Openstack 集群,及常用服务的 高可用 haproxy配置
一、介绍
配置文件位置(yum 安装):/etc/haproxy/haproxy.cfg
全局配置
#---------------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------
global
log 127.0.0.1 local2
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy
daemon
stats socket /var/lib/haproxy/stats
默认配置
#---------------------------------------------------------------------
# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
#---------------------------------------------------------------------
defaults
mode http
log global
option httplog
option dontlognull
option forwardfor
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 3000
配置haproxy 的统计页面
#---------------------------------------------------------------------
# tong ji ye mian pei zhi
#---------------------------------------------------------------------
listen stats
bind 10.6.32.200:1080
mode http
option httplog
log 127.0.0.1 local0 err
stats refresh 30s
maxconn 10
stats uri /admin
stats realm Haproxy\ Statistics
stats auth admin:admin #web登录的账号密码
stats hide-version
stats admin if TRUE
在浏览器中访问:http://10.6.32.200:1080/admin
1、httpd 服务
#--------------------------------------------------------------------- # listen httpd server #--------------------------------------------------------------------- listen httpd_cluster bind 10.6.32.200:80 balance roundrobin option tcpka option httpchk option tcplog server controller1 controller1:80 check port 80 inter 2000 rise 2 fall 5 server controller2 controller2:80 check port 80 inter 2000 rise 2 fall 5 server controller3 controller3:80 check port 80 inter 2000 rise 2 fall 5
2、mysql 服务
#--------------------------------------------------------------------- # listen Mysql-db server #--------------------------------------------------------------------- listen mysql_cluster mode tcp bind 10.6.32.200:3306 balance source option mysql-check user haproxy # 需要在数据库中创建没有密码的 haproxy用户,不需要有任何权限,详情查看博客:Mysql 5.7 弱密码限制,及创建用户无密码用户 server controller1 controller1:3306 weight 1 check inter 2000 rise 2 fall 5 server controller2 controller2:3306 weight 1 check inter 2000 rise 2 fall 5 server controller3 controller3:3306 weight 1 check inter 2000 rise 2 fall 5
3、 keystone-admin API
#---------------------------------------------------------------------
# listen keystone-admin server
#---------------------------------------------------------------------
listen keystone_admin
bind 10.6.32.200:35357
balance source
option tcpka
option httpchk
option tcplog
http-request del-header X-Forwarded-Proto if { ssl_fc }
server controller1 10.6.32.51:35357 check inter 2000 rise 2 fall 5
server controller2 10.6.32.52:35357 check inter 2000 rise 2 fall 5
server controller3 10.6.32.53:35357 check inter 2000 rise 2 fall 5
4、keystone-public 和 keystone-internal API
#---------------------------------------------------------------------
# listen keystone-public and keystone-internal server
#---------------------------------------------------------------------
listen keystone_pub_int
bind 10.6.32.200:5000 #需要将haproxy 默认自带的 frontend main *:5000 区块注释掉,有端口冲突
balance source
option tcpka
option httpchk
option tcplog
http-request del-header X-Forwarded-Proto if { ssl_fc }
server controller1 controller1:5000 check inter 2000 rise 2 fall 5
server controller2 controller2:5000 check inter 2000 rise 2 fall 5
server controller3 controller3:5000 check inter 2000 rise 2 fall 5
5、Glance-api server
#--------------------------------------------------------------------- # listen glance-admin,glance-public,glance-internal server #--------------------------------------------------------------------- listen glance-api bind 10.6.32.200:9292 balance source option tcpka option httpchk option tcplog server controller1 10.6.32.51:9292 check inter 2000 rise 2 fall 5 server controller2 10.6.32.52:9292 check inter 2000 rise 2 fall 5 server controller3 10.6.32.53:9292 check inter 2000 rise 2 fall 5
6、Glance-registery server
