Keepalived + Haproxy
[vip: 192.168.1.80]
[LB1 Haproxy] [LB2 Haproxy]
192.168.1.2 192.168.1.3
[httpd] [httpd] [httpd]
192.168.1.1 192.168.1.4 192.168.1.5
一、Haproxy实施步骤
-
准备工作(集群中所有主机)
IP, hostname, hosts, iptables, SELinux, ssh trust, ntp -
RS配置
配置好网站服务器,测试所有RS -
调度器配置Haproxy(主/备) //使用之前单独搭建haproxy的方法(下面有)
#yum -y install haproxy
#cp -rf /etc/haproxy/haproxy.cfg{,.bak}
#sed -i -r ‘/1*#/d;/^$/d’ /etc/haproxy/haproxy.cfg
#vim /etc/haproxy/haproxy.cfg
listen stats
bind *:1314
stats enable
stats refresh 30s
stats hide-version
stats uri /haproxystats
stats realm Haproxy\ stats
stats auth wing:123
frontend http
mode http
bind *:80
default_backend httpservers
backend httpservers
balance roundrobin
server http1 192.168.1.1:80 check maxconn 2000
server http1 192.168.1.4:80 check maxconn 2000
server http1 192.168.1.4:80 check maxconn 2000
#service haproxy restart
#chkconfig haproxy on
之前搭建haproxy的方法:两台机器的配置文件一模一样,不做任何改变
global
log 127.0.0.1 local3 info #日志服务器
maxconn 4096 #最大连接数
uid nobody #用户身份
gid nobody #组身份
daemon #守护进程方式后台运行
nbproc 1 #工作进程数量
defaults #这些参数可以被利用配置到frontend,backend,listen组件
log global
mode http #工作模式 http ,tcp 是 4 层,http是 7 层
maxconn 2048 #最大连接数
retries 3 #3 次连接失败就认为服务器不可用
option redispatch #如果 cookie 写入了 serverId 而客户端不会刷新 cookie,当serverId 对应的服务器挂掉后,强制定向到其他健康的服务器
stats uri /haproxy #使用浏览器访问 http://192.168.122.254/haproxy,可以看到服务器状态
stats realm Haproxy\ stats #用户名和密码输入界面的提示信息
stats auth wing:123 #登录用户认证,可以使用多行方法设置多个
contimeout 5000 #连接超时时间,单位毫秒ms
clitimeout 50000 #客户端超时
srvtimeout 50000 #服务器超时
frontend http-in
bind 0.0.0.0:80 #监听端口
mode http
log global
option httplog #日志类别 http 日志格式
option httpclose #打开支持主动关闭功能,每次请求完毕后主动关闭http通道,ha-proxy不支持keep-alive,只能模拟这种模式的实现
acl php url_reg -i .php$ #acl <ACL名字> <类型> <大小写> <规则>
acl html url_reg -i .html$ #use_backend <服务器组> if <ACL名字>
use_backend php-server if php
use_backend html-server if html
default_backend html-server #默认使用的服务器组
backend php-server
mode http
balance roundrobin #负载均衡的方式
option httpchk GET /index.php #健康检查
cookie SERVERID insert indirect nocache #客户端的 cookie 信息,允许插入serverid到cookie中
server php-A 10.0.1.174:80 weight 1 cookie 1 check inter 2000 rise 2 fall 5
server php-B 10.0.1.208:80 weight 1 cookie 2 check inter 2000 rise 2 fall 5
#cookie 1 标识 serverid 为 1
#check inter 2000 检测心跳频率
#rise 2 2 次正确认为服务器可用
#fall 5 5 次失败认为服务器不可用
backend html-server
mode http
balance roundrobin
option httpchk GET /index.html
cookie SERVERID insert indirect nocache
server html-A 10.0.1.223:80 weight 1 cookie 3 check inter 2000 rise 2 fall 5
server html-B 10.0.1.225:80 weight 1 cookie 4 check inter 2000 rise 2 fall 5
4. 测试调度器(主/备)
二、Keepalived实现调度器HA
注:主/备调度器均能够实现正常调度
-
主/备调度器安装软件
#yum -y install ipvsadm keepalived
#yum -y install ipvsadm keepalived -
Keepalived
Master
#vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id director1 //辅助改为director2
}
vrrp_instance VI_1 {
state BACKUP
nopreempt
interface eth0 //心跳接口,尽量单独连接心跳
virtual_router_id 80 //MASTER,BACKUP一致
priority 100 //辅助改为50
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.80
}
}
BACKUP
-
启动KeepAlived(主备均启动)
#chkconfig keepalived on
#service keepalived start
#ip addr -
扩展对调度器Haproxy健康检查(可选)
思路:
让Keepalived以一定时间间隔执行一个外部脚本,脚本的功能是当Haproxy失败,则关闭本机的Keepalived
a. script
[[email protected] ~]# cat /etc/keepalived/check_nginx_status.sh
#!/bin/bash
/usr/bin/curl -I http://localhost &>/dev/null
if [ $? -ne 0 ];then
/etc/init.d/keepalived stop
fi
[[email protected] ~]# chmod a+x /etc/keepalived/check_haproxy_status.sh
b. keepalived使用script
! Configuration File for keepalived
global_defs {
router_id director1
}
vrrp_script check_haproxy {
script “/etc/keepalived/check_haproxy_status.sh”
interval 5
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
nopreempt
virtual_router_id 90
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass wing
}
virtual_ipaddress {
192.168.1.80
}
track_script {
check_haproxy
}
}