Haproxy+Keepalived 实现高可用负载均衡集群

基于Haproxy+Keepalived构建高可用负载均衡集群

实验环境：

主机名	IP地址
VIP	192.168.200.254
Haproxy-1	192.168.200.111
Haproxy-2	192.168.200.112
Nginx1	192.168.200.113
Nginx2	192.168.200.114

关闭防火墙

四台机器全部关闭防火墙

systemctl stop firewalld

iptables -F

setenforce 0

安装nginx
1.1 首先安装Nginx1

[root@localhost ~]# yum -y install gcc gcc-c++ make pcre-devel zlib-devel
[root@localhost ~]# useradd -M -s /sbin/nologin  nginx
[root@localhost ~]# tar xf nginx-1.6.2.tar.gz -C /usr/src
[root@localhost ~]# cd /usr/src/nginx-1.6.2
[root@localhost nginx-1.6.2]# ./configure --prefix=/usr/local/nginx --user=nginx --group=nginx && make && make install
[root@localhost nginx-1.6.2]# cd 
[root@localhost ~]# echo "server1" > /usr/local/nginx/html/index.html
[root@localhost ~]# /usr/local/nginx/sbin/nginx 
[root@localhost ~]# netstat -lnpt |grep nginx
tcp        0      0 0.0.0.0:80                  0.0.0.0:*                   LISTEN      4503/nginx 

1.2 安装Nginx2
与Nginx1唯一不同的是：

[root@localhost ~]# echo "server2" > /usr/local/nginx/html/index.html

安装Haproxy

[root@localhost ~]# yum -y install gcc gcc-c++ make pcre-devel bzip2-devel
[root@localhost ~]# tar xf haproxy-1.4.24.tar.gz -C /usr/src/
[root@localhost ~]# cd /usr/src/haproxy-1.4.24/
[root@localhost haproxy-1.4.24]# make TARGET=linux26 && make install

1.1 Haproxy服务器配置
建立haproxy的配置目录及文件

[root@localhost haproxy-1.4.24]# mkdir /etc/haproxy
[root@localhost haproxy-1.4.24]# cp examples/haproxy.cfg /etc/haproxy/

1.2 haproxy配置项的介绍
haproxy的配置文件通常分为三部分: global（全局配置部分） defaults（默认配置部分） listen(应用组件部分)

[root@localhost ~]# vim /etc/haproxy/haproxy.cfg
# this config needs haproxy-1.1.28 or haproxy-1.2.1
 
global
    log 127.0.0.1   local0
    log 127.0.0.1   local1 notice
    #log loghost    local0 info
    maxconn 4096
    #chroot /usr/share/haproxy
    uid 99
    gid 99
    daemon
    #debug
    #quiet
 
defaults
    log global
    mode    http
    option  httplog
    option  dontlognull
    retries 3
    #redispatch
    maxconn 2000
    contimeout  5000
    clitimeout  50000
    srvtimeout  50000
 
listen  web-cluster 0.0.0.0:80
    option httpchk GET /index.html
    balance roundrobin
    server  inst1 192.168.200.113:80 check inter 2000 fall 3
    server  inst2 192.168.200.114:80 check inter 2000 fall 3

1.3 创建自启动脚本

[root@localhost ~]# cp /usr/src/haproxy-1.4.24/examples/haproxy.init /etc/init.d/haproxy
[root@localhost ~]# ln -s /usr/local/sbin/haproxy /usr/sbin/haproxy
[root@localhost ~]# chmod +x /etc/init.d/haproxy 
[root@localhost ~]# /etc/init.d/haproxy start
Starting haproxy:                                          [确定]

1.4 客户端访问测试：

用浏览器打开 http://192.168.200.111 打开一个新的浏览器再次访问 http://192.168.200.111

用浏览器打开 http://192.168.200.112 打开一个新的浏览器再次访问 http://192.168.200.112

可以验证两次访问到的结果分别为：

server1

server2

编译安装keepalived服务

我是用yum下载的 yum -y install keepalived

[root@localhost ~]# yum -y install kernel-devel openssl-devel popt-devel
[root@localhost ~]# tar xf keepalived-1.2.13.tar.gz 
[root@localhost ~]# cd keepalived-1.2.13
[root@localhost keepalived-1.2.13]# ./configure --prefix=/etc/ --with-kernel-dir=/usr/src/kernels/2.6.18-194.el5-i686 && make && make install

