Operation and MaintenanceNginxHow to implement Nginx high availability in production environment
Preparation work:
192.168.16.128
192.168.16.129
Two virtual machines. Install nginx
Install nginx
Update yum source file:
rpm -ivh http://nginx.org/packages/centos/7/noarch/rpms/nginx-release-centos-7-0.el7.ngx.noarch.rpm wget -o /etc/yum.repos.d/centos-base.repo http://mirrors.aliyun.com/repo/centos-7.repo
Install nginx:
yum -y install nginx
Operation command:
systemctl start nginx; #启动nginx systemctl stop nginx; #停止nginx
What is high availability?
High availability HA (high availability) is one of the factors that must be considered in the design of distributed system architecture. It usually refers to reducing the time when the system cannot provide services through design. If a system can always provide services, then the availability is 100%, but there are unforeseen circumstances. So we can only try to reduce service failures as much as possible.
solved problem?
In production environments, nginx is often used as a reverse proxy to provide external services. However, nginx will inevitably encounter failures one day, such as server downtime. When nginx goes down, all externally provided interfaces will become inaccessible.
Although we cannot guarantee that the server is 100% available, we must find ways to avoid this tragedy. Today we use keepalived to achieve high availability of nginx
.
Dual-machine hot backup solution
This solution is the most common high-availability solution among domestic enterprises. Dual-machine hot backup actually refers to a One server is providing services, and the other is in standby state for a certain service. When one server is unavailable, the other one will take its place.
What is keepalived?
keepalived software was originally designed for LVS load balancing software to manage and monitor the status of each service node in the LVS cluster system. Later, vrrp (virtual router) was added to achieve high availability. redundancy protocol, virtual router redundancy protocol) function. Therefore, in addition to being able to manage LVS software, keepalived can also be used as a high-availability solution software for other services (such as: nginx, haproxy, mysql, etc.)
failover mechanism
keepalived Failover transfer between high-availability services is implemented through vrrp.
When the keepalived service is working normally, the main master node will continuously send (multicast) heartbeat messages to the backup node to tell the backup node that it is still alive. When the main master node fails , it cannot send heartbeat messages, and the standby node cannot continue to detect the heartbeat from the master node, so it calls its own takeover program to take over the IP resources and services of the master node. When the primary master node recovers, the backup node will release the IP resources and services it took over when the primary node failed, and return to its original backup role.
Implementation process
Install keepalived
You can install it directly with yum, which will automatically install dependencies:
yum -y install keepalived
Modify the host (192.168.16.128) keepalived configuration file
The yum installation will produce the configuration file under /etc/keepalived:
vi keepalived.conf
keepalived.conf:
#检测脚本
vrrp_script chk_http_port {
script "/usr/local/src/check_nginx_pid.sh" #心跳执行的脚本,检测nginx是否启动
interval 2 #(检测脚本执行的间隔,单位是秒)
weight 2 #权重
}
#vrrp 实例定义部分
vrrp_instance vi_1 {
state master # 指定keepalived的角色,master为主,backup为备
interface ens33 # 当前进行vrrp通讯的网络接口卡(当前centos的网卡) 用ifconfig查看你具体的网卡
virtual_router_id 66 # 虚拟路由编号,主从要一直
priority 100 # 优先级,数值越大,获取处理请求的优先级越高
advert_int 1 # 检查间隔,默认为1s(vrrp组播周期秒数)
#授权访问
authentication {
auth_type pass #设置验证类型和密码,master和backup必须使用相同的密码才能正常通信
auth_pass 1111
}
track_script {
chk_http_port #(调用检测脚本)
}
virtual_ipaddress {
192.168.16.130 # 定义虚拟ip(vip),可多设,每行一个
}
}
Virtual_ipaddress can be configured with vip, and services can be accessed online through vip.
The interface needs to be set according to the server network card. The usual viewing method is ip addr
Authentication configuration authorization access to the backup machine also requires the same configuration.
Modify the backup machine (192.168.16.129) keepalived configuration File
keepalived.conf:
#检测脚本
vrrp_script chk_http_port {
script "/usr/local/src/check_nginx_pid.sh" #心跳执行的脚本,检测nginx是否启动
interval 2 #(检测脚本执行的间隔)
weight 2 #权重
}
#vrrp 实例定义部分
vrrp_instance vi_1 {
state backup # 指定keepalived的角色,master为主,backup为备
interface ens33 # 当前进行vrrp通讯的网络接口卡(当前centos的网卡) 用ifconfig查看你具体的网卡
virtual_router_id 66 # 虚拟路由编号,主从要一直
priority 99 # 优先级,数值越大,获取处理请求的优先级越高
advert_int 1 # 检查间隔,默认为1s(vrrp组播周期秒数)
#授权访问
authentication {
auth_type pass #设置验证类型和密码,master和backup必须使用相同的密码才能正常通信
auth_pass 1111
}
track_script {
chk_http_port #(调用检测脚本)
}
virtual_ipaddress {
192.168.16.130 # 定义虚拟ip(vip),可多设,每行一个
}
}Detection script:
#!/bin/bash
#检测nginx是否启动了
a=`ps -c nginx --no-header |wc -l`
if [ $a -eq 0 ];then #如果nginx没有启动就启动nginx
systemctl start nginx #重启nginx
if [ `ps -c nginx --no-header |wc -l` -eq 0 ];then #nginx重启失败,则停掉keepalived服务,进行vip转移
killall keepalived
fi
fiScript authorization:chmod 775 check_nginx_pid.sh
Description: The script must be authorized, otherwise There is no permission to access. Here we have two servers executing, vip(virtual_ipaddress:192.168.16.130),We access the service directly through vip in the production environment.
