標籤:haproxy 雙主模型 高可用負載平衡 keepalived
1、本文的架構圖:
650) this.width=650;" src="http://s3.51cto.com/wyfs02/M00/25/90/wKioL1Nki0jiTqeUAAE35qbWq7g043.jpg" title="haproxy、keepalived.png" alt="wKioL1Nki0jiTqeUAAE35qbWq7g043.jpg" />
闡述各伺服器用途:
1、haproxy在本構架中實現的是:負載平衡
2、keepalived實現對haproxy的高可用
3、apache static 實現靜態頁面的訪問
4、aoache dynamic實現動態網頁面的訪問,圖中有兩個是實現負載平衡的
配置各功能模組:
一、配置haproxy和keepalived
驗證:
1、當一台keepalived宕機後,VIP會不會轉移到另外一台伺服器
2、當一台haproxy服務出故障,VIP會不會轉移到另外一台伺服器
注意:
那如果keepalived宕機了,haproxy服務還正常運行,我們要不要讓另外一台伺服器把VIP奪過去呢?
理論上來講:最好不要,但是我們的keepalived中的指令碼監控著haproxy的進程,keepalived宕機之後,就無從得知haproxy的健康狀態,也不能決定自己的優先權priority降不降低了。所以,理論上來講最好不要,但是實際中光靠keepalived是做不到的。
配置:
1、給兩台伺服器分別安裝上keepalived
[[email protected] ~]# yum -y install keepalived
2、配置keepalived
[[email protected] ~]# vim /etc/keepalived/keepalived.conf! Configuration File for keepalivedglobal_defs { notification_email { [email protected] 佈建服務狀態變化發送郵件到哪個地址 } notification_email_from [email protected] smtp_server 127.0.0.1 給哪個smtp伺服器發郵件 smtp_connect_timeout 30 聯絡上面smtp伺服器30秒聯絡不上,就逾時 router_id LVS_DEVEL}vrrp_script chk_haproxy { 本指令碼是用來檢測該伺服器上haproxy服務的健康狀態的 script "killall -0 haproxy" interval 1 weight -2}vrrp_instance VI_1 { state MASTER 這太伺服器為主的keepalived interface eth0 通過eth0網卡廣播 virtual_router_id 200 虛擬路由id要改,如果在一個區域網路中有多個keepalived叢集 priority 100 優先順序 advert_int 1 authentication { auth_type PASS auth_pass 11112222 } track_script { chk_haproxy } virtual_ipaddress { 192.168.1.200 原生虛擬IP } notify_master "/etc/keepalived/notify.sh master" 各不用狀態下啟動並執行指令碼 notify_backup "/etc/keepalived/notify.sh backup" notify_fault "/etc/keepalived/notify.sh fault"}vrrp_instance VI_2 { 另外一台主keepalived的從 state BACKUP interface eth0 virtual_router_id 57 priority 99 設定要比另外一台主keepalived的優先順序低 advert_int 1 authentication { auth_type PASS auth_pass 1111 } track_script { chk_mantaince_down } virtual_ipaddress { 192.168.1.201 }}
3、寫keepalived處在不同狀態下所啟動並執行指令碼
#!/bin/bash# Author: MageEdu <[email protected]># description: An example of notify script#vip=192.168.1.200contact=‘[email protected]‘notify() { mailsubject="`hostname` to be $1: $vip floating" mailbody="`date ‘+%F %H:%M:%S‘`: vrrp transition, `hostname` changed to be $1" echo $mailbody | mail -s "$mailsubject" $contact} case "$1" in master) notify master /etc/rc.d/init.d/haproxy start exit 0 ;; backup) notify backup /etc/rc.d/init.d/haproxy stop exit 0 ;; fault) notify fault /etc/rc.d/init.d/haproxy stop exit 0 ;; *) echo ‘Usage: `basename $0` {master|backup|fault}‘ exit 1 ;;esac給指令碼以執行許可權:chmod +x /etc/keepalived/notify.sh
4、配置haproxy
因為要實現動靜分離,那麼我們在設定檔中,就要定義動態資源靜態資源轉移到不同的服務上去
[[email protected] ~]# yum -y install haproxy 安裝haproxy[[email protected] ~]# vim /etc/haproxy/haproxy.cfg # log 127.0.0.1 local2 chroot /var/lib/haproxy pidfile /var/run/haproxy.pid maxconn 4000 user haproxy group haproxy daemon # turn on stats unix socket stats socket /var/lib/haproxy/stats#---------------------------------------------------------------------# common defaults that all the ‘listen‘ and ‘backend‘ sections will# use if not designated in their block#---------------------------------------------------------------------defaults mode http 指定haproxy工作模式為http log global option httplog option dontlognull option http-server-close 