基于Haproxy+Keepalived构建高可用负载均衡集群

泄露秘密 提交于 2019-11-30 21:22:42

 

主机名 IP地址
VIP 192.168.200.254
Haproxy-1 192.168.200.113
Haproxy-2 192.168.200.115
Nginx1 192.168.200.111
Nginx2 192.168.200.112

 

一、在Nginx1/2上编译安装nginx

1、第一台

[root@localhost ~]# yum -y install pcre-devel zlib-devel openssl-devel
[root@localhost ~]# yum -y install gcc gcc-c++ make
[root@localhost ~]# useradd -M -s /sbin/nologin nginx
[root@localhost ~]# tar -xf nginx-1.15.9.tar.gz -C /usr/src/
[root@localhost ~]# cd /usr/src/nginx-1.15.9/
[root@localhost ~]# ./configure --prefix=/usr/local/nginx --user=nginx --group=nginx && make && make install
[root@localhost ~]# ln -s /usr/local/nginx/sbin/nginx /usr/local/sbin/
[root@localhost ~]# nginx
[root@localhost ~]# netstat -lnpt | grep :80
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      13144/nginx: master
[root@localhost ~]# echo "aaaaa" > /usr/local/nginx/html/index.html 

2、第二台

安装跟第一台一样

[root@localhost ~]# echo "bbbbbb" > /usr/local/nginx/html/index.html 

 

二、安装Haproxy,两台配置一样

1、安装Haproxy依赖包及源码编译安装

[root@localhost ~]# yum -y install gcc gcc-c++ make pcre-devel bzip2-devel [root@localhost ~]# tar -xf haproxy-1.4.24.tar.gz -C /usr/src/
[root@localhost ~]# cd /usr/src/haproxy-1.4.24/
[root@localhost haproxy-1.4.24]# make TARGET=linux26 && make install

2、建立haproxy的配置目录及文件

[root@localhost haproxy-1.4.24]# mkdir /etc/haproxy
[root@localhost haproxy-1.4.24]# cp examples/haproxy.cfg /etc/haproxy

3、haproxy 配置文件修改

[root@localhost ~]# vim /etc/haproxy/haproxy.cfg
 9 # this config needs haproxy-1.1.28 or haproxy-1.2.1
10 
11 global
12 #   log 127.0.0.1   local0
13 #   log 127.0.0.1   local1 notice
14     log /dev/log    local0 info
15     log /dev/log    local0 notice
16     maxconn 4096
17     uid 99
18     gid 99
19     daemon
20 
21 defaults
22     log global
23     mode    http
24     option  httplog
25     retries 3
26     maxconn 4096
27     contimeout  5000   //连接超时时间
28     clitimeout  50000  //客户端超时时间
29     srvtimeout  50000  //服务器超时时间
30 
31 listen  webcluster 0.0.0.0:80
32     option  httpchk GET /index.html
33     balance roundrobin
34     server  inst1 192.168.200.111:80 check inter 2000 fall 3
35     server  inst1 192.168.200.112:80 check inter 2000 fall 3
36 
37 listen admin_stats
38     bind 0.0.0.0:8000
39     mode http
40     option httplog
41     maxconn 100
42     stats refresh 1s
43     stats uri /stats
44     stats realm Crushlinux\ Haproxy
45         stats auth admin:admin
46     stats hide-version

4、创建自启动脚本

[root@localhost ~]# cp /usr/src/haproxy-1.4.24/examples/haproxy.init /etc/init.d/haproxy
[root@localhost ~]# ln -s /usr/local/sbin/haproxy /usr/sbin/haproxy
[root@localhost ~]# chmod +x /etc/init.d/haproxy 
[root@localhost ~]# /etc/init.d/haproxy start

5、访问测试

 

三、编译安装Keepalived服务

1、安装keepalived

[root@localhost ~]# yum -y install keepalived

2.1、修改第一台keepalived配置文件(192.168.200.113)

! Configuration File for keepalived

global_defs {
   notification_email {
     acassen@firewall.loc
     failover@firewall.loc
     sysadmin@firewall.loc
   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 192.168.200.1
   smtp_connect_timeout 30
   router_id LVS_DEVEL
}

vrrp_script chk_http_port {
script "/etc/keepalived/check_haproxy.sh"
interval 2
weight 3
}

global_defs {
router_id LVS_DEVEL
}

vrrp_instance VI_1 {
    state MASTER
    interface eno16777728
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.200.254
    }
track_script {
chk_http_port
}
}

2.2、修改第二台主机的keepalived配置文件

! Configuration File for keepalived

global_defs {
   notification_email {
     acassen@firewall.loc
     failover@firewall.loc
     sysadmin@firewall.loc
   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 192.168.200.1
   smtp_connect_timeout 30
   router_id LVS_DEVEL
}

vrrp_script chk_http_port {
script "/etc/keepalived/check_haproxy.sh"
interval 2
weight 2
}

global_defs {
router_id LVS_DEVEL
}

vrrp_instance VI_1 {
    state MASTER
    interface eno16777736
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.200.254
    }
track_script {
chk_http_port
}
}

3、两台主机上配置haproxy检测脚本

[root@localhost ~]# cat /etc/keepalived/check_haproxy.sh 
#!/bin/bash

count="$(ps -C haproxy --no-header | wc -l)"
if [ $count -eq 0 ]
then
    /usr/local/haproxy/sbin/haproxy -f /usr/local/haproxy/conf/haproxy.cfg
    sleep 3
    if [ 'ps -C haproxy --no-header | wc -l' -eq 0 ]
    then
          /etc/init.d/keepalived stop
    fi
fi

4、将脚本添加权限,启动服务

[root@localhost ~]# chmod +x /etc/keepalived/check_haproxy.sh
[root@localhost ~]# systemctl restart keepalived

 

四、所有配置完成后进行测试

[root@haproxy-1 ~]# ip a2: eno16777728: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:16:11:9e brd ff:ff:ff:ff:ff:ff
    inet 192.168.200.113/24 brd 192.168.200.255 scope global eno16777728
       valid_lft forever preferred_lft forever
    inet 192.168.200.254/32 scope global eno16777728
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fe16:119e/64 scope link 
       valid_lft forever preferred_lft forever
[root@haproxy-1 ~]# systemctl stop keepalived  //关闭第一台的keepalived服务
VIP会跑到第二台主机上[root@haproxy-2 ~]# ip a
2: eno16777736: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:fa:9e:1d brd ff:ff:ff:ff:ff:ff
    inet 192.168.200.115/24 brd 192.168.200.255 scope global eno16777736
       valid_lft forever preferred_lft forever
    inet 192.168.200.254/32 scope global eno16777736
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fefa:9e1d/64 scope link 
       valid_lft forever preferred_lft forever

测试脚本

[root@localhost ~]# while :
> do
> curl 192.168.200.254
> sleep 3
> done
aaaaa
bbbbbb
aaaaa
bbbbbb
^C
 

 

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!