Keepalived+HAProxy基于读写分离方式实现discuz论坛_第1张图片

一、测试环境: centos 6.6;使用8台虚拟机(上图)

分别对它们设置主机名:

主机名 ip地址 软件包
node1 172.16.16.11 keepalived+haproxy
node2 172.16.16.12 keepalived+haproxy
php1 172.16.16.2 httpd+php+php-mysql+nfs-utils
php2 172.16.16.8 httpd+php+php-mysql+nfs-utils
web1 172.16.16.3 httpd
web2 172.16.16.4 httpd
mysql 172.16.16.5 mariadb-5.5.43-linux-x86_64.tar.gz
nfs 172.16.16.252 nfs-utils

上述服务器实现的作用介绍:

①keepalived+haproxy,实现高可用和haproxy的反向代理功能并实现动静分离的效果;请求动态的内容交给后端的动态服务器组(php1或php2);静态内容交给静态服务器组(web1和web2)

②mysql服务器存储discuz数据库

③nfs文件共享服务器设置2个目录/mydata和/discuz;前者给mysql服务器用做当datadir使用;后者给web和php服务器使用,共享discuz网页文件



二、准备工作:这里基于ansible的playbook部署

1、ansible使用环境为centos 7;设置如下

# ssh-keygen -t rsa -P '' 
# ssh-copy-id -i ~/.ssh/id_rsa.pub node1
# ssh-copy-id -i ~/.ssh/id_rsa.pub node2
# ssh-copy-id -i ~/.ssh/id_rsa.pub web1
# ssh-copy-id -i ~/.ssh/id_rsa.pub web2
# ssh-copy-id -i ~/.ssh/id_rsa.pub php1
# ssh-copy-id -i ~/.ssh/id_rsa.pub php2
# ssh-copy-id -i ~/.ssh/id_rsa.pub mysql
# ssh-copy-id -i ~/.ssh/id_rsa.pub nfs


2、ansible设置及管理节点探测:

# vim /etc/ansible/host
[haproxy]
172.16.16.11
172.16.16.12

[dynamic_servers]
172.16.16.2
172.16.16.8

[static_servers]
172.16.16.3
172.16.16.4

[db]
172.16.16.5

[nfs]
172.16.16.252


# ansible all -m ping        
172.16.16.12 | success >> {
    "changed": false, 
    "ping": "pong"
}

172.16.16.3 | success >> {
    "changed": false, 
    "ping": "pong"
}

172.16.16.11 | success >> {
    "changed": false, 
    "ping": "pong"
}

172.16.16.4 | success >> {
    "changed": false, 
    "ping": "pong"
}

172.16.16.5 | success >> {
    "changed": false, 
    "ping": "pong"
}

172.16.16.2 | success >> {
    "changed": false, 
    "ping": "pong"
}

172.16.16.8 | success >> {
    "changed": false, 
    "ping": "pong"
}

172.16.16.252 | success >> {
    "changed": false, 
    "ping": "pong"
}


3、ansible定义roles如下:

[root@localhost ansible_playbooks]# tree
.
|-- haproxy.yml                 //playbook剧本
`-- roles                       //定义的角色(7个)         
    |-- haproxy                 //node1,node2节点用到的haproxy
    |   |-- files
    |   |-- handlers
    |   |   `-- main.yml
    |   |-- tasks
    |   |   `-- main.yml
    |   |-- templates
    |   |   |-- haproxy.cfg.j2
    |   |   `-- rsyslog.conf
    |   `-- vars
    |       `-- main.yml
    |-- httpd                 //web1,web2节点用到的httpd
    |   |-- files
    |   |   `-- mountnfs.sh
    |   |-- handlers
    |   |-- tasks
    |   |   `-- main.yml
    |   `-- templates
    |       `-- httpd.conf.j2
    |-- initialization               //所有节点用到的系统初始化
    |   |-- files
    |   |-- handlers
    |   |-- tasks
    |   |   `-- main.yml
    |   `-- templates
    |       |-- hosts
    |       |-- resolv.conf
    |       `-- selinux.conf
    |-- keepalived                 //keepalived设置 
    |   |-- files
    |   |   `-- notify.sh
    |   |-- handlers
    |   |   `-- main.yml
    |   |-- tasks
    |   |   `-- main.yml
    |   |-- templates
    |   |   |-- keepalived.conf.backup.j2
    |   |   `-- keepalived.conf.master.j2
    |   `-- vars
    |       `-- main.yml
    |-- mysql                      //mysql数据库
    |   |-- files
    |   |   |-- mariadb-5.5.43-linux-x86_64.tar.gz
    |   |   |-- mariadb-5.5.43.sh
    |   |   `-- privilege.sh
    |   |-- handlers
    |   |-- tasks
    |   |   `-- main.yml
    |   `-- templates
    |-- nfs                            //nfs文件共享
    |   |-- files
    |   |   |-- Discuz_X3.1_SC_UTF8.zip
    |   |   `-- discuz.sh
    |   |-- handlers
    |   |-- tasks
    |   |   `-- main.yml
    |   `-- templates
    |       `-- exports
    `-- php                    //php1,php2节点用到的相关配置
        |-- files
        |   |-- install-php.sh
        |   `-- mountnfs.sh
        |-- handlers
        |-- tasks
        |   `-- main.yml
        `-- templates
            `-- httpd.conf.j2


