• Linux-Keepalived+Haproxy


    实验环境:
        Centos7.4 x 4台
        192.168.1.101   master
        192.168.1.102   backup
        192.168.1.103   web1
        192.168.1.104   web2
        漂移IP(即VIP):192.168.1.250
    1.关闭防火墙和SELINUX(略)
    2.配置本地yum源(略),只需挂载光盘即可
    3.配置keepalived+haproxy主服务器
        [root@master ~]# yum install keepalived pcre-devel bzip2-devel -y       # 安装依赖软件
        [root@master ~]# tar xf haproxy-1.5.19.tar.gz   # 解包
        [root@master ~]# cd haproxy-1.5.19/         # 切换至源码目录
        [root@master haproxy-1.5.19]# make TARGET=linux2628 && make install         # 编译安装,根据内核版本选定TARGET的值,此处为3.10所以为linux2628
        [root@master haproxy-1.5.19]# mkdir /etc/haproxy        # 创建配置文件目录
        [root@master haproxy-1.5.19]# cp examples/haproxy.cfg /etc/haproxy/         # 将源码包自带的配置文件目录复制过来
        [root@master haproxy-1.5.19]# cd
        [root@master ~]# vim /etc/haproxy/haproxy.cfg       # 编辑主配置文件,根据当前环境,将主配置文件修改如下
            # this config needs haproxy-1.1.28 or haproxy-1.2.1
            global
                    log 127.0.0.1   local0
                    log 127.0.0.1   local1 notice
                    #log loghost    local0 info
                    maxconn 4096
                    #chroot /usr/share/haproxy          # 将该行注释掉
                    uid 99
                    gid 99
                    daemon
                    #debug
                    #quiet

            defaults
                    log     global
                    mode    http
                    option  httplog
                    option  dontlognull
                    retries 3
                    redispatch
                    maxconn 2000
                    contimeout      5000
                    clitimeout      50000
                    srvtimeout      50000
            listen  webcluster 0.0.0.0:80       # webcluster为集群名称,可自定义,修改后面的端口号
                    option httpchk /index.html
                    balance roundrobin      # 表示采用轮询算法
                    server  ins1    192.168.1.103:80        check   inter   2000    fall    3       # web节点1
                    server  ins2    192.168.1.104:80        check   inter   2000    fall    3       # web节点2
            注:
                在配置文件下,有很多listen配置项,找到和我们需要的差不多的listen项复制到#defaults配置项下,然后将后面的配置项删除,若不删除,启动的时候可能会报错。
        [root@master ~]# cd haproxy-1.5.19/examples/        # 切换至指定目录
        [root@master examples]# cp haproxy.init /etc/init.d/haproxy     # 复制服务控制脚本
        [root@master examples]# ln -s /usr//local/sbin/haproxy /usr/sbin/haproxy        # 创建软链接,加入系统环境变量
        [root@master examples]# chmod +x /etc/init.d/haproxy   # 赋予文件执行权限
        [root@master examples]# chkconfig --add haproxy     # 添加为系统服务
        [root@master examples]# systemctl restart haproxy       # 启动haproxy服务
        [root@master examples]# netstat -anpt | grep 80         # 查看是否在监听
        tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      3752/haproxy  
        以下部分开始配置keepalived,haproxy已经配置完成了
        [root@master ~]# vim /etc/keepalived/keepalived.conf        # 编辑keepalived配置文件
            ! Configuration File for keepalived
            global_defs {
               notification_email {
                 acassen@firewall.loc
                 failover@firewall.loc
                 sysadmin@firewall.loc
               }
               notification_email_from Alexandre.Cassen@firewall.loc
               smtp_server 192.168.200.1
               smtp_connect_timeout 30
               router_id LVS_DEVEL1         # 定义服务器名称,不可与其他服务器名称冲突
            }

