keepalived+haproxy完成集群配置
keepalived+haproxy完成集群配置一.Haproxy配置(master)1.haproxy安装# hostnamemaster.rhel.com如果要永久写入,则要修改/etc/hosts与/etc/sysconfig/network文件# tar -zxvf haproxy-1.3.20.tar.gz# cd haproxy-1.3.20# uname -r2.6.32-279.el6.x86_64 //这里要查看一下内核版本号,安装haproxy的时候,要指定正确版本号的 # vim Makefile 64 PREFIX = /usr/local修改为: 64PREFIX = /usr/local/haproxy因为解压之后的文件是经过编译过的,有人直接在安装的时候使用—prefix=指明安装路径,我做了几次,发现是不能名成功的,所以要想把安装文件放在一个目录下,只能修改Makefile文件 # make TARGET=linux26 //对应上面的内核版本 # make install # mkdir /usr/local/haproxy/etc //创建配置文件目录 # cp -p examples/haproxy.cfg/usr/local/haproxy/etc/ //haproxy源码下有提供配置文件模板,我们只需要copy过去,修改即可2.配置部分# vim haproxy.cfgglobal log 127.0.0.1 local0 log 127.0.0.1 local1 notice #log loghost local0 info maxconn 4096 chroot /usr/share/haproxy uid 99 gid 99 daemon //配置haproxy进入后台运行模式 nbproc 2 //创建2个进程进入deamon模式运行 pidfile /usr/local/haproxy/haproxy.pid #debug #quietdefaults log global mode http //默认模式mode option httplog option dontlognull //自动结束完成的链接 retries 3 option redispatch //当serverid对应的服务器挂掉后,强制定向到其他健康的服务器 maxconn 2000 contimeout 5000 clitimeout 50000 srvtimeout 50000
listenwww.rhel.com 0.0.0.0:10001 cookie SERVERID rewrite balanceroundrobin# balance source //最好使用这个,可以保证同一台客户机,固定访问一台服务器 stats uri /haproxy_stats //访问统计页面的url stats realm userpasswd //统计页面密码框提示文本 stats auth haproxy:haproxy //统计页面用户名与密码 stats hide-version //隐藏haproxy版本信息 server webapp1 192.168.1.13:80 cookie webapp1 check inter 2000 rise 2 fall serverwebapp2 192.168.1.14:80 cookie webapp2 checkinter 2000 rise 2 fall 5// 服务器定义,check inter 2000指检测心中频率,rise指3次正解认为服务器可用,fall 5指失败5次认为服务器不可用,也可设置权值weigth 数字在配置之后,需要创建一个文件,与配置想对应# mkdir /usr/share/haproxy3.日志配置 # vim /etc/rsyslog.conf //日志配置文件添加此两行内容local0.* /var/log/haproxy.log //增加local0的日志文件,下同local1.*/var/log/haproxy.log # vim /etc/sysconfig/rsyslog修改此行: SYSLOGD_OPTIONS="-r -m 0" # service rsyslog restart //重启日志进程重启之后就可以看到/var/log/已经出现了haproxy.log这个文件4.启动haproxy服务器#./haproxy -f ../etc/haproxy.cfg可以查看一下进程# netstat -tulpn | grep haproxytcp 0 0 0.0.0.0:100010.0.0.0:* LISTEN 3451/./haproxy udp 0 00.0.0.0:49372 0.0.0.0:* 3451/./haproxy #即启动成功5.开启路由转发功能# echo"1">/proc/sys/net/ipv4/ip_forward二.Haproxy(backup)Backup的安装与master的安装是一样的,我们只需要修改backup的主机名即可,这里不在赘述三.配置服务器web1与web2# hostname web1.rhel.com //如需要可配置成永久主机名# yum install httpd –y //安装apacheroot@web1~]# echo "web1.rhel.com">/var/www/html/index.html# service httpd startWeb2.rhel.com的配置基本一样,需要修改一下主机名,创建index.html网页时更改一下内容# echo"web2.rhel.com">/var/www/html/index.html四.测试我们可以测试haproxy是否成功在地址栏中输入master/backup的ip地址(这里的master与backup是对keepalived高可用所说的,对haproxy负载均衡无关系)点击刷新因为我们采用的是轮询,所以会在两个服务器之间进行轮询查看.