Keepalived

简单的是一个路由的软件用C写的这个项目的主要目标是提供简单而强大的设施的负载均衡和高可用性对Linux系统和基于Linux的基础设施。负载均衡架构依赖于众所周知的和广泛使用的Linux虚拟服务器(IPVS)内核模块提供第四层负载均衡。简单的实现了一套检测动态自适应维护和管理服务器根据其健康loadbalanced池。另一方面,高可用性的实现VRRP协议.VRRP路由器故障转移的一个基本的砖。此外,简单的实现了一套钩VRRP有限状态机提供低空和高速协议的相互作用。简单的框架可以单独或一起提供弹性基础设施。

Haproxy

HAProxy提供高可用性、负载均衡以及基于TCP和HTTP应用的代理,支持虚拟主机,它是免费、快速并且可靠的一种解决方案。HAProxy特别适用于那些负载特大的web站点,这些站点通常又需要会话保持或七层处理。HAProxy运行在当前的硬件上,完全可以支持数以万计的并发连接。并且它的运行模式使得它可以很简单安全的整合进您当前的架构中, 同时可以保护你的web服务器不被暴露到网络上。

架构图

1、环境

CentOS 6.5

keepalived 1.2.23

haproxy 1.5.4

2、准备4台服务器

VIP         192.168.0.200

Master      192.168.0.110

Backup      192.168.0.111

Server1     192.168.0.120

Server2     192.168.0.121

3、安装gcc编译器,openssl,wget,如果已经安装则跳过

yum -y install openssl-devel ncurses-devel gcc gcc-c++ make rpm-build wget

4、创建软件存放目录

mkdir /soft

5、安装keepalived

cd /soft

wget http://www.keepalived.org/software/keepalived-1.2.23.tar.gz

tar -zxvf keepalived-1.2.23.tar.gz

cd keepalived-1.2.23

./configure --prefix=/usr/local/keepalived

make

make install

6、将keepalived做成启动脚务

cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/

cp /usr/local/keepalived/sbin/keepalived /usr/sbin/

cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/

mkdir /etc/keepalived

cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/

chmod +x /etc/init.d/keepalived

7、配置文件修改  vim /etc/keepalived/keepalived.conf

7.1、MASTER 配置信息

global_defs {

    notification_email

    {

        fuxiang.gong@qq.com

    }

    notification_email_from 17091959688@163.com

    smtp_server smtp.163.com

    stmp_connect_timeout 30

    router_id lnmp_node1

}

# 检测haproxy脚本

vrrp_script chk_haproxy {

        script "/etc/keepalived/check_haproxy.sh"

        interval 2

        weight 2

}

# 服务

vrrp_instance VIP_1 {

    state MASTER    #设置为主服务器

    interface eth0  #监测网络接口

    virtual_router_id 51  #主、备必须一样

    priority 100   #主机级别,值越大优先级越高

    advert_int 1   #VRRP Multicast广播周期秒数

    authentication {

        auth_type PASS  #VRRP认证方式,主备必须一致

        auth_pass 1111  #密码

    }

    track_script {

        chk_haproxy  # 执行监控的服务

    }

    virtual_ipaddress {

        192.168.0.200  #漂移IP地址

    }

}

7.2、BACKUP 配置信息

global_defs {

    notification_email

    {

        fuxiang.gong@qq.com

    }

    notification_email_from 17091959688@163.com

    smtp_server smtp.163.com

    stmp_connect_timeout 30

    router_id lnmp_node2

}

# 检测haproxy脚本

vrrp_script chk_haproxy {

        script "/etc/keepalived/check_haproxy.sh"

        interval 2

        weight 2

}

# 服务

vrrp_instance VIP_1 {

    state BACKUP    #设置为备用服务器

    interface eth0  #监测网络接口

    virtual_router_id 51  #主、备必须一样

    priority 90   #主、备机取不同的优先级,主机值较大,备份机值较小,值越大优先级越高

    advert_int 1   #VRRP Multicast广播周期秒数

    authentication {

        auth_type PASS  #VRRP认证方式,主备必须一致

        auth_pass 1111  #密码

    }

    track_script {

        chk_haproxy  # 执行监控的服务

    }

    virtual_ipaddress {

        192.168.0.200  #漂移IP地址

    }

}

7.3、添加Haproxy检测脚本 vim  /etc/keepalived/check_haproxy.sh 添加以下内容

#!/bin/bash

if [ $(ps -C haproxy --no-header | wc -l) -eq 0 ]; then

	/etc/init.d/haproxy start

fi

sleep 2

if [ $(ps -C haproxy --no-header | wc -l) -eq 0 ]; then

	/etc/init.d/keepalived stop

fi

7.4、给check_haproxy.sh脚本赋值运行权限(MASTER和BACKUP一致)

