实现haproxy+keepalived高可用集群
环境
服务器系统:Centos7
ip:192.168.100.43,192.168.100.44(nginx)
ip:192.168.100.41,192.168.100.42(haproxy,keepalived)
vip:192.168.100.40
nginx配置
#nginx-43和nginx-44添加如下相同配置
#nginx安装前面已经配置过,这边就不在过多描述
[root@nginx-43 vhost]# ifconfig
ens33: flags=4163 mtu 1500
inet 192.168.100.43 netmask 255.255.255.0 broadcast 192.168.100.255
ether 00:0c:29:b6:f0:74 txqueuelen 1000 (Ethernet)
RX packets 2997 bytes 327500 (319.8 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 2187 bytes 284174 (277.5 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73 mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 1000 (Local Loopback)
RX packets 56 bytes 28048 (27.3 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 56 bytes 28048 (27.3 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@nginx-php_43 ~]# cd /data/tools/nginx/conf/
[root@nginx-php_43 conf]# pwd
/data/tools/nginx/conf
#nginx.conf修改和添加如下配置
[root@nginx-php_43 conf]# grep -E "www|conf" nginx.conf
user www www;
include vhost/*.conf;
#添加如下配置
[root@nginx-php_43 conf]# cd vhost/
[root@nginx-php_43 vhost]# cat www.abc.net.conf
server {
listen 80;
server_name www.abc.net;
access_log /data/wwwlogs/www.abc.net_nginx.log access_json;
location / {
root /data/wwwroot/www.abc.net;
index index.php index.html index.htm;
}
location ~ \.php$ {
root /data/wwwroot/www.abc.net;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
} 本地windows添加hosts解析
路径如下:C:\Windows\System32\drivers\etc\hosts
依次测试43和44,测试两台nginx结果如下即可注释
#192.168.100.44 www.abc.net
192.168.100.43 www.abc.net
haproxy配置
#安装haproxy
#haproxy2台服务器相同配置
[root@haproxy_41 ~]# yum -y install haproxy
#设置开机自启动并指定加载那个配置文件
[root@haproxy_41 ~]# cat /usr/lib/systemd/system/haproxy.service
[Unit]
Description=HAProxy Load Balancer
After=syslog.target network.target
[Service]
EnvironmentFile=/etc/sysconfig/haproxy
ExecStart=/usr/sbin/haproxy-systemd-wrapper -f /etc/haproxy/haproxy.cfg -f /etc/haproxy/conf/www.abc.net.cfg -p /run/haproxy.pid $OPTIONS
ExecReload=/bin/kill -USR2 $MAINPID
KillMode=mixed
[Install]
WantedBy=multi-user.target
#设置开机自启动
[root@haproxy_41 ~]# systemctl enable --now haproxy
#haproxy主配置文件
[root@haproxy_41 ~]# cat /etc/haproxy/haproxy.cfg
global
log 127.0.0.1 local2
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy
daemon
stats socket /var/lib/haproxy/stats
defaults
mode http
log global
option httplog
option dontlognull
option http-server-close
option forwardfor except 127.0.0.0/8
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 3000
listen stats
mode http
bind 0.0.0.0:9999
stats enable
log global
stats uri /haproxy-status
stats auth admin:123456
#haproxy代理配置文件
[root@haproxy_41 ~]# cat /etc/haproxy/conf/www.magedu.net.cfg
listen magedu_http_80
bind 192.168.100.40:80
mode tcp
log global
server 192.168.100.43 192.168.100.43:80 check inter 3000 fall 3 rise 5
server 192.168.100.44 192.168.100.44:80 check inter 3000 fall 3 rise 5
haproxy配置
#安装haproxy
[root@haproxy_41 ~]# yum -y install haproxy
#设置开机自启动并指定加载那个配置文件
[root@haproxy_41 ~]# cat /usr/lib/systemd/system/haproxy.service
[Unit]
Description=HAProxy Load Balancer
After=syslog.target network.target
[Service]
EnvironmentFile=/etc/sysconfig/haproxy
ExecStart=/usr/sbin/haproxy-systemd-wrapper -f /etc/haproxy/haproxy.cfg -f /etc/haproxy/conf/www.abc.net.cfg -p /run/haproxy.pid $OPTIONS
ExecReload=/bin/kill -USR2 $MAINPID
KillMode=mixed
[Install]
WantedBy=multi-user.target
[root@haproxy_41 ~]# systemctl enable --now haproxykeepalived配置
#安装keepalived
#2台keepalived略有区别
#master配置,区别为state MASTER和priority 100
[root@haproxy_41 ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
[email protected]
[email protected]
[email protected]
}
notification_email_from [email protected]
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
#vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 51
priority 100
advert_int 1
