Keepalived+HAProxy基于读写分离方式实现discuz论坛

hb_sz · 发表于 2018-12-29 06:37:33

　　一、测试环境： centos 6.6；使用8台虚拟机（上图）
　　分别对它们设置主机名：

主机名	ip地址	软件包
node1	172.16.16.11	keepalived+haproxy
node2	172.16.16.12	keepalived+haproxy
php1	172.16.16.2	httpd+php+php-mysql+nfs-utils
php2	172.16.16.8	httpd+php+php-mysql+nfs-utils
web1	172.16.16.3	httpd
web2	172.16.16.4	httpd
mysql	172.16.16.5	mariadb-5.5.43-linux-x86_64.tar.gz
nfs	172.16.16.252	nfs-utils

　　上述服务器实现的作用介绍：
　　①keepalived+haproxy，实现高可用和haproxy的反向代理功能并实现动静分离的效果；请求动态的内容交给后端的动态服务器组（php1或php2）；静态内容交给静态服务器组（web1和web2）
　　②mysql服务器存储discuz数据库
　　③nfs文件共享服务器设置2个目录/mydata和/discuz；前者给mysql服务器用做当datadir使用；后者给web和php服务器使用，共享discuz网页文件
　　

　　

二、准备工作：这里基于ansible的playbook部署
1、ansible使用环境为centos 7；设置如下
# ssh-keygen -t rsa -P ''
# ssh-copy-id -i ~/.ssh/id_rsa.pub node1
# ssh-copy-id -i ~/.ssh/id_rsa.pub node2
# ssh-copy-id -i ~/.ssh/id_rsa.pub web1
# ssh-copy-id -i ~/.ssh/id_rsa.pub web2
# ssh-copy-id -i ~/.ssh/id_rsa.pub php1
# ssh-copy-id -i ~/.ssh/id_rsa.pub php2
# ssh-copy-id -i ~/.ssh/id_rsa.pub mysql
# ssh-copy-id -i ~/.ssh/id_rsa.pub nfs

2、ansible设置及管理节点探测：
# vim /etc/ansible/host
[haproxy]
172.16.16.11
172.16.16.12
[dynamic_servers]
172.16.16.2
172.16.16.8
[static_servers]
172.16.16.3
172.16.16.4
[db]
172.16.16.5
[nfs]
172.16.16.252

# ansible all -m ping
172.16.16.12 | success >> {
"changed": false,
"ping": "pong"
}
172.16.16.3 | success >> {
"changed": false,
"ping": "pong"
}
172.16.16.11 | success >> {
"changed": false,
"ping": "pong"
}
172.16.16.4 | success >> {
"changed": false,
"ping": "pong"
}
172.16.16.5 | success >> {
"changed": false,
"ping": "pong"
}
172.16.16.2 | success >> {
"changed": false,
"ping": "pong"
}
172.16.16.8 | success >> {
"changed": false,
"ping": "pong"
}
172.16.16.252 | success >> {
"changed": false,
"ping": "pong"
}　　

　　3、ansible定义roles如下：
[root@localhost ansible_playbooks]# tree
.
|-- haproxy.yml                //playbook剧本
`-- roles                      //定义的角色（7个）
|-- haproxy                //node1,node2节点用到的haproxy
| |-- files
| |-- handlers
| | `-- main.yml
| |-- tasks
| | `-- main.yml
| |-- templates
| | |-- haproxy.cfg.j2
| | `-- rsyslog.conf
| `-- vars
|    `-- main.yml
|-- httpd                //web1，web2节点用到的httpd
| |-- files
| | `-- mountnfs.sh
| |-- handlers
| |-- tasks
| | `-- main.yml
| `-- templates
|    `-- httpd.conf.j2
|-- initialization             //所有节点用到的系统初始化
| |-- files
| |-- handlers
| |-- tasks
| | `-- main.yml
| `-- templates
|    |-- hosts
|    |-- resolv.conf
|    `-- selinux.conf
|-- keepalived                //keepalived设置
| |-- files
| | `-- notify.sh
| |-- handlers
| | `-- main.yml
| |-- tasks
| | `-- main.yml
| |-- templates
| | |-- keepalived.conf.backup.j2
| | `-- keepalived.conf.master.j2
| `-- vars
|    `-- main.yml
|-- mysql                   //mysql数据库
| |-- files
| | |-- mariadb-5.5.43-linux-x86_64.tar.gz
| | |-- mariadb-5.5.43.sh
| | `-- privilege.sh
| |-- handlers
| |-- tasks
| | `-- main.yml
| `-- templates
|-- nfs                         //nfs文件共享
| |-- files
| | |-- Discuz_X3.1_SC_UTF8.zip
| | `-- discuz.sh
| |-- handlers
| |-- tasks
| | `-- main.yml
| `-- templates
|    `-- exports
`-- php                   //php1,php2节点用到的相关配置
      |-- files
      | |-- install-php.sh
      | `-- mountnfs.sh
      |-- handlers
      |-- tasks
      | `-- main.yml
      `-- templates
         `-- httpd.conf.j2　　

