HAProxy16+keepalived部署方法.docx
《HAProxy16+keepalived部署方法.docx》由会员分享,可在线阅读,更多相关《HAProxy16+keepalived部署方法.docx(14页珍藏版)》请在冰豆网上搜索。
HAProxy16+keepalived部署方法
HAProxy1.6+keepalived部署方法
修改记录
编号
日期
描述
版本
作者
审核
发布日期
1
2016/6/28
初稿
1.0
夏裕太
1
目录
1环境1
2准备1
3安装(此步骤需同时在247,248机器执行)1
4开启路由转发(此步骤需同时在247,248机器执行)3
5设置虚拟IP(此步骤需同时在244,245机器执行)3
6配置keepalived4
6.1master4
6.2slave配置5
7haproxy的安装7
8创建配置文件和启动文件7
9配置HAProxy7
10启动HAProxy9
11配置关联HAProxy启动脚本9
1环境
Centos:
5.7
HAProxy-Master:
10.1.1.247
HAProxy-Backup:
10.1.2.248
VIP:
10.1.1.240
RealServer1:
10.1.1.242
RealServer1:
10.1.1.1.243
2准备
haproxy-1.6.6.tar.gz
keepalived-1.2.21.tar.gz
3安装(此步骤需同时在247,248机器执行)
[root@localhostopt]#yum-yinstallpoptpopt-devellibnllibnl-develpopt-staticlibnfnetlinklibnfnetlink-developensslopenssl-devel
[root@localhostopt]#cd/data/software
[root@localhostsoftware]#tar-zxvfkeepalived-1.2.21.tar.gz
[root@localhostsoftware]#cdkeepalived-1.2.21
#安装地址不要乱改
[root@MGM1keepalived-1.2.21]#./configure--sysconf=/etc--prefix=/usr/local/keepalived
[root@MGM1keepalived-1.2.21]#make&&makeinstall
4开启路由转发(此步骤需同时在247,248机器执行)
[root@localhostkeepalived-1.2.21]#cat/proc/sys/net/ipv4/ip_forward
1
[root@localhostkeepalived-1.2.21]#echo1>/proc/sys/net/ipv4/ip_forward
[root@CentOS-LVS_MASTER ~]#vim/etc/sysctl.conf
net.ipv4.ip_forward=1
5设置虚拟IP(此步骤需同时在244,245机器执行)
首先查看一下现有网卡的IP地址,用root特权运行下面的命令
[root@localhost~]#ipaddr
从上面的详细信息中,可以看到服务器的网卡名是eno16777736,ip地址是10.1.1.245。
网卡的配置文件存储在/etc/sysconfig/network-scripts/目录下。
每个网卡的详细内容将会以不同的名字存储,比如ifcfg-eno16777736。
打开此配置文件,并且再添加一个IP地址
编辑文件vi/etc/sysconfig/network-scripts/ifcfg-eno16777736
像下面那样加入额外的IP地址。
IPADDR2=10.1.1.240
NETMASK2=255.255.255.0
重启网络服务来使更改生效。
[root@localhost~]#systemctlrestartnetwork
6配置keepalived
[root@localhost~]#vim/etc/keepalived/keepalived.conf#LVS的端口须与realserver端口一致
分别配置master和slave
6.1master
global_defs{
notification_email{
admin@centos.bz
}
notification_email_fromkeepalived@
smtp_server127.0.0.1
smtp_connect_timeout30
router_idLVS_DEVEL
}
vrrp_scriptchk_http_port{
script"/data/program/keepalived/keepalived/check_haproxy.sh"
interval2
weight2
}
vrrp_instanceVI_1{
stateMASTER############辅机为BACKUP
interfaceeno16777736
virtual_router_id51
mcast_src_ip10.1.1.1.247
priority150###########权值要比back高
advert_int1
authentication{
auth_typePASS
auth_pass1111
}
track_script{
chk_http_port###执行监控的服务
}
virtual_ipaddress{
10.1.1.240
}
}
vrrp_instanceVI_2{
stateBACKUP
interfaceeno16777736
virtual_router_id52
priority99
advert_int1
authentication{
auth_typePASS
auth_pass1111
}
virtual_ipaddress{
10.1.1.240
}
}
6.2slave配置
global_defs{
notification_email{
admin@centos.bz
}
notification_email_fromkeepalived@
smtp_server127.0.0.1
smtp_connect_timeout30
router_idLVS_DEVEL
}
vrrp_scriptchk_http_port{
script"/data/program/keepalived/keepalived/check_haproxy.sh"
interval2
weight2
}
vrrp_instanceVI_1{
stateBACKUP############主机为MASTER
interfaceeno16777736
virtual_router_id51
mcast_src_ip10.1.1.248
priority99###########权值要比master低
advert_int1
authentication{
auth_typePASS
auth_pass1111
}
track_script{
chk_http_port###执行监控的服务
}
virtual_ipaddress{
10.1.1.240
}
}
vrrp_instanceVI_2{
stateMASTER
interfaceeno16777736
