Keepalive+Haproxy高可用集羣安裝與配置

環境準備

安裝環境：

• Haproxy版本：Haproxy-1.8.20

• keepalived版本：keepalived v1.3.5

• Haproxy:172.24.77.241（master）

• Haproxy:172.24.77.242（backup）
• VIP地址:172.24.77.245

Haproxy安裝:master和backup服務器安裝Haproxy

1. 安裝依賴包

   yum install gcc gcc-c++ glibc glibc-devel pcre pcre-devel openssl openssl-devel systemd-devel net-tools vim iotop bc zip unzip zlib-devel lrzsz tree screen lsof tcpdump wget ntpdate -y

2. 下載並解壓安裝包

   cd /usr/local/src/

   wget https://src.fedoraproject.org/repo/pkgs/haproxy/haproxy-1.8.20.tar.gz/sha512/c288ccf223da71a29ae0f08f3c9753002735816229ea83ca497d46c860fb8a4bd422077a94652aa475e48aefb78787979cdce7f1bd0b5919dc671ba25212c133/haproxy-1.8.20.tar.gz

   tar xvf haproxy-1.8.20.tar.gz

   cd haproxy-1.8.20

3. 編譯安裝Haproxy

   make ARCH=x86_64 TARGET=linux2628 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 USE_SYSTEMD=1 USE_CPU_AFFINITY=1 PREFIX=/usr/local/haproxy

   make install PREFIX=/usr/local/haproxy

4. 複製啓動程序

   cp haproxy /usr/sbin/

5. 建立啓動腳本

   vim /usr/lib/systemd/system/haproxy.service

   [Unit]
   Description=HAProxy Load Balancer
   After=syslog.target network.target
   [Service]
   ExecStartPre=/usr/sbin/haproxy -f /etc/haproxy/haproxy.cfg -c -q
   ExecStart=/usr/sbin/haproxy -Ws -f /etc/haproxy/haproxy.cfg -p /run/haproxy.pid
   ExecReload=/bin/kill -USR2 $MAINPID
   [Install]
   WantedBy=multi-user.target

   :wq

6. 建立目錄和用戶

   mkdir /etc/haproxy

   cd /etc/haproxy

7. 修改默認haproxy配置文件

   vim /etc/haproxy/haproxy.cfg

   global
   chroot /usr/local/haproxy

   stats socket /var/lib/haproxy/haproxy.sock mode 600 level admin

   user haproxy
   group haproxy
   daemon

   pidfile /usr/local/haproxy/run/haproxy.pid
   log 127.0.0.1 local3 info
   defaults
   option http-keep-alive
   option forwardfor
   maxconn 100000
   mode http
   timeout connect 300000ms
   timeout client 300000ms
   timeout server 300000ms
   listen stats
   mode http
   bind 0.0.0.0:9999
   stats enable
   log global
   stats uri /haproxy-status
   stats auth haadmin:
   listen web_port
   bind 0.0.0.0:80
   mode http
   log global
   server web1 172.24.77.241:8080 weight 5 check inter 2000 rise 2 fall 3
   server web1 172.24.77.242:8080 weight 5 check inter 2000 rise 2 fall 3

8. 建立啓動用戶

   useradd haproxy -s /sbin/nologin

9. 受權目錄

   mkdir /var/lib/haproxy

   chown haproxy.haproxy /var/lib/haproxy/ -R

10. 啓動Haproxy

    systemctl start haproxy

11. 檢查啓動結果

    ps -ef |grep haproxy |grep -v "grep"

    lsof -i:80

12. 設置開機啓動

    systemctl enable haproxy

    Keepalive安裝:master和backup服務器安裝Keepalive

13. 安裝keepalive

    yum install keepalived -y

14. 查看安裝版本信息

    rpm -qi keepalived

15. 配置Keepalived，master配置以下

    vim /etc/keepalived/keepalived.conf

    ！刪除多餘配置

    :35,156d

    ！修改成如下內容

    ! Configuration File for keepalived

    global_defs {
    notification_email {br/>root@locahost
    }
    notification_email_from keepalived@localhost
    smtp_server 127.0.0.1
    smtp_connect_timeout 30
    router_id ha1.jay.com
    vrrp_skip_check_adv_addr
    vrrp_strict
    vrrp_garp_interval 0
    vrrp_gna_interval 0
    vrrp_mcast_group4 224.0.0.18
    }

    vrrp_instance VI_1 {
    state MASTER
    interface ens33
    virtual_router_id 80
    priority 100
    advert_int 1
    authentication {
    auth_type PASS
    auth_pass silence2t
    }

    virtual_ipaddress {
    172.24.77.245 dev ens33 lable ens33:0
    }

    track_script {

    chk_ haproxy

    }

    vrrp_script chk_haproxy{

    script "/data/sh/check_haproxy.sh"

    interval 1

    weight 80

    fall 3

    rise 5

    timeout 2

    ​ }

    ​ }

    }

16. 配置Keepalived，backup配置以下

    vim /etc/keepalived/keepalived.conf

    ！刪除全部配置

    :%d

    ！粘貼如下內容

    ! Configuration File for keepalived

    global_defs {
    notification_email {br/>root@locahost
    }
    notification_email_from keepalived@localhost
    smtp_server 127.0.0.1
    smtp_connect_timeout 30
    router_id ha1.jay.com
    vrrp_skip_check_adv_addr
    vrrp_strict
    vrrp_garp_interval 0
    vrrp_gna_interval 0
    vrrp_mcast_group4 224.0.0.18
    }

    vrrp_instance VI_1 {
    state BACKUP
    interface ens33
    virtual_router_id 80
    priority 90
    advert_int 1
    authentication {
    auth_type PASS
    auth_pass silence2t
    }
    virtual_ipaddress {
    172.24.77.245 dev ens33 lable ens33:0
    }

    track_script {

    chk_ haproxy

    }

    vrrp_script chk_haproxy{

    script "/data/sh/check_haproxy.sh"

    interval 1

    weight 80

    fall 3

    rise 5

    timeout 2

    ​ }

    }

17. 查看VIP地址

    ip addr

18. 查看Iptalbes策略並刪除

    iptables -vnL --line-number

    iptables -D INPUT 1

19. 測試訪問VIP

    ping 172.24.77.245

20. 測試keepalive高可用

    ！將佔有VIP地址的主機關機，查看

    systemctl stop keepalived

    killall keepalived

建立check_ haproxy腳本

1. haproxy.sh腳本內容以下：建立目錄

   mkdir -p /data/sh/

2. 安裝killall

   yum install psmisc -y

3. 建立腳本文件

   vim /data/sh/check_haproxy.sh

   #!/bin/bash

   #auto check haproxy process

   #by author jay

   /usr/bin/killall -0 haproxy

   if

   [[ $? -ne 0 ]]; then

   /usr/bin/systemctl stop keepalived

   fi

4. 設置執行權限

   chmod +x check_haproxy.sh

5. 測試關閉Haproxy服務，查看keepavlive是否生效

   killall -0 haproxy