|
keepalived+haproxy完成集群配置 一.Haproxy配置(master) 1.haproxy安装 [iyunv@master ~]# hostnamemaster.rhel.com 如果要永久写入,则要修改/etc/hosts与/etc/sysconfig/network文件 [iyunv@master ~]# tar -zxvf haproxy-1.3.20.tar.gz [iyunv@master ~]# cd haproxy-1.3.20 [iyunv@master haproxy-1.3.20]# uname -r 2.6.32-279.el6.x86_64 //这里要查看一下内核版本号,安装haproxy的时候,要指定正确版本号的 [iyunv@master haproxy-1.3.20]# vim Makefile 64 PREFIX = /usr/local修改为: 64PREFIX = /usr/local/haproxy 因为解压之后的文件是经过编译过的,有人直接在安装的时候使用—prefix=指明安装路径,我做了几次,发现是不能名成功的,所以要想把安装文件放在一个目录下,只能修改Makefile文件 [iyunv@master haproxy-1.3.20]# make TARGET=linux26 //对应上面的内核版本 [iyunv@master haproxy-1.3.20]# make install [iyunv@master haproxy-1.3.20]# mkdir /usr/local/haproxy/etc //创建配置文件目录 [iyunv@master haproxy-1.3.20]# cp -p examples/haproxy.cfg/usr/local/haproxy/etc/ //haproxy源码下有提供配置文件模板,我们只需要copy过去,修改即可 2.配置部分 [iyunv@master etc]# vim haproxy.cfg global log 127.0.0.1 local0 log 127.0.0.1 local1 notice #log loghost local0 info maxconn 4096 chroot /usr/share/haproxy uid 99 gid 99 daemon //配置haproxy进入后台运行模式 nbproc 2 //创建2个进程进入deamon模式运行 pidfile /usr/local/haproxy/haproxy.pid #debug #quiet
defaults log global mode http //默认模式mode option httplog option dontlognull //自动结束完成的链接 retries 3 option redispatch //当serverid对应的服务器挂掉后,强制定向到其他健康的服务器 maxconn 2000 contimeout 5000 clitimeout 50000 srvtimeout 50000
listen www.rhel.com 0.0.0.0:10001 cookie SERVERID rewrite balanceroundrobin # balance source //最好使用这个,可以保证同一台客户机,固定访问一台服务器 stats uri /haproxy_stats //访问统计页面的url stats realm user passwd //统计页面密码框提示文本 stats auth haproxy:haproxy //统计页面用户名与密码 stats hide-version //隐藏haproxy版本信息 server webapp1 192.168.1.13:80 cookie webapp1 check inter 2000 rise 2 fall server webapp2 192.168.1.14:80 cookie webapp2 checkinter 2000 rise 2 fall 5 // 服务器定义,check inter 2000指检测心中频率,rise指3次正解认为服务器可用,fall 5指失败5次认为服务器不可用,也可设置权值weigth 数字 在配置之后,需要创建一个文件,与配置想对应 [iyunv@master etc]# mkdir /usr/share/haproxy 3.日志配置 [iyunv@masteretc]# vim /etc/rsyslog.conf //日志配置文件 添加此两行内容 local0.* /var/log/haproxy.log //增加local0的日志文件,下同 local1.*/var/log/haproxy.log [iyunv@master etc]# vim /etc/sysconfig/rsyslog 修改此行: SYSLOGD_OPTIONS="-r -m 0" [iyunv@master etc]# service rsyslog restart //重启日志进程 重启之后就可以看到/var/log/已经出现了haproxy.log这个文件 4.启动haproxy服务器 [iyunv@master sbin]#./haproxy -f ../etc/haproxy.cfg 可以查看一下进程 [iyunv@mastersbin]# netstat -tulpn | grep haproxy tcp 0 0 0.0.0.0:10001 0.0.0.0:* LISTEN 3451/./haproxy udp 0 00.0.0.0:49372 0.0.0.0:* 3451/./haproxy [iyunv@master sbin]# 即启动成功 5.开启路由转发功能 [iyunv@master sbin]# echo"1">/proc/sys/net/ipv4/ip_forward 二.Haproxy(backup) Backup的安装与master的安装是一样的,我们只需要修改backup的主机名即可,这里不在赘述 三.配置服务器web1与web2 [iyunv@localhost ~]# hostname web1.rhel.com //如需要可配置成永久主机名 [iyunv@web1 ~]# yum install httpd –y //安装apache root@web1~]# echo "web1.rhel.com">/var/www/html/index.html [iyunv@web1 ~]# service httpd start Web2.rhel.com的配置基本一样,需要修改一下主机名,创建index.html网页时更改一下内容 [iyunv@web2 ~]# echo"web2.rhel.com">/var/www/html/index.html 四.测试 我们可以测试haproxy是否成功 在地址栏中输入master/backup的ip地址(这里的master与backup是对keepalived高可用所说的,对haproxy负载均衡无关系)
