Openstack(三)Haproxy+Keepalived双机

3.1部署keepalived

3.1.1下载keepalived源码包,并解压

# wget http://www.keepalived.org/software/keepalived-1.4.2.tar.gz

# tar xf keepalived-1.4.2.tar.gz

# cd keepalived-1.4.2

 

3.1.2安装包

# ./configure --prefix=/usr/local/keepalived --disable-fwmark && make && make install

# cp /usr/local/src/keepalived-1.4.2/keepalived/etc/init.d/keepalived.rh.init /etc/sysconfig/keepalived.sysconfig

# cp -f /usr/local/src/keepalived-1.4.2/keepalived/keepalived.service  /usr/lib/systemd/system/

# cp  /usr/local/src/keepalived-1.4.2/bin/keepalived  /usr/sbin/

 

3.1.3配置keepalived

分别在两台负载服务器同时执行以下操作安装keepalived:

3.1.3.1master服务器:

# mkdir /etc/keepalived

# mkdir /etc/keepalived/vip

# cat /etc/keepalived/keepalived.conf

vrrp_instance VI_1 {

    state MASTER  # 主机类型,MASTER, BACKUP

    interface br0  # 实例绑定的网卡

    virtual_router_id 80  # router_id必改

    priority 50   # 优先级

    advert_int 1  # 检查间隔,默认为1秒

    unicast_src_ip 192.168.10.205  # 本机ip

    unicast_peer {

        192.168.10.206  # 备机ip

    }

 

    authentication {

        auth_type PASS  # 负载同步验证方式

        auth_pass 123456  

    }

    virtual_ipaddress {

        192.168.10.100/24 dev br0 label br0:0  # vip配置

    }

}

include /etc/keepalived/vip/*.conf  # 配置文件导入

 

# vim /etc/keepalived/vip/vip_br1.conf

vrrp_instance VI_2 {

    state BACKUP

    interface br1

    virtual_router_id 81

    priority 100

    advert_int 1

    unicast_src_ip 192.168.20.205

    unicast_peer {

        192.168.20.206

    }

 

    authentication {

        auth_type PASS

        auth_pass 123456

    }

    virtual_ipaddress {

        192.168.20.100/24 dev br1 label br1:0

    }

}

3.1.3.2backup服务器:

# mkdir /etc/keepalived

# mkdir /etc/keepalived/vip

# cat /etc/keepalived/keepalived.conf

vrrp_instance VI_1 {

    state MASTER

    interface bond0

    virtual_router_id 80

    priority 100

    advert_int 1

    unicast_src_ip 192.168.10.206

    unicast_peer {

        192.168.10.205

    }

 

    authentication {

        auth_type PASS

        auth_pass 123456

    }

    virtual_ipaddress {

        192.168.10.100/24 dev bond0 label bond0:0

    }

}

include /etc/keepalived/vip/*.conf

 

# vim /etc/keepalived/vip/vip_br1.conf

vrrp_instance VI_2 {

    state BACKUP

    interface bond1

    virtual_router_id 81

priority 50  

advert_int 1

    unicast_src_ip 192.168.20.205

    unicast_peer {

        192.168.20.206

    }

 

    authentication {

        auth_type PASS

        auth_pass 123456

    }

    virtual_ipaddress {

        192.168.20.100/24 dev bond1 label bond1:0

    }

}

3.1.3.3 验证

# 启动keepalived

# systemctl  start keepalived

# systemctl  enable keepalived

# ifconfig

 

 

3.2部署haproxy

分别在两台负载服务器同时执行以下操作安装haproxy:

3.2.1:下载haproxy:

# wget http://www.haproxy.org/download/1.8/src/haproxy-1.8.4.tar.gz

# tar xf  haproxy-1.8.4.tar.gz

# cd haproxy-1.8.4

3.2.2: 安装haproxy:

# make  ARCH=x86_64 TARGET=linux2628 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 USE_SYSTEMD=1  USE_CPU_AFFINITY=1  PREFIX=/usr/local/haproxy && make install PREFIX=/usr/local/haproxy && cp haproxy  /usr/sbin/ 

# # USE_PCRE=1 开启正则 USE_OPENSSL=1 开启openssl USE_ZLIB=1

# # USE_CPU_AFFINITY=1 为开启haproxy进程与CPU核心绑定,USE_SYSTEMD=1为支持使用 -Ws参数(systemd-aware master-worker 模式)启动Haproxy,从而实现单主进程多子进程运行模式。