4、介绍上述roles代表的含义,从上至下进行介绍;

4.1、haproxy

handlers:main.yml

- name: restart haproxy       //重启haproxy服务

  service: name=haproxy state=restarted

- name: restart rsyslog      //重启rsyslog服务

  service: name=rsyslog state=restarted

                                      

tasks:main.yml - name: install haproxy package        

  yum: name=haproxy state=present

- name: configuration haproxy 

  template: src=haproxy.cfg.j2   dest=/etc/haproxy/haproxy.cfg

  notify: 

    - restart haproxy

  tags: cfg

- name: configuration rsyslog for haproxy

  template: src=rsyslog.conf   dest=/etc/rsyslog.conf

  notify:

    - restart rsyslog

- name: start haproxy service

  service: name=haproxy state=started enabled=yes

template

haproxy.cfg.j2:  //只截取了重要的部分,动静分离,后端服务器定义

frontend  http

    bind *:80

    mode http

    log global

    option httpclose

    option logasap

    option dontlognull

    acl url_static       path_end       -i .jpg .gif .png .css .js .html .ico

    use_backend static_servers          if url_static

    default_backend dynamic_servers


#---------------------------------------------------------------------

# static backend for serving up p_w_picpaths, stylesheets and such

#---------------------------------------------------------------------

backend static_servers

    balance    roundrobin

    cookie   WebID  insert nocache

    server   web1 ` web1_ip `:80 check cookie web1

    server   web2 ` web2_ip `:80 check cookie web2


#---------------------------------------------------------------------

# round robin balancing between the various backends

#---------------------------------------------------------------------

backend dynamic_servers

    balance     uri

    hash-type consistent

    server  php1 ` php1_ip `:80 check cookie php1

    server  php2 ` php2_ip `:80 check cookie php2


rsyslog.conf


vars:main.yml

web1_ip : 172.16.16.3           //静态web1服务器ip

web2_ip : 172.16.16.4          //静态web2服务器ip

php1_ip : 172.16.16.2         //动态php1服务器ip

php2_ip : 172.16.16.8        //动态php2服务器ip


4.2、httpd

files:mountnfs.sh

yum install -y nfs-utils &> /dev/null   //挂载nfs共享目录

echo " 172.16.16.252:/discuz     /var/www/html/          nfs    defaults,_netdev       0 0 " >> /etc/fstab

mount -a

tasks:main.yml

- name: install httpd package

  yum: name=httpd state=present

- name: mount nfs share directory /discuz

  script: mountnfs.sh

- name: set configuration

  template: src=httpd.conf.j2 dest=/etc/httpd/conf/httpd.conf

- name: start httpd service

  service: name=httpd state=started

templates:http.conf.j2
LogFormat %{X-Forwarded-For}i combined  //将客户端ip记入日志


4.3、initialization

tasks:main.yml

- name: set selinux

  shell: sed -i 's@^SELINUX=.*@SELINUX=permissive@' /etc/selinux/config

  shell: setenforce 0

- name: install libselinux-python package

  yum: name=libselinux-python state=present

- name: copy hosts to all node /etc/hosts

  template: src=hosts dest=/etc/hosts

- name: copy resolv.conf to all node /etc/resolv.conf

  template: src=resolv.conf dest=/etc/resolv.conf

- name: install ntpdate package

  yum: name=ntpdate state=present

- name: synctime from ntp.sjtu.edu.cn

  shell: ntpdate ntp.sjtu.edu.cn

- name: set a cron to synctime from ntp.sjtu.edu.cn

  cron: name="cron to synctime from ntp.sjtu.edu.cn" minute="*/5" job="/usr/sbin/ntpdate ntp.sjtu.edu.cn &> /dev/null" state=present