　　4、介绍上述roles代表的含义，从上至下进行介绍；
　　
　　
　　4.1、haproxy

handlers:main.yml	- name: restart haproxy //重启haproxy服务　　service: name=haproxy state=restarted 　　- name: restart rsyslog //重启rsyslog服务　　service: name=rsyslog state=restarted
tasks:main.yml	- name: install haproxy package　　yum: name=haproxy state=present 　　- name: configuration haproxy 　　template: src=haproxy.cfg.j2 dest=/etc/haproxy/haproxy.cfg 　　notify: 　　- restart haproxy 　　tags: cfg 　　- name: configuration rsyslog for haproxy 　　template: src=rsyslog.conf dest=/etc/rsyslog.conf 　　notify: 　　- restart rsyslog 　　- name: start haproxy service 　　service: name=haproxy state=started enabled=yes
template	haproxy.cfg.j2: //只截取了重要的部分，动静分离，后端服务器定义　　frontend http 　　bind *:80 　　mode http 　　log global 　　option httpclose 　　option logasap 　　option dontlognull 　　acl url_static path_end -i .jpg .gif .png .css .js .html .ico 　　use_backend static_servers if url_static 　　default_backend dynamic_servers 　　　　#--------------------------------------------------------------------- 　　# static backend for serving up images, stylesheets and such 　　#--------------------------------------------------------------------- 　　backend static_servers 　　balance roundrobin 　　cookie WebID insert nocache 　　server web1 ` web1_ip `:80 check cookie web1 　　server web2 ` web2_ip `:80 check cookie web2 　　　　#--------------------------------------------------------------------- 　　# round robin balancing between the various backends 　　#--------------------------------------------------------------------- 　　backend dynamic_servers 　　balance uri 　　hash-type consistent 　　server php1 ` php1_ip `:80 check cookie php1 　　server php2 ` php2_ip `:80 check cookie php2 　　　　rsyslog.conf
vars:main.yml	web1_ip : 172.16.16.3 //静态web1服务器ip 　　web2_ip : 172.16.16.4 //静态web2服务器ip 　　php1_ip : 172.16.16.2 //动态php1服务器ip 　　php2_ip : 172.16.16.8 //动态php2服务器ip

　　

　　4.2、httpd

files：mountnfs.sh	yum install -y nfs-utils &> /dev/null //挂载nfs共享目录　　echo " 172.16.16.252:/discuz /var/www/html/ nfs defaults,_netdev 0 0 " >> /etc/fstab 　　mount -a
tasks:main.yml	- name: install httpd package 　　yum: name=httpd state=present 　　- name: mount nfs share directory /discuz 　　script: mountnfs.sh 　　- name: set configuration 　　template: src=httpd.conf.j2 dest=/etc/httpd/conf/httpd.conf 　　- name: start httpd service 　　service: name=httpd state=started
templates:http.conf.j2	LogFormat %{X-Forwarded-For}i combined //将客户端ip记入日志

　　

