本文所使用的环境:
10.6.2.128 centos6.5
10.6.2.129 centos6.5
VIP 为10.6.2.150
要实现的目标:
实现10.6.2.128和10.6.2.129的9998端口的服务通过haproxy负载,并通过keepalived实现高可用。
1、安装haproxy
yum install -y haproxy
2、配置haproxy
vi /etc/haproxy/haproxy.cfg
修改代码如下:
1 #--------------------------------------------------------------------- 2 # Example configuration for a possible web application. See the 3 # full configuration options online. 4 # 5 # http://haproxy.1wt.eu/download/1.4/doc/configuration.txt 6 # 7 #--------------------------------------------------------------------- 8 9 #--------------------------------------------------------------------- 10 # Global settings 11 #--------------------------------------------------------------------- 12 global 13 # to have these messages end up in /var/log/haproxy.log you will 14 # need to: 15 # 16 # 1) configure syslog to accept network log events. This is done 17 # by adding the '-r' option to the SYSLOGD_OPTIONS in 18 # /etc/sysconfig/syslog 19 # 20 # 2) configure local2 events to go to the /var/log/haproxy.log 21 # file. A line like the following can be added to 22 # /etc/sysconfig/syslog 23 # 24 # local2.* /var/log/haproxy.log 25 # 26 log 127.0.0.1 local2 27 28 chroot /var/lib/haproxy 29 pidfile /var/run/haproxy.pid 30 maxconn 100000 #最大连接数 31 user haproxy 32 group haproxy 33 daemon #以守护进程方式运行 34 35 # turn on stats unix socket 36 stats socket /var/lib/haproxy/stats 37 38 #--------------------------------------------------------------------- 39 # common defaults that all the 'listen' and 'backend' sections will 40 # use if not designated in their block 41 #--------------------------------------------------------------------- 42 defaults 43 mode http 44 log global 45 option httplog 46 option dontlognull 47 option http-server-close 48 option forwardfor except 127.0.0.0/8 49 option redispatch 50 retries 3 #定义连接后端服务器的失败重连次数,连接失败次数超过次值后就会将对应后端服务器标记为不可用 51 timeout http-request 10s #http请求超时时间 52 timeout queue 1m #一个请求在队列里的超时时间 53 timeout connect 10s #连接超时时间 54 timeout client 1m #客户端超时时间 55 timeout server 1m #服务器端超时时间 56 timeout http-keep-alive 10s #设置http-keep-alive的超时时间 57 timeout check 10s #检查超时的间隔 58 maxconn 10000 #每个进程可用的最大连接数 59 60 #--------------------------------------------------------------------- 61 # main frontend which proxys to the backends 62 #--------------------------------------------------------------------- 63 frontend pay_test *:9999 64 acl url_static path_beg -i /static /images /javascript /stylesheets 65 acl url_static path_end -i .jpg .gif .png .css .js 66 67 # use_backend static if url_static 68 default_backend pay_test 69 70 #--------------------------------------------------------------------- 71 # static backend for serving up images, stylesheets and such 72 #--------------------------------------------------------------------- 73 #backend static 74 # balance roundrobin 75 # server static 127.0.0.1:4331 check 76 77 #--------------------------------------------------------------------- 78 # round robin balancing between the various backends 79 #--------------------------------------------------------------------- 80 backend pay_test 81 balance roundrobin #负载均衡的算法 roundrobin:轮询 source:根据请求源ip 82 fullconn 10000 #定义后端组的最大连接数 83 server pay_test_1 10.6.2.128:9998 inter 2000 rise 2 fall 3 check maxconn 5000 #inter 2000代表执行健康检查的间隔(ms),rise代表离线server转换到上线需要检查的次数,fall代表server从正常转到离线的检查次数 84 server pay_test_2 10.6.2.129:9998 inter 2000 rise 2 fall 3 check maxconn 5000 #check代表启动对此server执行健康检查,maxconn代表此服务器接受的最大并发连接数 85 listen stats 86 mode http 87 bind 0.0.0.0:9997 88 stats enable #开启监控页面 89 stats refresh 3s #页面刷新频率 90 stats hide-version #隐藏版本信息(为安全考虑) 91 stats uri /monitor #后台监控页面得uri 92 stats realm Haproxy monitor #提示信息 93 stats auth admin:admin #后台监控页面的用户名密码 94 stats admin if TRUE
3、服务启动
service haproxy start
4、将1-3步骤在10.6.2.129机器上也执行一次。
安装keepalived
1、下载安装keepalived
yum install -y keepalived
2、配置keepalived
vi /etc/keepalived/keepalived.conf
配置文件如下:
1 ! Configuration File for keepalived 2 3 global_defs { 4 notification_email { 5 bs_wjg@163.com #keepalived发生错误时候发送报警的邮箱 8 } 9 notification_email_from notify@163.com #发件人邮箱 10 smtp_server mail.163.com #发送email所使用的smtp服务器地址 11 smtp_connect_timeout 30 #连接stmp的超时时间 12 router_id LVS_DEVEL 13 } 14 #检查haproxy的进程状态,每1s执行一次 15 vrrp_script chk_haproxy { 16 script "killall -0 haproxy" 17 interval 1 18 weight 2 19 } 20 21 vrrp_instance VI_1 { 22 state MASTER #主为MASTER 从为BACKUP 23 interface eth0 #实例绑定的网卡,视实际情况而定 24 virtual_router_id 76 #这里设置vrid,如果两台机器属于同一组,设置为一样 25 priority 101 #设置本节点的优先级,高的为master,不能超过255 一般master设置101 backup设置100 26 advert_int 1 #组波信息发送间隔,默认为1s,同一本分组的两机器必须一样 27 authentication { 28 auth_type PASS 29 auth_pass 123456 } #验证密码,统一备份组的机器必须一致。 31 virtual_ipaddress { 32 10.6.2.150/16 #虚拟IP的地址 33 } 34 track_interface { 35 eth0 36 } 37 track_script { 38 chk_haproxy 39 }
#状态通知 40 notify_master "/etc/keepalived/notify.sh master" 41 notify_backup "/etc/keepalived/notify.sh backup" 42 notify_fault "/etc/keepalived/notify.sh fault" 43 44 }
notify.sh 脚本如下:
vip=10.6.2.150 contact='bs_wjg@163.com' notify() { mailsubject="`hostname` to be $1: $vip floating" mailbody="`date '+%F %H:%M:%S'`: vrrp transition, `hostname` changed to be $1" echo $mailbody | mail -s "$mailsubject" $contact } checkHA(){ counter=$(ps -C haproxy --no-heading|wc -l) if [ "${counter}" = "0" ]; then /etc/rc.d/init.d/haproxy start sleep 2 counter=$(ps -C haproxy --no-heading|wc -l) if [ "${counter}" = "0" ]; then /etc/init.d/keepalived stop fi fi } checkNG(){ counter=$(ps -C nginx --no-heading|wc -l) if [ "${counter}" = "0" ]; then /usr/local/bin/nginx sleep 2 counter=$(ps -C nginx --no-heading|wc -l) if [ "${counter}" = "0" ]; then /etc/init.d/keepalived stop fi fi } case "$1" in master) notify master exit 0 ;; backup) notify backup exit 0 ;; fault) notify fault exit 0 ;; *) echo 'Usage: `basename $0` {master|backup|fault}' exit 1 ;; esac
3、服务启动
service keepalived start
4、10.6.2.129机器执行1-3步骤,根据从节点的配置进行配置。
到此配置结束,自行测试吧。