HAProxy+Keepalived 高可用负载均衡

时间:2022-02-23 03:17:19
转自  https://www.jianshu.com/p/95cc6e875456


Keepalived+haproxy实现高可用负载均衡



Master  192.168.0.69    haproxy、keepalived    Centos7.4
backup    192.168.0.70    haproxy、keepalived    Centos7.4
vip(虚拟IP)
192.168.0.180   192.168.0.181




1、两台都安装haproxy,参照安装haproxy文档




2、  两台都安装Keepalived

yum -y install gcc automake autoconf libtool gcc-c++ gd zlib zlib-devel openssl openssl-devel libxml2 libxml2-devel libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel libmcrypt libmcrypt-devel pcre pcre-devel

yum install -y libnl libnl-devel libnfnetlink-devel popt-devel


cd /usr/local/src/

tar -zxvf keepalived-1.2.18.tar.gz

cd keepalived-1.2.18

./configure --prefix=/usr/local/keepalived

make && make install



3、将keepalived安装成Linux系统服务

mkdir /etc/keepalived
cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/
cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/
cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
chmod +x /etc/init.d/keepalived
ln -s /usr/local/sbin/keepalived /usr/sbin/
ln -s /usr/local/keepalived/sbin/keepalived /usr/sbin/
ln -s /usr/local/keepalived/sbin/keepalived /usr/local/sbin/
chkconfig keepalived on




4、修改keepalived配置文件


接下来就是配置了,很简单,之前的删除,直接复制下面配置文件

先是主服务器:

vi /etc/keepalived/keepalived.conf

global_defs
{
notification_email    #通知email,根据实际情况配置
{
admin@example.com
}
notification_email_from admin@example.com
smtp_server 127.0.0.1
stmp_connect_timeout 30
router_id node1         #节点名标识,主要用于通知中
}


vrrp_script chk_http_port {
   script "/etc/keepalived/chk_haproxy.sh"  #在这里添加脚本链接
   interval 3       #脚本执行间隔
   weight 2         #脚本结果导致的优先级变更
}



vrrp_script chk_http_port {
   script "/etc/keepalived/chk_haproxy.sh"  #在这里添加脚本链接
   interval 3       #脚本执行间隔
   weight 2         #脚本结果导致的优先级变更
}


vrrp_instance VI_NODE_1 {
  state MASTER          #配置为主服务器
  interface ens33        #通讯网卡
  virtual_router_id 100 #路由标识
  priority 200          #优先级,0-254
  advert_int 5          #通知间隔,实际部署时可以设置小一点,减少延时
  
  authentication {
    auth_type PASS
    auth_pass 123456    #验证密码,用于通讯主机间验证
  }

  track_script {
        chk_http_port     #添加脚本执行
    }

  virtual_ipaddress {
    192.168.0.180       #虚拟ip,可以定义多个
  }
}



vrrp_instance VI_NODE_2 {
  state MASTER          #配置为主服务器
  interface ens33        #通讯网卡
  virtual_router_id 101 #路由标识
  priority 100          #优先级,0-254
  advert_int 5          #通知间隔,实际部署时可以设置小一点,减少延时

  authentication {
    auth_type PASS
    auth_pass 123456    #验证密码,用于通讯主机间验证
  }

  track_script {
        chk_http_port     #添加脚本执行
    }

  virtual_ipaddress {
    192.168.0.181       #虚拟ip,可以定义多个
  }
}






接下是从服务器设置:

vi /etc/keepalived/keepalived.conf

global_defs {
  notification_email {
    admin@example.com
  }
  notification_email_from admin@example.com
  smtp_server 127.0.0.1
  stmp_connect_timeout 30


  router_id node2
}


vrrp_script chk_http_port {
   script "/etc/keepalived/chk_haproxy.sh"  #在这里添加脚本链接
   interval 3       #脚本执行间隔
   weight 2         #脚本结果导致的优先级变更
}



vrrp_script chk_http_port {
   script "/etc/keepalived/chk_haproxy.sh"  #在这里添加脚本链接
   interval 3       #脚本执行间隔
   weight 2         #脚本结果导致的优先级变更
}


vrrp_instance VI_NODE_1 {
  state BACKUP           #与主服务器对应
  interface ens33         #从服务器的通信网卡
  virtual_router_id 100  #路由标识,和主服务器相同
  priority 100           #优先级,小于主服务器即可
  advert_int 5           #这里是接受通知间隔,与主服务器要设置相同
  
  authentication {
   auth_type PASS
    auth_pass 123456     #验证密码,与主服务器相同
  }


  track_script {
        chk_http_port     #添加脚本执行
    }

  virtual_ipaddress {
    192.168.0.180        #虚拟IP,也要和主服务器相同
  }
}




vrrp_instance VI_NODE_2 {
  state BACKUP           #与主服务器对应
  interface ens33         #从服务器的通信网卡
  virtual_router_id 101  #路由标识,和主服务器相同
  priority 100           #优先级,小于主服务器即可
  advert_int 5           #这里是接受通知间隔,与主服务器要设置相同

  authentication {
   auth_type PASS
    auth_pass 123456     #验证密码,与主服务器相同
  }


  track_script {
        chk_http_port     #添加脚本执行
    }

  virtual_ipaddress {
    192.168.0.181        #虚拟IP,也要和主服务器相同
  }
}








5 两个节点配置check_ngixn脚本

当脚本检测到haproxy没有运行的时候会尝试去启动haproxy以此,如果失败则停掉keepalived进程

vi /usr/local/keepalived/haproxy.sh

tatus=$(ps aux|grep haproxy | grep -v grep | grep -v bash | wc -l)
if [ "${status}" = "0" ]; then
    /usr/local/haproxy/sbin -f /usr/local/haproxy/conf/haproxy.cfg

    status2=$(ps aux|grep haproxy | grep -v grep | grep -v bash |wc -l)

    if [ "${status2}" = "0"  ]; then
            /etc/init.d/keepalived stop
    fi
fi







6、启动keepalived
[root@bogon ~]# service keepalived start
Starting keepalived (via systemctl):                       [  OK  ]




7、查看虚拟ip在哪台上, 注意过两分钟才出现vip

[root@bogon ~]# ip a
[root@bogon ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:24:21:c4 brd ff:ff:ff:ff:ff:ff
    inet 192.168.0.69/24 brd 192.168.0.255 scope global noprefixroute ens33
       valid_lft forever preferred_lft forever
    inet 192.168.0.180/32 scope global ens33
       valid_lft forever preferred_lft forever
    inet 192.168.0.181/32 scope global ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::d675:3ae7:5113:ad71/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever








  
9、访问:http://192.168.0.181:1080/stats      http://192.168.0.181:1080/stats    账号密码: admin/admin






10、高可用切换


在192.168.0.69停止keepalived , 查看192.168.0.180飘到了192.168.0.70上

service keepalived stop


1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:ba:67:74 brd ff:ff:ff:ff:ff:ff
    inet 192.168.0.70/24 brd 192.168.0.255 scope global noprefixroute ens33
       valid_lft forever preferred_lft forever
    inet 192.168.0.180/32 scope global ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::6c33:a5d6:2ea9:d781/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
    inet6 fe80::d675:3ae7:5113:ad71/64 scope link tentative noprefixroute dadfailed 
       valid_lft forever preferred_lft forever