Linux下HAProxy+keepalived双机高可用方案
Keepalived 的作用是检测web服务器的状态,如果有一台web服务器死机,或工作出现故障,Keepalived将检测到,并将有故障的web服务器从系统中剔除, 当web服务器工作正常后Keepalived自动将web服务器加入到服务器群中,这些工作全部自动完成,不需要人工干涉,需要人工做的只是修复故障的 web服务器。HAProxy 提供高可用性、负载均衡以及基于 TCP 和 HTTP 应用的代理,支持虚拟主机,它是免费、快速并且可靠的一种解决方案。HAProxy 特别适用于那些负载特大的 web 站点, 这些站点通常又需要会话保持或七层处理。HAProxy 运行在当前的硬件上,完全可以支持数以万计的并发连接。并且它的运行模式使得它可以很简单安全的整 合进您当前的架构中, 同时可以保护你的 web 服务器不被暴露到网络上。
系统环境: CenOS 6.5x86_64 Desktop install 将selinux and iptables 设置为disabled
主要用到软件:
haproxy-1.5.14.tar.gz
keepalived-1.1.17.tar.gz
nginx-1.7.8.tar.gz
图1 为基本的架构图:
http://s3.运维网.com/wyfs02/M01/6F/87/wKioL1WfPdjS7ihcAAE3vwUAiKI303.jpg
图2 为IP地址分配。
http://s3.运维网.com/wyfs02/M01/6F/8A/wKiom1WfPAbwpbc7AADtMS5qkTc308.jpg
一:安装过程,在两台HA机器上分别keepalived:
#tar -zxvf keepalived-1.2.17.tar.gz
#ln -s /usr/src/kernels/2.6.18-128.el5-i686/ /usr/src/linux
#cd keepalived-1.2.17
#./configure--with-kernel-dir=/usr/src/kernels/2.6.32-279.el6.x86_64/
#make
#make install
cp /usr/local/etc/rc.d/init.d/keepalived /etc/init.d/
cp/usr/local/etc/sysconfig/keepalived /etc/sysconfig/
mkdir/etc/keepalived/
cp/usr/local/etc/keepalived/keepalived.conf /etc/keepalived/
cp/usr/local/sbin/keepalived /usr/sbin/
修改配置文件为:
Master:
#vim/etc/keepalived/ keepalived.conf
# catkeepalived.conf
! ConfigurationFile for keepalived
vrrp_scriptcheck_haproxy {
script"/etc/keepalived/check_haproxy.sh"
interval 2
weight 2
}
global_defs {
notification_email {
root@localhost
}
notification_email_fromkeepalived@server62.example.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_instanceVI_1 {
state MASTER
interface eth0
virtual_router_id 151
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress{
192.168.1.201
}
track_script {
check_haproxy
}
}
BACKUP:
# catkeepalived.conf
! ConfigurationFile for keepalived
vrrp_scriptcheck_haproxy {
script"/etc/keepalived/check_haproxy.sh"
interval 2
weight 2
}
global_defs {
notification_email {
root@localhost
}
notification_email_fromkeepalived@server63.example.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_instanceVI_1 {
state BACKUP
interface eth0
virtual_router_id 151
priority 50
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress{
192.168.1.201
}
track_script {
check_haproxy
}
}
主机上:
#vi /etc/keepalived/check_haproxy.sh
#!/bin/bash
A=`ps -C haproxy --no-header | wc -l`
if [ $A -eq 0 ];then
/usr/local/haproxy/sbin/haproxy -f/usr/local/haproxy/conf/haproxy.cfg
echo "haproxy start"
sleep 3
if [ `ps -C haproxy --no-header | wc -l`-eq 0 ];then
/etc/init.d/keepalived stop
echo "keepalived stop"
fi
fi
备机上:
#!/bin/bash
A=`ip a | grep 10.2.32.201 | wc -l`
B=`ps -ef | grep haproxy | grep -v grep| awk '{print $2}'`
if [ $A -gt 0 ];then
/usr/local/haproxy/sbin/haproxy -f/usr/local/haproxy/conf/haproxy.cfg
else
kill -9 $B
fi
#两台机器分别执行:chmod 755 /etc/keepalived/check_haproxy.sh
haproxy的安装(主备都一样):
#tar -zxvf haproxy-1.5.14.tar.gz
#cd haproxy-1.5.14
#make TARGET=linux26 PREFIX=/usr/local/haproxy
#makeinstall PREFIX=/usr/local/haproxy
#cd/usr/local/haproxy/
#mkdir conf
#mkdir logs
#vi haproxy.cfg
global
log127.0.0.1 local0
log127.0.0.1 local1 notice
maxconn 4096
chroot/usr/local/haproxy
uid 99
gid 99
daemon
#debug
#quiet
nbproc 1
pidfile/usr/local/haproxy/logs/haproxy.pid
defaults
log global
mode http
optionhttplog
optiondontlognull
retries 3
#redispatch
maxconn 65535
optionredispatch
timeout connect5000
timeout client50000
timeout server50000
stats uri /haproxy
stats authadmin:admin
listenwww.omg.com *:80
cookieSERVERID rewrite
mode http
balance roundrobin
option httpchkHEAD /index.html HTTP/1.0
serverweb1 10.2.32.99:80 cookie app1inst1 weight 5check inter 2000 rise 2 fall 5
serverweb2 10.2.32.110:80 cookie app1inst2 weight 3check inter 2000 rise 2 fall 5
二:先主后从,两台机器上都分别启动:
/etc/init.d/keepalivedstart (如果之前没有启动haproxy,这条命令会自动把haproxy启动)
# ps -ef | grephaprox
root 30344 10 11:43 ? 00:00:00 /bin/bash/etc/keepalived/check_haproxy.sh
nobody30349 10 11:43 ? 00:00:00/usr/local/haproxy/sbin/haproxy -f /usr/local/haproxy/conf/haproxy.cfg
# ps -ef | grepkeepali
root 30337 10 11:43 ? 00:00:00 keepalived -D
root 30339 303371 11:43 ? 00:00:00 keepalived -D
root 30340 303371 11:43 ? 00:00:00 keepalived -D
root 3037228760 11:43 pts/0 00:00:00 grep keepali
三:测试:
1.再两台HA上分别执行ip ad sh |grep 10.2.32
主:
inet10.2.32.100/24 brd 10.2.32.255 scope global eth0
inet10.2.32.201/32 scope global eth0
备:
inet10.2.32.101/24 brd 10.2.32.255 scope global eth0
2.停掉主上的haproxy,3秒后keepalived会自动将其再次启动
3.停掉主的keepalived,备机马上接管服务
备: ip ad sh |grep 10.2.32
inet10.2.32.101/24 brd 10.2.32.255 scope global eth0
inet10.2.32.201/32 scope global eth0
四:通过浏览器进行测试
http://www.omg.com
两台web的页面会在你刷新时进行切换。此文将nginx安装,配置过程省略了,如果有问题可以到我的博客中查看相关文章。
页:
[1]