Haproxy based on keepalived for web high availability and static and dynamic separation

Objective

Software load Balancing is generally implemented in two ways: operating system-based soft load implementation and soft load balancing based on third-party applications. LVS is a kind of soft load based on Linux operating system, while Haproxy is a soft load based on third party application. Haproxy compared to the use of LVS is much simpler, but like LVs, haproxy themselves can not achieve high availability, once the Haprox node failure, will affect the entire site. This paper is haprox based on keepalived to achieve web high availability and static and dynamic separation.

Related introduction

HAProxy

Haproxy is a high availability, load balancer, and proxy software based on TCP and HTTP applications, Haproxy is completely free, with Haproxy for fast and reliable proxy solutions based on TCP and HTTP applications. Haproxy is suitable for those Web sites that are heavily loaded, and these sites typically require session retention or seven layers. Haproxy can support tens of thousands of concurrent connections, and Haproxy's operating mode makes it easy and secure to integrate into the architecture, and can include Web servers that are not exposed to the network.

keepalived

Keepalived is based on the VRRP (Virtual router redundancy protocol, VPN Routing redundancy Protocol) Hot backup protocol to implement the multi-machine hot standby function of Linux server in the way of software. VRRP is a backup solution for routers----a hot standby group consisting of multiple routers. Provide services externally through a shared virtual IP address; At the same time in each hot standby group, only one primary server is available, and the other servers are redundant, and if the server that is currently online fails, the other servers automatically take over the virtual IP address (priority decision order) to continue serving.

High-availability solution topologies

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/7A/02/wKiom1agjDrxnjJuAABGGIJiqfg283.png "title=" 3.png " alt= "Wkiom1agjdrxnjjuaabggijiqfg283.png"/>

First, test environment: Centos6.5; use 5 virtual machines

Set the host name to them individually: hostname                      ip Address                   Package mail                       192.168.9.9            ansiblenode1                      192.168.9.6            haproxy+keepalivednode2                      192.168.9.7            haproxy+keepalivednode3                      192.168.9.233          httpdnode4                      192.168.9.232         lamp

Ii. preparatory work: Here is a simple deployment based on ansible.

1, based on SSH communication, first do key;# ssh-copy-id  -i /root/.ssh/id_rsa.pub node1# ssh-copy-id   -i /root/.ssh/id_rsa.pub node2# ssh-copy-id  -i /root/.ssh/id_rsa.pub  node3# ssh-copy-id  -i /root/.ssh/id_rsa.pub node42, ansible Settings and Management node detection: # cd  /etc/ansible/# vim hosts[haproxy]node1node2[images]node3[dynamic]node4# ansible all  -m pingnode3 | success >> {     "changed":  false,       "ping":  "Pong"}node1 | success >> {      "changed": false,      "ping":  "Pong"}node2 | success  >> {     "changed": false,      "ping":  "Pong"}node4 | success >> {     "changed": false,       "Ping ": " Pong "} 

Iii. installation of Haproxy and keepalived on Node1 and Node2

Time synchronization # ansible haproxy -m shell -a  ' ntpdate cn.pool.ntp.org ' node1 |  success | rc=0 >>21 jan 16:34:32 ntpdate[3481]: step time  server 202.112.29.82 offset -2.284555 secnode2 | success | rc=0  >>21 jan 16:34:47 ntpdate[3286]: step time server 202.112.29.82  offset -2.287749 sec# ansible haproxy -m shell -a  ' Date ' Node1  | success | rc=0 >>thu jan 21 16:43:37 hkt 2016node2  | success | rc=0 >>thu jan 21 16:43:37 hkt 2016 Host Trust [[ email protected] ~]# ssh-keygen -t rsa[[email protected] ~]#  Ssh-copy-id -i /root/.ssh/id_rsa.pub node2[[email protected] ~]# ssh-keygen  -t rsa[[email protEcted] ~]# ssh-copy-id -i /root/.ssh/id_rsa.pub node1 Install the required program # ansible  haproxy -m shell -a  ' yum -y install haproxy keepalived ' 1, Configure Keepalived to modify the keepalived[ro[email protected] keepalived]# cp keepalived.conf{on the Node1 node. Bak}[[email protected] keepalived]# lskeepalived.conf  keepalived.conf.bak[[email  protected] keepalived]# vim keepalived.confvrrp_instance VI_1 {          #定义VRRP实例, instance name customization     state MASTER              #指定keepalived的角色, master Primary server, backup as standby server      interface eth0           #指定HA监测的接口     virtual_router_id 61     #虚拟路由标识 (1-255), the primary and standby server IDs must be the same in a VRRP instance     priority 100             #优先级, the higher the number, the higher the priority, the master must be larger than the standby      advert_int 1             #设置主备之间同步检查时间间隔, units per second     authentication {         #设置验证类型和密码          auth_type PASS       #验证类型          auth_pass 12345678   #设置验证密码, master password    in the same instance   }    virtual_ipaddress {         192.168.9.8}[[email protected] keepalived]# scp keepalived.conf node2:/etc/ keepalivedkeepalived.conf                                       100%  515     0.5kb/s   00:00 Modify the Keepalivedvrrp_instance on the Node2 node  VI_1 {    state BACKUP    interface eth0     virtual_router_id 61    priority 98     advert_int 1    authentication {         auth_type pass        auth_pass 12345678     }    virtual_ipaddress {         192.168.9.8}# ansible haproxy -m shell -a  ' Service keepalived start ' node1 | success | rc=0 >>starting keepalived: [  ok   ]node2 | success | rc=0 >>starting keepalived: [  ok   ]# ansible haproxy -m shell -a  ' Ip addr show ' node2 | success | rc=0  >>1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue  state unknown     link/loopback 00:00:00:00:00:00 brd  00:00:00:00:00:00    inet 127.0.0.1/8 scope host lo     inet6 ::1/128 scope host        valid_lft  Forever preferred_lft forever2: eth0: <broadcast,multicast,up,lower_up> mtu  1500 qdisc pfifo_fast state up qlen 1000    link/ether  00:0c:29:a3:a6:aa brd ff:ff:ff:ff:ff:ff    inet 192.168.9.7/22  Brd 192.168.11.255 scope global eth0    inet6 fe80::20c:29ff:fea3 : a6aa/64 scope link         valid_lft forever preferred_lft forevernode1 |  success | rc=0 >>1: lo: <loopback,up,lower_up> mtu 16436  qdisc noqueue state UNKNOWN     link/loopback  00:00:00:00:00:00 brd 00:00:00:00:00:00    inet 127.0.0.1/8 scope  host lo    inet6 ::1/128 scope host         valid_lft forever preferred_lft forever2: eth0: <broadcast ,multicast,up,lower_up> mtu 1500 qdisc pfifo_fast state up qlen  1000    link/ether 00:0c:29:20:16:2e brd ff:ff:ff:ff:ff:ff     inet 192.168.9.6/22 brd 192.168.11.255 scope global eth0     inet 192.168.9.8/32 sCope global eth0    inet6 fe80::20c:29ff:fe20:162e/64 scope link         valid_lft forever preferred_lft forever        ## #可以看出VIP在node1上2, Configuration Haproxy

This article is from "Zhang Qiang" blog, please be sure to keep this source http://79076431.blog.51cto.com/8977042/1737210

Haproxy based on keepalived for web high availability and static and dynamic separation