Deploying Tomcat with Keepalived and Nginx for High Availability on CentOS 7

The article introduces the need for clustering when a single‑machine Tomcat deployment can no longer handle growing traffic, and proposes a solution that combines Tomcat, Nginx, and Keepalived to achieve load balancing and high availability.

Environment preparation

CentOS 7 system

Keepalived‑2.0.15

Nginx‑1.14.2

Tomcat 8

Two servers: one for MASTER, one for BACKUP, each running Nginx + Keepalived and Tomcat, plus a shared virtual IP (VIP)

Installation of Nginx

(Installation steps are illustrated with screenshots in the original article.)

Installation of Keepalived

(Installation steps are illustrated with screenshots in the original article.)

Configure Keepalived + Nginx for high availability

On the MASTER node, place ck_ng.sh and keepalived.conf in /etc/keepalived/ (script permissions 755) and the service unit files in /usr/lib/systemd/system/ . The key configuration files are shown below.

global_defs {
    #router_id is the IP of the MASTER server
    router_id 192.168.1.101
}

vrrp_script chk_nginx {
    script "/etc/keepalived/ck_ng.sh"
    interval 2
    weight -5
    fall 3
    rise 2
}

vrrp_instance VI_1 {
    state MASTER
    interface ifcfg-eth0
    mcast_src_ip 192.168.1.101
    virtual_router_id 55
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 123456
    }
    virtual_ipaddress {
        192.168.1.100/24
    }
    track_script { chk_nginx }
    smtp_alert
}

The ck_ng.sh script (shown as an image in the source) performs health checks on Nginx.

Service unit files ( keepalived.service and nginx.service ) are also placed under /usr/lib/systemd/system/ as illustrated in the original screenshots.

BACKUP node configuration

The BACKUP node uses a similar keepalived.conf with only the differences highlighted:

global_defs {
    router_id 192.168.1.102
}

vrrp_instance VI_1 {
    state BACKUP
    mcast_src_ip 192.168.1.102
    priority 99
}

The ck_ng.sh , keepalived.service , and nginx.service files are identical to the MASTER.

Expose Tomcat through Nginx reverse proxy

Tomcat installation and application deployment are omitted; the focus is on Nginx configuration that forwards requests to the two Tomcat instances.

# upstream configuration
upstream myapp {
    ip_hash;
    server 192.168.1.101:8080; # Tomcat instance 1
    server 192.168.1.102:8080; # Tomcat instance 2
}

server {
    listen 8888;               # external service port
    server_name localhost;
    port_in_redirect on;

    location /app1 {
        proxy_pass http://myapp/app1;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Host $host:$server_port;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }

    location /app2 {
        proxy_pass http://myapp/app2;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Host $host:$server_port;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }

    location / {
        proxy_pass http://myapp;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Host $host:$server_port;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }
}

With this setup, the Nginx reverse proxy provides load balancing across the two Tomcat instances, while Keepalived ensures that the virtual IP remains reachable by automatically promoting the BACKUP to MASTER if the original MASTER fails, achieving a high‑availability cluster.

Source: http://javajgs.com/archives/6263