virtual_router_id52
priority100
advert_int1
authentication{
auth_typePASS
auth_pass1111
}
virtual_ipaddress{
10.1.1.240
}
}
7haproxy的安装
[root@MGM1keepalived-1.2.21]#cd/data/software
[root@MGM1software]#tar-zxvfhaproxy-1.6.6.tar.gz
[root@NDB1software]#cdhaproxy-1.6.6
#查看版本看,此处为3.10
[root@MGM1haproxy-1.6.6]#uname-a
LinuxMGM13.10.0-327.el7.x86_64#1SMPThuNov1922:
10:
57UTC2015x86_64x86_64x86_64GNU/Linux
#编译,标红处于上面的3.1版本需匹配
[root@MGM1haproxy-1.6.6]#makeTARGET=linux31PREFIX=/data/program/haproxy
#安装
[root@MGM1haproxy-1.6.6]#makeinstallPREFIX=/data/program/haproxy
install-d"/data/program/haproxy/sbin"
installhaproxy"/data/program/haproxy/sbin"
install-d"/data/program/haproxy/share/man"/man1
install-m644doc/haproxy.1"/data/program/haproxy/share/man"/man1
install-d"/data/program/haproxy/doc/haproxy"
forxinconfigurationmanagementarchitecturecookie-optionsluaproxy-protocollinux-syn-cookiesnetwork-namespacesclose-optionsintro;do\
install-m644doc/$x.txt"/data/program/haproxy/doc/haproxy";\
8创建配置文件和启动文件
[root@MGM1sbin]#cd/data/software/haproxy-1.6.6/
[root@MGM1haproxy-1.6.6]#cpexamples/haproxy.init/etc/init.d/haproxy
[root@MGM1haproxy-1.6.6]#chmod+x/etc/init.d/haproxy
[root@MGM1haproxy-1.6.6]#ln-s/usr/local/sbin/haproxy/usr/sbin/
9配置HAProxy
[root@MGM1haproxy-1.6.6]#cd/data/program/haproxy
[root@MGM1haproxy]#mkdirconflogs
[root@MGM1conf]#cdconf
[root@MGM1conf]#vihaproxy.cfg
#将以下内容拷贝到该文件中去
global
log127.0.0.1local0
log127.0.0.1local1notice
#logloghostlocal0info
maxconn4096
chroot/data/program/haproxy/
uid0
gid0
daemon
#debug
#quiet
defaults
logglobal
modehttp
optionhttplog
optiondontlognull
optionredispatch
optionabortonclose
retries3
maxconn2000
contimeout5000
clitimeout50000
srvtimeout50000
timeoutcheck5s
statsrefresh30s
statsuri/stats
statsrealmbaison-test-Haproxy
statsauthadmin:
admin123
statshide-version
frontendwww
bind*:
80
aclwebhdr(host)-i10.1.1.240
use_backendwebserverifweb
backendwebserver
modehttp
balanceroundrobin
optionhttpchk/index.html
serverweb0110.1.1.242:
8081checkinter2000fall3weight30
serverweb0110.1.1.243:
8081checkinter2000fall3weight20
10配置关联HAProxy启动脚本
[root@MGM1keepalived-1.2.21]#vi/data/program/keepalived/keepalived/check_haproxy.sh
#将以下内容拷贝到文件中
#!
/bin/bash
if[$(ps-Chaproxy--no-header|wc-l)-eq0];then
/data/program/haproxy/sbin/haproxy-f/data/program/haproxy/conf/haproxy.cfg
fi
sleep2
if[$(ps-Chaproxy--no-header|wc-l)-eq0];then
/etc/init.d/keepalivedstop
fi
11启动HAProxy
#启动
[root@MGM1haproxy-1.6.6]#/data/program/haproxy/sbin/haproxy-f/data/program/haproxy/conf/haproxy.cfg
#重启
[root@MGM1haproxy-1.6.6]#/data/program/haproxy/sbin/haproxy-f/data/program/haproxy/conf/haproxy.cfg-st
#访问http:
//10.1.1.247/stats,用户名和密码为上述配置文件所设,为admin/admin123
12将keepalived做成启动服务,方便管理(此步骤需同时在247,248机器执行)
[root@localhost~]#cp/usr/local/keepalived/sbin/keepalived/usr/sbin/
[root@localhostkeepalived-1.2.21]#/etc/init.d/keepalivedstart//启动LVS服务
[root@localhostkeepalived-1.2.21]#/etc/init.d/keepalivedstop//停止LVS服务
13启动两台realserver
http:
//10.1.1.242:
8081/
http:
//10.1.1.243:
8081/
通过VIP访问,http:
10.1.1.240
通过不断刷新,可以明显看到在242/243之间切换
同时我们也可以看到HAProxy关于这两台realserver的状态,目前都是正常启动的