首页 > 代码库 > Haproxy、Keepalived双主高可用负载均衡
Haproxy、Keepalived双主高可用负载均衡
一、Haproxy和Keepalived简介
1、Haproxy
HAProxy提供高可用性、负载均衡以及基于TCP和HTTP应用的代理,支持虚拟主机。它是免费、快速并且可靠的一种解决方案。特别适用于那些负载特大的web站点,这些站点通常又需要会话保持或七层处理。HAProxy运行在当前的硬件上,完全可以支持数以万计的并发连接。并且它的运行模式使得它可以很简单安全的整合进您当前的架构中, 同时可以保护你的web服务器不被暴露到网络上。
2、Keepalived
keepalived是一个类似于layer3, 4 & 7交换机制的软件,也就是我们平时说的第3层、第4层和第7层交换,检测web服务器的状态,如果有一台web服务器死机,或工作出现故障,Keepalived将检测到,并将有故障的web服务器从系统中剔除,当web服务器工作正常后Keepalived自动将web服务器加入到服务器群中,这些工作全部自动完成,不需要人工干涉,需要人工做的只是修复故障的web服务器。
二、实验架构图
三、实验环境
OS:centos6.5x86_64
apache:httpd-2.2.15-29.el6.centos.x86_64
haproxy:haproxy-1.4.24-2.el6.x86_64
keepalived:keepalived-1.2.7-3.el6.x86_64
四、实验目的
1、Haproxy+Keepalived双主双机高可用模型,keepalived为Haproxy主从提供高可用保证haproxy-master若挂掉haproxy-backup能无缝接管,haproxy为后端Web提供负载均衡,缓解并发压力,实现WEB站点负载均衡+高可用性;
2、Haproxy反代web做动静分离;
五、实验配置
1、前端配置
(1)Haproxy1配置
首先配置Keepalived
[root@localhost ~]# yum install keepalived -y
[root@localhost ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email { //指定Keepalived在发送生事件时,需要发送email到的对象
rootr@localhost
hyd@localhost
}
notification_email_from warning@localhost
smtp_server 127.0.0.1 #指定发送email的smtp服务器
smtp_connect_timeout 30
router_id LVS_DEVEL_hyd #运行Keepalived的机器的一个标识
}
vrrp_script chk_haproxy { #检测Haprox服务状态
script "killall -0 haproxy" #服务探测,返回0说明服务是正常的
interval 1
weight 2 #Haproxy上线,权重加2;下线,权重减2
}
vrrp_instance VI_1 { #双主实例1
state MASTER #haproxy1(172.16.6.1)为主,haproxy 2(172.16.6.2)为备
interface eth0
virtual_router_id 60 #实例1的VRID为60
garp_master_delay 1 #在切换到master状态后,延迟进行gratuitous ARP请求
priority 100 #主(172.16.6.1)的优先级为100,从的(172.16.6.2)优先级为99
advert_int 1 #查询间隔
authentication {
auth_type PASS # 认证方式,支持PASS和AH
auth_pass 123456
}
virtual_ipaddress { #漂移地址 实例1的vip
172.16.6.100/16 dev eth0
}
track_interface {#设置额外的监控,里面任意一个出现问题,都会进入fault状态
eth0
}
track_script {
chk_haproxy #追踪脚本
}
#通知脚本
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
vrrp_instance VI_2 {
state BACKUP #实例2在haproxy1(172.16.6.1)上是备,在haproxy(172.16.6.2)上是主
interface eth0
virtual_router_id 120
garp_master_delay 1
priority 200 z#实例2在hapeoxy1上的优先级是200,在haproxy 2上的优先级是201
advert_int 1
authentication {
auth_type PASS
auth_pass 123456
}
virtual_ipaddress {
172.16.6.200/16 dev eth0
}
track_interface {
eth0
}
track_script {
chk_haproxy
}为Keepalived提供脚本
[root@localhost ~]# vim /etc/keepalived/notify.sh
#!/bin/bash
# Author: MageEdu <linuxedu@foxmail.com> 脚本使用请注明出处
# description: An example of notify script
#
vip=172.16.6.100
contact=‘root@localhost‘
notify() {
mailsubject="`hostname` to be $1: $vip floating"
mailbody="`date ‘+%F %H:%M:%S‘`: vrrp transition, `hostname` changed to be $1"
echo$mailbody | mail -s "$mailsubject"$contact
}
case"$1"in
master)
notify master
/etc/rc.d/init.d/haproxystart
exit0
;;
backup)
notify backup
/etc/rc.d/init.d/haproxystop
exit0
;;
fault)
notify fault
/etc/rc.d/init.d/haproxystop
exit0
;;
*)
echo‘Usage: `basename $0` {master|backup|fault}‘
exit1
;;
esac赋予执行权限 chmod +x /etc/keepalived/notify.sh
接着配置Haproxy
[root@localhost ~]# yum -y install haproxy
[root@localhost ~]# vim /etc/haproxy/haproxy.cfg
global
log 127.0.0.1 local2
chroot /var/lib/haproxy #chroot运行的路径,增加安全性
pidfile /var/run/haproxy.pid
maxconn 4000 #默认最大连接数
user haproxy
group haproxy
daemon #守护进程运行
# turn on stats unix socket
stats socket /var/lib/haproxy/stats
#---------------------------------------------------------------------
# common defaults that all the ‘listen‘ and ‘backend‘ sections will
# use if not designated in their block
#---------------------------------------------------------------------
defaults
mode http #指定haproxy的工作模式为http
log global
option httplog
