zjxhx 发表于 2019-1-2 09:27:04

双haproxy+双Keepalive实现高可用+动静分离

  一、规划
  

  规划:

  DNS

  master(keepalived、haproxy)    IP:172.16.12.1      hostname:ha-1
  VIP:172.16.100.1

  slave(keepalived、haproxy)   IP:172.16.12.2      hostname:ha-2
  VIP:172.16.100.2
  

  web1(static)                   IP:172.16.12.101    hostname:server1

  web2(dynamic)                  IP:172.16.12.102    hostname:server2

  

  

  二、实现过程
  开发包组:

yum groupinstall -y "Server Platform Development"
yum groupinstall -y "Development tools"  各个机器分别同步时间
  ha-1和ha-2做无秘钥登录
  

  1、安装keepalived和haproxy

# yum install -y keepalived haproxy
# yum install -y keepalived haproxy  

  2、在ha-1上配置keepalive和haproxy

  ①、配置keepalived:

  主配置文件:
# vim /etc/keepalived/keepalived.conf
!Configuration File for keepalived
global_defs {
   notification_email {
         root@localhost
         essuninfo@localhost
   }
   notification_email_from essuninfo@localhost
   smtp_connect_timeout 3
   smtp_server 127.0.0.1
   router_id LVS_DEVEL
}
vrrp_script chk_haproxy {
    script "killall -0 haproxy"
    interval 1
    weight 2
}
vrrp_instance VI_1 {
    interface eth0
    state MASTER
    priority 201
    virtual_router_id 109
    garp_master_delay 1
vrrp_script chk_mantaince_down {
   script "[[ -e /etc/keepalived/down ]] && exit 1 || exit 0"
   interval 1
   weight -150
}
    authentication {
      auth_type PASS
      auth_pass password
    }
    track_interface {
       eth0
    }
    virtual_ipaddress {
      172.16.100.1/16 dev eth0 label eth0:0
    }
    track_script {
      chk_haproxy
    }
    notify_master "/etc/keepalived/notify.sh master"
    notify_backup "/etc/keepalived/notify.sh backup"
    notify_fault "/etc/keepalived/notify.sh fault"
}
vrrp_instance VI_2 {
    interface eth0
    state BACKUP
    priority 99
    virtual_router_id 52
    garp_master_delay 1
    authentication {
      auth_type PASS
      auth_pass password
    }
    track_interface {
       eth0
    }
    virtual_ipaddress {
      172.16.100.2/16 dev eth0 label eth0:1
    }
    track_script {
      chk_haproxy
    }
}  

  通知脚本:

# cat /etc/keepalived/notify.sh
//添加如下内容
#!/bin/bash
# Author: MageEdu
# description: An example of notify script
#
vip=192.168.12.1
contact='root@localhost'
notify() {
mailsubject="`hostname` to be $1: $vip floating"
mailbody="`date '+%F %H:%M:%S'`: vrrp transition, `hostname` changed to be $1"
echo $mailbody | mail -s "$mailsubject"$contact
}
case"$1"in
master)
notify master
exit 0
;;
backup)
notify backup
exit 0
;;
fault)
notify fault
exit 0
;;
*)
echo 'Usage: `basename $0` {master|backup|fault}'
exit 1
;;
esac
# chmod +x /etc/keepalived/notify.sh
  将keepalived的主配置文件和通知脚本传到ha-2上
# scp /etc/keepalived/keepalived.conf 172.16.12.2:/etc/keepalived/
# scp /etc/keepalived/notify.sh 172.16.12.2:/etc/keepalived/  ②、配置haproxy

