Build Nginx High Availability with Keepalived on Linux

What is High Availability?

High Availability (HA) is a design principle for distributed systems that aims to minimize service downtime by ensuring that a system can continue to provide services even when some components fail.

Dual‑Machine Hot‑Standby Scheme

In this common HA pattern, one server actively provides the service while a second server stands by as a backup. If the active server becomes unavailable, the backup automatically takes over.

What is Keepalived?

Keepalived was originally created to manage LVS load‑balancing clusters, but it also implements the Virtual Router Redundancy Protocol (VRRP) to provide high‑availability capabilities for services such as Nginx, HAProxy, MySQL, etc.

Failover Mechanism

Keepalived uses VRRP to exchange heartbeat messages between a MASTER node and a BACKUP node. When the MASTER stops sending heartbeats, the BACKUP assumes the virtual IP address (VIP) and takes over the service.

Implementation Steps

Preparation

Two virtual machines with IPs 192.168.16.128 (master) and 192.168.16.129 (backup).

Install Nginx on both machines.

Install Nginx

yum -y install nginx

systemctl start nginx   # start Nginx

systemctl stop nginx    # stop Nginx

Install Keepalived

yum -y install keepalived

Configure Keepalived on the Master (192.168.16.128)

vi /etc/keepalived/keepalived.conf

# Health‑check script

vrrp_script chk_http_port {

script "/usr/local/src/check_nginx_pid.sh"

interval 2

weight 2

}

# VRRP instance

vrrp_instance VI_1 {

state MASTER

interface ens33          # network interface

virtual_router_id 66

priority 100

advert_int 1

authentication {

auth_type PASS

auth_pass 1111

}

track_script { chk_http_port }

virtual_ipaddress {

192.168.16.130

}

}

Configure Keepalived on the Backup (192.168.16.129)

vi /etc/keepalived/keepalived.conf

vrrp_instance VI_1 {

state BACKUP

interface ens33

virtual_router_id 66

priority 99

advert_int 1

authentication { auth_type PASS; auth_pass 1111; }

track_script { chk_http_port }

virtual_ipaddress { 192.168.16.130 }

}

Health‑Check Script (check_nginx_pid.sh)

#!/bin/bash

# Detect whether Nginx is running

A=$(ps -C nginx --no-header | wc -l)

if [ $A -eq 0 ]; then

systemctl start nginx   # restart Nginx

if [ $(ps -C nginx --no-header | wc -l) -eq 0 ]; then

killall keepalived   # failover if Nginx cannot start

fi

fi

chmod 775 check_nginx_pid.sh   # make script executable

Testing the Failover

Access the VIP 192.168.16.130. The page shows the master IP 192.168.16.128, confirming the master is serving.

Stop Nginx on the master: systemctl stop nginx. The VIP still resolves to 192.168.16.128 because the script restarts Nginx automatically.

Shut down the master server entirely. The VIP now resolves to 192.168.16.129, demonstrating automatic failover to the backup.

Conclusion

By configuring keepalived with a VRRP instance and a simple health‑check script, you obtain an enterprise‑grade high‑availability solution for Nginx that automatically transfers the virtual IP and service responsibilities when the primary node fails.