keepalived及haproxy生产负载和高可用应用(编译安装)

keepalived配置多vip及实现双主模式


一:在生产环境中haproxy广泛用于四层和七层的反向负载,haproxy则通过VRRP技术实现虚拟IP高可用从而实现haproxy的高可用,本文将侧重于介绍keepalived方面的知识及相关配置介绍,haproxy只用于测试web代理,具体如下:

1.1:安装haproxy:

1.1.1:编译安装haproxy:

1
2
3
4
5
6
7
8
[root@linux-node137 ~]# cd /usr/local/src/
[root@linux-node137 src]# wget http://www.haproxy.org/download/1.7/src/haproxy-1.7.3.tar.gz
[root@linux-node137 src]# tar xvf haproxy-1.7.3.tar.gz
[root@linux-node137 src]# cd haproxy-1.7.3/
[root@linux-node137 haproxy-1.7.3]# yum install gcc pcre pcre-devel openssl openssl-devel -y
[root@linux-node137 haproxy-1.7.3]# vim README #安装文档及相关帮助信息
[root@linux-node137 haproxy-1.7.3]# make TARGET=linux2628 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 PREFIX=/usr/local/haproxy
[root@linux-node137 haproxy-1.7.3]# make install PREFIX=/usr/local/haproxy

1.1.2:准备启动脚本文件:

1
2
3
4
5
6
7
8
9
10
11
12
[root@linux-node137 haproxy-1.7.3]# vim /usr/lib/systemd/system/haproxy.service
[Unit]
Description=HAProxy Load Balancer
After=syslog.target network.target

[Service]
EnvironmentFile=/etc/sysconfig/haproxy
ExecStart=/usr/sbin/haproxy-systemd-wrapper -f /etc/haproxy/haproxy.cfg -p /run/haproxy.pid $OPTIONS
ExecReload=/bin/kill -USR2 $MAINPID

[Install]
WantedBy=multi-user.target

1.1.3:复制启动脚本:

1
2
[root@linux-node137 haproxy-1.7.3]# cp haproxy-systemd-wrapper  /usr/sbin/haproxy-systemd-wrapper
[root@linux-node137 haproxy-1.7.3]# cp haproxy /usr/sbin/haproxy

1.1.4:准备sysconfig配置文件:

1
2
3
4
5
[root@linux-node137 haproxy-1.7.3]# vim /etc/sysconfig/haproxy
# Add extra options to the haproxy daemon here. This can be useful for
# specifying multiple configuration files with multiple -f options.
# See haproxy(1) for a complete list of options.
OPTIONS=""

1.1.5:主备配置文件,简单配置,后续完善:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
[root@linux-node137 haproxy-1.7.3]# mkdir /etc/haproxy
[root@linux-node137 haproxy-1.7.3]# vim /etc/haproxy/haproxy.cfg
global
maxconn 100000
chroot /usr/local/haproxy
uid 99
gid 99
daemon
nbproc 1
pidfile /usr/local/haproxy/run/haproxy.pid
log 127.0.0.1 local3 info

defaults
option http-keep-alive
option forwardfor
maxconn 100000
mode http
timeout connect 300000ms
timeout client 300000ms
timeout server 300000ms

listen stats
mode http
bind 0.0.0.0:9999
stats enable
log global
stats uri /haproxy-status
stats auth haadmin:q1w2e3r4ys

listen web_port
bind 0.0.0.0:80
mode http
log global
server web1 172.10.1.238:80 check inter 3000 fall 2 rise 5

1.1.6:启动haproxy:

1
[root@linux-node137 haproxy-1.7.3]# systemctl  restart haproxy

1.1.7:验证haproxy监听的端口:

1.1.8:后端web服务器安装http:

1
2
3
[root@aqdl ~]# yum install httpd
[root@aqdl html]# echo "Haptoxy Page" > /var/www/html/index.html
[root@aqdl ~]# systemctl restart httpd

1.1.9:访问haproxy的80端口:

1.1.10:开启haproxy日志:

1
2
3
4
[root@linux-node137 ~]# vim /etc/rsyslog.conf
15 $ModLoad imudp
16 $UDPServerRun 514
92 local3.* /var/log/haproxy.log #保存后的日志目录

1.1.11:重启rsyslog服务:

1
[root@linux-node137 ~]# systemctl  restart  rsyslog

1.1.12:配置haproxy调用rsyslog:

1
2
3
[root@linux-node137 ~]# vim /etc/haproxy/haproxy.cfg
9 log 127.0.0.1 local3 info
[root@linux-node137 ~]# systemctl restart haproxy

1.1.13:访问web界面并验证haproxy日志目录:

1
2
3
4
[root@linux-node137 ~]# tail /var/log/haproxy.log 
Mar 9 16:04:40 localhost haproxy[55688]: Proxy stats started.
Mar 9 16:04:40 localhost haproxy[55688]: Proxy web_port started.
Mar 9 16:06:45 localhost haproxy[55689]: Connect from 192.168.10.1:2623 to 192.168.10.137:80 (web_port/TCP)

二:keepalived安装及配置:

2.1:编译安装keepalived:

2.1.1:源码编译安装keepalived:

1
2
3
4
5
6
7
8
9
[root@linux-node137 ~]# cd /usr/local/src/
[root@linux-node137 src]# wget http://www.keepalived.org/software/keepalived-1.3.4.tar.gz
[root@linux-node137 src]# tar xvf keepalived-1.3.4.tar.gz
[root@linux-node137 src]# cd keepalived-1.3.4/
[root@linux-node137 keepalived-1.3.4]# yum install libnfnetlink-devel libnfnetlink ipvsadm libnl libnl-devel \
libnl3 libnl3-devel lm_sensors-libs net-snmp-agent-libs net-snmp-libs openssh-server openssh-clients openssl \
openssl-devel automake iproute

[root@localhost keepalived-1.3.4]# ./configure --prefix=/usr/local/keepalived --disable-fwmark #传递参数关闭管理防火墙功能

1
[root@linux-node137 keepalived-1.3.4]# make && amke install

2.1.2:安装完成界面如下:

2.1.3:复制相关配置文件及启动脚本:

1
2
3
[root@linux-node137 keepalived-1.3.4]# cp /usr/local/src/keepalived-1.3.4/keepalived/etc/init.d/keepalived.rh.init /etc/sysconfig/keepalived.sysconfig
[root@linux-node137 keepalived-1.3.4]# cp /usr/local/src/keepalived-1.3.4/keepalived/keepalived.service /usr/lib/systemd/system/
[root@linux-node137 keepalived-1.3.4]# cp /usr/local/src/keepalived-1.3.4/bin/keepalived /usr/sbin/

2.1.4:准备一个简单的配置文件:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
[root@linux-node137 keepalived-1.3.4]# mkdir /etc/keepalived
[root@linux-node137 keepalived-1.3.4]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived

global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}

vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 80
priority 100
advert_int 1
#unicast_src_ip 172.10.1.37
#unicast_peer {
# 172.10.1.38
#}

authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.10.15 dev eth0 label eth0:0
}
}

2.1.5:测试keepalived能否正常启动并绑定VIP到本地网卡

-------------------码字不易尊重原创转载标注不胜感激-------------------
Yes or no?
0%