Haproxy通过结合Keepalived实现负载均衡器节点的高可用
环境介绍:CentOS 6.5平台 Haproxy1:10.10.10.128/24 Haproxy2:10.10.10.129/24 web1:10.10.10.130/24 web2:10.10.10.131/24 VIP:10.10.10.100/24
部署前准备: 1、时间同步: ntpdate ntp1.aliyun.com 2、防火墙策略: service iptables stop chkconfig iptables off 3、SELinux策略: sed -i 's#SELINUX=enforcing#SELINUX=disabled#' /etc/selinux/config 4、更换国内yum源: wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-6.repo yum clean all yum makecache 5、重启服务器 reboot
web服务器配置: 1、安装httpd服务 yum install httpd -y 2、修改配置文件:/etc/httpd/conf/httpd.conf ..... Listen 8080 ServerName 10.10.10.130:8080 #web1 ServerName 10.10.10.131:8080 #web2 3、修改web主页:/var/www/html/index.html echo "web1" >/var/www/html/index.html #web1 echo "web2" >/var/www/html/index.html #web2 4、启动web服务: service httpd start chkconfig httpd on 5、验证服务是否正常: lsof -i:8080 curl 10.10.10.130:8080 #返回web1 curl 10.10.10.131:8080 #返回web2
Haproxy服务器配置: 1、安装Haproxy服务 yum install haproxy -y 2、修改配置文件:/etc/haproxy/haproxy.cfg cp /etc/haproxy/haproxy /etc/haproxy/haproxy.cfg.bak vim /etc/haproxy/haproxy.cfg ......... ......... #--------------------------------------------------------------------- # main frontend which proxys to the backends #--------------------------------------------------------------------- frontend main bind 0.0.0.0:80 acl url_static path_beg -i /static /images /javascript /stylesheets acl url_static path_end -i .jpg .gif .png .css .js
use_backend static if url_static default_backend dynamic
#--------------------------------------------------------------------- # static backend for serving up images, stylesheets and such #--------------------------------------------------------------------- backend static balance roundrobin server static 127.0.0.1:80 check
#--------------------------------------------------------------------- # round robin balancing between the various backends #--------------------------------------------------------------------- backend dynamic balance roundrobin server web1 10.10.10.130:8080 check maxconn 2000 server web2 10.10.10.131:8080 check maxconn 2000
3、检测配置文件是否正确: haproxy -c -f /etc/haproxy/haproxy.cfg
4、启动Haproxy service haproxy start chkconfig haproxy on 5、验证是否正常解析: curl 10.10.10.128 //重复两次,分别显示web1和web2 curl 10.10.10.129 //重复两次,分别显示web1和web2
Keepalived配置: 1、安装keepalived服务: yum -y install keepalived 2、修改配置文件: #MASTER端: ! Configuration File for keepalived #定义检查脚本 vrrp_script check_haproxy { script "/etc/keepalived/check_haproxy.sh" interval 2 weight 2 } global_defs { notification_email { root@localhost } notification_email_from keepalived@localhost smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id haproxy1 }
vrrp_instance ha1 { state MASTER interface eth0 virtual_router_id 51 priority 100 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 10.10.10.100/24 dev eth0 } track_script{ check_haproxy } }
#BACKUP端: ......... router_id haproxy2 #修改虚拟路由的ID state BACKUP #修改角色 priority 80 #修改优先级
重启各服务: service keepalived restart service haproxy restart
验证: ip addr 发现虚拟ip:10.10.10.100在MASTER端 访问10.10.10.100正常
/etc/keepalived/check_haproxy.sh
#!/bin/bash A=`ps -C haproxy --no-header |wc -l` if [ $A -eq 0 ];then /etc/init.d/keepalived stop fi
验证Haproxy Keepalived服务的可靠性:
web端:关闭web1的httpd服务,service httpd stop curl 10.10.10.100 #正常返回web2 Haproxy端:关闭haproxy1的keepalived服务,service keepalived stop curl 10.10.10.100 #正常轮询返回web1/web2 通过ip addr 可以查看 VIP漂移到Haproxy2中