chmod +x /etc/keepalived/check_haproxy.sh

7.5、允许两台服务器vrrp包通过防火墙,如果关闭防火墙则跳过(两台服务器上都配置)

MASTER

  vim /etc/sysconfig/iptables

  -A INPUT -i eth0 -p vrrp -s 192.168.0.111 -j ACCEPT

BACKUP

  vim /etc/sysconfig/iptables

  -A INPUT -i eth0 -p vrrp -s 192.168.0.110 -j ACCEPT

重启防火墙

service iptables restart

8、启动keepalived服务

service keepalived start

8.1、查看服务器多了一个虚拟IP,keepalived配置成功

MASTER  ip a

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    inet 127.0.0.1/8 scope host lo

    inet6 ::1/128 scope host

       valid_lft forever preferred_lft forever

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

    link/ether 00:0c:29:d9:a8:bd brd ff:ff:ff:ff:ff:ff

    inet 192.168.0.110/24 brd 192.168.0.255 scope global eth0

    inet 192.168.0.200/32 scope global eth0

    inet6 fe80::20c:29ff:fed9:a8bd/64 scope link

       valid_lft forever preferred_lft forever

BACKUP  ip a

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    inet 127.0.0.1/8 scope host lo

    inet6 ::1/128 scope host

       valid_lft forever preferred_lft forever

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

    link/ether 00:0c:29:d9:8f:72 brd ff:ff:ff:ff:ff:ff

    inet 192.168.0.109/24 brd 192.168.0.255 scope global eth0

    inet6 fe80::20c:29ff:fed9:8f72/64 scope link

       valid_lft forever preferred_lft forever

8.2、查看Keepalived日志

tail -f /var/log/messages

9、yum方式安装haproxy

yum install -y haproxy

9.2、查看haproxy版本信息

rpm -qi haproxy 或 haproxy -version

Name        : haproxy                      Relocations: (not relocatable)

Version     : 1.5.4                             Vendor: CentOS

Release     : 3.el6                         Build Date: 2016年05月11日 星期三 03时17分37秒

Install Date: 2016年08月24日 星期三 05时34分08秒      Build Host: worker1.bsys.centos.org

Group       : System Environment/Daemons    Source RPM: haproxy-1.5.4-3.el6.src.rpm

Size        : 2552550                          License: GPLv2+

Signature   : RSA/SHA1, 2016年05月12日 星期四 18时49分33秒, Key ID 0946fca2c105b9de

Packager    : CentOS BuildSystem <http://bugs.centos.org>

URL         : http://www.haproxy.org/

Summary     : HAProxy is a TCP/HTTP reverse proxy for high availability environments

Description :

HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high

availability environments. Indeed, it can:

 - route HTTP requests depending on statically assigned cookies

 - spread load among several servers while assuring server persistence

   through the use of HTTP cookies

 - switch to backup servers in the event a main one fails

 - accept connections to special ports dedicated to service monitoring

 - stop accepting connections without breaking existing ones

 - add, modify, and delete HTTP headers in both directions

 - block requests matching particular patterns

 - persists clients to the correct application server depending on

   application cookies

 - report detailed status as HTML pages to authenticated users from a URI

   intercepted from the application

9.2、查看haproxy位置

rpm -ql haproxy

10、添加独立日志  vim /etc/rsyslog.conf 在底部添加以下配置信息

# haproxy

# Provides UDP syslog reception

$ModLoad imudp

$UDPServerRun 514  # 启动udp,启动端口后将作为服务器工作

# # Provides TCP syslog reception

$ModLoad imtcp

$InputTCPServerRun 514  # 启动tcp监听端口

local2.* /var/log/haproxy.log

10.1、重启日志服务

service rsyslog restart

10.2、vim haproxy.cfg 在global端中需要添加此行

log 127.0.0.1 local2

11、配置防火墙,允许80,1080端口访问,添加以下两行(测试可以直接关闭防火墙)

