Master Keepalived: Step-by-Step HA Setup for Nginx with VIP Failover
This guide walks through installing and configuring Keepalived on two CentOS servers to provide automatic Nginx health checking, virtual IP failover, and high‑availability load balancing, including scripts, service commands, and advanced iptables techniques to avoid packet loss during maintenance.
Keepalived Overview
Keepalived is a layer‑3/4/5 switching software that monitors web servers. When a server fails, it removes the faulty node from the pool and automatically restores it when it recovers, without manual intervention.
Environment Preparation
Two CentOS 6.6 64‑bit servers are used:
Operating system: CentOS 6.6 64‑bit (2 nodes)
Nginx‑Master 10.0.0.60
Nginx‑Backup 10.0.0.61
Virtual IP 10.0.0.62
Both nodes have identical configuration unless otherwise noted.
Install Nginx
Use OneinStack to install Nginx, selecting “y” for Nginx and “n” for other components.
Install Keepalived
On both Nginx‑Master and Nginx‑Backup execute:
cd ~/oneinstack/srcwget http://www.keepalived.org/software/keepalived-1.2.22.tar.gztar xzf keepalived-1.2.22.tar.gzcd keepalived-1.2.22./configure --prefix=/usr/local/keepalivedmake && make installConfigure Keepalived
Create symbolic links and enable the service:
ln -s /usr/local/keepalived/etc/keepalived /etc/keepalivedln -s /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/rc.d/init.d/keepalivedln -s /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/keepalivedln -s /usr/local/keepalived/sbin/keepalived /usr/bin/keepalivedchkconfig keepalived onEdit /etc/keepalived/keepalived.conf on the master node with sections for global_defs (email, SMTP, router_id), a vrrp_script named chk_nginx that runs /usr/local/keepalived/sbin/check_nginx.sh, and a vrrp_instance VI_1 configured as follows:
state MASTER
interface eth0
virtual_router_id 55
priority 100
advert_int 1
authentication PASS/linuxeye
virtual_ipaddress 10.0.0.62
track_script chk_nginx
On the backup node use a similar configuration but set state BACKUP, priority 50, and add nopreempt to prevent VIP preemption.
Health‑Check Script
Create /usr/local/keepalived/sbin/check_nginx.sh:
#!/bin/bash
if [ "$(ps -ef | grep "nginx: master process"| grep -v grep )" == "" ];then
/etc/init.d/nginx start
sleep 5
if [ "$(ps -ef | grep "nginx: master process"| grep -v grep )" == "" ];then
/etc/init.d/keepalived stop
fi
fiMake it executable:
chmod +x /usr/local/keepalived/sbin/check_nginx.shVerification
Start Keepalived on both nodes ( service keepalived start), check the virtual IP with ip addr, then stop the service on one node to observe failover. Restart to confirm the VIP moves back.
Advanced Tip
To avoid packet loss when replacing the master, forward traffic to the backup with iptables before stopping the master:
iptables -Fiptables -t nat -I PREROUTING -i eth0 -j DNAT --to-destination 10.0.0.61iptables -t nat -I POSTROUTING -o eth0 -j MASQUERADESigned-in readers can open the original source through BestHub's protected redirect.
This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.
MaGe Linux Operations
Founded in 2009, MaGe Education is a top Chinese high‑end IT training brand. Its graduates earn 12K+ RMB salaries, and the school has trained tens of thousands of students. It offers high‑pay courses in Linux cloud operations, Python full‑stack, automation, data analysis, AI, and Go high‑concurrency architecture. Thanks to quality courses and a solid reputation, it has talent partnerships with numerous internet firms.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.