私有云落地解决方案之openstack高可用（pike版本）-haproxy

作者：【吴业亮】

博客：http://blog.csdn.net/wylfengyujiancheng

1、三个节点安装haproxy，并设置开机自动启动

# yum install -y haproxy
# systemctl enable haproxy

2、跟rsyslog结合配置haproxy日志，在三个节点上都操作
配置/etc/rsyslog.d/haproxy.conf

$ModLoad imudp
$UDPServerRun 514
$template Haproxy,"%rawmsg% \n"
local0.=info -/var/log/haproxy.log;Haproxy
local.notice -/var/log/haproxy-status.log;Haproxy
local.* ~

# systemctl restart rsyslog.service
# systemctl status rsyslog.service

3、在三个节点上配置haproxy.cfg文件

global
log             127.0.0.1 local3
    chroot          /var/lib/haproxy
    pidfile         /var/run/haproxy.pid
    stats  socket     /var/lib/haproxy/stats
    maxconn         40000
    user            haproxy
    group           haproxy
    daemon
    spread-checks      3
    tune.bufsize      32768
    tune.maxrewrite 1024
    tune.ssl.default-dh-param  2048

defaults
    mode    http
log     global
option  httplog
option  tcplog
option  redispatch
option  http-server-close
option  splice-auto
option  dontlognull
    retries 3
    timeout http-request 20s
    timeout queue 1m
    timeout connect 10s
    timeout client 1m
    timeout server 1m
    timeout check 10s
    maxconn 8000

listen stats
    bind 0.0.0.0:8888
    mode http
    stats enable
    stats uri /
    stats realm Haproxy\ Statistics
    stats auth admin:Changeme_123
    stats  refresh 5s
    stats  show-node
    stats  show-legends
    stats  hide-version

listen db-cloud
    bind 172.16.8.50:3306
    balance  source
    hash-type consistent
    mode       tcp
option  tcplog
option  clitcpka
option  srvtcpka
option  httpchk
    timeout client  28801s
    timeout server  28801s
server node1 172.16.8.60:3306 check port 9200 inter 20s fastinter 2s downinter 2s rise 3 fall 3
server node2 172.16.8.61:3306 check port 9200 inter 20s fastinter 2s downinter 2s rise 3 fall 3 backup
server node3 172.16.8.62:3306 check port 9200 inter 20s fastinter 2s downinter 2s rise 3 fall 3 backup

listen mq-cloud
    bind 172.16.8.50:5672 tcp-ut 5s
    mode tcp
option tcpka
    balance roundrobin
server node1 172.16.8.60:5672 check inter 10s fastinter 2s downinter 2s rise 3 fall 3
server node2 172.16.8.61:5672 check inter 10s fastinter 2s downinter 2s rise 3 fall 3
server node3 172.16.8.62:5672 check inter 10s fastinter 2s downinter 2s rise 3 fall 3

listen keystone-admin-cloud
    bind 172.16.8.50:35357
    http-request  set-header X-Forwarded-Proto https if { ssl_fc }
option  httplog
option  httpclose
option  forwardfor
server node1 172.16.8.60:35357 check inter 10s fastinter 2s downinter 2s rise 3 fall 3
server node2 172.16.8.61:35357 check inter 10s fastinter 2s downinter 2s rise 3 fall 3
server node3 172.16.8.62:35357 check inter 10s fastinter 2s downinter 2s rise 3 fall 3

listen keystone-cloud
    bind 172.16.8.50:5000
    http-request  set-header X-Forwarded-Proto https if { ssl_fc }
option  httplog
option  httpclose
option  forwardfor
server node1 172.16.8.60:5000 check inter 10s fastinter 2s downinter 2s rise 3 fall 3
server node2 172.16.8.61:5000 check inter 10s fastinter 2s downinter 2s rise 3 fall 3
server node3 172.16.8.62:5000 check inter 10s fastinter 2s downinter 2s rise 3 fall 3

listen glance-registry-cloud
    bind 172.16.8.50:9191
    timeout server          30m
server node1 172.16.8.60:9191 check inter 10s fastinter 2s downinter 3s rise 3 fall 3
server node2 172.16.8.61:9191 check inter 10s fastinter 2s downinter 3s rise 3 fall 3
server node3 172.16.8.62:9191 check inter 10s fastinter 2s downinter 3s rise 3 fall 3