五.Keepalived配置(master)我们已经实现在haproxy的负载均衡,但是,我们不可以一下发布两个地址,所以要使用keepalived高可用特性来实现虚拟ip,达到高可用性的目的.1.keepalived的安装# yum install kernel-devel openssl-devel popt-devel //安装依赖文件# tar -zxvf keepalived-1.2.2.tar.gz# cd keepalived-1.2.2[root@masterkeepalived-1.2.2]# ./configure--with-kernel-dir=/usr/src/kernels/2.6.32-279.el6.x86_64/如果出现以下提示,即为成功Keepalivedconfiguration------------------------Keepalivedversion : 1.2.2Compiler : gccCompilerflags : -g -O2Extra Lib : -lpopt -lssl -lcryptoUse IPVSFramework : YesIPVS syncdaemon support : YesIPVS uselibnl : NoUse VRRPFramework : YesUse Debugflags : No[root@masterkeepalived-1.2.2]#[root@masterkeepalived-1.2.2]# make && make install[root@masterkeepalived-1.2.2]# cp keepalived/etc/init.d/keepalived.rh.init/etc/init.d/keepalived //copy启动脚本[root@masterkeepalived-1.2.2]# chmod +x /etc/init.d/keepalived //可执行权限[root@masterkeepalived-1.2.2]# chkconfig --level 35 keepalived on//在35级别开机启动[root@masterkeepalived-1.2.2]# cp keepalived/etc/init.d/keepalived.sysconfig/etc/sysconfig/keepalived //copy启动初始化文件[root@masterkeepalived-1.2.2]# cp /usr/local/sbin/keepalived /usr/sbin/ //copy启动文件2.keepalived配置[root@masterkeepalived-1.2.2]# vim /usr/local/etc/keepalived/keepalived.conf! ConfigurationFile for keepalived
global_defs {notification_email { root@master.rhel.com}notification_email_from admin@master.rhel.comsmtp_server 127.0.0.1smtp_connect_timeout 30router_id LVS_DEVEL}vrrp_sync_groupVG1 { //创建同步组,只有此组内的两块网卡都正常的情况下,数据流才从此网卡通过.否则如果有一块网卡不同,则就断开此主机的全部连接,而转向其它主机
group {
VI_1 VI_2
}
}vrrp_instanceVI_1 { state MASTER interface eth1 virtual_router_id 51 //id号,不可重复 priority 100 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.1.100 }}vrrp_instanceVI_2 { state MASTER interface eth2 virtual_router_id 52 priority 100 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 10.1.13.54 }}virtual_server192.168.1.100 80 { delay_loop 6 lb_algo rr lb_kind DR nat_mask 255.255.255.0 persistence_timeout 50 protocol TCP
real_server 192.168.1.13 80 { weight 1 TCP_CHECK { connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } real_server 192.168.1.14 80 { weight 1 TCP_CHECK { connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } }}由于在启动脚本/etc/init.d/keepalived的配置中,默认的配置文件为config:/etc/keepalived/keepalived.conf,所以,我们要建立一个链接# ln -s /usr/local/etc/keepalived/keepalived.conf/etc/keepalived/keepalived.conf启动keepalived即可[root@masterkeepalived-1.2.2]# service keepalived start六.Keepalived配置(backup)Backup的配置与master的配置基本相同,只要修改几个方面即可,这里不再贴出完整代码,只写出差异的部分
