centos 6.2 keepalived/haproxy 安装测试

韩3039

　　http://www.bitbi.biz/centos-6-2-keepalivedhaproxy-%E5%AE%89%E8%A3%85%E6%B5%8B%E8%AF%95-2912/
　　Haproxy 不用多说了，她可以做4/7层代理，本文是利用Haproxy的7层代理与Keepalived实现一个负载均衡器
1.系统

OS：centos6.2(64bit) MASTER:192.168.1.67 BACKUP:192.168.1.68 VIP:192.168.1.100 Service Port:8080

2.系统日志配置

vi /etc/rsyslog.conf #加入以下四行   $ModLoad imudp.so $UDPServerRun 514 $UDPServerAddress 127.0.0.1 local2.* /var/log/haproxy.log

3.关闭SELINUX

sed-i 's:SELINUX=enforcing:SELINUX=disabled:g'/etc/selinux/config

4.添加VRRP通讯支持到iptables里

iptables -A INPUT -d 224.0.0.18 -j ACCEPT

　　
5.安装Haproxy

#先安装epel包 yum installhaproxy   #上面安装好了这步就可跳过,haproxy编译安装， #mkdir -p /home/install/keepalived1 #cd /home/install/keepalive1 #wget http://haproxy.1wt.eu/download/1.4/src/haproxy-1.4.18.tar.gz #tar -zxvf haproxy-1.4.18.tar.gz #cd haproxy-1.4.18 #make install #mkdir -p /usr/local/haproxy/etc #mkdir -p /usr/local/haproxy/sbin #cp examples/haproxy.cfg /usr/local/haproxy/etc #ln -s /usr/local/sbin/haproxy /usr/local/haproxy/sbin/haproxy   #查看haproxy配置 cat/etc/haproxy/haproxy.cfg #全局配置 global  log 127.0.0.1 local2  chroot /var/lib/haproxy  pidfile /var/run/haproxy.pid  maxconn 4000  user haproxy  group haproxy  daemon  # turn on stats unix socket  #stats socket /var/lib/haproxy/stats ########默认配置############ defaults  #默认的模式mode { tcp|http|health }，tcp是4层，http是7层，health只会返回OK  mode http  log global  #option http-server-close  #option forwardfor except 127.0.0.0/8  option httplog  #两次连接失败就认为是服务器不可用，也可以通过后面设置  retries 3  option dontlognull  #当serverId对应的服务器挂掉后，强制定向到其他健康的服务器  option redispatch  #当服务器负载很高的时候，自动结束掉当前队列处理比较久的链接  option abortonclose  #默认的最大连接数  maxconn 2000  timeout http-keep-alive 10s  timeout queue 1m  #连接超时  timeout connect 5000ms  #客户端超时  timeout client 30000ms  #服务器超时  timeout server 30000ms  #心跳检测超时  timeout check 5s ########test1配置################# listen test1 192.168.1.100:8080  mode http  option httplog  balance roundrobin  server s1 192.168.1.59:8080 maxconn 2000 check   inter 10s fall 1 rise 2  server s2 192.168.1.60:8080 maxconn 2000 check inter 10s fall 1 rise 2 ########统计页面配置######## listen admin_stats  stats enable  #监听端口  bind 192.168.1.67:8000  #http的7层模式  mode http  #采用http日志格式  option httplog  log global  maxconn 10  #统计页面自动刷新时间  stats refresh 30s  #统计页面url  stats uri /stats  #统计页面密码框上提示文本  stats realm DW-test-Haproxy  #统计页面用户名和密码设置,还是要修改一下的  stats auth admin:admin  stats admin ifTRUE  #隐藏统计页面上HAProxy的版本信息  stats hide-version #haproxy配置结束   # # # #运行haproxy /etc/init.d/haproxystart#测试一下

