http高可用+负载均衡 corosync + pacemaker + pcs

时间:2022-12-03 03:20:28
http高可用+负载均衡 corosync + pacemaker + pcs
openstack pike 部署 目录汇总 http://www.cnblogs.com/elvi/p/7613861.html
#http高可用+负载均衡pacemaker+haproxy
#http+corosync+pacemaker+pcs+haproxy

#ssh免密验证,必须设置http://www.cnblogs.com/elvi/p/7736521.html

########################
#所有控制节点 
#安装Pacemake Corosync
yum install corosync pacemaker pcs fence-agents resource-agents -y
yum install haproxy httpd -y
#启动pcsd
systemctl enable pcsd.service
systemctl start pcsd.service
#修改群集用户hacluster密码
echo centos | passwd --stdin hacluster

#http设置
cp /etc/httpd/conf/httpd.conf{,.bak}
sed -i 's#^Listen 80#Listen 8080#'  /etc/httpd/conf/httpd.conf
echo "ServerName `hostname`:8080">>/etc/httpd/conf/httpd.conf
tail -1 /etc/httpd/conf/httpd.conf
systemctl start httpd.service
netstat -antp|grep httpd

echo `hostname`>/var/www/html/index.html #测试主页

########################
#其中一节点执行 controller1

#创建、启动my_cluster集群
pcs cluster auth -u hacluster -p centos controller1 controller2 controller3
pcs cluster setup --start --name my_cluster controller1 controller2 controller3
pcs cluster enable --all #集群自启动
#pcs cluster start  --all # 启动集群
pcs cluster status #集群状态

#检验
corosync-cfgtool -s             #验证corosync
corosync-cmapctl| grep members  #查看成员
pcs status corosync             #查看corosync状态

crm_verify -L -V  #检查配置

pcs property set stonith-enabled=false  #禁用STONITH
pcs property set no-quorum-policy=ignore   #无仲裁时,选择忽略

#创建 VIP 资源
pcs resource create vip ocf:heartbeat:IPaddr2 ip=10.2.1.10 cidr_netmask=24 op monitor interval=28s
# pcs resource rsc defaults resource-stickiness=100

# ### 可选参考
# pcs resource create haproxy systemd:haproxy op monitor interval=5s
# pcs constraint colocation add vip haproxy INFINITY  #HAProxy和VIP必须在同一节点
# pcs constraint order vip then haproxy   #先启动VIP,再启动HAProxy
#添加到群集
#pcs resource create WEB apache configfile="/etc/httpd/conf/httpd.conf" statusurl="http://127.0.0.1/server-status"
# #创建group作为一个整体
# pcs resource group add MyGroup vip
# pcs resource group add MyGroup WEB

############haproxy配置,所有节点执行

#允许没VIP时启动
echo "net.ipv4.ip_nonlocal_bind = 1" >>/etc/sysctl.conf
sysctl -p

#haproxy日志
echo '
$ModLoad imudp
$UDPServerRun 514
$template Haproxy,"%rawmsg% \n"
local0.=info -/var/log/haproxy.log;Haproxy
local0.notice -/var/log/haproxy-status.log;Haproxy
'>/etc/rsyslog.d/haproxy.conf
systemctl status rsyslog.service
systemctl restart rsyslog.service

cp /etc/haproxy/haproxy.cfg{,.bak}
#默认配置
echo '
###########全局配置#########  
    global
    log 127.0.0.1 local0
    log 127.0.0.1 local1 notice
    daemon
    nbproc 1 #进程数量 
    maxconn 4096 #最大连接数 
    user haproxy #运行用户  
    group haproxy #运行组 
    chroot /var/lib/haproxy
    pidfile /var/run/haproxy.pid
########默认配置############ 
    defaults
    log global
    mode http            #默认模式{ tcp|http|health }
    option httplog       #日志类别,采用httplog
    option dontlognull   #不记录健康检查日志信息  
    retries 2            #2次连接失败不可用
    option forwardfor    #后端服务获得真实ip
    option httpclose     #请求完毕后主动关闭http通道
    option abortonclose  #服务器负载很高,自动结束比较久的链接  
    maxconn 4096         #最大连接数  
    timeout connect 5m   #连接超时  
    timeout client 1m    #客户端超时  
    timeout server 31m   #服务器超时  
    timeout check 10s    #心跳检测超时  
    balance roundrobin   #负载均衡方式,轮询 
########统计页面配置########
    listen stats  
    bind 0.0.0.0:1080 
    mode http
    option httplog
    log 127.0.0.1 local0 err  
    maxconn 10      #最大连接数  
    stats refresh 30s
    stats uri /admin         #状态页面 http//ip:1080/admin访问  
    stats realm Haproxy\ Statistics
    stats auth admin:admin   #用户和密码:admin
    stats hide-version       #隐藏版本信息  
    stats admin if TRUE      #设置手工启动/禁用
'>/etc/haproxy/haproxy.cfg

#haproxy web代理配置
echo '
########WEB############  
listen dashboard_cluster  
  bind controller:80
  balance  roundrobin  
  option  tcpka  
  option  httpchk  
  option  tcplog  
  server controller1 controller1:8080 check port 8080 inter 2000 rise 2 fall 5
  server controller2 controller2:8080 check port 8080 inter 2000 rise 2 fall 5
  server controller3 controller3:8080 check port 8080 inter 2000 rise 2 fall 5
'>>/etc/haproxy/haproxy.cfg
#重启haproxy
systemctl restart haproxy.service
systemctl status haproxy.service
#systemctl disable haproxy.service

#登录状态页面 http//ip:1080/admin  查看