 

3.3.3:配置haproxy

3.3.3.1:准备haproxy启动脚本

# cat /usr/lib/systemd/system/haproxy.service

[Unit]

Description=HAProxy Load Balancer

After=syslog.target network.target

 

[Service]

#支持多配置文件读取,类似于从侧面是实现配置文件的include功能。

ExecStartPre=/usr/sbin/haproxy -f /etc/haproxy/haproxy.cfg -f /etc/haproxy/conf -c -q

ExecStart=/usr/sbin/haproxy -Ws -f /etc/haproxy/haproxy.cfg -f /etc/haproxy/conf -p /run/haproxy.pid

ExecReload=/bin/kill -USR2 $MAINPID

 

[Install]

WantedBy=multi-user.target

You have new mail in /var/spool/mail/root

 

## cp ./haproxy-systemd-wrapper  /usr/sbin/haproxy-systemd-wrapper  (haproxy1.7版本使用)

# cp ./haproxy /usr/sbin/haproxy

3.3.3.2准备系统配置文件

# cat  /etc/sysconfig/haproxy

# Add extra options to the haproxy daemon here. This can be useful for

# specifying multiple configuration files with multiple -f options.

# See haproxy(1) for a complete list of options.

OPTIONS=""

3.3.3.3配置主配置文件

# mkdir /var/lib/haproxy

# mkdir /etc/haproxy

# vim /etc/haproxy/haproxy.cfg

global

maxconn 100000

chroot /usr/local/haproxy

#stats socket /var/lib/haproxy/haproxy.sock mode 600 level admin

uid 99

gid 99

daemon

nbproc 4

cpu-map 1 0

cpu-map 2 1

cpu-map 3 2

cpu-map 4 3

pidfile /usr/local/haproxy/run/haproxy.pid

log 127.0.0.1 local3 info

 

defaults

option http-keep-alive #当serverId对应的服务器挂掉后,强制定向到其他健康的服务器

option  forwardfor   #当服务器负载很高的时候,自动结束掉当前队列处理比较久的链接

maxconn 100000

mode http

timeout connect 10s #连接到一台服务器的最长等待时间

timeout client  20s #连接客户端发送数据最长等待时间

timeout server  30s #服务器回应客户端发送数据最长等待时间

timeout check   5s   #对后端服务器的检测超时时间

 

 

listen stats

 mode http

 bind 0.0.0.0:9999

 stats enable

 log global

 stats uri     /haproxy-status  # 页面访问路径

 stats auth    haadmin:q1w2e3r4ys

 

#####################分文件conf/*.cfg 配置实例###############

frontend openstack_mysql

    bind 192.168.10.100:3306

    mode tcp

    default_backend  openstack_mysql_node

 

backend  openstack_mysql_node

    mode tcp

    balance source

    server 192.168.10.201  192.168.10.201:3306   check inter 2000 fall 3 rise 5

3.3.3.4配置各个负载的内核参数

# vim /etc/sysctl.conf

net.ipv4.ip_nonlocal_bind = 1  #开启允许绑定非本机的IP,haporxy启动忽视VIP存在

net.ipv4.ip_forward = 1 #内核是否转发数据包

# sysctl  -p  # 配置内核参数生效

3.3.3.5 启动haproxy并验证

# systemctl reload haproxy

# systemctl  start haproxy

# systemctl  enable  haproxy

 

 

3.3整合keepalived+haproxy

主要为keepalived监控haproxy,以防haproxy死掉,keepalived进程还存活。

3.3.1配置keepalived严控haproxy进程

# vim  /etc/keepalived/<keepalived配置文件> 添加

vrrp_script chk_haproxy {

        script "/etc/keepalived/check_haproxy.sh"

        interval 5

        weight 2

}

 

track_script {

                chk_haproxy

        }

 

# vim /etc/keepalived/check_haproxy.sh

#!/bin/bash

if [ $(ps -C haproxy --no-header | wc -l) -eq 0 ];then

        haproxy -f /opt/haproxy-1.7.8/haproxy.cfg

fi

sleep 2

if [ $(ps -C haproxy --no-header | wc -l) -eq 0 ];then

        service keepalived stop

fi

3.4验证

待续………

posted @ 2018-03-22 14:39  shuyang  阅读(1008)  评论(0编辑  收藏  举报