HAProxy+Keepalived实现负载均衡高可用
一、环境
5台虚拟机,分别是:
1台测试机(192.168.2.83);
2台haproxy/keepalived(192.168.2.230/192.168.2.231);
2台Web Servers(192.168.2.232/192.168.2.233);
注:VIP设置为 192.168.2.228;
二、安装配置Web Server
由于Web Server的安装与配置非常简单,根据自己喜好,安装一个即可;比如:apache、nginx、tomcat等等。在此就不再详述;
三、安装配置HAProxy
yum -y install gcc kernel-devel openssl-devel lrzsz vim wget
wget http://www.haproxy.org/download/1.5/src/haproxy-1.5.12.tar.gz
tar xzvf haproxy-1.5.12.tar.gz
cd haproxy-1.5.12
make TARGET=linux26 PREFIX=/usr/local/haproxy
make install PREFIX=/usr/local/haproxy
mkdir -p /usr/local/haproxy/{conf,run,log}
cp ./examples/haproxy.cfg /usr/local/haproxy/conf/
cd /usr/local/haproxy/conf/
>haproxy.cfg
cat <<eof >> /usr/local/haproxy/conf/haproxy.cfg
global
log 127.0.0.1 local3
maxconn 4096
chroot /usr/local/haproxy
uid 501
gid 501
nbproc 2
pidfile /usr/local/haproxy/run/haproxy.pid
daemon
defaults
log global
mode http
option httplog
option dontlognull
retries 2
option redispatch
option forwardfor
option httpclose
maxconn 2000
balance roundrobin
timeout connect 5s
timeout client 50000ms
timeout server 50000ms
frontend http
bind *:80
mode http
option httplog
default_backend http_pool
backend http_pool
option httpchk HEAD /index.html HTTP/1.0
balance source
server html_1 192.168.2.232:80 cookie 1 weight 2 check inter 2000 rise 2 fall 3
server html_2 192.168.2.233:80 cookie 2 weight 2 check inter 2000 rise 2 fall 3
listen stats
bind *:8888
mode http
bind-process 1
stats uri /haproxy-stats
stats realm Haproxy \ statistic
stats auth admin:admin
eof
设置HAProxy 服务器启动脚本(/etc/init.d/haproxy),内容大致如下:
#! /bin/sh set -e PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/haproxy/sbin PROGDIR=/usr/local/haproxy PROGNAME=haproxy DAEMON=$PROGDIR/sbin/$PROGNAME CONFIG=$PROGDIR/conf/$PROGNAME.cfg PIDFILE=$PROGDIR/run/$PROGNAME.pid DESC="HAProxy Daemon" SCRIPTNAME=/etc/init.d/$PROGNAME # Gracefully exit if the package has been removed. test -x $DAEMON || exit 0 start() { echo -n "Starting $DESC: $PROGNAME" $DAEMON -f $CONFIG echo "." } stop() { echo -n "Stopping $DESC: $PROGNAME" #haproxy_pid=`cat $PIDFILE` `pkill -9 haproxy` echo "." } restart() { echo -n "Restarting $DESC: $PROGNAME" $DAEMON -f $CONFIG -p $PIDFILE -sf $(cat $PIDFILE) echo "." } case "$1" in start) start ;; stop) stop ;; restart) restart ;; *) echo "Usage: $SCRIPTNAME {start|stop|restart}" >&2 exit 1 ;; esac exit 0
chmod +x /etc/init.d/haproxy
注:以上的操作,两台都需要操作;到此,我们的HA就安装及配置好了。
四、安装配置Keepalived
wget http://www.keepalived.org/software/keepalived-1.2.15.tar.gz
tar xzvf keepalived-1.2.15.tar.gz
cd keepalived-1.2.15
./configure --sysconf=/etc/ --with-kernel-dir=/usr/src/kernels/2.6.32-504.23.4.el6.x86_64/
#内核参数,根据不同的操作系统,会不一样,注意更改为您服务器上的内核路径即可;
make
make install
ln -s /usr/local/sbin/keepalived /sbin/
cd /etc/keepalived/
cp keepalived.conf keepalived.conf.bak
编辑keepalive.conf主配置文件,内容大致如下:
! Configuration File for keepalived
global_defs {
router_id LVS_DEVEL
}
vrrp_script chk_haproxy {
script "/etc/keepalived/check_haproxy.sh"
interval 2
weight 2
}
vrrp_instance VI_1 {
state MASTER/BACKUP #前主后备
interface eth0
virtual_router_id 66
priority 100/80 #前主后备
advert_int 3
authentication {
auth_type PASS
auth_pass 333333
}
virtual_ipaddress {
192.168.2.228
}
track_script {
chk_haproxy
}
}
因为主配置文件里有用到一个检测haproxy状态的脚本,所以另外需要创建脚本,内容如下:
# cat check_haproxy.sh
#!/bin/bash haproxy=`ps -C haproxy --no-header|wc -l` if [ $haproxy -eq 0 ]; then /etc/init.d/haproxy start > /dev/null sleep 5 hastatus=`ps -C haproxy --no-header|wc -l` if [ $hastatus -eq 0 ]; then /etc/init.d/keepalived stop > /dev/null fi fi
chmod +x /etc/keepalived/check_haproxy.sh
注:同样,以上的所有操作,需要两台服务器上一样操作,注意更改主备及优先级即可;到此,keepalive的相关安装与配置即OK了;
五、测试及校验
启动keepalived(两台):/etc/init.d/keepalived start
在主服务器上随意把haproxy或者keepalived服务关闭,观察服务的可用性;
如果飘到备服务器上了,同样,在备服务器上随意把haproxy或者keepalived服务关闭,再观察;
最后需要注意的是,如果服务器上有启用安全软件,比如ipatalbes,一定要让服务器间相互访问,不仅仅是ping通;如:iptables -I INPUT -s 192.168.2.0/24 -j ACCEPT