Simulate nginx failure:
Modify the nginx html page that the two servers access by default as a difference.
First visit 192.168.16.130, access through VIP, the page displays 192.168.16.128; indicating that the service is currently provided by the main server.
At this time192.168.16.128The main server executes the command:
systemctl stop nginx; #停止nginx
Visit vip again (192.168.16.130) and find that the page still displays at this time : 192.168.16.128, this is an automatic restart in the script.
Now directly close the 192.168.16.128 server, visit vip here (192.168.16.130) and now find that the page displays 192.168.16.129 At that time, keepalived will automatically failover, and a high-availability solution for an enterprise-level production environment has been established. There are many functions in
keepalived, such as email reminders, etc., but they are not available. You can go to the official website to read the documentation.
The above is the detailed content of How to implement Nginx high availability in production environment. For more information, please follow other related articles on the PHP Chinese website!
NGINX vs. Apache: A Comparative Analysis of Web ServersApr 21, 2025 am 12:08 AMNGINX is more suitable for handling high concurrent connections, while Apache is more suitable for scenarios where complex configurations and module extensions are required. 1.NGINX is known for its high performance and low resource consumption, and is suitable for high concurrency. 2.Apache is known for its stability and rich module extensions, which are suitable for complex configuration needs.
NGINX Unit's Advantages: Flexibility and PerformanceApr 20, 2025 am 12:07 AMNGINXUnit improves application flexibility and performance with its dynamic configuration and high-performance architecture. 1. Dynamic configuration allows the application configuration to be adjusted without restarting the server. 2. High performance is reflected in event-driven and non-blocking architectures and multi-process models, and can efficiently handle concurrent connections and utilize multi-core CPUs.
NGINX vs. Apache: Performance, Scalability, and EfficiencyApr 19, 2025 am 12:05 AMNGINX and Apache are both powerful web servers, each with unique advantages and disadvantages in terms of performance, scalability and efficiency. 1) NGINX performs well when handling static content and reverse proxying, suitable for high concurrency scenarios. 2) Apache performs better when processing dynamic content and is suitable for projects that require rich module support. The selection of a server should be decided based on project requirements and scenarios.
The Ultimate Showdown: NGINX vs. ApacheApr 18, 2025 am 12:02 AMNGINX is suitable for handling high concurrent requests, while Apache is suitable for scenarios where complex configurations and functional extensions are required. 1.NGINX adopts an event-driven, non-blocking architecture, and is suitable for high concurrency environments. 2. Apache adopts process or thread model to provide a rich module ecosystem that is suitable for complex configuration needs.
NGINX in Action: Examples and Real-World ApplicationsApr 17, 2025 am 12:18 AMNGINX can be used to improve website performance, security, and scalability. 1) As a reverse proxy and load balancer, NGINX can optimize back-end services and share traffic. 2) Through event-driven and asynchronous architecture, NGINX efficiently handles high concurrent connections. 3) Configuration files allow flexible definition of rules, such as static file service and load balancing. 4) Optimization suggestions include enabling Gzip compression, using cache and tuning the worker process.
NGINX Unit: Supporting Different Programming LanguagesApr 16, 2025 am 12:15 AMNGINXUnit supports multiple programming languages and is implemented through modular design. 1. Loading language module: Load the corresponding module according to the configuration file. 2. Application startup: Execute application code when the calling language runs. 3. Request processing: forward the request to the application instance. 4. Response return: Return the processed response to the client.
Choosing Between NGINX and Apache: The Right Fit for Your NeedsApr 15, 2025 am 12:04 AMNGINX and Apache have their own advantages and disadvantages and are suitable for different scenarios. 1.NGINX is suitable for high concurrency and low resource consumption scenarios. 2. Apache is suitable for scenarios where complex configurations and rich modules are required. By comparing their core features, performance differences, and best practices, you can help you choose the server software that best suits your needs.
How to start nginxApr 14, 2025 pm 01:06 PMQuestion: How to start Nginx? Answer: Install Nginx Startup Nginx Verification Nginx Is Nginx Started Explore other startup options Automatically start Nginx
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
MinGW - Minimalist GNU for Windows
This project is in the process of being migrated to osdn.net/projects/mingw, you can continue to follow us there. MinGW: A native Windows port of the GNU Compiler Collection (GCC), freely distributable import libraries and header files for building native Windows applications; includes extensions to the MSVC runtime to support C99 functionality. All MinGW software can run on 64-bit Windows platforms.
SublimeText3 English version
Recommended: Win version, supports code prompts!
SublimeText3 Chinese version
Chinese version, very easy to use
VSCode Windows 64-bit Download
A free and powerful IDE editor launched by Microsoft
DVWA
Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is very vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, to help web developers better understand the process of securing web applications, and to help teachers/students teach/learn in a classroom environment Web application security. The goal of DVWA is to practice some of the most common web vulnerabilities through a simple and straightforward interface, with varying degrees of difficulty. Please note that this software
