haproxy+keepalived安裝配置
1 環境準備
1.1 主機規劃
| 服務器說明 | IP地址 | 主機名稱規則 | 安裝服務 |
|---|---|---|---|
| haproxy主機1 | 10.0.0.41 | haproxy01 | Haproxy、Nginx、keepalived |
| haproxy主機2 | 10.0.0.42 | haproxy01 | Haproxy、Nginx、keepalived |
| 10.0.0.43 | 虛擬IP地址VIP |
1.2 hosts解析文件
10.0.0.41 haproxy01 10.0.0.42 haproxy02
1.3 操做系統版本
CentOS7.3html
[root@haproxy01 ~]# cat /etc/redhat-release CentOS Linux release 7.3.1611 (Core) [root@haproxy01 ~]# uname -r 3.10.0-514.el7.x86_64 [root@haproxy01 ~]# uname -m x86_64
1.4 涉及軟件版本
haproxy:1.5.18
nginx:1.14.2
keepalived:1.3.5node
1.5 系統基礎優化
1. 關閉selinuxlinux
sed -i '7s#enforcing#disabled#g' /etc/selinux/confignginx
2. 關閉iptablesc++
systemctl stop firewalld.service
systemctl disable firewalld.servicegit
3. 安裝基本的依賴包web
yum -y install net-tools vim lrzsz tree screen lsof tcpdump nc mtr nmap gcc glibc gcc-c++shell
4. 系統網卡名設置爲eth0(安裝過程當中設置)vim
2. 安裝haproxy
2.1 安裝haproxy
安裝haproxy和其餘軟件相似,基本上也分爲源碼安裝和yum安裝,採用yu'm安裝得版本可能稍微比較舊,在CentOS7系統下通常爲1.5版本。這兩個方式自己區別並不太大,可是安裝目錄會有必定得出入,在配置程序得時候須要稍微注意。後端
本文的配置均採用yum安裝方式路徑,編譯安裝就不細說,二者任選其一都可。
一、yum安裝(配置文件均採用這種方式的配置)
yum -y install haproxy #查看版本信息 [root@haproxy01 ~]# haproxy -v HA-Proxy version 1.5.18 2016/05/10 Copyright 2000-2016 Willy Tarreau <willy@haproxy.org>
二、編譯安裝(僅在這裏介紹)
#下載haproxy軟件 cd /usr/local/src wget https://src.fedoraproject.org/repo/pkgs/haproxy/haproxy-1.6.3.tar.gz/3362d1e268c78155c2474cb73e7f03f9/haproxy-1.6.3.tar.g #安裝包md5碼 [root@haproxy02 src]# md5sum haproxy-1.6.3.tar.gz 3362d1e268c78155c2474cb73e7f03f9 haproxy-1.6.3.tar.gz #解壓 tar xf haproxy-1.6.3.tar.gz #編譯安裝 #編譯參數解釋:TARGET=linux2628 系統內核版本,若是大於2.6.28的用:TARGET=linux2628;ARCH=x86_64 #系統位數 cd haproxy-1.6.3 make TARGET=linux2628 ARCH=x86_64 PREFIX=/usr/local/haproxy-1.6.3 make install cp /usr/local/sbin/haproxy /usr/sbin/ cp examples/haproxy.init /etc/init.d/haproxy chmod 755 /etc/init.d/haproxy #查看安裝結果 [root@haproxy01 haproxy-1.6.3]# haproxy -v HA-Proxy version 1.6.3 2015/12/25 Copyright 2000-2015 Willy Tarreau <willy@haproxy.org>
2.2 配置haproxy
2.2.1 配置rsyslog
Haproxy在Centos7上默認沒有記錄日誌,須要配置rsyslog服務開啓日誌記錄的功能。rsyslog默認狀況下,須要在514端口監聽,所須要作以下修改:
1.建立記錄日誌文件
mkdir /var/log/haproxy chmod a+w /var/log/haproxy
2.開啓rsyslog記錄haproxy日誌功能
vim /etc/rsyslog.conf #將以下兩行得註釋取消 $ModLoad imudp $UDPServerRun 514 #在該文件添加以下內容: # Save haproxy log local3.* /var/log/haproxy/haproxy.log
3.修改「/etc/sysconfig/rsyslog」文件,內容以下
vim /etc/sysconfig/rsyslog # Options for rsyslogd # Syslogd options are deprecated since rsyslog v3. # If you want to use them, switch to compatibility mode 2 by "-c 2" # See rsyslogd(8) for more details SYSLOGD_OPTIONS="-r -m 0 -c 2"
4. 配置haproxy
編輯haproxy配置文件,進行以下內容修改:
log 127.0.0.1 local3 info
5.重啓服務
systemctl restart rsyslog.service #查看日誌記錄 tailf /var/log/haproxy/haproxy.log