- name: modify selinux configuration

  template: src=selinux.conf dest=/etc/selinux/conf

- name: set selinux permissive

  shell: setenforce 0

templates:3个文件

(1)hosts

127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4

::1         localhost localhost.localdomain localhost6 localhost6.localdomain6

172.16.16.11    node1

172.16.16.12    node2

172.16.16.3     web1

172.16.16.4     web2

172.16.16.2     php1

172.16.16.8     php2

172.16.16.5     mysql

172.16.16.252  nfs


(2)resolv.conf

nameserver 172.16.0.1


(3)selinux.conf

SELINUX=disabled

SELINUXTYPE=targeted



4.4、keepalived

files:notify.sh
通知机制:当主从发生变化的时候给管理员发邮件
handlers:main.yml
- name: restart keepalived

  service: name=keepalived state=restarted

tasks:main.yml
- name: install keepalived package

  yum: name=keepalived state=present

- name: copy notify.sh to node1 and node2

  copy: src=notify.sh dest=/etc/keepalived/notify.sh

- name: configure keepalived on node1-master

  template: src=keepalived.conf.master.j2 dest=/etc/keepalived/keepalived.conf

  when: ansible_hostname == "node1"

  notify:

   - restart keepalived

- name: configure keepalived on node2-backup

  template: src=keepalived.conf.backup.j2 dest=/etc/keepalived/keepalived.conf

  when: ansible_hostname == "node2"

  notify:

   - restart keepalived

- name: start keepalived service

  service: name=keepalived state=started enabled=yes

templates

keepalived.conf.master.j2

! Configuration File for keepalived


global_defs {

   notification_email {

       root@localhost

   }

   notification_email_from keepalived@localhost

   smtp_connect_timeout 3

   smtp_server 127.0.0.1

   router_id LVS_DEVEL

}


vrrp_script chk_haproxy {

    script "killall -0 haproxy"

    interval 1

    weight 2

}


vrrp_script chk_mantaince_down {

   script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0"

   interval 1

   weight 2

}


vrrp_instance VI_1 {

    interface eth0

    state MASTER  # BACKUP for slave routers

    priority 101  # 100 for BACKUP

    virtual_router_id 51

    garp_master_delay 1


    authentication {

        auth_type PASS

        auth_pass password12345

    }

    track_interface {

       eth0

    }

    virtual_ipaddress {

        ` vip `/16 dev eth0 label eth0:0

    }

    track_script {

        chk_haproxy

        chk_mantaince_down

    }


    notify_master "/etc/keepalived/notify.sh master"

    notify_backup "/etc/keepalived/notify.sh backup"

    notify_fault "/etc/keepalived/notify.sh fault"

}



keepalived.conf.backup.j2

 state BACKUP  

 priority 100  



vars:main.yml vip : 172.16.16.50


4.5、mysql

files:3个文件


(1)mariadb-5.5.43.sh: 编译安装配置mariadb的脚本,就不发了,太多


(2)privilege.sh

#!/bin/bash

#! privilege to dzuser


echo "create database discuz;

grant all on discuz.* to 'dzuser'@'172.16.%.%' identified by 'dzpasswd';

flush privileges;

\q" | mysql

~            


tasks:main.yml

- name: copy mariadb-5.5.43 package

  copy: src=mariadb-5.5.43-linux-x86_64.tar.gz dest=/root/mariadb-5.5.43-linux-x86_64.tar.gz

