高可用Web架构Keepalived+Haproxy

w1w

　　此篇文章比较适合新手，因为这个是我一步一步搭建的，之前也没有接触过，期间遇到的问题都有陈列。

　　一、安装环境：
　　（因为我安装的系统是CentOS6.3 basic 所以很多依赖包是没有安装的，因此在安装的过程中会出现一些报错，需要我安装依赖包，为了让大家更加明白不同报错的解决方法，本人将每一个报错的解决方法逐一列出）
　　HA01、02作为提供keepalived+haproxy的服务主机，WEB01、02作为后端的App Server.
　　HA01:192.168.10.100    MASTER
　　HA02:192.168.10.101    BACKUP
　　VIP：192.168.10.110
　　WEB01:192.168.10.200
　　WEB02:192.168.10.201
　　

　　二、编译安装keepalived

　　[root@HA01 ~]#wget http://www.keepalived.org/software/keepalived-1.2.7.tar.gz
　　[root@HA01 ~]# tar -zxvf keepalived-1.2.7.tar.gz
　　[root@HA01 ~]# cd keepalived-1.2.7
　　[root@HA01 keepalived-1.2.7]# ./configure --sysconfdir=/etc
　　报错：
checking for gcc... no
checking for cc... no
checking for cl.exe... No　　解决：[root@HA01keepalived-1.2.7]# yum -y install gcc
　　[root@HA01 keepalived-1.2.7]# ./configure --sysconfdir=/etc
　　报错：
configure: error:
!!!OpenSSL is not properly installed on your system. !!!
!!!Can not include OpenSSL headers files.!!!　　解决：[root@HA01keepalived-1.2.7]# yum -y install openssl-devel
　　[root@HA01 keepalived-1.2.7]# ./configure --sysconfdir=/etc
　　报错：

configure: error: Popt libraries isrequired　　解决：[root@HA01keepalived-1.2.7]#yum -y install popt-devel
　　[root@HA01 keepalived-1.2.7]# ./configure --sysconfdir=/etc
　　到这里keepalived安装完成
　　下面需要进行编译
　　先安装make依赖包
　　[root@HA01 keepalived-1.2.7]#yum -y install make
　　[root@HA01 keepalived-1.2.7]# make && make install//编译
　　编译完成之后需要修改配置文件
　　[root@HA01keepalived-1.2.7]# vi /etc/keepalived/keepalived.conf
! Configuration File for keepalived
#global_defs {
#   notification_email {
#     gaoming@123.com
#   }
#   notification_email_from gaoming@123.com
#   smtp_server 192.168.200.1
#   smtp_connect_timeout 30
#   router_id LVS_DEVEL
#}
vrrp_instance VI_1 {
    state MASTER          #备机服务器HA02上将MASTER改为BACKUP
    interface eth0
    virtual_router_id 51
    priority 100             #备机服务器HA02上将100改为99
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.10.110/24 dev eth0 scope global
    }
}
real_server 192.168.10.100 80 {    #备机服务器HA02上将IP改为192.168.10.101
TCP_CHECK {
    }
}　　修改了之后分别启动keepalived
　　[root@HA01 keepalived-1.2.7]#/etc/init.d/keepalived start
　　出现错误：正在启动keepalived：/bin/bash:keepalived: command not found
　　解决方法：将文件keepalived文件cp到/usr/sbin/
　　[root@HA01 keepalived-1.2.7]# cp /usr/local/sbin/keepalived /usr/sbin/
　　[root@HA01 keepalived-1.2.7]#/etc/init.d/keepalived start
　　测试
　　[root@HA01 ~]# ip add
　　2: eth0: mtu 1500 qdisc pfifo_fast state UP qlen1000
　　link/ether 00:0c:29:22:a5:d0 brd ff:ff:ff:ff:ff:ff
　　inet 192.168.10.100/24 brd 192.168.10.255 scope global eth0
　　inet 192.168.10.110/24 scope global secondary eth0
　　inet6 fe80::20c:29ff:fe22:a5d0/64 scope link
　　valid_lft forever preferred_lft forever
　　[root@HA02 ~]# ip add
　　2: eth0: mtu 1500 qdisc pfifo_fast state UP qlen 1000
　　link/ether 00:0c:29:03:a8:15 brd ff:ff:ff:ff:ff:ff
　　inet 192.168.10.101/24 brd 192.168.10.255 scope global eth0
　　inet6 fe80::20c:29ff:fe03:a815/64 scope link
　　valid_lft forever preferred_lft forever
　　停了主上的keepalived，备上将接管keepalived服务
　　[root@HA02 ~]# ip add
　　2: eth0: mtu 1500 qdisc pfifo_fast state UP qlen1000
　　link/ether 00:0c:29:03:a8:15 brd ff:ff:ff:ff:ff:ff
　　inet 192.168.10.101/24 brd 192.168.10.255 scope global eth0
　　inet 192.168.10.110/24 scope global secondary eth0
　　inet6 fe80::20c:29ff:fe03:a815/64 scope link
　　valid_lft forever preferred_lft forever
　　