2.2.2 配置haproxy
- /etc/haproxy/haproxy.cfg
(1)haproxy01上面的配置
global
maxconn 10000
chroot /var/lib/haproxy
uid haproxy
gid haproxy
daemon
nbproc 1
pidfile /var/lib/haproxy/haproxy.pid
log 127.0.0.1 local3 info
defaults
mode http
log global
option http-keep-alive
maxconn 10000
timeout connect 5000ms
timeout client 50000ms
timeout server 50000ms
listen stats
mode http
bind 0.0.0.0:8888
stats refresh 30s
stats enable
stats uri /stats
stats auth haproxy:123456
frontend frontend_www_example_com
bind 10.0.0.41:80
mode http
option httplog
log global
default_backend backend_www_example_com
backend backend_www_example_com
option forwardfor header X-REAL-IP
option httpchk HEAD / HTTP/1.0
balance source
server web-node1 10.0.0.41:8080 check inter 2000 rise 30 fall 15
server web-node2 10.0.0.42:8080 check inter 2000 rise 30 fall 15
(2)haproxy的配置
global
maxconn 10000
chroot /var/lib/haproxy
uid haproxy
gid haproxy
daemon
nbproc 1
pidfile /var/lib/haproxy/haproxy.pid
log 127.0.0.1 local3 info
defaults
mode http
log global
option http-keep-alive
maxconn 10000
timeout connect 5000ms
timeout client 50000ms
timeout server 50000ms
listen stats
mode http
bind 0.0.0.0:8888
stats refresh 30s
stats enable
stats uri /stats
stats auth haproxy:123456
frontend frontend_www_example_com
bind 10.0.0.42:80
mode http
option httplog
log global
default_backend backend_www_example_com
backend backend_www_example_com
option forwardfor header X-REAL-IP
option httpchk HEAD / HTTP/1.0
balance source
server web-node1 10.0.0.41:8080 check inter 2000 rise 30 fall 15
server web-node2 10.0.0.42:8080 check inter 2000 rise 30 fall 15
2.3啓動haproxy
systemctl start haproxy.service systemctl enable haproxy.service #這裏會有一個告警,這是由於咱們尚未配置後端的服務 [root@haproxy02 haproxy]# systemctl start haproxy.service [root@haproxy02 haproxy]# Message from syslogd@localhost at Feb 24 21:33:33 ... haproxy[3763]: backend backend_www_example_com has no server available!
2.4 驗證
分別在瀏覽器輸入地址:http://10.0.0.41:8888/stats,
輸入用戶名:haproxy,密碼:123456,若是出現以下信息說明haproxy已經成功啓動了。
3.安裝nginx
這裏僅使用nginx來作負載均衡的測試,所以只需yum安裝便可。
3.1安裝nginx
rpm -ivh http://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm yum -y install nginx #查看版本信息 [root@haproxy01 yum.repos.d]# nginx -v nginx version: nginx/1.14.2
3.2配置nginx
1./etc/nginx/conf.d/default.conf
修改監聽端口爲8080
sed -i 's#80#8080#g' /etc/nginx/conf.d/default.conf
2./usr/share/nginx/html/index.html
修改主頁信息
(1)haproxy01
echo haproxy01 > /usr/share/nginx/html/index.html
(2)haproxy02上修改
echo haproxy02 > /usr/share/nginx/html/index.html
3.3啓動nginx
systemctl start nginx.service
3.4結果驗證
一、經過瀏覽器訪問監控頁面,若是發現web-node1和web-node2狀態變爲綠色則說明nginx已經啓動成功。
二、經過瀏覽器訪問服務器IP,發現haproxy01和haproxy02在來回切換說明負載均衡配置正確!