- name: install mysql and cofiguration

  script: mariadb-5.5.43.sh

- name: start mysqld service

  shell: service mysqld start

- name: privileges to dzuser

  script: privilege.sh

  tags: haha


4.6、nfs

files:discuz.sh

#!/bin/bash

# discuz configuration


unzip -d /discuz /root/Discuz_X3.1_SC_UTF8.zip

chmod -R go+w /discuz/upload/config/

chmod -R go+w /discuz/upload/data/

chmod -R go+w /discuz/upload/uc_*

tasks:main.yml

- name: mkdir share directory to mysql and web

  shell: mkdir -pv /{mydata,discuz}

- name: install nfs package

  yum: name=nfs-utils state=present

- name: useradd mysql 

  user: name=mysql state=present system=yes

- name: useradd apache

  user: name=apache state=present system=yes

- name: copy exports to nfs node

  template: src=exports dest=/etc/exports

- name: set mysql mode(rwx) to /mydata  

  shell: setfacl -m u:mysql:rwx /mydata

- name: set apache mode(rwx) to /discuz

  shell: setfacl -m u:apache:rwx /discuz

- name: copy Discuz_X3.1_SC_UTF8.zip package

  copy: src=Discuz_X3.1_SC_UTF8.zip dest=/root/Discuz_X3.1_SC_UTF8.zip

- name: install unzip package

  yum: name=unzip state=present 

- name: configuration discuz 

  script: discuz.sh 

- name: start rpcbind service

  service: name=rpcbind state=started

- name: start nfs service

templates:exports
/mydata    172.16.0.0/16(rw,no_root_squash)//编译安装mysql需要这样设置,安装完可以改成rw权限即可

/discuz    172.16.0.0/16(rw)


4.7、php

files:2个文件

(1)install-php.sh

#!/bin/bash

# install nfs-utils httpd | php | php-mysql

yum install -y nfs-utils httpd php php-mysql openssl-devel &> /dev/null


(2)mountnfs.sh //同httpd使用的脚本


tasks:main.yml
- name: install nfs-utils | httpd | php | php-mysql package

  script: install-php.sh

- name: mount nfs share directory /discuz

  script: mountnfs.sh

- name: set configuration

  template: src=httpd.conf.j2 dest=/etc/httpd/conf/httpd.conf

- name: start httpd service

  service: name=httpd state=started

templates:httpd.conf.j2
这个模板也同httpd使用的!


三、执行过程如下 

[root@localhost ansible_playbooks]# ansible-playbook haproxy.yml //执行ansible剧本 

PLAY [nfs] ******************************************************************** 

GATHERING FACTS *************************************************************** 
ok: [172.16.16.252]               

TASK: [initialization | set selinux] ****************************************** 
changed: [172.16.16.252]                       //设置selinux

TASK: [initialization | install libselinux-python package] ******************** 
changed: [172.16.16.252]                       //需要安装libselinux-python

TASK: [initialization | copy hosts to all node /etc/hosts] ******************** 
changed: [172.16.16.252]                      //复制主机名解析文件

TASK: [initialization | copy resolv.conf to all node /etc/resolv.conf] ******** 
changed: [172.16.16.252]                    //复制域名文件

TASK: [initialization | install ntpdate package] ****************************** 
changed: [172.16.16.252]                     //安装ntpdate

TASK: [initialization | synctime from ntp.sjtu.edu.cn] ************************ 
changed: [172.16.16.252]
                                                 //同步时间
TASK: [initialization | set a cron to synctime from ntp.sjtu.edu.cn] **********                                              //设置计划任务
changed: [172.16.16.252]

TASK: [initialization | modify selinux configuration] ************************* 
changed: [172.16.16.252]                        //修改selinux

TASK: [initialization | set selinux permissive] ******************************* 
changed: [172.16.16.252]

TASK: [nfs | mkdir share directory to mysql and web] ************************** 
changed: [172.16.16.252]              //创建nfs的共享目录/mydata和/discuz 

TASK: [nfs | install nfs package] ********************************************* 
changed: [172.16.16.252]                //安装nfs-utils

TASK: [nfs | useradd mysql] *************************************************** 
changed: [172.16.16.252]                 //添加mysql用户

TASK: [nfs | useradd apache] ************************************************** 
changed: [172.16.16.252]                //添加apache用户

TASK: [nfs | copy exports to nfs node] **************************************** 
changed: [172.16.16.252]                //设置nfs导出的共享目录

TASK: [nfs | set mysql mode(rwx) to /mydata] ********************************** 
changed: [172.16.16.252]                //给mysql对/mydata的rwx权限

TASK: [nfs | set apache mode(rwx) to /discuz] ********************************* 
changed: [172.16.16.252]                //给apache对/discuz的rwx权限

TASK: [nfs | copy Discuz_X3.1_SC_UTF8.zip package] **************************** 
changed: [172.16.16.252]               //复制discuz安装包到nfs服务器

