Haproxy + keepalived 高可用负载均衡解决方案

时间:2021-08-08 03:05:54

IP 信息列表:

名称     IP
-----------------------------------
VIP      192.168.200.254
Haproxy-1    192.168.200.202
Haproxy-2    192.168.200.204
Nginx1     192.168.200.202
Nginx2     192.168.200.203


1、在Nginx1/2上编译安装nginx服务
1.1首先安装Nginx1
[root@Nginx-1 ~]# yum -y install pcre-devel zlib-devel
[root@Nginx-1 ~]# useradd -M -s /sbin/nologin  nginx
[root@Nginx-1 ~]# tar xf nginx-1.6.2.tar.gz -C /usr/src
[root@Nginx-1 ~]# cd /usr/src/nginx-1.6.2
[root@Nginx-1 nginx-1.6.2]# ./configure --prefix=/usr/local/nginx --user=nginx --group=nginx && make && make install
[root@Nginx-1 nginx-1.6.2]# cd /usr/local/nginx/html/
[root@Nginx-1 html]# echo "server 192.168.200.202" > index.html
[root@Nginx-1 html]# /usr/local/nginx/sbin/nginx
[root@Nginx-1 html]# netstat -anpt |grep nginx
tcp        0      0 0.0.0.0:80                  0.0.0.0:*                   LISTEN      4503/nginx 

1.2安装Nginx2, 同Nginx1搭建方式是一样的。
与Nginx1唯一不同的是:
[root@Nginx-2 html]# echo "server 192.168.200.203" > index.html


2.安装Haproxy-1与Haproxy-2 两台机器配置一致:
[root@Haproxy-1 ~]# yum -y install pcre-devel bzip2-devel
[root@Haproxy-1 ~]# tar xf haproxy-1.4.24.tar.gz -C /usr/src/
[root@Haproxy-1 ~]# cd /usr/src/haproxy-1.4.24/
[root@Haproxy-1 haproxy-1.4.24]# make TARGET=linux26 && make install

2.1Haproxy服务器配置
建立haproxy的配置目录及文件
[root@Haproxy-1 haproxy-1.4.24]# mkdir /etc/haproxy
[root@Haproxy-1 haproxy-1.4.24]# cp examples/haproxy.cfg /etc/haproxy/

2.2 haproxy配置项的介绍
haproxy的配置文件通常分为三部分: global(全局配置部分) defaults(默认配置部分) listen(应用组件部分)

[root@Haproxy-1 ~]# vim /etc/haproxy/haproxy.cfg
# this config needs haproxy-1.1.28 or haproxy-1.2.1

global
 log 127.0.0.1 local0
 log 127.0.0.1 local1 notice
 #log loghost local0 info
 maxconn 4096
 #chroot /usr/share/haproxy
 uid 99
 gid 99
 daemon
 #debug
 #quiet

defaults
 log global
 mode http
 option httplog
 option dontlognull
 retries 3
 #redispatch
 maxconn 2000
 contimeout 5000
 clitimeout 50000
 srvtimeout 50000

listen web-cluster 0.0.0.0:80
 option httpchk GET /index.html
 balance roundrobin
 server inst1 192.168.200.202:80 check inter 2000 fall 3
 server inst2 192.168.200.203:80 check inter 2000 fall 3


2.3 创建自启动脚本
[root@Haproxy-1 ~]# cp /usr/src/haproxy-1.4.24/examples/haproxy.init /etc/init.d/haproxy
[root@Haproxy-1 ~]# ln -s /usr/local/sbin/haproxy /usr/sbin/haproxy
[root@Haproxy-1 ~]# chmod +x /etc/init.d/haproxy
[root@Haproxy-1 ~]# /etc/init.d/haproxy start
Starting haproxy:                                          [确定]


2.4 测试:
用浏览器打开 http://192.168.200.204
再次打开一个新的浏览器再次访问 http://192.168.200.204

用浏览器打开 http://192.168.200.202
再次打开一个新的浏览器再次访问 http://192.168.200.202

可以验证两次访问到的结果分别为:
server 192.168.200.202
server 192.168.200.203

 