4.安裝keepalived
keepalived採用只需yum安裝便可,且keepalived相關內容查找[keepalived權威指南]便可。
連接:https://pan.baidu.com/s/14EZJ6B8IqRYLzz9IofCbmQ
提取碼:tvv3
4.1安裝keepalived
yum -y install keepalived #查看keepalived版本 [root@haproxy02 haproxy]# keepalived -v Keepalived v1.3.5 (03/19,2017), git commit v1.3.5-6-g6fa32f2 Copyright(C) 2001-2017 Alexandre Cassen, <acassen@gmail.com>
4.2配置keepalived
1./etc/keepalived/keepalived.conf
(1)haproxy01上的配置(這裏沒有配置去監聽haproxy服務,有須要的同窗能夠本身配置)
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id haproxy_ha
}
vrrp_instance haproxy_ha {
state MASTER
interface eth0
virtual_router_id 51
priority 150
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.43
}
}
(2)haproxy02上的配置
global_defs {
notification_email {
acassen@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id haproxy_ha
}
vrrp_instance haproxy_ha {
state BACKUP
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.43
}
}
4.3啓動keepalived服務
systemctl start keepalived.service systemctl enable keepalived.service
4.4驗證keepalived
在haproxy01上查看是否有虛擬IP地址10.0.0.43,而且haproxy02上沒有,則說明安裝成功。
5.haproxy結合keepalived使用
5.一、修改內核參數
haproxy和keepalived的結合使用,是經過修改haproxy的配置文件去監聽虛擬IP地址10.0.0.43。可是這樣配置會出現一個問題,那就是做爲BACKUP的keepalived的節點上面沒有虛擬IP地址的時候,haproxy沒法啓動。
針對這個問題,須要配置haproxy去監聽非本地IP!!注意若是不是部署keepalived的服務器不能這樣作,這樣比較危險。監聽非本地修改以下配置參數:
#查看默認參數 [root@haproxy01 keepalived]# cat /proc/sys/net/ipv4/ip_nonlocal_bind 0 #修改參數 echo 1 > /proc/sys/net/ipv4/ip_nonlocal_bind sysctl -w net.ipv4.ip_nonlocal_bind=1 #永久生效 echo 'net.ipv4.ip_nonlocal_bind=1' >> /etc/sysctl.conf
5.2 haproxy修改監聽地址
修改/etc/haproxy/haproxy.cfg,使其監聽VIP:
#haproxy01上修改: sed -i 's#bind 10.0.0.41:80#bind 10.0.0.43:80#g' /etc/haproxy/haproxy.cfg #haproxy02上修改: sed -i 's#bind 10.0.0.42:80#bind 10.0.0.43:80#g' /etc/haproxy/haproxy.cfg
5.3 重啓haproxy
重啓haproxy,使配置文件生效
systemctl restart haproxy.service
5.4 驗證結果
查看兩臺服務器的監聽地址,若是都是監聽的10.0.0.43,則說明修改爲功。
至此,haproxy+keepalived的配置到此結束,還請各位同窗指正!!
- 1. 【配置】sqoop安裝配置
- 2. Myeclipce從安裝到配置整套流程包含(tomcat安裝配置,maven安裝配置,svn安裝配置)
- 3. 本地windows搭建spark環境,安裝與詳細配置(jdk安裝與配置,scala安裝與配置,hadoop安裝與配置,spark安裝與配置)
- 4. 安裝配置convirture
- 5. phpStorm 安裝配置
- 6. Redis安裝、配置
- 7. ingress安裝配置
- 8. HBase安裝配置
- 9. grafana 安裝配置
- 10. Maven安裝+配置
- 更多相關文章...
- • Git 安裝配置 - Git 教程
- • MySQL免安裝版配置教程 - MySQL教程
- • Composer 安裝與使用
- • IntelliJ IDEA安裝代碼格式化插件
-
每一个你不满意的现在,都有一个你没有努力的曾经。