the nginx.conf file of Nginx, as shown below.

# vim /usr/local/nginx-1.19.1/conf/nginx.conf

The edited file content is shown below.

user root;
worker_processes 1;#error_log logs/error.log;#error_log logs/error.log notice;#error_log logs/error.log info;#pid logs/nginx.pid;events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream; #log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on; #tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65; #gzip on;
server {
listen 88;
server_name localhost; #charset koi8-r;
#access_log logs/host.access.log main;
location / {
root html;
index index.html index.htm;
} #error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}

Modify the content of the Nginx welcome home page (for later testing, to distinguish Nginx of two nodes):

Do the following on the binghe133 server.

# vim /usr/local/nginx-1.19.1/html/index.html

Add the following code under the file title node.

<h1>Welcome to nginx! 1</h1>

Do the following on the binghe134 server.

# vim /usr/local/nginx-1.19.1/html/index.html

Add the following code under the file title node.

<h1>Welcome to nginx! 2</h1>

open port

Open port 88 in the firewall of the server as shown below.

vim /etc/sysconfig/iptables

Add the following configuration.

-A INPUT -m state --state NEW -m tcp -p tcp --dport 88 -j ACCEPT

Next, enter the following command to restart the firewall.

service iptables restart

Test Nginx

Test whether Nginx is installed successfully

# /usr/local/nginx-1.19.1/sbin/nginx -tnginx: the configuration file /usr/local/nginx-1.19.1/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx-1.19.1/conf/nginx.conf test is successful

Start Nginx

# /usr/local/nginx-1.19.1/sbin/nginx

Restart Nginx

# /usr/local/nginx-1.19.1/sbin/nginx -s reload

Set Nginx to start automatically at boot

# vim /etc/rc.local

Add the following line of configuration.

/usr/local/nginx-1.19.1/sbin/nginx

Next, access Nginx on the two servers respectively, as shown below.

Install Keepalived

The official download link is: http://www.keepalived.org/download.html .

Upload or download keepalived

Upload or download keepalived (keepalived-1.2.18.tar.gz) to /usr/local/src directory

Unzip the installation

# cd /usr/local/src# tar -zxvf keepalived-1.2.18.tar.gz# cd keepalived-1.2.18# ./configure --prefix=/usr/local/keepalived# make && make install

Install keepalived as a Linux system service

Because the default path of keepalived is not used for installation (default is /usr/local), after the installation is completed, some work needs to be done to copy the default configuration file to the default path

# mkdir /etc/keepalived# cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/

Copy the keepalived service script to the default address

# cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/# cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/# ln -s /usr/local/sbin/keepalived /usr/sbin/# ln -s /usr/local/keepalived/sbin/keepalived /sbin/

Set the keepalived service to start at boot.

# chkconfig keepalived on

Modify the Keepalived configuration file

MASTER node configuration file (192.168.50.133)

# vim /etc/keepalived/keepalived.conf

!Configuration File for keepalived
global_defs {
## The email reminder that comes with keepalived requires the sendmail service to be enabled. It is recommended to use independent monitoring or third-party SMTP
router_id binghe133 ## String that identifies this node, usually hostname
}
## keepalived will execute the script regularly and analyze the result of the script execution, and dynamically adjust the priority of vrrp_instance. If the script execution result is 0, and the value configured by weight is greater than 0, the priority will be increased accordingly. If the execution result of the script is not 0 and the value of the weight configuration is less than 0, the priority will be reduced accordingly. In other cases, the originally configured priority is maintained, that is, the value corresponding to priority in the configuration file.
vrrp_script chk_nginx {
script "/etc/keepalived/nginx_check.sh" ## Script path to check nginx status
interval 2 ## detection interval
weight -20 ## If the condition is true, the weight -20
}
## Define the virtual route, VI_1 is the identifier of the virtual route, define the name by yourself
vrrp_instance VI_1 {
state MASTER ## The primary node is MASTER, and the corresponding backup node is BACKUP
interface eth0 ## Bind the network interface of the virtual IP, the same as the network interface where the local IP address is located, mine is eth0
virtual_router_id 33 ## The ID number of the virtual router, the settings of the two nodes must be the same, the optional IP is used in the last segment, the same VRID is a group, it will determine the multicast MAC address
mcast_src_ip 192.168.50.133 ## Local IP address
priority 100 ## Node priority, value range 0-254, MASTER is higher than BACKUP
nopreempt ## High priority settings nopreempt solves the problem of preemption after abnormal recovery
advert_int 1 ## Multicast information sending interval, the settings of the two nodes must be the same, the default is 1s
## Set the verification information, the two nodes must be consistent
authentication {
auth_type PASS
auth_pass 1111 ## Real production, should come according to demand
}
## Add the track_script block to the instance configuration block
track_script {
chk_nginx ## Perform Nginx monitoring services
} #
# Virtual IP pool, the two node settings must be the same
virtual_ipaddress {
192.168.50.130 ##Virtual ip, you can define multiple
}
}

BACKUP node configuration file (192.168.50.134)

# vim /etc/keepalived/keepalived.conf

!Configuration File for keepalived
global_defs {
router_id binghe134
}
vrrp_script chk_nginx {
script "/etc/keepalived/nginx_check.sh"
interval 2
weight -20
}
vrrp_instance VI_1 {
state BACKUP
interface eth1
virtual_router_id 33
mcast_src_ip 192.168.50.134
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
chk_nginx
}
virtual_ipaddress {
192.168.50.130
}
}

Write Nginx Status Detection Script

Write the Nginx status detection script /etc/keepalived/nginx_check.sh (configured in keepalived.conf) Script requirements: If nginx stops running, try to start it, if it fails to start, kill the local keepalived process, keepalied binds the virtual ip Set to the BACKUP machine. The contents are as follows.

# vim /etc/keepalived/nginx_check.sh#!/bin/bashA=`ps -C nginx –no-header |wc -l`if [ $A -eq 0 ];then/usr/local/nginx/sbin/nginxsleep 2if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then
killall keepalivedfifi

After saving, give execute permission to the script:

# chmod +x /etc/keepalived/nginx_check.sh

Start Keepalived

# service keepalived startStarting keepalived: [ OK ]

High availability test of Keepalived+Nginx

Start Nginx and Keepalived on 192.168.50.133 and 192.168.50.134 at the same time, we access Nginx through VIP (192.168.50.130), as shown below.

We turn off Keepalived and Nginx on 192.168.50.133 and execute the following command on 192.168.50.133.

service keepalived stop
/usr/local/nginx-1.19.1/sbin/nginx -s stop

At this point, access Nginx through VIP (192.168.50.130), as shown below.

Let's turn on Keepalived and Nginx on 192.168.50.133 and execute the following commands on 192.168.50.133:

/usr/local/nginx-1.19.1/sbin/nginx
service keepalived start

or just execute

service keepalived start

Because we wrote the script nginx_check.sh, this script will automatically automate Nginx for us.

At this point, we access Nginx through VIP (192.168.50.130), as shown below.

So far, Keepalived + Nginx has completed the construction of high-availability web load balancing.

Tips

Friends can download the configuration file for Keepalived + Nginx to achieve high-availability web load balancing from the link below.

http://download.csdn.net/detail/l1028386804/9855362


Tags

Technical otaku

Sought technology together

Related Topic

0 Comments

Leave a Reply

+