In this tutorial, we will show you how to set up an Nginx High Availability cluster using Pacemaker on CentOS 7. To have an Nginx server that can operate continuously without failure for a long time, we need to configure the server with active-passive Nginx instances. Pacemaker is an open-source cluster manager software that achieves maximum high availability of your services. It’s an advanced and scalable High Availability cluster manager distributed by ClusterLabs, and it manages all cluster services and uses the messaging and membership capabilities of the underlying cluster engine.
To follow this tutorial, you need to have:
- 2 or more servers
- CentOS 7 Operating System
- root access to each of the servers
Log in and Update CentOS
ssh [email protected]_Address -p7022 yum update yum upgrade
Edit the /etc/hosts file for both servers with any terminal text editor of your liking.
Add the following lines to the /etc/hosts file(s):
192.168.0.22 webserver-01 192.168.0.23 webserver-02
Install Epel Repository and Nginx
Extra Packages for Enterprise Linux (EPEL) repository is needed in order to install Nginx. Run the following commands on both servers.
yum install epel-release -y yum install nginx -y systemctl enable nginx systemctl start nginx
Change default Nginx index page
Once finished, we need to make changes to the default Nginx index page on both servers.
Run the following command on server one:
echo ‘ webserver-01 ’ > /usr/share/nginx/html/index.html
Run the following command on server two:
echo ‘ webserver-02 ’ > /usr/share/nginx/html/index.html
Install and configure Pacemaker
In this section, we will install the Pacemaker stack. You have to complete this step on both servers.
yum install corosync pacemaker pcs -y
After the installation has been completed, enable all services to launch automatically at system boot using the systemctl commands below.
systemctl enable pacemaker systemctl enable corosync systemctl enable pcsd
Synchronize the configuration
The installation will create a ‘hacluster’ system user. We also need to run pcsd in order to synchronize the configuration.
systemctl start pcsd
Create a password
Next, create a new password for the ‘hacluster’ user that was automatically created during the previous installation; we need to use the same password for all servers
Next, run this command:
pcs cluster auth webserver-01 webserver-02
At this point, we are ready to set up the cluster.
pcs cluster setup –name rosecluster webserver-01 webserver-02
The cluster name is rosecluster, while webserver-01 and webserver-02 are the servers that will make up the parts of rosecluster.
Enable it on boot and start it now.
pcs cluster enable –all pcs cluster start –all
We can check the cluster status with this command:
STONITH or Shoot The Other Node In The Head is the fencing implementation on Pacemaker. If you’re in production, it’s better to enable STONITH. Since we’re not using the fencing device, we will disable it.
When running pcs status command, you will see a warning in the output saying that no STONITH devices are configured and STONITH is not disabled:
WARNING: no stonith devices and stonith-enabled is not false
Disable STONITH with the following pcs command:
pcs property set stonith-enabled=false
Ignore the Quorum Policy
In this tutorial, we will configure Pacemaker to ignore quorum:
pcs property set no-quorum-policy=ignore
Check the property list and make sure stonith and the quorum policy are disabled.
pcs property list
A floating IP is an IP address that can be instantly migrated from one server to another on the same network; it is used to support failover in a high-availability cluster. In this tutorial, the floating IP address for the Pacemaker High-Availability will be ‘192.168.0.100’. For now, we are going to add two resources: the Floating IP address resource with the name ‘v_ip’ and a new resource for the Nginx web server named ‘webserver’.
Add the new floating IP address ‘v_ip’ using the following command:
pcs resource create v_ip ocf:heartbeat:IPaddr2 ip=192.168.0.100 cidr_netmask=32 op monitor interval=20s
Next, we can add the second resource to the cluster. The resource agent of the service is ocf:heartbeat:nginx named ‘webserver’.
pcs resource create webserver ocf:heartbeat:nginx configfile=/etc/nginx/nginx.conf op monitor timeout=”5s” interval=”5s”
Make sure there are no errors, then check the resources.
pcs status resources
If you see two resources, ‘v_ip’ and ‘webserver’, it means the Floating IP and Nginx web server have been added.
In this step, we will tell the server to have both resources created earlier running on the same host. We will set collocation constraints for the resources with a score of INFINITY.
pcs constraint colocation add webserver v_ip INFINITY
Set the Nginx resource (webserver) to always run on the same host where v_ip is active.
pcs constraint order v_ip then webserver
To check that the resources are running on the same host, we can invoke:
Test the cluster
Navigate to http://192.168.0.100 on your web browser; there, you will see the default Nginx page from webserver-01.
Then, invoke the following command to stop the cluster on webserver-01:
pcs cluster stop webserver-01
Now, if you refresh the page at http://192.168.0.100, you will get the default Nginx page from webserver-02.
Congratulations! You have successfully set up an Nginx High Availability active-passive cluster with Pacemaker. If you have a very busy website, you may consider running your website on an Nginx HA. There are many well-known websites running on Nginx HA and they use Nginx HA to deliver their content quickly, reliably, and securely.