            vrrp_instance VI_1 {
                state MASTER
                interface ens33         # 修改承载漂移IP地址的物理网卡
                virtual_router_id 51
                priority 100
                advert_int 1
                authentication {
                    auth_type PASS
                    auth_pass 1111
                }
                virtual_ipaddress {
                    192.168.1.250       # 指定漂移IP地址
                }
            }
        注:
            配置项至此保存退出就可以了,将后面的所有配置项删除,以免影响服务启动
        [root@master ~]# systemctl restart keepalived       # 重启keepalived服务
    4.配置keepalived+haproxy备份服务器:
        [root@master ~]# yum install keepalived pcre-devel bzip2-devel -y       # 安装依赖软件
        [root@master ~]# tar xf haproxy-1.5.19.tar.gz   # 解包
        [root@master ~]# cd haproxy-1.5.19/         # 切换至源码目录
        [root@master haproxy-1.5.19]# make TARGET=linux2628 && make install         # 编译安装,根据内核版本选定TARGET的值,此处为3.10所以为linux2628
        [root@master haproxy-1.5.19]# mkdir /etc/haproxy        # 创建配置文件目录
        [root@backup ~]# scp root@192.168.1.101:/etc/haproxy/haproxy.cfg /etc/haproxy/
        The authenticity of host '192.168.1.101 (192.168.1.101)' can't be established.
        ECDSA key fingerprint is SHA256:f/y/4lfQMxmDViBMkdNTyfslN9i/xKsYsYn0qOx4qy0.
        ECDSA key fingerprint is MD5:20:55:fe:7d:c2:c4:16:a4:3a:8c:14:0e:dd:d2:77:b4.
        Are you sure you want to continue connecting (yes/no)? yes
        Warning: Permanently added '192.168.1.101' (ECDSA) to the list of known hosts.
        root@192.168.1.101's password:          # 输入master的用户密码
        haproxy.cfg                                     100%  563   681.3KB/s   00:00  
        [root@backup ~]# scp root@192.168.1.101:/etc/init.d/haproxy /etc/init.d/
        root@192.168.1.101's password:
        haproxy                            100% 2553     1.4MB/s   00:00
        [root@backup ~]# ln -s /usr/local/sbin/haproxy /usr/sbin/haproxy    # 创建软链接
        [root@backup ~]# chkconfig --add haproxy        # 添加为系统服务
        [root@backup ~]# systemctl start haproxy        # 启动haproxy服务
        [root@backup ~]# netstat -anpt | grep 80        # 查看是否在监听
        tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      55367/haproxy           # haproxy服务默认监听在80端口
        [root@backup ~]# scp root@192.168.1.101:/etc/keepalived/keepalived.conf /etc/keepalived/
        root@192.168.1.101's password:
        keepalived.conf           100%  538   688.0KB/s   00:00  
        [root@backup ~]# vim /etc/keepalived/keepalived.conf    # 修改以下三个配置项:
               router_id LVS_DEVEL2         # 将服务器名称改一下,别和主服务冲突
                                    ............
                state BACKUP            # 将状态改为BACKUP
                                    ............
                priority 90             # 修改一下优先级,要比主服务器优先级低
                                    ............
    5.配置web节点,安装httpd服务进行测试:
        web1:
            [root@web1 ~]# yum install httpd -y
            [root@web1 ~]# echo "<h1>Web Server1 1111111111111111111</h1>" > /var/www/html/index.html
            [root@web1 ~]# systemctl start httpd
        web2:
            [root@web2 ~]# yum install httpd -y
            [root@web2 ~]# echo "<h1>Web Server2 2222222222222222222</h1>" > /var/www/html/index.html
            [root@web2 ~]# systemctl start httpd
    至此,Keepalived+Haproxy就配置完成了,可以使用client进行访问,模拟主服务器宕机等问题,测试高可用。

  • 相关阅读:
    python 序列的方法
    python函数基础
    Flume入门:安装、部署
    Flume日志收集系统介绍
    Python 列表(List)操作方法详解
    在linux下新增一块硬盘的操作。(包含大于2T的硬盘在linux下挂载操作)
    python字符串操作大全
    Python中的迭代器漫谈
    Linux 常用快捷键
    ssh采用expect实现自动输入密码登录、拷贝
  • 原文地址:https://www.cnblogs.com/Vampire-MIn/p/13358058.html
Copyright © 2020-2023  润新知