NGINX Plus trial and HA with keepalived in active-active mode
Fabiano Furtado Pessoa Coelho
fusca14 at gmail.com
Wed Jan 12 20:00:35 UTC 2022
Hi...
I'm trying to configure keepalived in active-active mode, using 2
nodes, based on the official documentation
https://docs.nginx.com/nginx/admin-guide/high-availability/ha-keepalived-nodes/,
but the environment became unstable. The TCP connection is closing all
the time and I don't know what's wrong with my keeepalived config.
I'm using RHEL 8.5 with SELinux enabled and enforcing.
The configuration of my first NGINX Plus node:
global_defs {
vrrp_version 3
router_id nginx_prod1
}
vrrp_script chk_manual_failover {
script "/usr/libexec/keepalived/nginx-ha-manual-failover"
interval 10
weight 50
}
vrrp_script chk_nginx_service {
script "/usr/libexec/keepalived/nginx-ha-check"
interval 3
weight 50
}
vrrp_instance VI_1 {
state MASTER
interface eth0
priority 99
virtual_router_id 31
advert_int 1
accept
garp_master_refresh 5
garp_master_refresh_repeat 1
unicast_src_ip x.y.z.48/26
unicast_peer {
x.y.z.50
}
virtual_ipaddress {
x.y.z.49/26 brd x.y.z.63 dev eth0
}
track_script {
chk_nginx_service
chk_manual_failover
}
notify "/usr/libexec/keepalived/nginx-ha-notify"
}
vrrp_instance VI_2 {
state BACKUP
interface eth0
priority 98
virtual_router_id 41
advert_int 1
accept
garp_master_refresh 5
garp_master_refresh_repeat 1
unicast_src_ip x.y.z.48/26
unicast_peer {
x.y.z.50
}
virtual_ipaddress {
x.y.z.51/26 brd x.y.z.63 dev eth0
}
track_script {
chk_nginx_service
chk_manual_failover
}
notify "/usr/libexec/keepalived/nginx-ha-notify"
}
And the "ip a" config:
eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel
state UP group default qlen 1000
link/ether xx:xx:xx:xx:xx:xx brd ff:ff:ff:ff:ff:ff
inet x.y.z.48/26 brd x.y.z.63 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
inet x.y.z.49/26 brd x.y.z.63 scope global secondary eth0
valid_lft forever preferred_lft forever
inet x.y.z.51/26 brd x.y.z.63 scope global secondary eth0
valid_lft forever preferred_lft forever
The configuration of my second NGINX Plus node:
global_defs {
vrrp_version 3
router_id nginx_prod2
}
vrrp_script chk_manual_failover {
script "/usr/libexec/keepalived/nginx-ha-manual-failover"
interval 10
weight 50
}
vrrp_script chk_nginx_service {
script "/usr/libexec/keepalived/nginx-ha-check"
interval 3
weight 50
}
vrrp_instance VI_1 {
state MASTER
interface eth0
priority 101
virtual_router_id 51
advert_int 1
accept
garp_master_refresh 5
garp_master_refresh_repeat 1
unicast_src_ip x.y.z.50/26
unicast_peer {
x.y.z.48
}
virtual_ipaddress {
x.y.z.51/26 brd x.y.z.63 dev eth0
}
track_script {
chk_nginx_service
chk_manual_failover
}
notify "/usr/libexec/keepalived/nginx-ha-notify"
}
vrrp_instance VI_2 {
state BACKUP
interface eth0
priority 100
virtual_router_id 61
advert_int 1
accept
garp_master_refresh 5
garp_master_refresh_repeat 1
unicast_src_ip x.y.z.50/26
unicast_peer {
x.y.z.48
}
virtual_ipaddress {
x.y.z.49/26 brd x.y.z.63 dev eth0
}
track_script {
chk_nginx_service
chk_manual_failover
}
notify "/usr/libexec/keepalived/nginx-ha-notify"
}
And the "ip a" config:
eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel
state UP group default qlen 1000
link/ether xx:xx:xx:xx:xx:xx brd ff:ff:ff:ff:ff:ff
inet x.y.z.50/26 brd x.y.z.63 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
inet x.y.z.51/26 brd x.y.z.63 scope global secondary eth0
valid_lft forever preferred_lft forever
inet x.y.z.49/26 brd x.y.z.63 scope global secondary eth0
valid_lft forever preferred_lft forever
What am I doing wrong?
Thanks in advance!
Fabiano
More information about the nginx
mailing list