# vim /etc/haproxy/haproxy.cfg
//
#---------------------------------------------------------------------
# Example configuration for a possible web application.See the
# full configuration options online.
#
#   http://haproxy.1wt.eu
/download/1.4/doc/configuration.txt
#
#---------------------------------------------------------------------
#---------------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------
global #全局配置区域
    log         127.0.0.1 local2#日志将通过rsyslog进行归档记录
    chroot      /var/lib/haproxy #运行的安装路径
    pidfile   /var/run/haproxy.pid #pid文件存放的位置
    maxconn   4000#最大连接
    user      haproxy#运行haproxy的用户
    group       haproxy#运行haprixy的组
    daemon   #以后台模式运行haproxy
    # turn on stats unix socket
    stats socket /var/lib/haproxy/stats
#---------------------------------------------------------------------
# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
#---------------------------------------------------------------------
defaults
    mode                  http#工作模式
    log                     global #记录日志
    option                  httplog
    option                  dontlognull #不记录健康检查的日志信息
    option http-server-close#启用服务器端主动关闭
    option forwardfor       except 127.0.0.0/8 #传递客户端IP
    option                  redispatch #当后端服务器组中的某一台主机故障后,能够自动将请求重定向到组内的其它主机
    retries               3 #请求重试次数
    timeout http-request    10s #http请求超时时间
    timeout queue         1m #一个请求在队列里的超时时间
    timeout connect         10s #连接服务器超时时间
    timeout client          1m #客户端超时时间
    timeout server          1m #客户端超时时间
    timeout http-keep-alive 10s
    timeout check         10s #心跳检测超时时间
    maxconn               3000 #最大连接数
#---------------------------------------------------------------------
# main frontend which proxys to the backends
#---------------------------------------------------------------------
frontendproxy *:80
    acl url_static       path_beg       -i /static /images /javascript /stylesheets
    acl url_static       path_end       -i .html .jpg .gif .png .css .js
    use_backend static          if url_static
    default_backend             dynamic
#---------------------------------------------------------------------
# static backend for serving up images, stylesheets and such
#---------------------------------------------------------------------
#----------------------------------------
listen statistics
    mode http# http 7 层模式
    bind *:8080 #监听地址
    stats enable #启用状态监控
    stats auth admin:essun #验证的用户与密码
    stats uri /admin?status #访问路径
    stats admin if TRUE #如果验证通过了就允许登录
    stats refresh 6s #每6秒刷新一次
    acl allow src 172.16.12.0/24 #允许的IP地址
    tcp-request content accept if allow #如果允许的地址段就允许访问
    tcp-request content reject #拒绝非法连接
#---------------------------------------------------------------------
# round robin balancing between the various backends
#---------------------------------------------------------------------
backend static#后端调度
    balance   roundrobin #调度算法
    optionhttpchk /index.html
    server      web1 172.16.12.102:80 inter 2000 rise 2 fall 3check
//check inter 2000是检测心跳频率,rise 2是2次正确认为服务器可用,fall 3是3次失败认为服务器不可用
backend dynamic
    balance   roundrobin
    optionhttpchk /index.php
    server      web2 172.16.12.101:80 check inter 2000 rise 2 fall 3   maxconn 5000  

  ③、修改日志文件,修改系统日志的配置文件
# vim /etc/sysconfig/rsyslog
# Options for rsyslogd
# Syslogd options are deprecated since rsyslog v3.
# If you want to use them, switch to compatibility mode 2 by "-c 2"
# See rsyslogd(8) for more details
SYSLOGD_OPTIONS="-c 2 -r"  

  ④、增加日志设备

# vim /etc/rsyslog.conf
增加下面一行
local2.*                                                /var/log/haproxy.log  ⑤、重启日志服务

# service rsyslog restart  

  ⑥、检查配置文件语法
# haproxy -c -f /etc/haproxy/haproxy.cfg
Configuration file is valid  

  ⑦、创建haproxy+keepalived脚本:
  此脚本实现当haproxy挂掉后,能再次启动haproxy,若无法再次启动则彻底关闭keepalived将VIP交给从机处理。
# vim /etc/keepalived/check_haproxy.sh
#!/bin/bash
while :
do
hapid=`ps -C haproxy --no-header |wc -l`
if [ $hapid -eq 0 ];then
/usr/local/haproxy/sbin/haproxy -f /usr/local/haproxy/haproxy.cfg
sleep 5
if [ $hapid -eq 0 ];then
/etc/init.d/keepalived stop
fi
fi
sleep 5
done  

  

