haproxy+keepalived以及haproxy的原理特点
haproxy简介 1. 免费,快速,可靠的解决方案 2. 适用负载特大的web站点,通常这些站点需要保持会话或七层处理。 3. 提供高可用,负载均衡以及tcp和http应用的代理 负载均衡器性能的因素 1. 会话率: 每秒钟产生的会话数
参考haproxy的配置参数 https://www.cnblogs.com/MacoLee/p/5853413.html
[root@haproxy ~]# wget http://pkgs.fedoraproject.org/repo/pkgs/haproxy/haproxy-1.4.24.tar.gz/86422620faa9759907563d5e0524b98c/haproxy-1.4.24.tar.gz
[root@haproxy ~]# ls
[root@haproxy ~]# tar -xf haproxy-1.4.24.tar.gz
[root@haproxy ~]# cd haproxy-1.4.24
[root@haproxy ~]# ls
[root@haproxy ~]# make TARGET=linux2628 USE_PCRE=1 PREFIX=/usr/local/haproxy install 如果执行这条命令不成功的话,就执行下面的这两条命令
[root@haproxy ~]# make TARGET=linux2628 ARCH=x86_64 PREFIX=/usr/local/haproxy
[root@haproxy ~]# make install PREFIX=/usr/local/haproxy
#参数说明 TARGET=linux26 #内核版本,使用uname -r查看内核,如:2.6.32-431.el6.x86_64,此时该参数就为linux26;kernel 大于2.6.28的用:TARGET=linux2628 ARCH=x86_64 #系统位数 PREFIX=/usr/local/haprpxy #/usr/local/haprpxy为haprpxy安装路径
[root@haproxy ~]# ln -s /usr/local/haproxy/sbin/haproxy /usr/local/sbin/
[root@haproxy ~]# mkdir /etc/haproxy
[root@haproxy ~]# cp examples/haproxy.cfg /etc/haproxy/haproxy.cfg
[root@haproxy ~]# id nobody
[root@haproxy ~]# vi /etc/haproxy/haproxy.cfg haproxy的配置文件 # this config needs haproxy-1.1.28 or haproxy-1.2.1 global log 127.0.0.1 local0 定义日志输出 #log loghost local0 info maxconn 4096 客户端最大连接数 chroot /usr/local/haproxy 一般是安装目录 uid 99 默认是nobody gid 99 默认是nobody daemon nbproc 2 启动两个实例 pidfile /var/run/haproxy.pid pid文件 #debug #quiet defaults 默认设置 log global mode http 默认采用http模式 option httplog 日志类别 option redispatch 当serverid对应的服务器挂掉后,强制定向到其他健康服务器 retries 3 三次连接失败认为服务器不可用 # redispatch stats uri /haproxy-admin 设置监控 maxconn 2000 连接超时时间 contimeout 5000 客户端连接超时时间 clitimeout 50000 服务端连接超时时间 srvtimeout 50000 listen websrv 0.0.0.0:80 cookie SERVERID rewrite balance roundrobin server app1_1 192.168.10.11:80 cookie app1inst1 check inter 2000 rise 2 fall 5 server app1_2 192.168.10.12:80 cookie app1inst2 check inter 2000 rise 2 fall 5 #listen appli1-rewrite 0.0.0.0:10001 # server app1_1 192.168.34.23:8080 cookie app1inst1 check inter 2000 rise 2 fall 5 # server app1_2 192.168.34.32:8080 cookie app1inst2 check inter 2000 rise 2 fall 5 # server app1_3 192.168.34.27:8080 cookie app1inst3 check inter 2000 rise 2 fall 5 # server app1_4 192.168.34.42:8080 cookie app1inst4 check inter 2000 rise 2 fall 5 # #listen appli2-insert 0.0.0.0:10002 # option httpchk # balance roundrobin # cookie SERVERID insert indirect nocache # server inst1 192.168.114.56:80 cookie server01 check inter 2000 fall 3 # server inst2 192.168.114.56:81 cookie server02 check inter 2000 fall 3 # capture cookie vgnvisitor= len 32 # # option httpclose # disable keep-alive # redispatch stats uri /haproxy-admin maxconn 2000 contimeout 5000 clitimeout 50000 srvtimeout 50000 listen websrv 0.0.0.0:80 cookie SERVERID rewrite balance roundrobin server app1_1 192.168.10.11:80 cookie app1inst1 check inter 2000 rise 2 fall 5 server app1_2 192.168.10.12:80 cookie app1inst2 check inter 2000 rise 2 fall 5