當用戶端逾時時,允許服務端中斷連線 option forwardfor except 127.0.0.0/8 在http的回應標頭部加入forwardfor option redispatch #在使用了基於cookie的會話保持的時候,通常加這麼一項,一旦後端某一server宕機時,能夠將其會話重新派發到其它的upstream servers retries 3 timeout http-request 10s timeout queue 1m timeout connect 10s timeout client 1m timeout server 1m timeout http-keep-alive 10s timeout check 10s maxconn 3000#---------------------------------------------------------------------# main frontend which proxys to the backends#---------------------------------------------------------------------frontend main *:80 前端代理 acl url_static path_beg -i /static /images /javascript /stylesheets acl url_static path_end -i .jpg .gif .png .css .js acl url_dynamic path_end -i .php use_backend static if url_static default_backend dynamic#---------------------------------------------------------------------# static backend for serving up images, stylesheets and such#---------------------------------------------------------------------backend static 後端的靜態請求響應 balance roundrobin server static 192.168.1.100:80 inter 3000 rise 2 fall 3 check maxconn 5000#---------------------------------------------------------------------# round robin balancing between the various backends#---------------------------------------------------------------------backend dynamic 後端的動態請求響應 balance roundrobin server dynamic1 192.168.1.101:80 inter 3000 rise 2 fall 3 check maxconn 5000 server dynamic2 192.168.1.102:80 inter 3000 rise 2 fall 3 check maxconn 5000listen statistics mode http bind *:8080~ stats enable stats auth admin:admin stats uri /admin?stats 指定URI的訪問路徑 stats admin if TRUE stats hide-version stats refresh 5s acl allow src 192.168.0.0/24 定義存取控制清單 tcp-request content accept if allow tcp-request content reject
5、配置另外一台haproxy伺服器
因為兩台伺服器的配置大體相同,我們就直接講以上配置好的複製檔案和指令檔都傳到這台haproxy伺服器上,做下修就可以了
[[email protected] ~]# scp /etc/keepalived/keepalived.conf [email protected]:/etc/keepalived/[email protected]‘s password:keepalived.conf 100% 4546 4.4KB/s 00:00 [[email protected] ~]# scp /etc/keepalived/notify.sh [email protected]:/etc/keepalived/[email protected]‘s password:notify.sh 100% 751 0.7KB/s 00:00 [[email protected] ~]# scp /etc/haproxy/haproxy.cfg [email protected]:/etc/haproxy/[email protected]‘s password:haproxy.cfg 100% 3529 3.5KB/s 00:00
傳輸完成,接著來配置 /etc/keepalived/keepalived.conf 因為兩個節點上的/etc/haproxy/haproxy.cfg相同不用更改
interface eth0! Configuration File for keepalivedglobal_defs { notification_email { [email protected] } notification_email_from [email protected] smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id LVS_DEVEL}vrrp_script chk_haproxy { script "killall -0 haproxy" interval 1 weight -2}vrrp_instance VI_1 { state BACKUP 這台把master改成 backup interface eth0 virtual_router_id 200 priority 99 優先順序調的比上一個低 advert_int 1 authentication { auth_type PASS auth_pass 11112222 } track_script { chk_haproxy } virtual_ipaddress { 192.168.1.200 }}vrrp_instance VI_2 { state MASTER 本台的這個要調成MASTER,上個是backup interface eth0 virtual_router_id 57 priority 100 這個優先順序也要高於上個 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.1.201 } notify_master "/etc/keepalived/notify.sh master" notify_backup "/etc/keepalived/notify.sh backup" notify_fault "/etc/keepalived/notify.sh fault"}
注意:
notify_master
"/etc/keepalived/notify.sh master"