-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT

-A INPUT -m state --state NEW -m tcp -p tcp --dport 1080 -j ACCEPT

11.1、重启防火墙

service iptables restart

15、编辑配置文件  vim /etc/haproxy/haproxy.cfg

15.1、一个最简单的http服务的配置

global

log 127.0.0.1 local2  # 定义日志

chroot /var/lib/haproxy

pidfile /var/run/haproxy.pid

maxconn 4000

user haproxy

group haproxy

daemon

stats socket /var/lib/haproxy/stats

defaults

mode http

log global

option httplog

option dontlognull

option http-server-close

option forwardfor except 127.0.0.0/8

option redispatch

retries 3

timeout http-request 10s

timeout queue 1m

timeout connect 10s

timeout client 1m

timeout server 1m

timeout http-keep-alive 10s

timeout check 10s

maxconn 3000

frontend webser #webser为名称

option forwardfor

bind *:80

default_backend webserver

backend webserver

balance roundrobin #使拥roundrobin 算法

server app1 192.168.1.120:80 check

server app2 192.168.1.121:80 check

15.2、haproxy统计页面的输出机制

frontend webser

log 127.0.0.1 local2

option forwardfor

bind *:80

default_backend webserver

backend webserver

cookie node insert nocache

balance roundrobin

server app1 192.168.0.120:80 check cookie node1 intval 2 rise 1 fall 2

server app2 192.168.0.121:80 check cookie node2 intval 2 rise 1 fall 2

listen statistics

bind *:8009 # 自定义监听端口

stats enable # 启用基于程序编译时默认设置的统计报告

stats auth admin:admin # 统计页面用户名和密码设置

stats uri /admin?stats # 自定义统计页面的URL,默认为/haproxy?stats

stats hide-version # 隐藏统计页面上HAProxy的版本信息

stats refresh 30s # 统计页面自动刷新时间

stats admin if TRUE #如果认证通过就做管理功能,可以管理后端的服务器

stats realm Hapadmin # 统计页面密码框上提示文本,默认为Haproxy\ Statistics

15.3、静态与动态请求分离

# web服务

frontend webservs

# 绑定80端口,域名不限

bind *:80

# 定义静态规则

acl url_static path_beg -i /static /images /javascript /stylesheets

acl url_static path_end -i .jpg .gif .png .css .js .html

acl host_static hdr_beg(host) -i img. imgs. video. videos. ftp. image. download.

