Implementing High Availability for Nginx with Keepalived on Linux

In production environments Nginx is often used as a reverse proxy, but a single Nginx instance can become a single point of failure. To avoid service interruption, the article demonstrates using keepalived to provide high‑availability (HA) for Nginx.

What is high availability? HA (High Availability) reduces system downtime by automatically switching to a standby service when the primary fails. The common solution in Chinese enterprises is a dual‑machine hot‑standby setup where one server provides the service and the other acts as a backup.

What is Keepalived? Keepalived was originally designed to manage LVS clusters and later added support for the Virtual Router Redundancy Protocol (VRRP) to achieve HA for services such as Nginx, HAProxy, MySQL, etc.

Failover mechanism Keepalived uses VRRP: the MASTER node sends multicast heartbeat messages to the BACKUP node. If the MASTER stops sending heartbeats, the BACKUP detects the failure and takes over the virtual IP (VIP) and services.

Implementation steps

1. Prepare two virtual machines (192.168.16.128 and 192.168.16.129) and install Nginx on both.

2. Install Nginx using yum repositories: rpm -ivh http://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/CentOS-7.repo Then start/stop Nginx with: systemctl start nginx # start Nginx systemctl stop nginx # stop Nginx

3. Install Keepalived via yum: yum -y install keepalived

4. Edit keepalived.conf on the master (192.168.16.128) (generated under /etc/keepalived ):

vrrp_script chk_http_port {
    script "/usr/local/src/check_nginx_pid.sh"
    interval 2
    weight 2
}

vrrp_instance VI_1 {
    state MASTER
    interface ens33
    virtual_router_id 66
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    track_script { chk_http_port }
    virtual_ipaddress { 192.168.16.130 }
}

5. Edit keepalived.conf on the backup (192.168.16.129) changing state BACKUP and priority 99 while keeping other settings identical.

6. Create the health‑check script /usr/local/src/check_nginx_pid.sh :

#!/bin/bash
# Check if nginx is running
A=`ps -C nginx --no-header | wc -l`
if [ $A -eq 0 ]; then
    systemctl start nginx   # restart nginx
    if [ `ps -C nginx --no-header | wc -l` -eq 0 ]; then
        killall keepalived   # trigger VIP failover
    fi
fi

Make it executable: chmod 775 check_nginx_pid.sh

7. Testing failover – access the virtual IP 192.168.16.130; the page shows the master’s IP (192.168.16.128). Stop Nginx on the master ( systemctl stop nginx ) and observe that the script restarts Nginx, keeping the VIP on the master. Finally shut down the master server; the backup automatically takes over the VIP and serves the page, confirming successful HA.

The article notes that Keepalived also supports additional features such as email alerts, which can be explored in the official documentation.