  将配置文件传到ha-2相同目录下

# scp /etc/haproxy/haproxy.cfg 172.16.12.2:/etc/haproxy/
# scp /etc/haproxy/haproxy.cfg root@172.16.12.2:/etc/haproxy/
# scp /etc/keepalived/check_haproxy.sh 172.16.12.2:/etc/keepalived/  

  3、在ha-2上配置keepalive和haproxy
# vim /etc/keepalived/keepalived.conf
#
# cat !$
cat /etc/keepalived/keepalived.conf
!Configuration File for keepalived
global_defs {
   notification_email {
         root@localhost
         essuninfo@localhost
   }
   notification_email_from essuninfo@localhost
   smtp_connect_timeout 3
   smtp_server 127.0.0.1
   router_id LVS_DEVEL
}
vrrp_script chk_haproxy {
    script "killall -0 haproxy"
    interval 1
    weight 2
}
vrrp_instance VI_1 {
    interface eth0
    state BACKUP
    priority 200
    virtual_router_id 109
    garp_master_delay 1
    authentication {
      auth_type PASS
      auth_pass password
    }
    track_interface {
       eth0
    }
    vrrp_script chk_mantaince_down {
   script "[[ -e /etc/keepalived/down ]] && exit 1 || exit 0"
   interval 1
   weight -150
}
    virtual_ipaddress {
      172.16.100.1/16 dev eth0 label eth0:0
    }
    track_script {
      chk_haproxy
    }
    notify_master "/etc/keepalived/notify.sh master"
    notify_backup "/etc/keepalived/notify.sh backup"
    notify_fault "/etc/keepalived/notify.sh fault"
}
vrrp_instance VI_2 {
    interface eth0
    state MASTER
    priority 100
    virtual_router_id 52
    garp_master_delay 1
    authentication {
      auth_type PASS
      auth_pass password
    }
    track_interface {
       eth0
    }
    virtual_ipaddress {
      172.16.100.2/16 dev eth0 label eth0:1
    }
    track_script {
      chk_haproxy
    }
}  

  通知脚本,修改VIP即可,别忘了加执行权限

  4、启动并测试keepalived

# service keepalived start
# service keepalived starthttp://s3.运维网.com/wyfs02/M00/2A/B1/wKioL1OEdcviXWgPAAHZ_dCAMYg778.jpg
  

http://s3.运维网.com/wyfs02/M00/2A/B1/wKiom1OEdnrzBXxGAAHvukVYvAE675.jpg
  

  

  5、在主服务器上创建down,测试vip转移

# touch /etc/keepalived/down
# ip addr show
# mailhttp://s3.运维网.com/wyfs02/M00/2A/B1/wKioL1OEe9qg64kUAAG74Iyr7nU245.jpg
  

http://s3.运维网.com/wyfs02/M02/2A/B1/wKiom1OEfCWh8wh7AAF7un95Boc174.jpg
  

  vip:192.168.12.1已经转移

http://s3.运维网.com/wyfs02/M01/2A/B1/wKioL1OEfDriFUZOAAHk8rNJS-Q464.jpg

  6、启动haproxy

# service haproxy start
# service haproxy start  

  

  

  三、测试

  1、建立动静服务器的测试页面   
  web1上:

# yum -y install php
# vim /var/www/html/index.php
www.web1.com

# service httpd start  

  web2上:

# vim /var/www/html/index.html
www.web2.com
# service httpd start  

  2、登入haproxy管理界面(账号和密码均为:admin)

http://s3.运维网.com/wyfs02/M02/2B/5C/wKiom1OHOBiQXLnbAAgomNBquaQ922.jpg
  3、测试静态页面

http://s3.运维网.com/wyfs02/M02/2B/5B/wKioL1OHOLSSQf5IAACzpNqujPg530.jpg
  

  

  4、测试php页面

http://s3.运维网.com/wyfs02/M01/2B/5C/wKiom1OHOPaykIjWAADo8q2iALY365.jpg
  

  

  

  

  

  




页: [1]
查看完整版本: 双haproxy+双Keepalive实现高可用+动静分离