[root@haproxy ~]# haproxy -f /etc/haproxy/haproxy.cfg
[root@haproxy ~]# wget http://www.keepalived.org/software/keepalived-1.2.7.tar.gz
[root@haproxy ~]# tar -xf keepalived-1.2.17.tar.gz
[root@haproxy ~]# yum install kernel-devel -y
[root@haproxy ~]# yum -y install popt popt-devel libnl libnl-devel
[root@haproxy ~]# wget http://mirror.centos.org/centos/6/os/x86_64/Packages/popt-static-1.13-7.el6.x86_64.rpm
[root@haproxy ~]# rpm -ivh popt-static-1.13-7.el6.x86_64.rpm
[root@haproxy ~]# yum -y install zlib zlib-devel gcc gcc-c++ openssl openssl-devel
[root@haproxy ~]# ./configure --prefix=/usr/keepalived-1.2.17; make ; make install
[root@haproxy ~]# cp /usr/keepalived-1.2.17/etc/sysconfig/keepalived /etc/sysconfig/keepalived
[root@haproxy ~]# cp /usr/keepalived-1.2.17/sbin/keepalived /usr/sbin/keepalived
[root@haproxy ~]# cp /usr/keepalived-1.2.17/etc/rc.d/init.d/keepalived /etc/rc.d/init.d/
[root@haproxy ~]# mkdir /etc/keepalived
[root@haproxy ~]# cp /usr/keepalived-1.2.17/etc/keepalived/keepalived.conf /etc/keepalived
haproxy+keepalived两个服务都是独立的,两台机器都要这样装,只是keepalive的配置文件有些不一样而已了。所以keepalive的配置文件请参考http://www.cnblogs.com/fyy-hhzzj/p/7656500.html。方便看还是我把配置文件内容贴出来吧
####################这是keepalive的配置文件啊,配置文件虽然有“#”注释,但是在贴到配置文件的时候要把中文去掉########################
global_defs { # notification_email { # acassen@firewall.loc # failover@firewall.loc # sysadmin@firewall.loc # } # notification_email_from Alexandre.Cassen@firewall.loc # smtp_server 192.168.200.1 # smtp_connect_timeout 30 router_id LVS_V1 } vrrp_instance VI_1 { state MASTER interface eth0 virtual_router_id 51 priority 120 advert_int 1 mcast_src_ip=192.168.1.57 本机的真实IP地址,就是本来这台机器的IP地址 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.1.111 dev eth0 } track_script { chknginx } } virtual_server 192.168.1.111 80 { delay_loop 6 lb_algo wrr lb_kind DR nat_mask 255.255.255.0 persistence_timeout 50 protocol TCP real_server 192.168.1.62 80 { weight 2
notify_down /etc/keepalived/real_down.sh ## 该节点服务器处于 DOWN 状态后执行的脚本
HTTP_GET { 使用的是http协议 url { path / digest ff20adbb81f97b1754ef3e12ecd3a9cc } url { path /mrtg/ digest 9b3a0cbba887a256d6939da88aabd8cd } connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } } real_server 192.168.1.106 80 { weight 10
notify_down /etc/keepalived/real_down.sh ## 该节点服务器处于 DOWN 状态后执行的脚本
HTTP_GET { url { path / digest ff20ad2481f97b1754ef3e12ecd3a9cc } url { path /mrtg/ digest 9b3a0c85a887a256d6939da88aabd8cd } connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } } [lvs1+keepalive1 ~]# cat add_vir_ser ifconfig lo:0 192.168.1.111 broadcast 192.168.1.111 netmask 255.255.255.255 up route add -host 192.168.1.111 dev lo:0 echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce echo "1">/proc/sys/net/ipv4/conf/eth0/arp_ignore echo "2">/proc/sys/net/ipv4/conf/eth0/arp_announce