　　4.3、initialization

tasks：main.yml

　　- name: set selinux
　　shell: sed -i 's@^SELINUX=.*@SELINUX=permissive@' /etc/selinux/config
　　shell: setenforce 0
　　- name: install libselinux-python package
　　yum: name=libselinux-python state=present
　　- name: copy hosts to all node /etc/hosts
　　template: src=hosts dest=/etc/hosts
　　- name: copy resolv.conf to all node /etc/resolv.conf
　　template: src=resolv.conf dest=/etc/resolv.conf
　　- name: install ntpdate package
　　yum: name=ntpdate state=present
　　- name: synctime from ntp.sjtu.edu.cn
　　shell: ntpdate ntp.sjtu.edu.cn
　　- name: set a cron to synctime from ntp.sjtu.edu.cn
　　cron: name="cron to synctime from ntp.sjtu.edu.cn" minute="*/5" job="/usr/sbin/ntpdate ntp.sjtu.edu.cn &> /dev/null" state=present
　　- name: modify selinux configuration
　　template: src=selinux.conf dest=/etc/selinux/conf
　　- name: set selinux permissive
　　shell: setenforce 0

templates:3个文件

　　(1)hosts
　　127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
　　::1       localhost localhost.localdomain localhost6 localhost6.localdomain6
　　172.16.16.11 node1
　　172.16.16.12 node2
　　172.16.16.3    web1
　　172.16.16.4    web2
　　172.16.16.2    php1
　　172.16.16.8    php2
　　172.16.16.5    mysql
　　172.16.16.252  nfs
　　

　　(2)resolv.conf
　　nameserver 172.16.0.1
　　

　　(3)selinux.conf
　　SELINUX=disabled
　　SELINUXTYPE=targeted
　　

　　

　　4.4、keepalived

files:notify.sh	通知机制：当主从发生变化的时候给管理员发邮件
handlers：main.yml	- name: restart keepalived　　service: name=keepalived state=restarted
tasks:main.yml	- name: install keepalived package　　yum: name=keepalived state=present 　　- name: copy notify.sh to node1 and node2 　　copy: src=notify.sh dest=/etc/keepalived/notify.sh 　　- name: configure keepalived on node1-master 　　template: src=keepalived.conf.master.j2 dest=/etc/keepalived/keepalived.conf 　　when: ansible_hostname == "node1" 　　notify: 　　- restart keepalived 　　- name: configure keepalived on node2-backup 　　template: src=keepalived.conf.backup.j2 dest=/etc/keepalived/keepalived.conf 　　when: ansible_hostname == "node2" 　　notify: 　　- restart keepalived 　　- name: start keepalived service 　　service: name=keepalived state=started enabled=yes
templates	keepalived.conf.master.j2 　　! Configuration File for keepalived 　　　　global_defs { 　　notification_email { 　　root@localhost 　　} 　　notification_email_from keepalived@localhost 　　smtp_connect_timeout 3 　　smtp_server 127.0.0.1 　　router_id LVS_DEVEL 　　} 　　　　vrrp_script chk_haproxy { 　　script "killall -0 haproxy" 　　interval 1 　　weight 2 　　} 　　　　vrrp_script chk_mantaince_down { 　　script "[[ -f /etc/keepalived/down ]] && exit 1 \|\| exit 0" 　　interval 1 　　weight 2 　　} 　　　　vrrp_instance VI_1 { 　　interface eth0 　　state MASTER # BACKUP for slave routers 　　priority 101 # 100 for BACKUP 　　virtual_router_id 51 　　garp_master_delay 1 　　　　authentication { 　　auth_type PASS 　　auth_pass password12345 　　} 　　track_interface { 　　eth0 　　} 　　virtual_ipaddress { 　　` vip `/16 dev eth0 label eth0:0 　　} 　　track_script { 　　chk_haproxy 　　chk_mantaince_down 　　} 　　　　notify_master "/etc/keepalived/notify.sh master" 　　notify_backup "/etc/keepalived/notify.sh backup" 　　notify_fault "/etc/keepalived/notify.sh fault" 　　} 　　　　　　keepalived.conf.backup.j2 state BACKUP priority 100
vars:main.yml	vip : 172.16.16.50

　　

　　4.5、mysql

files:3个文件	(1)mariadb-5.5.43.sh: 编译安装配置mariadb的脚本，就不发了，太多　　　　(2)privilege.sh 　　#!/bin/bash 　　#! privilege to dzuser 　　　　echo "create database discuz; 　　grant all on discuz.* to 'dzuser'@'172.16.%.%' identified by 'dzpasswd'; 　　flush privileges; 　　\q" \| mysql 　　~
tasks:main.yml	- name: copy mariadb-5.5.43 package 　　copy: src=mariadb-5.5.43-linux-x86_64.tar.gz dest=/root/mariadb-5.5.43-linux-x86_64.tar.gz 　　- name: install mysql and cofiguration 　　script: mariadb-5.5.43.sh 　　- name: start mysqld service 　　shell: service mysqld start 　　- name: privileges to dzuser 　　script: privilege.sh 　　tags: haha

