• 基于Haproxy+Keepalived构建高可用负载均衡集群

    主机名 IP地址
    VIP 192.168.200.254
    Haproxy-1 192.168.200.113
    Haproxy-2 192.168.200.115
    Nginx1 192.168.200.111
    Nginx2 192.168.200.112

    一、在Nginx1/2上编译安装nginx

    1、第一台

    [root@localhost ~]# yum -y install pcre-devel zlib-devel openssl-devel
[root@localhost ~]# yum -y install gcc gcc-c++ make
[root@localhost ~]# useradd -M -s /sbin/nologin nginx
[root@localhost ~]# tar -xf nginx-1.15.9.tar.gz -C /usr/src/
[root@localhost ~]# cd /usr/src/nginx-1.15.9/
[root@localhost ~]# ./configure --prefix=/usr/local/nginx --user=nginx --group=nginx && make && make install
[root@localhost ~]# ln -s /usr/local/nginx/sbin/nginx /usr/local/sbin/
[root@localhost ~]# nginx
[root@localhost ~]# netstat -lnpt | grep :80
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      13144/nginx: master
    [root@localhost ~]# echo "aaaaa" > /usr/local/nginx/html/index.html

    2、第二台

    安装跟第一台一样

    [root@localhost ~]# echo "bbbbbb" > /usr/local/nginx/html/index.html

    二、安装Haproxy,两台配置一样

    1、安装Haproxy依赖包及源码编译安装

    [root@localhost ~]# yum -y install gcc gcc-c++ make pcre-devel bzip2-devel [root@localhost ~]# tar -xf haproxy-1.4.24.tar.gz -C /usr/src/
[root@localhost ~]# cd /usr/src/haproxy-1.4.24/
[root@localhost haproxy-1.4.24]# make TARGET=linux26 && make install

    2、建立haproxy的配置目录及文件

    [root@localhost haproxy-1.4.24]# mkdir /etc/haproxy
[root@localhost haproxy-1.4.24]# cp examples/haproxy.cfg /etc/haproxy

    3、haproxy 配置文件修改

    [root@localhost ~]# vim /etc/haproxy/haproxy.cfg
 9 # this config needs haproxy-1.1.28 or haproxy-1.2.1
10 
11 global
12 #   log 127.0.0.1   local0
13 #   log 127.0.0.1   local1 notice
14     log /dev/log    local0 info
15     log /dev/log    local0 notice
16     maxconn 4096
17     uid 99
18     gid 99
19     daemon
20 
21 defaults
22     log global
23     mode    http
24     option  httplog
25     retries 3
26     maxconn 4096
27     contimeout  5000   //连接超时时间
28     clitimeout  50000  //客户端超时时间
29     srvtimeout  50000  //服务器超时时间
30 
31 listen  webcluster 0.0.0.0:80
32     option  httpchk GET /index.html
33     balance roundrobin
34     server  inst1 192.168.200.111:80 check inter 2000 fall 3
35     server  inst1 192.168.200.112:80 check inter 2000 fall 3
36 
37 listen admin_stats
38     bind 0.0.0.0:8000
39     mode http
40     option httplog
41     maxconn 100
42     stats refresh 1s
43     stats uri /stats
44     stats realm Crushlinux Haproxy
45         stats auth admin:admin
46     stats hide-version

    4、创建自启动脚本

    [root@localhost ~]# cp /usr/src/haproxy-1.4.24/examples/haproxy.init /etc/init.d/haproxy
[root@localhost ~]# ln -s /usr/local/sbin/haproxy /usr/sbin/haproxy
[root@localhost ~]# chmod +x /etc/init.d/haproxy 
[root@localhost ~]# /etc/init.d/haproxy start

    5、访问测试

    用浏览器访问http://192.168.200.113,访问两次

    用浏览器访问http://192.168.200.115,访问两次

    结果为

    aaaaaa

    bbbbbbb

    三、编译安装Keepalived服务

    1、安装keepalived

    [root@localhost ~]# yum -y install keepalived

    2.1、修改第一台keepalived配置文件(192.168.200.113)