TASK: [nfs | install unzip package] ******************************************* 
changed: [172.16.16.252]                //解压discuz

TASK: [nfs | configuration discuz] ******************************************** 
changed: [172.16.16.252]                 //配置discuz网页文件(给其对应访问权限) 

TASK: [nfs | start rpcbind service] ******************************************* 
changed: [172.16.16.252]                 //启动rpcbind服务
 
TASK: [nfs | start nfs service] *********************************************** 
changed: [172.16.16.252]               //启动nfs服务

PLAY [db] ********************************************************************* 
                                         //安装及配置mysql
GATHERING FACTS *************************************************************** 
ok: [172.16.16.5]                 

TASK: [initialization | set selinux] ****************************************** 
changed: [172.16.16.5]

TASK: [initialization | install libselinux-python package] ******************** 
changed: [172.16.16.5]

TASK: [initialization | copy hosts to all node /etc/hosts] ******************** 
changed: [172.16.16.5]

TASK: [initialization | copy resolv.conf to all node /etc/resolv.conf] ******** 
changed: [172.16.16.5]

TASK: [initialization | install ntpdate package] ****************************** 
changed: [172.16.16.5]

TASK: [initialization | synctime from ntp.sjtu.edu.cn] ************************ 
changed: [172.16.16.5]

TASK: [initialization | set a cron to synctime from ntp.sjtu.edu.cn] ********** 
changed: [172.16.16.5]

TASK: [initialization | modify selinux configuration] ************************* 
changed: [172.16.16.5]

TASK: [initialization | set selinux permissive] ******************************* 
changed: [172.16.16.5]

TASK: [mysql | copy mariadb-5.5.43 package] *********************************** 
changed: [172.16.16.5]                //复制mariadb到mysql服务器

TASK: [mysql | install mysql and cofiguration] ******************************** 
changed: [172.16.16.5]                 //脚本执行mysql安装,配置
                                             
TASK: [mysql | start mysqld service] ****************************************** 
changed: [172.16.16.5]              //启动mysqld服务

TASK: [mysql | privileges to dzuser] ****************************************** 
changed: [172.16.16.5]              //使用脚本创建discuz数据库,并给dzuser授权

PLAY [static_servers] ********************************************************* 
                                   //静态服务器设置 web1和web2节点
GATHERING FACTS *************************************************************** 
ok: [172.16.16.3]
ok: [172.16.16.4]

TASK: [initialization | set selinux] ****************************************** 
changed: [172.16.16.3]
changed: [172.16.16.4]

TASK: [initialization | install libselinux-python package] ******************** 
changed: [172.16.16.3]
changed: [172.16.16.4]

TASK: [initialization | copy hosts to all node /etc/hosts] ******************** 
changed: [172.16.16.4]
changed: [172.16.16.3]

TASK: [initialization | copy resolv.conf to all node /etc/resolv.conf] ******** 
changed: [172.16.16.3]
changed: [172.16.16.4]

TASK: [initialization | install ntpdate package] ****************************** 
changed: [172.16.16.3]
changed: [172.16.16.4]

TASK: [initialization | synctime from ntp.sjtu.edu.cn] ************************ 
changed: [172.16.16.4]
changed: [172.16.16.3]

TASK: [initialization | set a cron to synctime from ntp.sjtu.edu.cn] ********** 
changed: [172.16.16.3]
changed: [172.16.16.4]

TASK: [initialization | modify selinux configuration] ************************* 
changed: [172.16.16.3]
changed: [172.16.16.4]

TASK: [initialization | set selinux permissive] ******************************* 
changed: [172.16.16.4]
changed: [172.16.16.3]

TASK: [httpd | install httpd package] ***************************************** 
changed: [172.16.16.3]                //安装httpd软件包
changed: [172.16.16.4]         

TASK: [httpd | mount nfs share directory /discuz] ***************************** 
changed: [172.16.16.3]                 //挂载nfs服务器共享的discuz目录至/var/www/html
changed: [172.16.16.4]

TASK: [httpd | set configuration] ********************************************* 
changed: [172.16.16.4]              //配置httpd.conf
changed: [172.16.16.3]

TASK: [httpd | start httpd service] ******************************************* 
changed: [172.16.16.3]                 //启动httpd服务
changed: [172.16.16.4]