　　

　　4.6、nfs

files：discuz.sh	#!/bin/bash 　　# discuz configuration 　　　　unzip -d /discuz /root/Discuz_X3.1_SC_UTF8.zip 　　chmod -R go+w /discuz/upload/config/ 　　chmod -R go+w /discuz/upload/data/ 　　chmod -R go+w /discuz/upload/uc_*
tasks:main.yml	- name: mkdir share directory to mysql and web 　　shell: mkdir -pv /{mydata,discuz} 　　- name: install nfs package 　　yum: name=nfs-utils state=present 　　- name: useradd mysql 　　user: name=mysql state=present system=yes 　　- name: useradd apache 　　user: name=apache state=present system=yes 　　- name: copy exports to nfs node 　　template: src=exports dest=/etc/exports 　　- name: set mysql mode(rwx) to /mydata 　　shell: setfacl -m u:mysql:rwx /mydata 　　- name: set apache mode(rwx) to /discuz 　　shell: setfacl -m u:apache:rwx /discuz 　　- name: copy Discuz_X3.1_SC_UTF8.zip package 　　copy: src=Discuz_X3.1_SC_UTF8.zip dest=/root/Discuz_X3.1_SC_UTF8.zip 　　- name: install unzip package 　　yum: name=unzip state=present 　　- name: configuration discuz 　　script: discuz.sh 　　- name: start rpcbind service 　　service: name=rpcbind state=started 　　- name: start nfs service
templates:exports	/mydata 172.16.0.0/16(rw,no_root_squash)//编译安装mysql需要这样设置，安装完可以改成rw权限即可　　/discuz 172.16.0.0/16(rw)

　　

　　4.7、php

files：2个文件	(1)install-php.sh 　　#!/bin/bash 　　# install nfs-utils httpd \| php \| php-mysql 　　yum install -y nfs-utils httpd php php-mysql openssl-devel &> /dev/null 　　　　(2)mountnfs.sh //同httpd使用的脚本
tasks：main.yml	- name: install nfs-utils \| httpd \| php \| php-mysql package　　script: install-php.sh 　　- name: mount nfs share directory /discuz 　　script: mountnfs.sh 　　- name: set configuration 　　template: src=httpd.conf.j2 dest=/etc/httpd/conf/httpd.conf 　　- name: start httpd service 　　service: name=httpd state=started
templates:httpd.conf.j2	这个模板也同httpd使用的！

　　