listen glance-api-cloud
    bind 172.16.8.50:9292
    http-request  set-header X-Forwarded-Proto https if { ssl_fc }
option  httpchk /versions
option  httplog
option  httpclose
    timeout server  30m
server node1 172.16.8.60:9292 check inter 10s fastinter 2s downinter 3s rise 3 fall 3
server node2 172.16.8.61:9292 check inter 10s fastinter 2s downinter 3s rise 3 fall 3
server node3 172.16.8.62:9292 check inter 10s fastinter 2s downinter 3s rise 3 fall 3

listen nova-api-cloud
    bind 172.16.8.50:8774
    http-request  set-header X-Forwarded-Proto https if { ssl_fc }
option  httpchk
option  httplog
option  httpclose
    timeout server  600s
server node1 172.16.8.60:8774 check inter 10s fastinter 2s downinter 3s rise 3 fall 3
server node2 172.16.8.61:8774 check inter 10s fastinter 2s downinter 3s rise 3 fall 3
server node3 172.16.8.62:8774 check inter 10s fastinter 2s downinter 3s rise 3 fall 3

listen nova-metadata-api-cloud
    bind 172.16.8.50:8775
option  httpchk
option  httplog
option  httpclose
server node1 172.16.8.60:8775 check inter 10s fastinter 2s downinter 3s rise 3 fall 3
server node2 172.16.8.61:8775 check inter 10s fastinter 2s downinter 3s rise 3 fall 3
server node3 172.16.8.62:8775 check inter 10s fastinter 2s downinter 3s rise 3 fall 3

listen vnc-cloud
    bind 172.16.8.50:6080
    http-request set-header X-Forwarded-Proto https if { ssl_fc }
server node1 172.16.8.60:6080 check inter 10s fastinter 2s downinter 3s rise 3 fall 3
server node2 172.16.8.61:6080 check inter 10s fastinter 2s downinter 3s rise 3 fall 3
server node3 172.16.8.62:6080 check inter 10s fastinter 2s downinter 3s rise 3 fall 3


listen nova-placement-api-cloud
    bind 172.16.8.50:8778
    http-request set-header X-Forwarded-Proto https if { ssl_fc }
server node1 172.16.8.60:8778 check inter 10s fastinter 2s downinter 3s rise 3 fall 3
server node2 172.16.8.61:8778 check inter 10s fastinter 2s downinter 3s rise 3 fall 3
server node3 172.16.8.62:8778 check inter 10s fastinter 2s downinter 3s rise 3 fall 3

listen neutron-api-cloud
    bind 172.16.8.50:9696
    http-request set-header X-Forwarded-Proto https if { ssl_fc }
option  httpchk
option  httplog
option  httpclose
server node1 172.16.8.60:9696 check inter 10s fastinter 2s downinter 3s rise 3 fall 3
server node2 172.16.8.61:9696 check inter 10s fastinter 2s downinter 3s rise 3 fall 3
server node3 172.16.8.62:9696 check inter 10s fastinter 2s downinter 3s rise 3 fall 3

listen dashboard_cloud
    bind 172.16.8.50:80
    balance  source
option  tcpka
option  httpchk
option  tcplog
server node1 172.16.8.60:80 check inter 2000 rise 2 fall 5
server node3 172.16.8.61:80 check inter 2000 rise 2 fall 5
server node3 172.16.8.62:80 check inter 2000 rise 2 fall 5

listen cinder-api-cloud
    bind 172.16.8.50:8776
    http-request set-header X-Forwarded-Proto https if { ssl_fc }
option  httpchk
option  httplog
option  httpclose
server node1 172.16.8.60:8776 check inter 10s fastinter 2s downinter 3s rise 3 fall 3
server node2 172.16.8.61:8776 check inter 10s fastinter 2s downinter 3s rise 3 fall 3
server node3 172.16.8.62:8776 check inter 10s fastinter 2s downinter 3s rise 3 fall 3

4、修改三个节点的内核参数使haproxy正常启动

# echo "net.ipv4.ip_nonlocal_bind = 1" >>/etc/sysctl.conf
# echo "net.ipv4.ip_forward = 1" >>/etc/sysctl.conf
# sysctl -p

5、三个节点启动haproxy服务

# systemctl restart haproxy
# systemctl status haproxy

6、访问haproxy前端web界面
http://172.16.8.60:8888/

admin/Changeme_123

秒客网

私有云落地解决方案之openstack高可用（pike版本）-haproxy

相关文章