　　三、编译安装Haproxy
　　[root@HA02 ~]#wget http://haproxy.1wt.eu/download/1.4/src/haproxy-1.4.22.tar.gz
　　[root@HA02 ~]#tar -zxvf haproxy-1.4.22.tar.gz
　　[root@HA02 ~]#cd haproxy-1.4.22
　　[root@HA01 haproxy-1.4.22]#groupadd haproxy
　　[root@HA01 haproxy-1.4.22]#useradd haproxy -g haproxy
　　[root@HA01 haproxy-1.4.22]#make TARGET=linux26 PREFIX=/usr/local/haproxy
　　[root@HA01 haproxy-1.4.22]# make install PREFIX=/usr/local/haproxy
　　

　　1.编辑配置文件
　　[root@HA01selinux]# vi /etc/haproxy/haproxy.cfg
global
    log 127.0.0.1 local2
#    log 127.0.0.1 local1 notice
#    maxconn 4096
    user haproxy
    group haproxy
    daemon
defaults
    log global
    mode http
    option tcplog
    option dontlognull
    retries 3
    option redispatch
    maxconn 20000
    contimeout 3600s
    clitimeout 3600s
    srvtimeout 3600s
listen App :8083            #提供给前端的port
    mode    http
    option forwardfor
    option  httpclose
    option  httpchk GET /index.jsp
    balance roundrobin
#    balance source
server Server1 192.168.10.200:8082 check inter 30000 rise 1 fall 2  #后端App Server IP&port
server Server2 192.168.10.201:8082 check inter 30000 rise 1 fall 2  #后端App Server IP&port
listen http-in          #haproxy监控配置
    bind :8080      #监听端口
    mode http
    stats refresh 5s
    stats auth  admin:password      #login账号密码
    stats uri       /monitor        #url地址　　2.Init脚本的配置
　　[root@HA01 haproxy-1.4.22]#cat /etc/init.d/haproxy
#!/bin/sh
#
# haproxy
#
# chkconfig:   - 85 15
# description:  HAProxy is a free, very fast and reliable solution \
#               offering high availability, load balancing, and \
#               proxying for TCP and  HTTP-based applications
# processname: haproxy
# config:      /etc/haproxy/haproxy.cfg
# pidfile:     /var/run/haproxy.pid
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ "$NETWORKING" = "no" ] && exit 0
exec="/usr/sbin/haproxy"
prog=$(basename $exec)
[ -e /etc/sysconfig/$prog ] && . /etc/sysconfig/$prog
lockfile=/var/lock/subsys/haproxy
check() {
    $exec -c -V -f /etc/$prog/$prog.cfg
}
start() {
    $exec -c -q -f /etc/$prog/$prog.cfg
    if [ $? -ne 0 ]; then
        echo "Errors in configuration file, check with $prog check."
        return 1
    fi
    echo -n $"Starting $prog: "
    # start it up here, usually something like "daemon $exec"
    daemon $exec -D -f /etc/$prog/$prog.cfg -p /var/run/$prog.pid
    retval=$?
    echo
    [ $retval -eq 0 ] && touch $lockfile
    return $retval
}
stop() {
    echo -n $"Stopping $prog: "
    # stop it here, often "killproc $prog"
    killproc $prog
    retval=$?
    echo
    [ $retval -eq 0 ] && rm -f $lockfile
    return $retval
}
restart() {
    $exec -c -q -f /etc/$prog/$prog.cfg
    if [ $? -ne 0 ]; then
        echo "Errors in configuration file, check with $prog check."
        return 1
    fi
    stop
    start
}
reload() {
    $exec -c -q -f /etc/$prog/$prog.cfg
    if [ $? -ne 0 ]; then
        echo "Errors in configuration file, check with $prog check."
        return 1
    fi
    echo -n $"Reloading $prog: "
    $exec -D -f /etc/$prog/$prog.cfg -p /var/run/$prog.pid -sf $(cat /var/run/$prog.pid)
    retval=$?
    echo
    return $retval
}
force_reload() {
    restart
}
fdr_status() {
    status $prog
}
case "$1" in
    start|stop|restart|reload)
        $1
        ;;
    force-reload)
        force_reload
        ;;
    check)
        check
        ;;
    status)
        fdr_status
        ;;
    condrestart|try-restart)
        [ ! -f $lockfile ] || restart
        ;;
    *)
        echo $"Usage: $0 {start|stop|status|restart|try-restart|reload|force-reload}"
        exit 2
esac　　[root@HA01 haproxy-1.4.22]# chmod a+x/etc/init.d/haproxy
　　[root@HA01 haproxy-1.4.22]# chkconfig --add haproxy
　　4.启动服务
　　[root@HA01 haproxy-1.4.22]#service haproxy start
　　四、测试
　　使用VIP测试进入haproxy监控界面（这是我公司现在的架构）