　　三、执行过程如下
[root@localhost ansible_playbooks]# ansible-playbook haproxy.yml //执行ansible剧本
PLAY [nfs] ********************************************************************
GATHERING FACTS ***************************************************************
ok: [172.16.16.252]
TASK: [initialization | set selinux] ******************************************
changed: [172.16.16.252]                      //设置selinux
TASK: [initialization | install libselinux-python package] ********************
changed: [172.16.16.252]                      //需要安装libselinux-python
TASK: [initialization | copy hosts to all node /etc/hosts] ********************
changed: [172.16.16.252]                   //复制主机名解析文件
TASK: [initialization | copy resolv.conf to all node /etc/resolv.conf] ********
changed: [172.16.16.252]                   //复制域名文件
TASK: [initialization | install ntpdate package] ******************************
changed: [172.16.16.252]                   //安装ntpdate
TASK: [initialization | synctime from ntp.sjtu.edu.cn] ************************
changed: [172.16.16.252]
                                             //同步时间
TASK: [initialization | set a cron to synctime from ntp.sjtu.edu.cn] **********                                           //设置计划任务
changed: [172.16.16.252]
TASK: [initialization | modify selinux configuration] *************************
changed: [172.16.16.252]                      //修改selinux
TASK: [initialization | set selinux permissive] *******************************
changed: [172.16.16.252]
TASK: [nfs | mkdir share directory to mysql and web] **************************
changed: [172.16.16.252]             //创建nfs的共享目录/mydata和/discuz
TASK: [nfs | install nfs package] *********************************************
changed: [172.16.16.252]             //安装nfs-utils
TASK: [nfs | useradd mysql] ***************************************************
changed: [172.16.16.252]                //添加mysql用户
TASK: [nfs | useradd apache] **************************************************
changed: [172.16.16.252]             //添加apache用户
TASK: [nfs | copy exports to nfs node] ****************************************
changed: [172.16.16.252]             //设置nfs导出的共享目录
TASK: [nfs | set mysql mode(rwx) to /mydata] **********************************
changed: [172.16.16.252]             //给mysql对/mydata的rwx权限
TASK: [nfs | set apache mode(rwx) to /discuz] *********************************
changed: [172.16.16.252]             //给apache对/discuz的rwx权限
TASK: [nfs | copy Discuz_X3.1_SC_UTF8.zip package] ****************************
changed: [172.16.16.252]             //复制discuz安装包到nfs服务器
TASK: [nfs | install unzip package] *******************************************
changed: [172.16.16.252]             //解压discuz
TASK: [nfs | configuration discuz] ********************************************
changed: [172.16.16.252]                //配置discuz网页文件（给其对应访问权限）
TASK: [nfs | start rpcbind service] *******************************************
changed: [172.16.16.252]                //启动rpcbind服务
TASK: [nfs | start nfs service] ***********************************************
changed: [172.16.16.252]             //启动nfs服务
PLAY [db] *********************************************************************
                                       //安装及配置mysql
GATHERING FACTS ***************************************************************
ok: [172.16.16.5]
TASK: [initialization | set selinux] ******************************************
changed: [172.16.16.5]
TASK: [initialization | install libselinux-python package] ********************
changed: [172.16.16.5]
TASK: [initialization | copy hosts to all node /etc/hosts] ********************
changed: [172.16.16.5]
TASK: [initialization | copy resolv.conf to all node /etc/resolv.conf] ********
changed: [172.16.16.5]
TASK: [initialization | install ntpdate package] ******************************
changed: [172.16.16.5]
TASK: [initialization | synctime from ntp.sjtu.edu.cn] ************************
changed: [172.16.16.5]
TASK: [initialization | set a cron to synctime from ntp.sjtu.edu.cn] **********
changed: [172.16.16.5]
TASK: [initialization | modify selinux configuration] *************************
changed: [172.16.16.5]
TASK: [initialization | set selinux permissive] *******************************
changed: [172.16.16.5]
TASK: [mysql | copy mariadb-5.5.43 package] ***********************************
changed: [172.16.16.5]             //复制mariadb到mysql服务器
TASK: [mysql | install mysql and cofiguration] ********************************
changed: [172.16.16.5]                //脚本执行mysql安装，配置
TASK: [mysql | start mysqld service] ******************************************
changed: [172.16.16.5]             //启动mysqld服务
TASK: [mysql | privileges to dzuser] ******************************************
changed: [172.16.16.5]             //使用脚本创建discuz数据库，并给dzuser授权
PLAY [static_servers] *********************************************************
                                 //静态服务器设置 web1和web2节点
GATHERING FACTS ***************************************************************
ok: [172.16.16.3]
ok: [172.16.16.4]
TASK: [initialization | set selinux] ******************************************
changed: [172.16.16.3]
changed: [172.16.16.4]
TASK: [initialization | install libselinux-python package] ********************
changed: [172.16.16.3]
changed: [172.16.16.4]
TASK: [initialization | copy hosts to all node /etc/hosts] ********************
changed: [172.16.16.4]
changed: [172.16.16.3]
TASK: [initialization | copy resolv.conf to all node /etc/resolv.conf] ********
changed: [172.16.16.3]
changed: [172.16.16.4]
TASK: [initialization | install ntpdate package] ******************************
changed: [172.16.16.3]
changed: [172.16.16.4]
TASK: [initialization | synctime from ntp.sjtu.edu.cn] ************************
changed: [172.16.16.4]
changed: [172.16.16.3]
TASK: [initialization | set a cron to synctime from ntp.sjtu.edu.cn] **********
changed: [172.16.16.3]
changed: [172.16.16.4]
TASK: [initialization | modify selinux configuration] *************************
changed: [172.16.16.3]
changed: [172.16.16.4]
TASK: [initialization | set selinux permissive] *******************************
changed: [172.16.16.4]
changed: [172.16.16.3]
TASK: [httpd | install httpd package] *****************************************
changed: [172.16.16.3]             //安装httpd软件包
changed: [172.16.16.4]