unicast_src_ip 192.168.100.41
unicast_peer {
192.168.100.42
}
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.100.40 dev ens33 label ens33:0
}
}
#BACKUP配置,区别为state BACKUP和priority 80
[root@haproxy_42 ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
[email protected]
[email protected]
[email protected]
}
notification_email_from [email protected]
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
#vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 51
priority 80
advert_int 1
unicast_src_ip 192.168.100.42
unicast_peer {
192.168.100.41
}
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.100.40 dev ens33 label ens33:0
}
}
#设置自开机启动
[root@haproxy_41 ~]# systemctl enable --now keepalived
#查看主keepalived状态,可以看到已经有了vip,vip此时已经在192.168.100.41上
[root@haproxy_41 ~]# ifconfig
ens33: flags=4163 mtu 1500
inet 192.168.100.41 netmask 255.255.255.0 broadcast 192.168.100.255
ether 00:0c:29:4e:68:dd txqueuelen 1000 (Ethernet)
RX packets 8316 bytes 1063430 (1.0 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 13477 bytes 1621918 (1.5 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ens33:0: flags=4163 mtu 1500
inet 192.168.100.40 netmask 255.255.255.255 broadcast 0.0.0.0
ether 00:0c:29:4e:68:dd txqueuelen 1000 (Ethernet)
lo: flags=73 mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 1000 (Local Loopback)
RX packets 80 bytes 11456 (11.1 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 80 bytes 11456 (11.1 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
#查看从keepalived状态,vip未加载
[root@haproxy_42 ~]# clear
[root@haproxy_42 ~]# ifconfig
ens33: flags=4163 mtu 1500
inet 192.168.100.42 netmask 255.255.255.0 broadcast 192.168.100.255
ether 00:0c:29:d2:fa:6c txqueuelen 1000 (Ethernet)
RX packets 9791 bytes 687923 (671.7 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 9647 bytes 657818 (642.4 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73 mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 1000 (Local Loopback)
RX packets 42 bytes 3652 (3.5 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 42 bytes 3652 (3.5 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 修改windows的hosts解析
路径如下:C:\Windows\System32\drivers\etc\hosts
添加解析记录,注释之前的解析记录,解析www.abc.net到vip上
#192.168.100.44 www.abc.net
#192.168.100.43 www.abc.net
192.168.100.40 www.abc.net
访问:http://www.abc.net
测试高可用
#停掉192.168.100.41上的keepalived服务
[root@haproxy_41 ~]# clear
[root@haproxy_41 ~]# systemctl stop keepalived
[root@haproxy_41 ~]# ifconfig
ens33: flags=4163 mtu 1500
inet 192.168.100.41 netmask 255.255.255.0 broadcast 192.168.100.255
ether 00:0c:29:4e:68:dd txqueuelen 1000 (Ethernet)
RX packets 9011 bytes 1143780 (1.0 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 14585 bytes 1743716 (1.6 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73 mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 1000 (Local Loopback)
RX packets 82 bytes 11874 (11.5 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 82 bytes 11874 (11.5 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
#查看192.168.100.42上的状态,vip已经漂移到42上面
[root@haproxy_42 ~]# ifconfig
ens33: flags=4163 mtu 1500
inet 192.168.100.42 netmask 255.255.255.0 broadcast 192.168.100.255
ether 00:0c:29:d2:fa:6c txqueuelen 1000 (Ethernet)
RX packets 10506 bytes 738763 (721.4 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 10412 bytes 709388 (692.7 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ens33:0: flags=4163 mtu 1500
inet 192.168.100.40 netmask 255.255.255.255 broadcast 0.0.0.0
ether 00:0c:29:d2:fa:6c txqueuelen 1000 (Ethernet)
lo: flags=73 mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 1000 (Local Loopback)
RX packets 42 bytes 3652 (3.5 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 42 bytes 3652 (3.5 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 访问:http://www.abc.net