notify_backup
"/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
3個狀態分別要執行的指令碼,只能放在 MASTER中,原因是:因為是互為主從,每個主的都會有個另外一個主的從,如果
把這 “3個狀態執行指令碼” 寫入到從的地區中,那麼另外一個主的從狀態就會執行這個指令碼,因為就會停掉所要高可用的
程式,這就造成了,兩個VIP全部轉移到其中一個伺服器上去。
我們來驗證下,如果keepalived和haproxy分別宕機,vip會不會轉移:
在兩個節點上都啟動 keepalived和haproxy服務
[[email protected] ~]# service haproxy startStarting haproxy: [ OK ][[email protected] ~]# service keepalived startStarting keepalived: [ OK ]
以下為正常情況:
keepalived 1:
650) this.width=650;" src="http://s3.51cto.com/wyfs02/M00/25/90/wKiom1Nkl9uBLSLkAAI7Nv82x7o994.jpg" title="111.png" alt="wKiom1Nkl9uBLSLkAAI7Nv82x7o994.jpg" />
keepalived 2:
650) this.width=650;" src="http://s3.51cto.com/wyfs02/M02/25/90/wKioL1Nkl--RJs-GAAHu-Fe95vg162.jpg" title="222.jpg" alt="wKioL1Nkl--RJs-GAAHu-Fe95vg162.jpg" />
我們來類比讓第一個haproxy停止掉,再看下,VIP會不會全到 keepalived 2上面去:
[[email protected] ~]# service haproxy stopStopping haproxy: [ OK ]
查看keepalived 1 和 keepalived 2
650) this.width=650;" src="http://s3.51cto.com/wyfs02/M01/25/91/wKioL1NksZLBURk8AAH68TIiVaw151.jpg" title="11111.png" alt="wKioL1NksZLBURk8AAH68TIiVaw151.jpg" />
650) this.width=650;" src="http://s3.51cto.com/wyfs02/M02/25/91/wKioL1NksbmgAwBPAAGZbYr2wF4250.jpg" title="111111.png" alt="wKioL1NksbmgAwBPAAGZbYr2wF4250.jpg" />
看,都過來了。。。。
驗證負載平衡很動靜分離
我們給3個web服務不同的網頁
1、給apache static一個靜態頁面,來驗證如果請求的不是以 .php結尾的網頁檔案都定向到這太伺服器上來
2、給apache dynamic 1 、2 分別兩個 index.php ,實現對動態網頁的負載平衡
我們給apache static 一個符合-i .jpg .gif .png .css .js的網頁,就給個圖片網頁吧
apache static
scp 1.png [email protected]:/var/www/html
apache dynamic 1
vim /var/www/html/index.php192.168.1.101<?php phpinfo();?>
apache dynamic 2
vim /var/www/html/index.php192.168.1.102<?php phpinfo();?>
1、我們來請求 1.png 結尾的靜態檔案
650) this.width=650;" src="http://s3.51cto.com/wyfs02/M02/25/91/wKiom1Nkw6uDu_vyAAHCiPEKG6g430.jpg" title="static.png" alt="wKiom1Nkw6uDu_vyAAHCiPEKG6g430.jpg" />
2、我們來請求 .php結尾的頁面
650) this.width=650;" src="http://s3.51cto.com/wyfs02/M02/25/91/wKioL1NkxHDg_K8DAAFLVYOf_d4414.jpg" title="dh.png" alt="wKioL1NkxHDg_K8DAAFLVYOf_d4414.jpg" />
650) this.width=650;" src="http://s3.51cto.com/wyfs02/M00/25/91/wKioL1NkxIfym9afAAE52TC8wJ8462.jpg" title="dh2.png" alt="wKioL1NkxIfym9afAAE52TC8wJ8462.jpg" />
如此看來,已經對以.php的動態網頁面做了負載平衡了
我們再通過 192.168.1.201 這個虛擬 ip 訪問試試:
650) this.width=650;" src="http://s3.51cto.com/wyfs02/M00/25/91/wKiom1NkxeKzjSWPAAFM55WLzgs165.jpg" title="dh.png" alt="wKiom1NkxeKzjSWPAAFM55WLzgs165.jpg" />
650) this.width=650;" src="http://s3.51cto.com/wyfs02/M02/25/91/wKioL1Nkxe-jm0ZaAAEqNN02zgU592.jpg" title="dh.png" alt="wKioL1Nkxe-jm0ZaAAEqNN02zgU592.jpg" />
由此看來,也實現了雙主模型了,兩個haproxy同時可以服務了。。。
3、我們來看看狀態頁面
650) this.width=650;" src="http://s3.51cto.com/wyfs02/M02/25/91/wKiom1Nkx9_B57xfAAEctjJMZnc262.jpg" title="dh.png" alt="wKiom1Nkx9_B57xfAAEctjJMZnc262.jpg" />
650) this.width=650;" src="http://s3.51cto.com/wyfs02/M01/25/91/wKioL1Nkx8nz0IfTAAEa74C_zWI937.jpg" title="dh2.png" alt="wKioL1Nkx8nz0IfTAAEa74C_zWI937.jpg" />
650) this.width=650;" src="http://s3.51cto.com/wyfs02/M02/25/91/wKioL1Nkx9iAeZsaAAeekRUkLfg471.jpg" title="dh1.png" alt="wKioL1Nkx9iAeZsaAAeekRUkLfg471.jpg" />
本文出自 “linux營運” 部落格,請務必保留此出處http://xz159065974.blog.51cto.com/8618592/1405812
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