# 定义动态规则

acl url_php path_end -i .php

# 后端请求归纳

use_backend static if url_static or host_static

use_backend dynamic if url_php

# 默认动态组

default_backend dynamic

# 静态请求处理

backend static

# 分配算法(轮流分配)

balance roundrobin

# 实际处理请求的服务器列表

server node1 192.168.0.120:80 check maxconn 3000

# 动态请求处理

backend dynamic

# 分配算法(轮流分配)

balance roundrobin

# 实际处理请求的服务器列表

server node1 192.168.0.121:80 check maxconn 3000

server node2 192.168.0.122:80 check maxconn 3000

15.4、http完整配置负载均衡

#---------------------------------------------------------------------

# Global settings

#---------------------------------------------------------------------

global

# to have these messages end up in /var/log/haproxy.log you will

# need to:

#

# 1) configure syslog to accept network log events. This is done

# by adding the '-r' option to the SYSLOGD_OPTIONS in

# /etc/sysconfig/syslog

#

# 2) configure local2 events to go to the /var/log/haproxy.log

# file. A line like the following can be added to

# /etc/sysconfig/syslog

#

# local2.* /var/log/haproxy.log

#

log 127.0.0.1 local2

chroot /var/lib/haproxy

pidfile /var/run/haproxy.pid

maxconn 4000

user haproxy

group haproxy

daemon

defaults

mode http

log global

option httplog

option dontlognull

option http-server-close

option forwardfor except 127.0.0.0/8

option redispatch

retries 3

timeout http-request 10s

timeout queue 1m

timeout connect 10s

timeout client 1m

timeout server 1m

timeout http-keep-alive 10s

timeout check 10s

maxconn 30000

listen stats

mode http

bind 0.0.0.0:1080

stats enable

stats hide-version

stats uri /haproxyadmin?stats

stats realm Haproxy\ Statistics

stats auth admin:admin

stats admin if TRUE

frontend http-in

bind *:80

mode http

log global

option httpclose

option logasap #不等待响应结束就记录日志,表示提前记录日志,一般日志会记录响应时长,此不记录响应时长

option dontlognull #不记录空信息

capture request header Host len 20 #记录请求首部的前20个字符

capture request header Referer len 60 #referer跳转引用,就是上一级

default_backend servers

frontend healthcheck

bind :1099 #定义外部检测机制

mode http

option httpclose

option forwardfor

default_backend servers

backend servers

balance roundrobin

server websrv1 192.168.0.120:80 check maxconn 2000

server websrv2 192.168.0.121:80 check maxconn 2000

15.5、MySQL完整配置负载均衡

#---------------------------------------------------------------------

# Global settings

#---------------------------------------------------------------------

global

# to have these messages end up in /var/log/haproxy.log you will

# need to:

#

# 1) configure syslog to accept network log events. This is done

# by adding the '-r' option to the SYSLOGD_OPTIONS in

# /etc/sysconfig/syslog

#

# 2) configure local2 events to go to the /var/log/haproxy.log

# file. A line like the following can be added to

# /etc/sysconfig/syslog

#

# local2.* /var/log/haproxy.log

#

log 127.0.0.1 local2

chroot /var/lib/haproxy

pidfile /var/run/haproxy.pid

maxconn 4000

user haproxy

group haproxy

daemon

defaults

mode tcp

log global

option httplog

option dontlognull

retries 3

timeout http-request 10s

timeout queue 1m

timeout connect 10s

timeout client 1m

timeout server 1m

timeout http-keep-alive 10s

timeout check 10s

maxconn 600

listen stats

mode http

bind 0.0.0.0:1080

stats enable

stats hide-version

stats uri /haproxyadmin?stats

stats realm Haproxy\ Statistics

stats auth admin:admin

stats admin if TRUE

frontend mysql

bind *:3306

mode tcp

log global

default_backend mysqlservers

backend mysqlservers

balance leastconn

server dbsrv1 192.168.1.120:3306 check port 3306 intval 2 rise 1 fall 2 maxconn 300

server dbsrv2 192.168.1.121:3306 check port 3306 intval 2 rise 1 fall 2 maxconn 300

16、启动haproxy服务

service haproxy start

17、查看统计页面

http://192.168.0.200:1080/haproxyadmin?stats

用户名和密码 admin

18、查看Haproxy日志

tail -f /var/log/haproxy.log

19、Haproxy配置信息 MASTR 与 BACKUP配置完全相同

20、访问服务器VIP地址会自动分配到不同服务器进行处理

http://192.168.0.200

1、关闭MASTER服务,BACKUP会自动升级为MASTER接替服务。启动MASTER的Keepalived服务,会自动切回原来的MASTER服务器。

2、关闭Haproxy服务,脚本会尝试启动Haproxy服务,如果启动失败则关闭Keepalived服务,让备用服务器接替。

到这里一个完整的web负载均衡服务器就配置完成了,Haproxy主要做服务分配,Keepalived做双机热备,Keepalived还可以配置成双主热备。在keepalived中检测Haproxy是否可用,不可用是否关闭Keepalived服务器,具体可以根据自己业务做处理。

 

Keepalived+Haproxy搭建高可用负载均衡的更多相关文章

  1. Keepalived+HAProxy 搭建高可用负载均衡

    转载自:https://mp.weixin.qq.com/s/VebiWftaRa26x1aA21Jqww 1. 概述 软件负载均衡技术是指可以为多个后端服务器节点提供前端IP流量分发调度服务的软件技 ...

  2. Keepalived+lvs 搭建高可用负载均衡

    本站点停止更新,请访问:blog.coocap.com 不了解负载均衡高可用的童鞋,强烈建议先看keepalived+nginx高可用负载均衡: 传送门(求粉):http://www.cnblogs. ...

  3. Keepalived+HAproxy实现高可用负载均衡

    总概:       Keepalived是一个类似于layer3, 4 & 5交换机制的软件,也就是我们平时说的第3层.第4层和第5层交换.Keepalived的作用是检测web服务器的状态, ...