6.安装Keepalived(当然你也可以#yum install keepalived,但要先安装epel的包)

mkdir-p /home/install/keepalived1 cd/home/install/keepalived1 wget http://www.keepalived.org/software/keepalived-1.2.2.tar.gz tarzxvf keepalived-1.2.2.tar.gz cdkeepalived-1.2.2 ./configure make&& makeinstall   cp/usr/local/etc/rc.d/init.d/keepalived/etc/rc.d/init.d/ cp/usr/local/etc/sysconfig/keepalived/etc/sysconfig/ mkdir/etc/keepalived cp/usr/local/etc/keepalived/keepalived.conf /etc/keepalived/ cp/usr/local/sbin/keepalived/usr/sbin/   #keepalived配置 cat/etc/keepalived/keepalived.conf global_defs {  notification_email {  xxx@gmail.com } notification_email_from xxx@gmail.com  smtp_connect_timeout 3  smtp_server 127.0.0.1  router_id HA_DEVEL_1 }   vrrp_script chk_haproxy {  #监测haproxy  script "killall -0 haproxy"  #2s检查一次  interval 2  weight 2 } vrrp_instance VI_1 {  interface eth0  #从为BACKUP  state MASTER  #从为100  priority 101  #路由ID，可通过#tcpdump vrrp查看。  virtual_router_id 50  #主从切换时间，单位为秒。  garp_master_delay 1  authentication {   auth_type PASS   #主从要一样，记得改一下哦   auth_pass XXXXXXXXXX  }  virtual_ipaddress {   192.168.1.100 #VIP  }  #将Linux中你想监控的网络接口卡监控起来，当其中的一块出现故障是keepalived都将视为路由器出现故障  track_interface {   eth0   eth1  }  track_script {   chk_haproxy  }  #状态通知  # notify_master "/etc/keepalived/Mailnotify.py master"  # notify_backup "/etc/keepalived/Mailnotify.py backup"  # notify_fault "/etc/keepalived/Mailnotify.py fault" } #keepalived配置结束   # # #启动相关服务 /etc/init.d/haproxystart /etc/init.d/keepalivedstart #查看有没有节点记录 tcpdump vrrp

7.haproxy界面 (现在的haproxy可以在页面上手动启用或禁用节点)
　　访问http://192.168.1.67:8000/stats

　　注：关于keepalive里的状态通知，这里借用一下天斯的python脚本
　　Mailnotify.py

#!/usr/local/bin/python #coding: utf-8 fromemail.MIMEMultipart importMIMEMultipart fromemail.MIMEText importMIMEText fromemail.MIMEImage importMIMEImage fromemail.header importHeader importsys importsmtplib   #--------------------------------------------------------------- # Name:        Mailnotify.py # Purpose:     Mail notify to SA # Author:      Liutiansi # Email:       liutiansi@gamil.com # Created:     2011/03/09 # Copyright:   (c) 2011 #-------------------------------------------------------------- strFrom ='admin@domain.com' strTo ='liutiansi@gmail.com' smtp_server='smtp.domain.com' smtp_pass='123456'   ifsys.argv[1]!="master"andsys.argv[1]!="backup"  andsys.argv[1]!="fault":     sys.exit() else:     notify_type=sys.argv[1]   mail_title='[紧急]负载均衡器邮件通知' mail_body_plain=notify_type+'被激活，请做好应急处理。' mail_body_html='<b><font color=red>'+notify_type+'被激活，请做好应急处理。</font></b>'   msgRoot =MIMEMultipart('related') msgRoot['Subject'] =Header(mail_title,'utf-8') msgRoot['From'] =strFrom msgRoot['To'] =strTo   msgAlternative =MIMEMultipart('alternative') msgRoot.attach(msgAlternative)   msgText =MIMEText(mail_body_plain, 'plain', 'utf-8') msgAlternative.attach(msgText)   msgText =MIMEText(mail_body_html, 'html','utf-8') msgAlternative.attach(msgText)   smtp =smtplib.SMTP() smtp.connect(smtp_server) smtp.login(smtp_user,smtp_pass) smtp.sendmail(strFrom, strTo, msgRoot.as_string()) smtp.quit()

然后放在/etc/keepalived 目录下（记得修改脚本里的邮箱地址），chmod +x /etc/keepalived/Mailnotify.py
把keepalived.conf的 “#状态通知” 以下的注释去掉，重启keepalived服务就可以了，嘿嘿