TASK: [httpd | mount nfs share directory /discuz] *****************************
changed: [172.16.16.3]                //挂载nfs服务器共享的discuz目录至/var/www/html
changed: [172.16.16.4]
TASK: [httpd | set configuration] *********************************************
changed: [172.16.16.4]             //配置httpd.conf
changed: [172.16.16.3]
TASK: [httpd | start httpd service] *******************************************
changed: [172.16.16.3]                //启动httpd服务
changed: [172.16.16.4]
PLAY [dynamic_servers] ********************************************************
                                 //设置动态服务器php1和php2节点
GATHERING FACTS ***************************************************************
ok: [172.16.16.2]
ok: [172.16.16.8]
TASK: [initialization | set selinux] ******************************************
changed: [172.16.16.2]
changed: [172.16.16.8]
TASK: [initialization | install libselinux-python package] ********************
changed: [172.16.16.2]
changed: [172.16.16.8]
TASK: [initialization | copy hosts to all node /etc/hosts] ********************
changed: [172.16.16.8]
changed: [172.16.16.2]
TASK: [initialization | copy resolv.conf to all node /etc/resolv.conf] ********
changed: [172.16.16.8]
changed: [172.16.16.2]
TASK: [initialization | install ntpdate package] ******************************
changed: [172.16.16.2]
changed: [172.16.16.8]
TASK: [initialization | synctime from ntp.sjtu.edu.cn] ************************
changed: [172.16.16.2]
changed: [172.16.16.8]
TASK: [initialization | set a cron to synctime from ntp.sjtu.edu.cn] **********
changed: [172.16.16.8]
changed: [172.16.16.2]
TASK: [initialization | modify selinux configuration] *************************
changed: [172.16.16.8]
changed: [172.16.16.2]
TASK: [initialization | set selinux permissive] *******************************
changed: [172.16.16.8]
changed: [172.16.16.2]
TASK: [php | install nfs-utils | httpd | php | php-mysql package] *************
changed: [172.16.16.8]             //安装php软件包（使用的是centos 6系统自带的）
changed: [172.16.16.2]
TASK: [php | mount nfs share directory /discuz] *******************************
changed: [172.16.16.8]          //挂载discuz目录至/var/www/html
changed: [172.16.16.2]
TASK: [php | set configuration] ***********************************************
changed: [172.16.16.8]             //配置httpd.conf，给日志加入客户端访问的ip地址
changed: [172.16.16.2]
TASK: [php | start httpd service] *********************************************
changed: [172.16.16.8]          //启用php功能
changed: [172.16.16.2]
PLAY [haproxy] ****************************************************************
                                 //安装设置keepalived+haproxy（node1和node2）
GATHERING FACTS ***************************************************************
ok: [172.16.16.12]
ok: [172.16.16.11]
TASK: [initialization | set selinux] ******************************************
changed: [172.16.16.12]
changed: [172.16.16.11]
TASK: [initialization | install libselinux-python package] ********************
changed: [172.16.16.12]
changed: [172.16.16.11]
TASK: [initialization | copy hosts to all node /etc/hosts] ********************
changed: [172.16.16.12]
changed: [172.16.16.11]
TASK: [initialization | copy resolv.conf to all node /etc/resolv.conf] ********
changed: [172.16.16.11]
changed: [172.16.16.12]
TASK: [initialization | install ntpdate package] ******************************
ok: [172.16.16.12]
ok: [172.16.16.11]
TASK: [initialization | synctime from ntp.sjtu.edu.cn] ************************
changed: [172.16.16.12]
changed: [172.16.16.11]
TASK: [initialization | set a cron to synctime from ntp.sjtu.edu.cn] **********
changed: [172.16.16.11]
changed: [172.16.16.12]
TASK: [initialization | modify selinux configuration] *************************
changed: [172.16.16.11]
changed: [172.16.16.12]
TASK: [initialization | set selinux permissive] *******************************
changed: [172.16.16.11]
changed: [172.16.16.12]
TASK: [keepalived | install keepalived package] *******************************
changed: [172.16.16.11]          //安装keepalived
changed: [172.16.16.12]
TASK: [keepalived | copy notify.sh to node1 and node2] ************************
changed: [172.16.16.12]             //复制通知脚本给node1和node2
changed: [172.16.16.11]
TASK: [keepalived | configure keepalived on node1-master] *********************
skipping: [172.16.16.12]          //设置node1为MASTER节点
changed: [172.16.16.11]
TASK: [keepalived | configure keepalived on node2-backup] *********************
skipping: [172.16.16.11]          //设置node2为BACKUP节点
changed: [172.16.16.12]
TASK: [keepalived | start keepalived service] *********************************
changed: [172.16.16.12]          //启动keepalived服务
changed: [172.16.16.11]
TASK: [haproxy | install haproxy package] *************************************
changed: [172.16.16.12]             //安装haproxy软件包
changed: [172.16.16.11]
TASK: [haproxy | configuration haproxy] ***************************************
changed: [172.16.16.12]          //配置haproxy，实现动静分离
changed: [172.16.16.11]
TASK: [haproxy | configuration rsyslog for haproxy] ***************************
changed: [172.16.16.11]       //记录haproxy的日志
changed: [172.16.16.12]
TASK: [haproxy | start haproxy service] ***************************************
changed: [172.16.16.12]       //启动haproxy服务
changed: [172.16.16.11]
NOTIFIED: [keepalived | restart keepalived] ***********************************
changed: [172.16.16.12]       //配置文件发生变化，重启keepalived服务
changed: [172.16.16.11]
NOTIFIED: [haproxy | restart haproxy] *****************************************
changed: [172.16.16.11]          //配置文件发生变化，重启haproxy服务
changed: [172.16.16.12]
NOTIFIED: [haproxy | restart rsyslog] *****************************************
changed: [172.16.16.12]    //配置文件发生变化，重启rsyslog服务
changed: [172.16.16.11]
PLAY RECAP ********************************************************************
172.16.16.11             : ok=21 changed=19 unreachable=0 failed=0
172.16.16.12             : ok=21 changed=19 unreachable=0 failed=0
172.16.16.2             : ok=14 changed=13 unreachable=0 failed=0
172.16.16.252             : ok=22 changed=21 unreachable=0 failed=0
172.16.16.3             : ok=14 changed=13 unreachable=0 failed=0
172.16.16.4             : ok=14 changed=13 unreachable=0 failed=0
172.16.16.5             : ok=14 changed=13 unreachable=0 failed=0
172.16.16.8             : ok=14 changed=13 unreachable=0 failed=0　　

