search
HomeOperation and MaintenanceNginxNginx high availability method

Preparation:

Nginx high availability method

​192.168.16.128

​192.168.16.129

Two virtual machines. Install Nginx

Install Nginx

Update yum source file:

rpm-ivhhttp://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm

​wget-O/etc/yum.repos.d/CentOS-Base.repohttp://mirrors.aliyun.com/repo/Centos-7.repo

Install Nginx:

​ yum-yinstallnginx

Operation command:

systemctlstartnginx;#Start Nginx

systemctlstopnginx;#stopNginx

What is high availability?

High availability HA (HighAvailability) is one of the factors that must be considered in the design of distributed system architecture. It usually refers to reducing the time when the system cannot provide services through design. If a system can always provide services, then the availability is 100%, but there are unforeseen circumstances. So we can only try to reduce service failures as much as possible.

solved problem?

In production environments, Nginx is often used as a reverse proxy to provide external services. However, Nginx will inevitably encounter failures one day, such as server downtime. When Nginx goes down, all externally provided interfaces will become inaccessible.

Although we cannot guarantee that the server is 100% available, we must find ways to avoid this tragedy. Today we use keepalived to implement Nginx

High availability.

Dual-machine hot backup solution

This solution is the most common high-availability solution among domestic enterprises. Dual-server hot backup actually means that one server is providing services and the other is in standby state for a certain service. When one server is unavailable, the other one Will take his place.

What is keepalived?

Keepalived software was originally designed for LVS load balancing software to manage and monitor the status of each service node in the LVS cluster system. Later, it added the VRRP (Virtual Router Redundancy Protocol) function that can achieve high availability. Therefore, in addition to managing LVS software, Keepalived can also be used as a high-availability solution software for other services (such as Nginx, Haproxy, MySQL, etc.)

Failover mechanism

Failover transfer between Keepalived high-availability services is implemented through VRRP.

When the Keepalived service is working normally, the main Master node will continuously send (multicast) heartbeat messages to the backup node to tell the backup Backup node that it is still alive. When the main Master node fails, it cannot send heartbeat messages and the backup node will not be able to send heartbeat messages. Therefore, the node can no longer detect the heartbeat from the master node, so it calls its own takeover program to take over the IP resources and services of the master node. When the master node recovers, the backup node will release the IP resources and services it took over when the master node failed, and return to its original backup role.

Implementation process

Install keepalived

You can install it directly using yum. This method will automatically install dependencies:

​ yum-yinstallkeepalived

Modify the host (192.168.16.128) keepalived configuration file

If installed in yum mode, the configuration file will be produced under /etc/keepalived:

vikeepalived.conf

keepalived.conf:

​ #Detection script

vrrp_scriptchk_http_port{

Script"/usr/local/src/check_nginx_pid.sh"#Heartbeat execution script to detect whether nginx is started

interval2# (interval for detecting script execution, unit is seconds)

weight2#weight

}

​#vrrp instance definition part

vrrp_instanceVI_1{

stateMASTER#Specify the role of keepalived, MASTER is the main one, and BACKUP is the backup one

interfaceens33#The current network interface card for vrrp communication (current centos network card) uses ifconfig to check your specific network card

​virtual_router_id66#Virtual routing number, the master and slave must always be

priority100#Priority, the larger the value, the higher the priority of obtaining and processing the request

advert_int1#Checking interval, the default is 1s (vrrp multicast cycle seconds)

​#Authorized access

Authentication{

auth_typePASS#Set the authentication type and password. MASTER and BACKUP must use the same password for normal communication

auth_pass1111

}

track_script{

chk_http_port# (call detection script)

}

virtual_ipaddress{

192.168.16.130#Define virtual ip (VIP), you can set more than one, one per line

}

}

​Vip can be configured in virtual_ipaddress, and services can be accessed online through vip.