点击刷新
因为我们采用的是轮询,所以会在两个服务器之间进行轮询查看. 五.Keepalived配置(master) 我们已经实现在haproxy的负载均衡,但是,我们不可以一下发布两个地址,所以要使用keepalived高可用特性来实现虚拟ip,达到高可用性的目的. 1.keepalived的安装 [iyunv@master~]# yum install kernel-devel openssl-devel popt-devel //安装依赖文件 [iyunv@master~]# tar -zxvf keepalived-1.2.2.tar.gz [iyunv@master~]# cd keepalived-1.2.2 [root@masterkeepalived-1.2.2]# ./configure--with-kernel-dir=/usr/src/kernels/2.6.32-279.el6.x86_64/ 如果出现以下提示,即为成功 Keepalivedconfiguration ------------------------ Keepalivedversion : 1.2.2 Compiler : gcc Compilerflags : -g -O2 Extra Lib : -lpopt -lssl -lcrypto Use IPVSFramework : Yes IPVS syncdaemon support : Yes IPVS uselibnl : No Use VRRPFramework : Yes Use Debugflags : No [root@masterkeepalived-1.2.2]# [root@masterkeepalived-1.2.2]# make && make install [root@masterkeepalived-1.2.2]# cp keepalived/etc/init.d/keepalived.rh.init/etc/init.d/keepalived //copy启动脚本 [root@masterkeepalived-1.2.2]# chmod +x /etc/init.d/keepalived //可执行权限 [root@masterkeepalived-1.2.2]# chkconfig --level 35 keepalived on //在35级别开机启动 [root@masterkeepalived-1.2.2]# cp keepalived/etc/init.d/keepalived.sysconfig/etc/sysconfig/keepalived //copy启动初始化文件 [root@masterkeepalived-1.2.2]# cp /usr/local/sbin/keepalived /usr/sbin/ //copy启动文件 2.keepalived配置 [root@masterkeepalived-1.2.2]# vim /usr/local/etc/keepalived/keepalived.conf ! ConfigurationFile for keepalived
global_defs { notification_email { root@master.rhel.com } notification_email_from admin@master.rhel.com smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id LVS_DEVEL } vrrp_sync_groupVG1 { //创建同步组,只有此组内的两块网卡都正常的情况下,数据流才从此网卡通过.否则如果有一块网卡不同,则就断开此主机的全部连接,而转向其它主机
group {
VI_1 VI_2
}
} vrrp_instanceVI_1 { state MASTER interface eth1 virtual_router_id 51 //id号,不可重复 priority 100 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.1.100 } } vrrp_instanceVI_2 { state MASTER interface eth2 virtual_router_id 52 priority 100 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 10.1.13.54 } } virtual_server192.168.1.100 80 { delay_loop 6 lb_algo rr lb_kind DR nat_mask 255.255.255.0 persistence_timeout 50 protocol TCP
real_server 192.168.1.13 80 { weight 1 TCP_CHECK { connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } real_server 192.168.1.14 80 { weight 1 TCP_CHECK { connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } } 由于在启动脚本/etc/init.d/keepalived的配置中,默认的配置文件为config:/etc/keepalived/keepalived.conf,所以,我们要建立一个链接 [iyunv@masterkeepalived]# ln -s /usr/local/etc/keepalived/keepalived.conf/etc/keepalived/keepalived.conf 启动keepalived即可 [root@masterkeepalived-1.2.2]# service keepalived start 六.Keepalived配置(backup) Backup的配置与master的配置基本相同,只要修改几个方面即可,这里不再贴出完整代码,只写出差异的部分