PLAY [dynamic_servers] ******************************************************** 
                                    //设置动态服务器php1和php2节点
GATHERING FACTS *************************************************************** 
ok: [172.16.16.2]
ok: [172.16.16.8]

TASK: [initialization | set selinux] ****************************************** 
changed: [172.16.16.2]
changed: [172.16.16.8]

TASK: [initialization | install libselinux-python package] ******************** 
changed: [172.16.16.2]
changed: [172.16.16.8]

TASK: [initialization | copy hosts to all node /etc/hosts] ******************** 
changed: [172.16.16.8]
changed: [172.16.16.2]

TASK: [initialization | copy resolv.conf to all node /etc/resolv.conf] ******** 
changed: [172.16.16.8]
changed: [172.16.16.2]

TASK: [initialization | install ntpdate package] ****************************** 
changed: [172.16.16.2]
changed: [172.16.16.8]

TASK: [initialization | synctime from ntp.sjtu.edu.cn] ************************ 
changed: [172.16.16.2]
changed: [172.16.16.8]

TASK: [initialization | set a cron to synctime from ntp.sjtu.edu.cn] ********** 
changed: [172.16.16.8]
changed: [172.16.16.2]

TASK: [initialization | modify selinux configuration] ************************* 
changed: [172.16.16.8]
changed: [172.16.16.2]

TASK: [initialization | set selinux permissive] ******************************* 
changed: [172.16.16.8]
changed: [172.16.16.2]

TASK: [php | install nfs-utils | httpd | php | php-mysql package] ************* 
changed: [172.16.16.8]              //安装php软件包(使用的是centos 6系统自带的)
changed: [172.16.16.2]

TASK: [php | mount nfs share directory /discuz] ******************************* 
changed: [172.16.16.8]             //挂载discuz目录至/var/www/html 
changed: [172.16.16.2]

TASK: [php | set configuration] *********************************************** 
changed: [172.16.16.8]              //配置httpd.conf,给日志加入客户端访问的ip地址
changed: [172.16.16.2]          

TASK: [php | start httpd service] ********************************************* 
changed: [172.16.16.8]             //启用php功能
changed: [172.16.16.2]

PLAY [haproxy] **************************************************************** 
                                   //安装设置keepalived+haproxy(node1和node2)
GATHERING FACTS *************************************************************** 
ok: [172.16.16.12]
ok: [172.16.16.11]

TASK: [initialization | set selinux] ****************************************** 
changed: [172.16.16.12]
changed: [172.16.16.11]

TASK: [initialization | install libselinux-python package] ******************** 
changed: [172.16.16.12]
changed: [172.16.16.11]

TASK: [initialization | copy hosts to all node /etc/hosts] ******************** 
changed: [172.16.16.12]
changed: [172.16.16.11]

TASK: [initialization | copy resolv.conf to all node /etc/resolv.conf] ******** 
changed: [172.16.16.11]
changed: [172.16.16.12]

TASK: [initialization | install ntpdate package] ****************************** 
ok: [172.16.16.12]
ok: [172.16.16.11]

TASK: [initialization | synctime from ntp.sjtu.edu.cn] ************************ 
changed: [172.16.16.12]
changed: [172.16.16.11]

TASK: [initialization | set a cron to synctime from ntp.sjtu.edu.cn] ********** 
changed: [172.16.16.11]
changed: [172.16.16.12]

TASK: [initialization | modify selinux configuration] ************************* 
changed: [172.16.16.11]
changed: [172.16.16.12]

TASK: [initialization | set selinux permissive] ******************************* 
changed: [172.16.16.11]
changed: [172.16.16.12]

TASK: [keepalived | install keepalived package] ******************************* 
changed: [172.16.16.11]            //安装keepalived
changed: [172.16.16.12]                 

TASK: [keepalived | copy notify.sh to node1 and node2] ************************                                
changed: [172.16.16.12]               //复制通知脚本给node1和node2 
changed: [172.16.16.11]

TASK: [keepalived | configure keepalived on node1-master] ********************* 
skipping: [172.16.16.12]             //设置node1为MASTER节点
changed: [172.16.16.11]

TASK: [keepalived | configure keepalived on node2-backup] ********************* 
skipping: [172.16.16.11]           //设置node2为BACKUP节点
changed: [172.16.16.12]       

TASK: [keepalived | start keepalived service] ********************************* 
changed: [172.16.16.12]            //启动keepalived服务   
changed: [172.16.16.11]