3、编译安装keepalived服务
[root@Haproxy-1 ~]# yum -y install kernel-devel openssl-devel popt-devel
[root@Haproxy-1 ~]# tar xf keepalived-1.2.13.tar.gz
[root@Haproxy-1 ~]# cd keepalived-1.2.13
[root@Haproxy-1 keepalived-1.2.13]# ./configure --prefix=/ --with-kernel-dir=/usr/src/kernels/2.6.18-194.el5-i686 && make && make install

3.1 配置keepalibed 开机启动脚本
[root@Haproxy-1 ~]# chkconfig --add keepalived
[root@Haproxy-1 ~]# chkconfig keepalived on
[root@Haproxy-1 ~]# chkconfig --list keepalived
[root@Haproxy-1 ~]# service keepalived start|stop   

3.2.1 配置keepalibed 主配置文件
[root@Haproxy-1 ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived

vrrp_script chk_http_port {
script "/etc/keepalived/check_haproxy.sh"
interval 2

global_defs {
router_id LVS_DEVEL
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}

track_script {
chk_http_port
}

virtual_ipaddress {
192.168.200.254
}
}
}


3.2.2 第二台Haproxy配置keepalibed 主配置文件
[root@Haproxy-2 ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived

vrrp_script chk_http_port {
script "/etc/keepalived/check_haproxy.sh"
interval 2
weight 2

global_defs {
router_id LVS_DEVEL
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51
priority 50
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}

track_script {
chk_http_port
}

virtual_ipaddress {
192.168.200.254
}
}
}

4、两台机器上都配置haproxy检测脚本
[root@Haproxy-1 ~]# cat /etc/keepalived/check_haproxy.sh
#!/bin/bash
A=`ps -C haproxy --no-header |wc -l`
if [ $A -eq 0 ]
then
 /usr/local/haproxy/sbin/haproxy -f /usr/local/haproxy/conf/haproxy.cfg
 sleep 3
 if [ `ps -C haproxy --no-header |wc -l` -eq 0 ]
 then
  /etc/init.d/keepalived stop
 fi
fi

[root@Haproxy-1 ~]# chmod +x /etc/keepalived/check_haproxy.sh

[root@Haproxy-1 ~]# service keepalived start
[root@Haproxy-2 ~]# service keepalived start

5.1、测试VIP地址
[root@Haproxy-1 ~]# ip addr show dev eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:cc:18:a2 brd ff:ff:ff:ff:ff:ff
    inet 192.168.200.201/24 brd 192.168.200.255 scope global eth0
    inet 192.168.200.254/32 scope global eth0
    inet6 fe80::20c:29ff:fecc:18a2/64 scope link
       valid_lft forever preferred_lft forever

[root@Haproxy-1 ~]# /etc/init.d/keepalived stop
停止 keepalived:                                          [确定]

[root@Haproxy-2 ~]# ip addr show dev eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:fd:8a:4e brd ff:ff:ff:ff:ff:ff
    inet 192.168.200.204/24 brd 192.168.200.255 scope global eth0
    inet 192.168.200.254/32 scope global eth0
    inet6 fe80::20c:29ff:fefd:8a4e/64 scope link
       valid_lft forever preferred_lft forever
   
5.2、测试Haproxy健康检查  
[root@Haproxy-1 ~]# service haproxy stop
Shutting down haproxy:                                     [确定]
[root@Haproxy-1 ~]# service haproxy status
haproxy (pid 59717) 正在运行...
   
   
5.3 网页测试:
用浏览器打开 http://192.168.200.254
再次打开一个新的浏览器再次访问 http://192.168.200.254


可以验证两次访问到的结果分别为:
server 192.168.200.202
server 192.168.200.203

 

DNS:
www IN A 192.168.200.254
www IN A 192.168.200.253