vrrp scripts with nginx

[pwe]

Hello,

Im having trouble making an failover script for nginx with keepalived.

Code: Select all

vrrp_script chk_nginx {
    script "/usr/bin/killall -0 nginx"
    interval 2
    weight 2
    fall 2
    rise 2
}

But this doesnt seem to work.

The command itself works like a charm: return value 0 with running nginx and 1 with no running nginx.

When I shutdown the machine1, evertything works great and the ip gets handed over to machine2 and vica versa. I want to have the same behaviour with no running nginx.


kind regards,
pwe

[aks]

Could you please expand the problem.
You have a "shared" IP that gets passed between two machines in the event of failure of the active node? You now want both machines to have the same shared IP at the same time (not a good idea)?
BTW, VRRP is an old(ish) routing protocol for HA between routers, but that's an aside.
What do want to achieve? What's the problem(s)?

[pwe]

Hello,

here is the situation:

I want to implement a reverse-proxy-cluster for security reasons. Both machines are configured identically.

The passing of the IP-Adress should happen, if the "reverse-proxy-function" is not available anymore. This can happen out of system failure, shutdown, nginx-service-stop, etc.

At the moment, reverse1 is the master. The IP gets passed to reverse2 if I shutdown reverse1.

The problem is, the IP doesnt get passed to reverse2 if I stop nginx on reverse1.


kind regards,
pwe

[aks]

I guessing that because you don't unexpectedly terminate your httpd server, it's not "seen" as a failure. This depends on the (somewhat detailed) configuration for your cluster.
How does the cluster "know" that a failure has happened? What does it do when this falure has happened?
There are many way to do these things, but you've not said.

[pwe]

Hello,

I thought these questions are solved with using keepalived and the vrrp_script?

How does the cluster "know" that a failure has happened?

--> When the vrrp_script returns != 0

What does it do when this falure has happened?

--> passing the vIP to the other host.

Please see the complete config here:

reverse1:

Code: Select all

! Configuration File for keepalived

global_defs {
   notification_email {
        <mailaddress>
   }
   notification_email_from reverse1
   smtp_server <relayhost>
   smtp_connect_timeout 30
   router_id LVS_DEVEL
}

vrrp_script chk_nginx {
        script "/usr/bin/killall -0 nginx"
        interval 2
        weight 2
        fall 2
        rise 2
}

vrrp_instance VI_1 {
    state MASTER
    interface ens192
    virtual_router_id 51
    priority 101
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass <password>
    }
    track_script {
        chk_nginx
    }
    virtual_ipaddress {
        <vIP>
    }
}

and reverse2:

Code: Select all

! Configuration File for keepalived

global_defs {
   notification_email {
        <mail-address>
   }
   notification_email_from reverse2
   smtp_server <relayhost>
   smtp_connect_timeout 30
   router_id LVS_DEVEL
}

vrrp_script chk_nginx {
        script "/usr/bin/killall -0 nginx"
        interval 2
        weight 2
        fall 2
        rise 2
}

vrrp_instance VI_1 {
    state MASTER
    interface ens192
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass <password>
    }
    track_script {
        chk_nginx
    }
    virtual_ipaddress {
        <vIP>
    }
}