1.将两处state MASTER 修改为state BACKUP 2.将两处priority 100 修改为priority 80 七.Keepalived,web整合配置(web1与web2均做此配置) 因为我们是使用的DR模式,所以需要对web服务器进行配置arp忽略与虚拟ip [iyunv@web1 ~]# ifconfig lo:0 192.168.1.100 broadcast 192.168.1.100netmask 255.255.255.255 //设置虚拟ip [iyunv@web1~]# echo "net.ipv4.conf.all.arp_ignore = 1" >>/etc/sysctl.conf [iyunv@web1~]# echo "net.ipv4.conf.lo.arp_ignore = 1" >>/etc/sysctl.conf [iyunv@web1~]# echo "net.ipv4.conf.all.arp_announce = 2">>/etc/sysctl.conf [iyunv@web1 ~]# echo "net.ipv4.conf.lo.arp_announce = 2">>/etc/sysctl.conf 八.测试 由于设定的是master为keepalived为主服务器,所以可以在master上查看是否有虚拟地址 [iyunv@master keepalived]# ip addr 应该能找到如下内容 2: eth1:
mtu 1500 qdisc pfifo_fast state UP qlen1000 link/ether 00:0c:29:70:64:a3 brdff:ff:ff:ff:ff:ff inet 192.168.1.31/24 brd 192.168.1.255scope global eth1 inet 192.168.1.100/32 scope global eth1 //可以看到虚拟ip已经出现 inet6 fe80::20c:29ff:fe70:64a3/64 scopelink valid_lft forever preferred_lft forever 3: eth2:
mtu 1500 qdisc pfifo_fast state UP qlen1000 link/ether 00:0c:29:70:64:ad brdff:ff:ff:ff:ff:ff inet 10.1.13.51/24 brd 10.1.13.255 scopeglobal eth2 inet 10.1.13.54/32 scope global eth2 //还有这儿的虚拟ip inet6 fe80::20c:29ff:fe70:64ad/64 scopelink valid_lftforever preferred_lft forever 也可以安装ipvsadm来查看配置 [iyunv@masterkeepalived]# yum install ipvsadm 查看配置 [iyunv@master keepalived]# ipvsadm -L IPVirtual Server version 1.2.1 (size=4096) ProtLocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 192.168.1.100:http rr -> 192.168.1.13:http Route 1 0 2 -> 192.168.1.14:http Route 1 0 2 [iyunv@master keepalived]# 在ip add 命令下只有主服务器才会出现虚拟vip,但是在两个keepalived主机上都会显现ipvsadm下的命令,这个不知道为什么,还要去请教高手,但是如果进行访问的话,从访问次数上来只有master下才会起作用 现在使用虚拟ip地址来查看网页
现在我们来测试一下高可用性,把master的keepalived stop,看会不会进行vip的转移 在master上关闭keepalived服务,查看backup上ip addr是否出现vip [iyunv@master keepalived]# servicekeepalived stop 在backup上查看 [iyunv@backup ~]# ip addr 2: eth0:
mtu 1500 qdisc pfifo_fast state UP qlen1000 link/ether 00:0c:29:1f:6f:f3 brdff:ff:ff:ff:ff:ff inet 192.168.1.32/24 brd 192.168.1.255scope global eth0 inet 192.168.1.100/32 scope global eth0 //可以看到虚拟ip inet6 fe80::20c:29ff:fe1f:6ff3/64 scopelink valid_lft forever preferred_lft forever 3: eth2:
mtu 1500 qdisc pfifo_fast state UP qlen1000 link/ether 00:0c:29:1f:6f:fd brdff:ff:ff:ff:ff:ff inet 10.1.13.52/24 brd 10.1.13.255 scopeglobal eth2 inet 10.1.13.54/32 scope global eth2 inet6 fe80::20c:29ff:fe1f:6ffd/64 scopelink valid_lft forever preferred_lft forever 再通过浏览器查看网页
也是正常的,高可用性也是成功的.
Keepalived配置出现的问题及解决方法 错误一: configure: error: !!!OpenSSL is not properly installed on your system. !!! !!!Can not include OpenSSL headers files. !!! 安装openssl-devel yum install openssl-devel
错误二: configure: error: Popt libraries isrequired 安装popt开发包 yum install popt-devel 错误三: [iyunv@master keepalived-1.2.2]# servicekeepalived start Starting Keepalived for LVS: /bin/bash:keepalived: command not found [FAILED] 解决方法: [iyunv@backup ~]# cp/usr/local/sbin/keepalived /usr/sbin/
| 
QQ群⑧:
窥视卡
雷达卡
发表于 2013-7-30 08:48:29
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