    [root@haproxy-1 ~]# vim /etc/keepalived/keepalived.conf
    ! Configuration File for keepalived

global_defs {
   notification_email {
     acassen@firewall.loc
     failover@firewall.loc
     sysadmin@firewall.loc
   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 192.168.200.1
   smtp_connect_timeout 30
   router_id LVS_DEVEL
}

vrrp_script chk_http_port {
script "/etc/keepalived/check_haproxy.sh"
interval 2
weight 3
}

global_defs {
router_id LVS_DEVEL
}

vrrp_instance VI_1 {
    state MASTER
    interface eno16777728
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.200.254
    }
track_script {
chk_http_port
}
}

    2.2、修改第二台主机的keepalived配置文件

    [root@haproxy-2 ~]# vim /etc/keepalived/keepalived.conf
    ! Configuration File for keepalived

global_defs {
   notification_email {
     acassen@firewall.loc
     failover@firewall.loc
     sysadmin@firewall.loc
   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 192.168.200.1
   smtp_connect_timeout 30
   router_id LVS_DEVEL
}

vrrp_script chk_http_port {
script "/etc/keepalived/check_haproxy.sh"
interval 2
weight 2
}

global_defs {
router_id LVS_DEVEL
}

vrrp_instance VI_1 {
    state MASTER
    interface eno16777736
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.200.254
    }
track_script {
chk_http_port
}
}

    3、两台主机上配置haproxy检测脚本

    [root@localhost ~]# cat /etc/keepalived/check_haproxy.sh 
#!/bin/bash

count="$(ps -C haproxy --no-header | wc -l)"
if [ $count -eq 0 ]
then
    /usr/local/haproxy/sbin/haproxy -f /usr/local/haproxy/conf/haproxy.cfg
    sleep 3
    if [ 'ps -C haproxy --no-header | wc -l' -eq 0 ]
    then
          /etc/init.d/keepalived stop
    fi
fi

    4、将脚本添加权限,启动服务

    [root@localhost ~]# chmod +x /etc/keepalived/check_haproxy.sh
[root@localhost ~]# systemctl restart keepalived

    四、所有配置完成后进行测试

    [root@haproxy-1 ~]# ip a
    2    : eno16777728: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:16:11:9e brd ff:ff:ff:ff:ff:ff
    inet 192.168.200.113/24 brd 192.168.200.255 scope global eno16777728
       valid_lft forever preferred_lft forever
    inet 192.168.200.254/32 scope global eno16777728
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fe16:119e/64 scope link 
       valid_lft forever preferred_lft forever
    [root@haproxy-1 ~]# systemctl stop keepalived  //关闭第一台的keepalived服务
    VIP会跑到第二台主机上
    [root@haproxy-2 ~]# ip a
2: eno16777736: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:fa:9e:1d brd ff:ff:ff:ff:ff:ff
    inet 192.168.200.115/24 brd 192.168.200.255 scope global eno16777736
       valid_lft forever preferred_lft forever
    inet 192.168.200.254/32 scope global eno16777736
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fefa:9e1d/64 scope link 
       valid_lft forever preferred_lft forever

    测试脚本

    [root@localhost ~]# while :
> do
> curl 192.168.200.254
> sleep 3
> done
aaaaa
bbbbbb
aaaaa
bbbbbb
^C
  • 相关阅读:
    人生苦短,Let's Go目录
    Python之路目录
    asyncio异步编程
    Golang实现集合(set)
    Python常用功能函数系列总结(四)之数据库操作
    Python常用功能函数系列总结(三)
    Python常用功能函数系列总结(二)
    Python爬取中国知网文献、参考文献、引证文献
    Python常用功能函数系列总结(一)
    Go语言系列之标准库ioutil
  • 原文地址:https://www.cnblogs.com/tanxiaojuncom/p/11640979.html
Copyright © 2020-2023  润新知