The interface needs to be set according to the server network card. The usual viewing method is ipaddr

Authentication configuration authorization access to the backup machine also requires the same configuration

Modify the backup machine (192.168.16.129) keepalived configuration file

keepalived.conf:

​ #Detection script

vrrp_scriptchk_http_port{

Script"/usr/local/src/check_nginx_pid.sh"#Heartbeat execution script to detect whether nginx is started

interval2# (detection script execution interval)

weight2#weight

}

​#vrrp instance definition part

vrrp_instanceVI_1{

stateBACKUP#Specify the role of keepalived, MASTER is the main one and BACKUP is the backup one

interfaceens33#The current network interface card for vrrp communication (current centos network card) uses ifconfig to check your specific network card

​virtual_router_id66#Virtual routing number, the master and slave must always be

priority99#Priority, the larger the value, the higher the priority of obtaining and processing the request

advert_int1#Checking interval, the default is 1s (vrrp multicast cycle seconds)

​#Authorized access

Authentication{

auth_typePASS#Set the authentication type and password. MASTER and BACKUP must use the same password for normal communication

auth_pass1111

}

track_script{

chk_http_port# (call detection script)

}

virtual_ipaddress{

192.168.16.130#Define virtual ip (VIP), you can set more than one, one per line

}

}

Detection script:

​ #!/bin/bash

​#Detect whether nginx is started

A=`ps-Cnginx--no-header|wc-l`

​if[$A-eq0];then#If nginx is not started, start nginx

systemctlstartnginx#restart nginx

​if[`ps-Cnginx--no-header|wc-l`-eq0];then#nginx fails to restart, stop the keepalived service and perform VIP transfer

killallkeepalived

fi

fi

Script authorization: chmod775check_nginx_pid.sh

Note: The script must be authorized, otherwise it will not have permission to access. Here we have two servers executing, VIP (virtual_ipaddress:192.168.16.130), we access the service directly through VIP in the production environment.

Simulate nginx failure:

Modify the Nginx html page that the two servers access by default as a difference.

First, access 192.168.16.130 through VIP. The page displays 192.168.16.128; indicating that it is currently a service provided by the main server.

At this time, the 192.168.16.128 main server executes the command:

systemctlstopnginx;#stop nginx

When I visited VIP (192.168.16.130) again, I found that the page still displayed: 192.168.16.128. This was an automatic restart in the script.

Now directly close the 192.168.16.128 server, visit VIP here (192.168.16.130) and now find that the page shows 192.168.16.129. At this time, keepalived will automatically fail over, and a high-availability solution for an enterprise-level production environment has been established.

There are many functions in keepalived, such as email reminders, etc., but they are not available. You can go to the official website to read the documentation.

The above is the detailed content of Nginx high availability method. For more information, please follow other related articles on the PHP Chinese website!

Statement
This article is reproduced at:亿速云. If there is any infringement, please contact admin@php.cn delete
内存飙升!记一次nginx拦截爬虫内存飙升!记一次nginx拦截爬虫Mar 30, 2023 pm 04:35 PM

本篇文章给大家带来了关于nginx的相关知识,其中主要介绍了nginx拦截爬虫相关的,感兴趣的朋友下面一起来看一下吧,希望对大家有帮助。

nginx限流模块源码分析nginx限流模块源码分析May 11, 2023 pm 06:16 PM

高并发系统有三把利器:缓存、降级和限流;限流的目的是通过对并发访问/请求进行限速来保护系统,一旦达到限制速率则可以拒绝服务(定向到错误页)、排队等待(秒杀)、降级(返回兜底数据或默认数据);高并发系统常见的限流有:限制总并发数(数据库连接池)、限制瞬时并发数(如nginx的limit_conn模块,用来限制瞬时并发连接数)、限制时间窗口内的平均速率(nginx的limit_req模块,用来限制每秒的平均速率);另外还可以根据网络连接数、网络流量、cpu或内存负载等来限流。1.限流算法最简单粗暴的

nginx+rsync+inotify怎么配置实现负载均衡nginx+rsync+inotify怎么配置实现负载均衡May 11, 2023 pm 03:37 PM