　　四、安装discuz论坛

　　

　　安装完成，使用vip：172.16.16.50测试正常！！如下图：

　　

　　

　　五、额外测试过程：
　　（1）测试keepalived是否工作正常，在master出现问题的时候，是否可以切换到backup上：

[root@node1 keepalived]# touch down//通过keepalived配置文件定义脚本测试vip是否转移到node2
[root@node1 keepalived]# tail /var/log/messages //通过下面的日志可看出node1成为BACKUP
Oct 24 20:08:19 node1 Keepalived_vrrp[2644]: VRRP_Script(chk_mantaince_down) failed
Oct 24 20:08:21 node1 Keepalived_vrrp[2644]: VRRP_Instance(VI_1) Received higher prio advert
Oct 24 20:08:21 node1 Keepalived_vrrp[2644]: VRRP_Instance(VI_1) Entering BACKUP STATE
Oct 24 20:08:21 node1 Keepalived_vrrp[2644]: VRRP_Instance(VI_1) removing protocol VIPs.
Oct 24 20:08:21 node1 Keepalived_healthcheckers[2643]: Netlink reflector reports IP 172.16.16.50 removed

[root@node2 ~]# tail /var/log/messages //通过下面的日志可看出node2成为MASTER
Oct 24 20:08:22 node2 Keepalived_vrrp[2442]: VRRP_Instance(VI_1) Transition to MASTER STATE
Oct 24 20:08:23 node2 Keepalived_vrrp[2442]: VRRP_Instance(VI_1) Entering MASTER STATE
Oct 24 20:08:23 node2 Keepalived_vrrp[2442]: VRRP_Instance(VI_1) setting protocol VIPs.
Oct 24 20:08:23 node2 Keepalived_healthcheckers[2441]: Netlink reflector reports IP 172.16.16.50 added
Oct 24 20:08:23 node2 Keepalived_vrrp[2442]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 172.16.16.50　　