#--------------------------------------------------------------------- # listen glance-registery server #--------------------------------------------------------------------- listen glance-registery bind 10.6.32.200:9191 balance source option tcpka option tcplog server controller1 10.6.32.51:9191 check inter 2000 rise 2 fall 5 server controller2 10.6.32.52:9191 check inter 2000 rise 2 fall 5 server controller3 10.6.32.53:9191 check inter 2000 rise 2 fall 5
7、rabbitmq-web
#--------------------------------------------------------------------- # listen Rabbitmq-web server #--------------------------------------------------------------------- listen rabbitmq-web mode tcp bind 10.6.32.200:15671 balance roundrobin server controller1 10.6.32.51:15672 check inter 2000 rise 2 fall 5 server controller2 10.6.32.52:15672 check inter 2000 rise 2 fall 5 server controller3 10.6.32.53:15672 check inter 2000 rise 2 fall 5
8、nova-api server
#---------------------------------------------------------------------
# listen nova-api server
#---------------------------------------------------------------------
listen nova-api
bind 10.6.32.200:8774
balance source
option tcpka
option httpchk
option tcplog
http-request del-header X-Forwarded-Proto if { ssl_fc }
server controller1 controller1:8774 check inter 2000 rise 2 fall 5
server controller2 controller2:8774 check inter 2000 rise 2 fall 5
server controller3 controller3:8774 check inter 2000 rise 2 fall 5
9、nova novncproxy server
#---------------------------------------------------------------------
# listen nova-novncproxy server
#---------------------------------------------------------------------
listen nova_novncproxy
bind 10.6.32.200:6080
balance source
option tcpka
option tcplog
http-request del-header X-Forwarded-Proto if { ssl_fc }
http-request set-header X-Forwarded-Proto https if { ssl_fc }
server controller1 controller1:6080 check inter 2000 rise 2 fall 5
server controller2 controller2:6080 check inter 2000 rise 2 fall 5
server controller3 controller3:6080 check inter 2000 rise 2 fall 5
10、nova-placement-api server
#---------------------------------------------------------------------
# listen nova-placement public、internal、admin server
#---------------------------------------------------------------------
listen nova_placement-api
bind 10.6.32.200:8778
balance source
option tcpka
option tcplog
http-request del-header X-Forwarded-Proto if { ssl_fc }
server controller1 controller1:8778 check inter 2000 rise 2 fall 5
server controller2 controller2:8778 check inter 2000 rise 2 fall 5
server controller3 controller3:8778 check inter 2000 rise 2 fall 5
11、neutron server
#--------------------------------------------------------------------- # listen neutron server #--------------------------------------------------------------------- listen neutron bind 10.6.32.200:9696 balance source option tcpka option tcplog server controller1 controller1:9696 check inter 2000 rise 2 fall 5 server controller2 controller2:9696 check inter 2000 rise 2 fall 5 server controller3 controller3:9696 check inter 2000 rise 2 fall 5
12、 memcache server
#---------------------------------------------------------------------
# listen memcached server
#---------------------------------------------------------------------
listen memcache
mode tcp
bind 10.6.32.200:11211
balance static-rr
server controller1 controller1:11211 weight 1 check inter 2000 rise 2 fall 5
server controller2 controller2:11211 weight 10 check inter 2000 rise 2 fall 5
server controller3 controller3:11211 weight 20 check inter 2000 rise 2 fall 5
13、cinder server
#---------------------------------------------------------------------
# listen cinder_api server
#---------------------------------------------------------------------
listen cinder_api
bind 10.6.32.200:8776
balance source
option tcpka
option tcplog
http-request del-header X-Forwarded-Proto if { ssl_fc }
server controller1 controller1:8776 check inter 2000 rise 2 fall 5
server controller2 controller2:8776 check inter 2000 rise 2 fall 5
server controller3 controller3:8776 check inter 2000 rise 2 fall 5
IT运维开发路上的点点滴滴。。。