option dontlognull
option http-server-close #当客户端超时时,允许服务器关闭连接
option forwardfor except 127.0.0.0/8 #传递客户端ip
option redispatch #在使用了基于cookie的会话保持的时候,通常需要加这么一项,一旦后端某一server宕机时,能够将其会话重新派发到其它的upstream servers
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 3000
frontend proxy *:80 #前端代理
acl url_static path_beg -i /static /images /javascript /stylesheets
acl url_static path_end -i .jpg .gif .png .css .js
acl dynamic_content path_end -i .php
use_backend static if url_static
default_backend dynamic
#---------------------------------------------------------------------
# static backend for serving up images, stylesheets and such
#---------------------------------------------------------------------
backend static #后端静态服务器
balance roundrobin
server web1 172.16.6.10:80 inter 3000 rise 2 fall 3 check maxconn 5000
#---------------------------------------------------------------------
# round robin balancing between the various backends
#---------------------------------------------------------------------
backend dynamic #后端动态服务器
balance roundrobin
server web2 172.16.6.20:80 inter 3000 rise 2 fall 3 check maxconn 5000
listen statistics #启用stats查看,认证等功能:默认在/haproxy?stats
mode http
bind *:8080 #监听的地址和端口
stats enable #开启stats功能
stats auth admin:admin 登陆用户名和密码
stats uri /admin?stats #指定uri访问路径
stats hide-version #隐藏软件版本号
stats admin if TRUE #如果认证通过了就允许管理
stats refresh 5s #页面自动刷新间隔
acl allow src 172.16.0.0/16 #定义访问控制列表
tcp-request content accept if allow
tcp-request content reject(2)Haproxy2配置
与Haproxy1大致相同,不同地方会提醒大家哦!!!
首先配置Keepalived
[root@localhost ~]# yum install keepalived -y
[root@localhost ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
rootr@localhost
hyd@localhost
}
notification_email_from warning@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL_hyd
}
vrrp_script chk_haproxy {
script "killall -0 haproxy"
interval 1
weight 2
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 120 #使用VRID将路由器进行分组,具有相同VRID值的路由器为同一个组
garp_master_delay 1
priority 201#
advert_int 1
authentication {
auth_type PASS
auth_pass 123456
}
virtual_ipaddress {
172.16.6.200/16 dev eth0
}
track_interface {
eth0
}
track_script {
chk_haproxy
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
vrrp_instance VI_2 {
state BACKUP
interface eth0
virtual_router_id 60
garp_master_delay 1
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 123456
}
virtual_ipaddress {
172.16.6.100/16 dev eth0
}
track_interface {
eth0
}
track_script {
chk_haproxy
}脚本同Haproxy1的相同,只需把脚本里的vip改为172.16.6.200。
接着配置Haproxy
因为Haproxy1的Haproxy与Haproxy2的Haproxy是相同的,都是将服务代理至后端服务器,可以直接使用Haproxy1的Haproxy的配置。
[root@localhost ~]# scp /etc/haproxy/haproxy.cfg root@172.16.6.2:/etc/haproxy/
(3)启动Keepalived,Haproxy并测试,测试Keepalived高可用
Haproxy1 Haproxy2 启动Keepalived,Haproxy
[root@localhost ~]# service keepalived start [root@localhost ~]# service haproxy start
对于Haproxy1,效果如下
对于Haproxy2,效果如下
关闭Haproxy1的Haproxy服务测试,vip飘移
查看Haproxy2,接收到了Haproxy1飘过来的vip
2、后端配置
(1)配置web1, 配置静态页面
[root@station36 html]# cd /var/www/html [root@station36 html]# vim index.html <h1> static web station 172.16.6.10 </h1> [root@station36 html]# service httpd start
(2)配置web2, 配置页动态页面
[root@localhost ~]# yum install php -y
[root@localhost ~]# cd /var/www/html
[root@localhost html]# vim index.php
<h1> static web station 172.16.6.20
<?php
phpinfo();
?>
</h1>(3)Haproxy动静分离机制
请求静态内容
首先在web1(172.16.6.10)的网页目录下放入hyd.jpg
请求静态内容:访问172.16.6.200/hyd.jpg
请求动态内容:访问172.16.6.200
Haproxy统计页面的输出
本文出自 “青鸟” 博客,请务必保留此出处http://shhyd.blog.51cto.com/3708009/1408185
声明:以上内容来自用户投稿及互联网公开渠道收集整理发布,本网站不拥有所有权,未作人工编辑处理,也不承担相关法律责任,若内容有误或涉及侵权可进行投诉: 投诉/举报 工作人员会在5个工作日内联系你,一经查实,本站将立刻删除涉嫌侵权内容。