1.1 配置keepalibed 主配置文件

[root@localhost ~]# vim /etc/keepalived/keepalived.conf 
! Configuration File for keepalived
 
global_defs {
   notification_email {
     acassen@firewall.loc
     failover@firewall.loc
     sysadmin@firewall.loc
   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 192.168.200.1
   smtp_connect_timeout 30
   router_id LVS_MASTER
   vrrp_skip_check_adv_addr
   vrrp_strict
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}
vrrp_script chk_http_port {
    script "/etc/keepalived/check_haproxy.sh"
    interval 2
weight -20
}
vrrp_instance VI_1 {
    state MASTER
    interface ens32
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
 }
    track_script {
        chk_http_port
    }
    virtual_ipaddress {
        192.168.200.254
    }
}
virtual_server 192.168.200.254 80 {
    delay_loop 6
    lb_algo rr
    lb_kind DR
    protocol TCP
    real_server 192.168.200.113 80 {
        weight 1
        TCP_CHECK {
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
            connect_port 80
        }
    }
    real_server 192.168.200.114 80 {
        weight 1
        TCP_CHECK  {
            connect_timeout 3
                             
 nb_get_retry 3
            delay_before_retry 3
            connect_port 80
        }
    }
}

1.2 第二台Haproxy配置keepalibed 主配置文件

可

scp 192.168.200.111:/etc/keepalived/keepalived.conf /etc/keepalived/

state BACKUP

priority 90

[root@Haproxy-2 ~]# cat /etc/keepalived/keepalived.conf 
! Configuration File for keepalived
 
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_BACKUP
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_script chk_http_port {
script "/etc/keepalived/check_haproxy.sh"
interval 2
}
vrrp_instance VI_1 {
state BACKUP
interface ens32
virtual_router_id 51
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
chk_http_port
}
virtual_ipaddress {
192.168.200.254
}
}
virtual_server 192.168.200.254 80 {
delay_loop 6
lb_algo rr
lb_kind DR
protocol TCP
real_server 192.168.200.113 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 192.168.200.114 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}

4、两台机器上都配置haproxy检测脚本

[root@localhost ~]# cat /etc/keepalived/check_haproxy.sh 
#!/bin/bash
num=$(ps -C haproxy --no-header |wc -l)
if [ $num -eq 0 ]
then
    systemctl start haproxy
    sleep 3
    if [ $(ps -C haproxy --no-header |wc -l) -eq 0 ]
    then
        systemctl stop keepalived
    fi
fi
 
[root@localhost ~]# chmod +x /etc/keepalived/check_haproxy.sh
[root@localhost ~]# systemctl start keepalived

1.1、测试VIP地址

[root@localhost ~]# ip a
2: ens32: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:cc:18:a2 brd ff:ff:ff:ff:ff:ff
    inet 192.168.200.101/24 brd 192.168.200.255 scope global eth0
    inet 192.168.200.254/32 scope global eth0
    inet6 fe80::20c:29ff:fecc:18a2/64 scope link 
       valid_lft forever preferred_lft forever
 
[root@localhost ~]# systemctl stop keepalived
 
 
[root@localhost ~]# ip a
2: ens32: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:fd:8a:4e brd ff:ff:ff:ff:ff:ff
    inet 192.168.200.102/24 brd 192.168.200.255 scope global eth0
    inet 192.168.200.254/32 scope global eth0
    inet6 fe80::20c:29ff:fefd:8a4e/64 scope link 
       valid_lft forever preferred_lft forever

1.2、测试Haproxy健康检查

[root@localhost ~]# systemctl stop haproxy
Shutting down haproxy:                                     [确定]
[root@localhost ~]# systemctl status haproxy
haproxy (pid 59717) 正在运行...

1.3 网页测试：
用浏览器打开 http://192.168.200.254
再次打开一个新的浏览器再次访问 http://192.168.200.254

可以验证两次访问到的结果分别为：
server1
server2

相关阅读:
再不努力提高效率，小姐姐都被人追走了：K8S一键部署了解一下？
Spring Cloud和netflix 提供的Eureka等组件之间的版本关系
 启动kafka保错：命令过长语法不正确
 SpringBoot2.0 Config客户端自动刷新时没有/bus/refresh端点
 springcloud config配置采坑 Could not resolve placeholder 'from' in value "${from}报错，巨坑！
Windows 下安装RabbitMQ服务器及基本配置
 linux 查看日志
 spring 事务原理
 IDEA 配置
 python中给定两个列表，怎么找出他们相同的元素和不同的元素？
原文地址：https://www.cnblogs.com/2567xl/p/11635584.html