  4. keepalived+haproxy构建高可用负载均衡

    一.环境介绍 我用的是centos6.7,内核版本为2.6.32-573.el6.x86_64,keepalived版本为keepalived-1.2.22,haproxy版本为haproxy-1.6 ...

  5. 【Linux运维-集群技术进阶】Nginx+Keepalived+Tomcat搭建高可用/负载均衡/动静分离的Webserver集群

    额.博客名字有点长.. . 前言 最终到这篇文章了,心情是有点激动的. 由于这篇文章会集中曾经博客讲到的全部Nginx功能点.包含主要的负载均衡,还有动静分离技术再加上这篇文章的重点.通过Keepal ...

  6. HAProxy(三):Keeplived+HAProxy搭建高可用负载均衡动静分离架构基础配置示例

    一.安装环境 1.软件版本 HAProxy:1.5.18 Keepalived:1.3.5 Nginx:1.12.2 PHP:7.2 系统版本:CentOS 7.4 2.IP分配与架构图 3.安装软件 ...

  7. keepalived+LVS搭建高可用负载均衡系统

    相关架构设置: 1)vip : 192.168.137.6 2)DS master ip : 192.168.137.8 3)DS backup ip : 192.168.137.9 4)RS 1 i ...

  8. docker下用keepalived+Haproxy实现高可用负载均衡集群

    启动keepalived后宿主机无法ping通用keepalived,报错: [root@localhost ~]# ping 172.18.0.15 PING () bytes of data. F ...

  9. Nginx+Keepalived(双机热备)搭建高可用负载均衡环境(HA)

    原文:https://my.oschina.net/xshuai/blog/917097 摘要: Nginx+Keepalived搭建高可用负载均衡环境(HA) http://blog.csdn.ne ...

随机推荐

  1. Myeclipse 10/2014 配置插件(svn、maven、properties、velocity)的方法

    一.配置SVN详细图解 什么是SVN? 管理软件开发过程中的版本控制工具. 下面会以两种方式来介绍怎么安装svn,myeclipse安装SVN插件步骤,以myeclipse 2014为例,第一种是最常 ...

  2. swoole使用内存

    //swoole直接操作系统的内存 单线程每秒可执行三百万次 主要用于进程间的数据通信 $swoole_table = new swoole_table(1024);//1024为内创建内存对象所能存 ...

  3. Hard Disk Drive(MBR)

    这里讲的主要是网上所谓的老式磁盘,它是由一个个盘片组成的,我们先从个盘片结构讲起.如图1所示,图中的一圈圈灰色同心圆为一条条磁道,从圆心向外画直线,可以将磁道划分为若干个弧段,每个磁道上一个弧段被称之 ...

  4. 学习spring第四天

    Spring第四天讲义 今日内容 Spring的事务管理 Spring和MyBatis框架的集成 1. Spring的事务管理 1.1. 事务是什么? 在操作数据库时(增删改),如果同时操作多次数据, ...

  5. 直播弹幕抓取逆向分析流程总结 websocket,flash

    前端无秘密 直播的逆向抓取说到底是前端的调试和逆向技术,加上部分的dpa(深入包分析,个人能力尚作不到深入,只能作简单分析)难度较低 目前互联网直播弹幕主要是两种技术实现. 1websocket消息通 ...

  6. Opencv笔记(二十)——直方图(二)

    直方图均衡化 原理: 想象一下如果一副图像中的大多是像素点的像素值都集中在一个像素值范围之内会怎样呢?例如,如果一幅图片整体很亮,那所有的像素值应该都会很高.但是一副高质量的图像的像素值分布应该很广泛 ...

  7. postgreSQL命令大全(更新中)

    1.PostgreSQL索引的建立https://blog.csdn.net/jubaoquan/article/details/78850899: 2.PostgreSQL9中索引的原理和效率查询h ...

  8. [LC] 1048. Longest String Chain

    Given a list of words, each word consists of English lowercase letters. Let's say word1 is a predece ...

  9. 让java不再难懂

    废话不都说,直接上图哈 java基础思维导图整理.png 1.Java 简介.png 2.java主要特性.png 3.java发展历史.png 4.java 开发环境配置.png 5.java 基础 ...

  10. log4j2.xml 配置

    动态生成日志, 日志路径: log4j2.xml 配置如下: <?xml version="1.0" encoding="UTF-8"?> < ...