可以看到高可用测试正常,vip已经漂移到192.168.100.42!!!~~~
#重新启动192.168.100.41上的keepalived服务,观察
#可以看到vip又重新漂移到192.168.100.41的ip上
#192.168.100.41上的keepalived服务
[root@haproxy_41 ~]# clear
[root@haproxy_41 ~]# systemctl start keepalived
[root@haproxy_41 ~]# ifconfig
ens33: flags=4163 mtu 1500
inet 192.168.100.41 netmask 255.255.255.0 broadcast 192.168.100.255
ether 00:0c:29:4e:68:dd txqueuelen 1000 (Ethernet)
RX packets 11952 bytes 1348497 (1.2 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 18337 bytes 2008768 (1.9 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ens33:0: flags=4163 mtu 1500
inet 192.168.100.40 netmask 255.255.255.255 broadcast 0.0.0.0
ether 00:0c:29:4e:68:dd txqueuelen 1000 (Ethernet)
lo: flags=73 mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 1000 (Local Loopback)
RX packets 82 bytes 11874 (11.5 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 82 bytes 11874 (11.5 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
#vip已经漂移到192.168.100.41
[root@haproxy_42 ~]# ifconfig
ens33: flags=4163 mtu 1500
inet 192.168.100.42 netmask 255.255.255.0 broadcast 192.168.100.255
ether 00:0c:29:d2:fa:6c txqueuelen 1000 (Ethernet)
RX packets 13395 bytes 957110 (934.6 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 14079 bytes 949636 (927.3 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73 mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 1000 (Local Loopback)
RX packets 42 bytes 3652 (3.5 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 42 bytes 3652 (3.5 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 至此,haproxy+keepalived高可用已经配置完成。
实现lvs+keepalived高可用集群
环境
服务器系统:Centos7
ip:192.168.100.43,192.168.100.44(nginx)
ip:192.168.100.41,192.168.100.42(lvs,keepalived)
vip:192.168.100.40
keepalived配置
#2台基本配置不大,除了state和vip的优先级
[root@lvskeepalived_48 ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
[email protected]
[email protected]
[email protected]
}
notification_email_from [email protected]
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
#vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 52
priority 100
advert_int 1
unicast_src_ip 192.168.100.48
unicast_peer {
192.168.100.49
}
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.100.40 dev ens33 label ens33:0
}
}lvs配置
#lvs配置,2台配置一致
include /etc/keepalived/conf/*.conf
[root@lvskeepalived_48 ~]# cat /etc/keepalived/conf/www.abc.net.conf
virtual_server 192.168.100.40 80 {
delay_loop 3
lb_algo wrr
lb_kind DR
protocol TCP
real_server 192.168.100.41 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 192.168.100.42 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
virtual_server 192.168.100.40 3306 {
delay_loop 3
lb_algo wrr
lb_kind DR
protocol TCP
real_server 192.168.100.41 3306 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 3306
}
}
real_server 192.168.100.42 3306 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 3306
}
}
}
#所有服务器执行
#开启ip转发
echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf
#开启不允许绑定本地以为的ip
echo "net.ipv4.ip_nonlocal_bind = 1" >> /etc/sysctl.conf
#因为是dr模式,所以客户端(web服务器)需要执行以下脚本,配置vip地址
[root@localhost ~]# cat lvs_dr.sh
#add for chkconfig
#!/bin/bash
VIP=192.168.100.40
source /etc/rc.d/init.d/functions
case "$1" in
start)
ifconfig lo:0 $VIP netmask 255.255.255.255 broadcast $VIP
/sbin/route add -host $VIP dev lo:0
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
echo "RealServer Start OK"
;;
stop)
ifconfig lo:0 down
route del $VIP >/dev/null 2>&1
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
echo "RealServer Stoped"
;;
*)
echo "Usage: $0 {start|stop}"
exit 1
esac
#检测vip
[root@lvskeepalived_48 ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.100.40:80 wrr
-> 192.168.100.41:80 Route 1 0 3
-> 192.168.100.42:80 Route 1 0 4
TCP 192.168.100.40:3306 wrr
-> 192.168.100.41:3306 Route 1 0 1
-> 192.168.100.42:3306 Route 1 0 2至此lvs+keepalived也已经配置完成。