TASK: [haproxy | install haproxy package] ************************************* 
changed: [172.16.16.12]               //安装haproxy软件包
changed: [172.16.16.11]

TASK: [haproxy | configuration haproxy] *************************************** 
changed: [172.16.16.12]             //配置haproxy,实现动静分离
changed: [172.16.16.11]

TASK: [haproxy | configuration rsyslog for haproxy] *************************** 
changed: [172.16.16.11]          //记录haproxy的日志
changed: [172.16.16.12]

TASK: [haproxy | start haproxy service] *************************************** 
changed: [172.16.16.12]          //启动haproxy服务
changed: [172.16.16.11]

NOTIFIED: [keepalived | restart keepalived] *********************************** 
changed: [172.16.16.12]          //配置文件发生变化,重启keepalived服务
changed: [172.16.16.11]

NOTIFIED: [haproxy | restart haproxy] ***************************************** 
changed: [172.16.16.11]           //配置文件发生变化,重启haproxy服务
changed: [172.16.16.12]        

NOTIFIED: [haproxy | restart rsyslog] ***************************************** 
changed: [172.16.16.12]       //配置文件发生变化,重启rsyslog服务
changed: [172.16.16.11]

PLAY RECAP ******************************************************************** 
172.16.16.11               : ok=21   changed=19   unreachable=0    failed=0   
172.16.16.12               : ok=21   changed=19   unreachable=0    failed=0   
172.16.16.2                : ok=14   changed=13   unreachable=0    failed=0   
172.16.16.252              : ok=22   changed=21   unreachable=0    failed=0   
172.16.16.3                : ok=14   changed=13   unreachable=0    failed=0   
172.16.16.4                : ok=14   changed=13   unreachable=0    failed=0   
172.16.16.5                : ok=14   changed=13   unreachable=0    failed=0   
172.16.16.8                : ok=14   changed=13   unreachable=0    failed=0


四、安装discuz论坛 

Keepalived+HAProxy基于读写分离方式实现discuz论坛_第2张图片

Keepalived+HAProxy基于读写分离方式实现discuz论坛_第3张图片

Keepalived+HAProxy基于读写分离方式实现discuz论坛_第4张图片

Keepalived+HAProxy基于读写分离方式实现discuz论坛_第5张图片

Keepalived+HAProxy基于读写分离方式实现discuz论坛_第6张图片

Keepalived+HAProxy基于读写分离方式实现discuz论坛_第7张图片

Keepalived+HAProxy基于读写分离方式实现discuz论坛_第8张图片


安装完成,使用vip:172.16.16.50测试正常!!如下图:

Keepalived+HAProxy基于读写分离方式实现discuz论坛_第9张图片



五、额外测试过程:

(1)测试keepalived是否工作正常,在master出现问题的时候,是否可以切换到backup上: 

Keepalived+HAProxy基于读写分离方式实现discuz论坛_第10张图片

[root@node1 keepalived]# touch down//通过keepalived配置文件定义脚本测试vip是否转移到node2
[root@node1 keepalived]# tail /var/log/messages    //通过下面的日志可看出node1成为BACKUP
Oct 24 20:08:19 node1 Keepalived_vrrp[2644]: VRRP_Script(chk_mantaince_down) failed
Oct 24 20:08:21 node1 Keepalived_vrrp[2644]: VRRP_Instance(VI_1) Received higher prio advert
Oct 24 20:08:21 node1 Keepalived_vrrp[2644]: VRRP_Instance(VI_1) Entering BACKUP STATE
Oct 24 20:08:21 node1 Keepalived_vrrp[2644]: VRRP_Instance(VI_1) removing protocol VIPs.
Oct 24 20:08:21 node1 Keepalived_healthcheckers[2643]: Netlink reflector reports IP 172.16.16.50 removed


[root@node2 ~]# tail /var/log/messages         //通过下面的日志可看出node2成为MASTER
Oct 24 20:08:22 node2 Keepalived_vrrp[2442]: VRRP_Instance(VI_1) Transition to MASTER STATE
Oct 24 20:08:23 node2 Keepalived_vrrp[2442]: VRRP_Instance(VI_1) Entering MASTER STATE
Oct 24 20:08:23 node2 Keepalived_vrrp[2442]: VRRP_Instance(VI_1) setting protocol VIPs.
Oct 24 20:08:23 node2 Keepalived_healthcheckers[2441]: Netlink reflector reports IP 172.16.16.50 added
Oct 24 20:08:23 node2 Keepalived_vrrp[2442]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 172.16.16.50

