keepalived+haproxy实现高可用集群

实验环境

172.16.32.21
172.16.32.22
Vip:
172.16.32.30

1. 部署httpd测试服务

yum install httpd
echo "172.16.32.22" >> /var/www/html/id.html
systemctl start httpd
curl 172.16.32.22/id.html
172.16.32.22

2. 部署haproxy实现负载均衡

yum install haproxy

vi /etc/haproxy/haproxy.cfg

global
    log 127.0.0.1 local2 info
    pidfile /var/run/haproxy.pid
    maxconn 4000   #优先级低
    user haproxy
    group       haproxy
    daemon #以后台形式运行ha-proxy
    nbproc 2     #工作进程数量 cpu内核是几就写几，不知道用lscpu查看
defaults
    mode http #工作模式 http ,tcp 是 4 层,http是 7 层
    log global
    retries 3   #健康检查。3次连接失败就认为服务器不可用，主要通过后面的check检查
    option redispatch #服务不可用后重定向到其他健康服务器。
    maxconn 4000  #优先级中
    contimeout 5000  #ha服务器与后端服务器连接超时时间，单位毫秒ms
    clitimeout 50000 #客户端超时
    srvtimeout 50000 #后端服务器超时
listen stats
    bind *:81
    stats enable
    stats uri /haproxy #使用浏览器访问 http://192.168.246.169/haproxy,可以看到服务器状态
    stats auth admin:admin  #用户认证，客户端使用elinks浏览器的时候不生效
frontend web
    mode http
    bind *:82   #监听哪个ip和什么端口
    option httplog #日志类别 http 日志格式
    default_backend httpservers #默认使用的服务器组
backend httpservers #名字要与上面的名字必须一样
    balance roundrobin #负载均衡的方式
#    balance static-rr
    server http1 172.16.32.21:80 maxconn 2000 weight 1  check inter 1s rise 2 fall 2
    server http2 172.16.32.22:80 maxconn 2000 weight 1  check inter 1s rise 2 fall 2

systemctl start haproxy

for x in {1..10} ;do curl 172.16.32.22:82/id.html;done
172.16.32.21
172.16.32.21
172.16.32.22
172.16.32.22
172.16.32.21
172.16.32.21
172.16.32.22
172.16.32.21
172.16.32.22
172.16.32.21

3. 部署keepalived

tar -zxvf keepalived-2.2.8.tar.gz 
cd keepalived-2.2.8
 ./configure --prefix=/usr/local/keepalived --sysconf=/etc
 make && make install
 cp keepalived/etc/init.d/keepalived /etc/init.d/
 cp keepalived/etc/sysconfig/keepalived /etc/sysconfig/
 systemctl daemon-reload

cat /etc/keepalived/check_haproxy.sh 
#!/bin/bash
count=`ps aux | grep -v grep |grep -v check_haproxy| grep haproxy | wc -l`
if [[ $count -gt 0 ]]; then
    exit 0
else
    exit 1
fi

cat /etc/keepalived/keepalived.conf
global_defs {
 notification_email {
     [email protected]
   }
   notification_email_from [email protected]
   smtp_server smtp.exmail.qq.com
   smtp_connect_timeout 30
   router_id st22
   vrrp_skip_check_adv_addr
#   vrrp_strict
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}

vrrp_script checkhaproxy
{
    script "/etc/keepalived/check_haproxy.sh"
    interval 3
    weight -20
}

vrrp_instance VI_1 {
    state BACKUP 
    interface ens192
    virtual_router_id 51
    priority 100 
    advert_int 1
    track_script
    {
        checkhaproxy
    }
    authentication {
        auth_type PASS
        auth_pass 18142
    }
    unicast_src_ip 172.16.32.22          #配置单播的源地址，即本机地址      
    unicast_peer {
        172.16.32.21                #配置单播的目标地址，即对方节点地址，备有多台就配置多个地址           
    }
    virtual_ipaddress {
        172.16.32.30
    }
}

systemctl start keepalived

for x in {1..10} ;do curl 172.16.32.30:82/id.html;done
172.16.32.21
172.16.32.22
172.16.32.21
172.16.32.22
172.16.32.21
172.16.32.22
172.16.32.21
172.16.32.22
172.16.32.21
172.16.32.22

4. 高可用实验

4.1 停止22上httpd服务

停止一个节点的服务 不影响服务请求

for x in {1..10} ;do curl 172.16.32.30:82/id.html;done
172.16.32.21
172.16.32.21
172.16.32.21
172.16.32.21
172.16.32.21
172.16.32.21
172.16.32.21
172.16.32.21
172.16.32.21
172.16.32.21

4.2 停止22上haproxy

停止一个节点haproxy,不影响服务请求，查看vip已切换

for x in {1..10} ;do curl 172.16.32.30:82/id.html;done
172.16.32.21
172.16.32.22
172.16.32.21
172.16.32.21
172.16.32.22
172.16.32.21
172.16.32.22
172.16.32.21
172.16.32.22
172.16.32.22

[root@vmzz07 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet 172.16.32.30/32 brd 172.16.32.30 scope global lo:0
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens192: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:50:56:a2:9c:50 brd ff:ff:ff:ff:ff:ff
    inet 172.16.32.21/27 brd 172.16.32.31 scope global noprefixroute ens192
       valid_lft forever preferred_lft forever
    inet 172.16.32.30/32 scope global ens192
       valid_lft forever preferred_lft forever
    inet6 fe80::250:56ff:fea2:9c50/64 scope link 
       valid_lft forever preferred_lft forever

4.3 停止keepalived

停止一个节点keepalived,不影响服务请求，查看vip已切换

[root@dev32 ~]# for x in {1..10} ;do curl 172.16.32.30:82/id.html;done
172.16.32.21
172.16.32.22
172.16.32.21
172.16.32.22
172.16.32.21
172.16.32.22
172.16.32.21
172.16.32.21
172.16.32.22
172.16.32.21

[root@vmzz08 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet 172.16.32.30/32 brd 172.16.32.30 scope global lo:0
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens192: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:50:56:a2:31:c9 brd ff:ff:ff:ff:ff:ff
    inet 172.16.32.22/27 brd 172.16.32.31 scope global noprefixroute ens192
       valid_lft forever preferred_lft forever
    inet 172.16.32.30/32 scope global ens192
       valid_lft forever preferred_lft forever
    inet6 fe80::250:56ff:fea2:31c9/64 scope link 
       valid_lft forever preferred_lft forever

4.4 关闭21节点，vip在当前服务器上

关闭21节点，不影响服务请求，查看vip已切换

[root@dev32 ~]# for x in {1..10} ;do curl 172.16.32.30:82/id.html;done
172.16.32.22
172.16.32.22
172.16.32.22
172.16.32.22
172.16.32.22
172.16.32.22
172.16.32.22
172.16.32.22
172.16.32.22
172.16.32.22

[root@vmzz08 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet 172.16.32.30/32 brd 172.16.32.30 scope global lo:0
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens192: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:50:56:a2:31:c9 brd ff:ff:ff:ff:ff:ff
    inet 172.16.32.22/27 brd 172.16.32.31 scope global noprefixroute ens192
       valid_lft forever preferred_lft forever
    inet 172.16.32.30/32 scope global ens192
       valid_lft forever preferred_lft forever
    inet6 fe80::250:56ff:fea2:31c9/64 scope link 
       valid_lft forever preferred_lft forever

5. haproxy负载均衡算法

例子：https://cloud.tencent.com/developer/article/1644907

分为：
Frontend 七层
Backend 三层