1.将两处state MASTER 修改为state BACKUP2.将两处priority 100修改为priority 80七.Keepalived,web整合配置(web1与web2均做此配置)因为我们是使用的DR模式,所以需要对web服务器进行配置arp忽略与虚拟ip# ifconfig lo:0 192.168.1.100 broadcast 192.168.1.100netmask 255.255.255.255 //设置虚拟ip# echo "net.ipv4.conf.all.arp_ignore = 1" >>/etc/sysctl.conf# echo "net.ipv4.conf.lo.arp_ignore = 1" >>/etc/sysctl.conf# echo "net.ipv4.conf.all.arp_announce = 2">>/etc/sysctl.conf# echo "net.ipv4.conf.lo.arp_announce = 2">>/etc/sysctl.conf八.测试由于设定的是master为keepalived为主服务器,所以可以在master上查看是否有虚拟地址# ip addr应该能找到如下内容2: eth1:
mtu 1500 qdisc pfifo_fast state UP qlen1000 link/ether 00:0c:29:70:64:a3 brdff:ff:ff:ff:ff:ff inet 192.168.1.31/24 brd 192.168.1.255scope global eth1 inet 192.168.1.100/32 scope global eth1 //可以看到虚拟ip已经出现 inet6 fe80::20c:29ff:fe70:64a3/64 scopelink valid_lft forever preferred_lft forever3: eth2:
mtu 1500 qdisc pfifo_fast state UP qlen1000 link/ether 00:0c:29:70:64:ad brdff:ff:ff:ff:ff:ff inet 10.1.13.51/24 brd 10.1.13.255 scopeglobal eth2 inet 10.1.13.54/32 scope global eth2 //还有这儿的虚拟ip inet6 fe80::20c:29ff:fe70:64ad/64 scopelink valid_lftforever preferred_lft forever也可以安装ipvsadm来查看配置 # yum install ipvsadm查看配置 # ipvsadm -LIPVirtual Server version 1.2.1 (size=4096)ProtLocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConnTCP192.168.1.100:http rr -> 192.168.1.13:http Route 1 0 2 -> 192.168.1.14:http Route 1 0 2 #在ip add 命令下只有主服务器才会出现虚拟vip,但是在两个keepalived主机上都会显现ipvsadm下的命令,这个不知道为什么,还要去请教高手,但是如果进行访问的话,从访问次数上来只有master下才会起作用现在使用虚拟ip地址来查看网页现在我们来测试一下高可用性,把master的keepalived stop,看会不会进行vip的转移在master上关闭keepalived服务,查看backup上ip addr是否出现vip# servicekeepalived stop在backup上查看# ip addr2: eth0:
mtu 1500 qdisc pfifo_fast state UP qlen1000 link/ether 00:0c:29:1f:6f:f3 brdff:ff:ff:ff:ff:ff inet 192.168.1.32/24 brd 192.168.1.255scope global eth0 inet 192.168.1.100/32 scope global eth0 //可以看到虚拟ip inet6 fe80::20c:29ff:fe1f:6ff3/64 scopelink valid_lft forever preferred_lft forever3: eth2:
mtu 1500 qdisc pfifo_fast state UP qlen1000 link/ether 00:0c:29:1f:6f:fd brdff:ff:ff:ff:ff:ff inet 10.1.13.52/24 brd 10.1.13.255 scopeglobal eth2 inet 10.1.13.54/32 scope global eth2 inet6 fe80::20c:29ff:fe1f:6ffd/64 scopelink valid_lft forever preferred_lft forever再通过浏览器查看网页也是正常的,高可用性也是成功的.
Keepalived配置出现的问题及解决方法错误一:configure: error: !!!OpenSSL is not properly installed on your system. !!! !!!Can not include OpenSSL headers files. !!!安装openssl-develyum install openssl-devel
错误二:configure: error: Popt libraries isrequired安装popt开发包 yum install popt-devel错误三:# servicekeepalived startStarting Keepalived for LVS: /bin/bash:keepalived: command not found 解决方法:# cp/usr/local/sbin/keepalived /usr/sbin/
昨天,系花对我笑了一下,乐得我晚上直数羊,一只羊,两只羊,三只羊…… 找到好贴不容易,我顶你了,谢了 下雨了,别忘了打伞,湿身是小,淋病就麻烦啦*^_^* 不要在一棵树上吊死,在附近几棵树上多试试死几次~ 帮帮顶顶!! 我抢、我抢、我抢沙发~
页:
[1]