Keepalived+HAProxy基于读写分离方式实现discuz论坛_第11张图片

[root@node1 keepalived]# tail /var/log/haproxy.log 
Oct 24 20:08:21 node1 Keepalived_healthcheckers[2643]: Netlink reflector reports IP 172.16.16.50 removed
[root@node2 ~]# tail /var/log/haproxy.log 
Oct 24 20:08:23 node2 Keepalived_healthcheckers[2441]: Netlink reflector reports IP 172.16.16.50 added


这个时候访问discuz论坛仍然没有问题;说明keepalived发挥了作用!

Keepalived+HAProxy基于读写分离方式实现discuz论坛_第12张图片



(2)测试haproxy是否可以实现读写分离?方法:将所有static_servers的httpd服务停止,测试只提供php的功能,显示效果如下图

[root@web1 ~]# service httpd stop     //停止web1和web2的httpd服务,提供静态内容显示
[root@web2 ~]# service httpd stop

Keepalived+HAProxy基于读写分离方式实现discuz论坛_第13张图片


# 可以看到上面的效果,图片都已经不再显示,将web2加回来,然后再查看效果,没查看http的访问日志

[root@web2 ~]# service httpd start       //启动其中的一台
[root@web2 ~]# tail /var/log/httpd/access_log 
172.16.0.3 - - [24/Oct/2015:20:46:54 +0800] "GET /static/p_w_picpath/common/user_online.gif HTTP/1.1" 200 868 "http://172.16.16.50/data/cache/style_1_common.css?SFA" "Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.155 Safari/537.36"
172.16.0.3 - - [24/Oct/2015:20:46:54 +0800] "GET /static/p_w_picpath/common/arrwd.gif HTTP/1.1" 200 51 "http://172.16.16.50/data/cache/style_1_common.css?SFA" "Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.155 Safari/537.36"
172.16.0.3 - - [24/Oct/2015:20:46:54 +0800] "GET /static/p_w_picpath/common/qmenu.png HTTP/1.1" 200 225 "http://172.16.16.50/data/cache/style_1_common.css?SFA" "Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.155 Safari/537.36"
172.16.0.3 - - [24/Oct/2015:20:46:54 +0800] "GET /static/p_w_picpath/common/nv.png HTTP/1.1" 200 1939 "http://172.16.16.50/data/cache/style_1_common.css?SFA" "Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.155 Safari/537.36"
172.16.0.3 - - [24/Oct/2015:20:46:54 +0800] "GET /static/p_w_picpath/common/nv_a.png HTTP/1.1" 200 2076 "http://172.16.16.50/data/cache/style_1_common.css?SFA" "Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.155 Safari/537.36"
172.16.0.3 - - [24/Oct/2015:20:46:54 +0800] "GET /static/p_w_picpath/common/search.png HTTP/1.1" 200 1301 "http://172.16.16.50/data/cache/style_1_common.css?SFA" "Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.155 Safari/537.36"
172.16.0.3 - - [24/Oct/2015:20:46:54 +0800] "GET /static/p_w_picpath/common/chart.png HTTP/1.1" 200 990 "http://172.16.16.50/data/cache/style_1_forum_index.css?SFA" "Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.155 Safari/537.36"
172.16.0.3 - - [24/Oct/2015:20:46:54 +0800] "GET /static/p_w_picpath/common/pt_item.png HTTP/1.1" 200 3598 "http://172.16.16.50/data/cache/style_1_common.css?SFA" "Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.155 Safari/537.36"
172.16.0.3 - - [24/Oct/2015:20:46:54 +0800] "GET /static/p_w_picpath/common/titlebg.png HTTP/1.1" 200 315 "http://172.16.16.50/data/cache/style_1_common.css?SFA" "Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.155 Safari/537.36"
172.16.0.3 - - [24/Oct/2015:20:46:55 +0800] "GET /static/p_w_picpath/common/scrolltop.png HTTP/1.1" 200 1383 "http://172.16.16.50/data/cache/style_1_common.css?SFA" "Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.155 Safari/537.36"

Keepalived+HAProxy基于读写分离方式实现discuz论坛_第14张图片 

至此,终于将所有剧本,脚本,图片,日志整理完成!