haproxy+keepalived实现高可用负载均衡
工作原理:
Keepalived检测HAproxy主备服务器,利用Keepalived的VIP漂移技术,若HAprox主备都工作正常,则VIP与优先级别高的服务器(主服务器)绑定,当主服务器当掉时,则与备服务器绑定,而VIP则是暴露给外部访问的ip;HAproxy利用Keepalived生产的VIP对web服务器集群进行读负载,当某台we服务器当掉,则将其移除,恢复后再将其加入集群。
说明:
haproxy+keepalived 主:172.16.0.111
haproxy+keepalived 备:172.16.0.112
web-1:172.16.0.113
web-2:172.16.0.114
VIP:172.16.0.110
haproxy-1.5.19.tar.gz
keepalived-1.2.23
1、web服务器上
[root@web-1 ~]# vim /var/www/html/index.php
<h1>web-1 172.16.0.113</h1>
<?php phpinfo(); ?>
2、安装haproxy,主备配置一样
[root@haproxy-master ~]# tar -zxvf haproxy-1.5.19.tar.gz
[root@haproxy-master ~]# cd haproxy-1.5.19
[root@haproxy-master haproxy-1.5.19]# make TARGET=linux2628 ARCH=x86_64 PREFIX=/usr/local/haproxy
[root@haproxy-master haproxy-1.5.19]# make install PREFIX=/usr/local/haproxy编辑配置文件(自己创建,examples目录下有模板)
[root@haproxy-master haproxy-1.5.19]# mkdir -p /usr/local/haproxy/etc
[root@haproxy-master haproxy-1.5.19]# cp ~/haproxy-1.5.19/examples/haproxy.cfg /usr/local/haproxy/etc/
[root@haproxy-master haproxy-1.5.19]# vim /usr/local/haproxy/etc/haproxy.cfg
# this config needs haproxy-1.1.28 or haproxy-1.2.1
global
log 127.0.0.1 local0
log 127.0.0.1 local1 notice
#log loghost local0 info
maxconn 4096 #最大连接数
chroot /usr/local/haproxy
uid 99 #所属运行的用户UID
gid 99 #所属运行的用户组
daemon #以后台形式运行HAProxy
#debug
#quieti
nbproc 1 #启动1个实例,可以启多个来提高效率
pidfile /var/run/haproxy.pid
defaults
log global
mode http
option httpclose #每次请求完毕后主动关闭http通道
option redispatch #当serverId对应的服务器挂掉后,强制定向到其他健康的服务器
option forwardfor
option abortonclose #当服务器负载很高的时候,自动结束掉当前队列处理比较久的链接
option dontlognull #保证HAProxy不记录上级负载均衡发送过来的用于检测状态没有数据的心跳包
retries 2 #重试次数
maxconn 2000 #最大连接数
balance source #如果想让HAProxy按照客户端的IP地址进行负载均衡策略,即同一IP地址的所有请求都发送到同一服务器时需要配置此选项
timeout connect 5000
timeout client 50000
timeout server 50000
listen admin_stats
bind *:8888 #监听端口,后面打开网页时要用到,不要和已打开的端口冲突
mode http #http的7层模式
option httplog #采用http日志格式
log 127.0.0.1 local0 err
maxconn 10
stats refresh 30s #统计页面自动刷新时间
stats uri /stats #统计页面url
stats auth admin:admin #统计页面用户名和密码设置
stats hide-version #隐藏统计页面上HAProxy的版本信息
#关键设置,添加负载均衡服务器只需设置这里
listen web_cluster 0.0.0.0:8090
mode http
balance roundrobin
server web1 172.16.0.113:80 cookie app1inst1 check inter 2000 rise 2 fall 5
server web2 172.16.0.114:80 cookie app1inst2 check inter 2000 rise 2 fall 5启动
[root@localhost sbin]# /usr/local/haproxy/sbin/haproxy -f /usr/local/haproxy/etc/haproxy.cfg 停止
[root@localhost sbin]# killall haproxy 或者kill -9 端口监控页面
http://172.16.0.111:8888/stats
负载均衡测试
3、安装keepalived
[root@haproxy-master ~]# tar zxvf keepalived-1.2.7.tar.gz -C /usr/local/keepalived
[root@haproxy-master ~]# cd /usr/local/keepalived
[root@haproxy-master ~]# ./configure
[root@haproxy-master ~]# make && make install编辑配置文件
[root@haproxy-master keepalived-1.2.23]# vim /usr/local/keepalived/etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state MASTER #备服务器上改为BACKUP
interface eth0
virtual_router_id 51
priority 100 #被服务器上改为小于100的数字,如99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.16.0.110 #虚拟ip,自己设定
}
}
指定配置文件路径
[root@haproxy-master keepalived]# vim /usr/local/keepalived/etc/sysconfig/keepalived
KEEPALIVED_OPTIONS="-D -f /usr/local/keepalived/etc/keepalived/keepalived.conf"因为我们使用非默认路径(/usr/local)安装keepalived,需要设置一些软链接以保证keepalived能正常启动
[root@haproxy-master keepalived]# ln -s /usr/local/keepalived/sbin/keepalived /usr/bin
[root@haproxy-master keepalived]# ln -s /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/
[root@haproxy-master keepalived]# ln -s /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
启动
[root@haproxy-master keepalived]# service keepalived start
Starting keepalived: [ OK ]
[root@haproxy-master keepalived]# chkconfig keepalived on查看主服务器虚拟ip
[root@haproxy-master keepalived]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:ef:78:76 brd ff:ff:ff:ff:ff:ff
inet 172.16.0.111/23 brd 172.16.1.255 scope global eth0
inet 172.16.0.110/32 scope global eth0
inet6 fe80::20c:29ff:feef:7876/64 scope link
valid_lft forever preferred_lft forever测试vip是否正常提供服务,可以看到与master的监控界面一致
测试keepalived是否实现故障转移功能
停止master上的keepalived服务
[root@haproxy-master ~]# service keepalived stop
Stopping keepalived: [ OK ]
在backup上查看是否接管vip
[root@haproxy-backup sbin]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:6d:1a:b7 brd ff:ff:ff:ff:ff:ff
inet 172.16.0.112/23 brd 172.16.1.255 scope global eth0
inet 172.16.0.110/32 scope global eth0
inet6 fe80::20c:29ff:fe6d:1ab7/64 scope link
valid_lft forever preferred_lft forever
再访问监控页面,可以看到
参考链接:
http://www.cnblogs.com/MacoLee/p/5853356.html
http://blog.csdn.net/aa168b/article/details/50372649
http://7424593.blog.51cto.com/7414593/1764640