实验环境前端nginx:ip192.168.6.242,对后端的wordpress网站做反向代理实现复杂均衡后端nginx:ip192.168.6.36,192.168.6.205都部署wordpress,并使用相同的数据库1、在后端的两个wordpress上配置rsync+inotify,两服务器都开启rsync服务,并且通过inotify分别向对方同步数据下面配置192.168.6.205这台服务器vim/etc/rsyncd.confuid=nginxgid=nginxport=873ho

nginx php403错误怎么解决nginx php403错误怎么解决Nov 23, 2022 am 09:59 AM

nginx php403错误的解决办法:1、修改文件权限或开启selinux;2、修改php-fpm.conf,加入需要的文件扩展名;3、修改php.ini内容为“cgi.fix_pathinfo = 0”;4、重启php-fpm即可。

如何解决跨域?常见解决方案浅析如何解决跨域?常见解决方案浅析Apr 25, 2023 pm 07:57 PM

跨域是开发中经常会遇到的一个场景,也是面试中经常会讨论的一个问题。掌握常见的跨域解决方案及其背后的原理,不仅可以提高我们的开发效率,还能在面试中表现的更加

nginx部署react刷新404怎么办nginx部署react刷新404怎么办Jan 03, 2023 pm 01:41 PM

nginx部署react刷新404的解决办法:1、修改Nginx配置为“server {listen 80;server_name https://www.xxx.com;location / {root xxx;index index.html index.htm;...}”;2、刷新路由,按当前路径去nginx加载页面即可。

nginx怎么禁止访问phpnginx怎么禁止访问phpNov 22, 2022 am 09:52 AM

nginx禁止访问php的方法:1、配置nginx,禁止解析指定目录下的指定程序;2、将“location ~^/images/.*\.(php|php5|sh|pl|py)${deny all...}”语句放置在server标签内即可。

Linux系统下如何为Nginx安装多版本PHPLinux系统下如何为Nginx安装多版本PHPMay 11, 2023 pm 07:34 PM

linux版本:64位centos6.4nginx版本:nginx1.8.0php版本:php5.5.28&php5.4.44注意假如php5.5是主版本已经安装在/usr/local/php目录下,那么再安装其他版本的php再指定不同安装目录即可。安装php#wgethttp://cn2.php.net/get/php-5.4.44.tar.gz/from/this/mirror#tarzxvfphp-5.4.44.tar.gz#cdphp-5.4.44#./configure--pr

See all articles

Hot AI Tools

Undresser.AI Undress

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress AI Tool

Undress images for free

Clothoff.io

Clothoff.io

AI clothes remover

AI Hentai Generator

AI Hentai Generator

Generate AI Hentai for free.

Hot Article

R.E.P.O. Energy Crystals Explained and What They Do (Yellow Crystal)
2 weeks agoBy尊渡假赌尊渡假赌尊渡假赌
Repo: How To Revive Teammates
4 weeks agoBy尊渡假赌尊渡假赌尊渡假赌
Hello Kitty Island Adventure: How To Get Giant Seeds
4 weeks agoBy尊渡假赌尊渡假赌尊渡假赌

Hot Tools

Safe Exam Browser

Safe Exam Browser

Safe Exam Browser is a secure browser environment for taking online exams securely. This software turns any computer into a secure workstation. It controls access to any utility and prevents students from using unauthorized resources.

ZendStudio 13.5.1 Mac

ZendStudio 13.5.1 Mac

Powerful PHP integrated development environment

SublimeText3 English version

SublimeText3 English version

Recommended: Win version, supports code prompts!

Zend Studio 13.0.1

Zend Studio 13.0.1

Powerful PHP integrated development environment

Dreamweaver CS6

Dreamweaver CS6

Visual web development tools