[root@node1 keepalived]# tail /var/log/haproxy.log
Oct 24 20:08:21 node1 Keepalived_healthcheckers[2643]: Netlink reflector reports IP 172.16.16.50 removed
[root@node2 ~]# tail /var/log/haproxy.log
Oct 24 20:08:23 node2 Keepalived_healthcheckers[2441]: Netlink reflector reports IP 172.16.16.50 added　　

　　这个时候访问discuz论坛仍然没有问题；说明keepalived发挥了作用！

　　

　　

　　（2）测试haproxy是否可以实现读写分离？方法：将所有static_servers的httpd服务停止，测试只提供php的功能，显示效果如下图
[root@web1 ~]# service httpd stop //停止web1和web2的httpd服务，提供静态内容显示
[root@web2 ~]# service httpd stop　　

　　

　　# 可以看到上面的效果，图片都已经不再显示，将web2加回来，然后再查看效果，没查看http的访问日志
[root@web2 ~]# service httpd start //启动其中的一台
[root@web2 ~]# tail /var/log/httpd/access_log
172.16.0.3 - - [24/Oct/2015:20:46:54 +0800] "GET /static/image/common/user_online.gif HTTP/1.1" 200 868 "http://172.16.16.50/data/cache/style_1_common.css?SFA" "Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.155 Safari/537.36"
172.16.0.3 - - [24/Oct/2015:20:46:54 +0800] "GET /static/image/common/arrwd.gif HTTP/1.1" 200 51 "http://172.16.16.50/data/cache/style_1_common.css?SFA" "Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.155 Safari/537.36"
172.16.0.3 - - [24/Oct/2015:20:46:54 +0800] "GET /static/image/common/qmenu.png HTTP/1.1" 200 225 "http://172.16.16.50/data/cache/style_1_common.css?SFA" "Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.155 Safari/537.36"
172.16.0.3 - - [24/Oct/2015:20:46:54 +0800] "GET /static/image/common/nv.png HTTP/1.1" 200 1939 "http://172.16.16.50/data/cache/style_1_common.css?SFA" "Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.155 Safari/537.36"
172.16.0.3 - - [24/Oct/2015:20:46:54 +0800] "GET /static/image/common/nv_a.png HTTP/1.1" 200 2076 "http://172.16.16.50/data/cache/style_1_common.css?SFA" "Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.155 Safari/537.36"
172.16.0.3 - - [24/Oct/2015:20:46:54 +0800] "GET /static/image/common/search.png HTTP/1.1" 200 1301 "http://172.16.16.50/data/cache/style_1_common.css?SFA" "Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.155 Safari/537.36"
172.16.0.3 - - [24/Oct/2015:20:46:54 +0800] "GET /static/image/common/chart.png HTTP/1.1" 200 990 "http://172.16.16.50/data/cache/style_1_forum_index.css?SFA" "Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.155 Safari/537.36"
172.16.0.3 - - [24/Oct/2015:20:46:54 +0800] "GET /static/image/common/pt_item.png HTTP/1.1" 200 3598 "http://172.16.16.50/data/cache/style_1_common.css?SFA" "Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.155 Safari/537.36"
172.16.0.3 - - [24/Oct/2015:20:46:54 +0800] "GET /static/image/common/titlebg.png HTTP/1.1" 200 315 "http://172.16.16.50/data/cache/style_1_common.css?SFA" "Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.155 Safari/537.36"
172.16.0.3 - - [24/Oct/2015:20:46:55 +0800] "GET /static/image/common/scrolltop.png HTTP/1.1" 200 1383 "http://172.16.16.50/data/cache/style_1_common.css?SFA" "Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.155 Safari/537.36"　　

　　至此，终于将所有剧本，脚本，图片，日志整理完成！
　　

账号		自动登录	找回密码
密码			立即注册

wirelessnetview好用的无线分析工具

Red Hat RHCE 8 (EX294) Cert Guide

Shell从入门到精通（阿良）

亿图图示专家(EDraw Max) V7.9 中文破解版

zabbix3.4.1安装部署+微信推送信息+大屏显

Red Hat OpenShift I: Containers & Kubern

2025 年，C++ 还能“硬核”多久？

[经验分享] Keepalived+HAProxy基于读写分离方式实现discuz论坛

浏览过的版块

扫码加入运维网微信交流群