本身的服務器到期,轉移本身博客內容至此。javascript
haproxy官網:www.haproxy.org
keepalived官網:www.keepalived.orgcss
本站下載:haproxy-1.8.3.tar.gz
本站下載:keepalived-1.4.0.tar.gz
本站下載:keepalived啓動服務文件html
環境:
web01: 10.8.8.51 centos7
web02: 10.8.8.52 centos7
haproxy_master:10.8.8.53 centos7 vip:10.8.8.55
haproxy_backup:10.8.8.54 centos7 vip:10.8.8.55
訪問測試端:windows 10前端
iptables防火牆容許兩臺keepalived機子互訪:
在haproxy_master上添加: -A INPUT -s 10.8.8.54 -j ACCEPT
在haproxy_backup上添加:-A INPUT -s 10.8.8.55 -j ACCEPTjava
1 $ cd /home/eleven/tools/ #進入任意存放安裝包目錄 2 $ wget http://www.haproxy.org/download/1.8/src/haproxy-1.8.3.tar.gz 3 #下載haproxy1.8.3版本,被牆時,用瀏覽器下載,而後上傳至服務器 4 $ tar xf haproxy-1.8.3.tar.gz #解壓 5 $ cd haproxy-1.8.3 #進入目錄 6 $ uname -r #查看內核 7 3.10.0-514.el7.x86_64 8 $ make TARGET=linux2628 ARCH=x86_64 PREFIX=/usr/local/haproxy 9 #編譯haproxy,不一樣的Linux內核,編譯參數不一樣 10 $ make install PREFIX=/usr/local/haproxy #安裝haproxy到指定目錄
1 $ vi /usr/local/haproxy/haproxy.cfg #新建配置文件,添加如下內容 2 global 3 log 127.0.0.1 local1 4 maxconn 65000 #最大鏈接數 5 # chroot /usr/local/haproxy #安裝目錄 6 # uid haproxy #用戶haproxy 7 # gid haproxy #組haproxy 8 daemon #守護進程運行 9 nbproc 1 #進程數量 10 # pidfile /usr/local/haproxy/logs/haproxy.pid #haproxy pid 11 12 defaults 13 log global 14 mode http #7層#默認的模式mode {tcp|http|health},tcp是4層,http是7層,health只會返回OK 15 option httplog #http 日誌格式 16 option httpclose #主動關閉http通道,HA-Proxy不支持keep-alive模式 17 option redispatch #serverId對應的服務器掛掉後,強制定向到其餘健康的服務器 18 option forwardfor except 127.0.0.1/8 19 #後端服務器須要得到客戶端的真實IP,將從Http Header中得到客戶端IP 20 option dontlognull #來防止記錄 Alteo(4層負載均衡)發出的健康檢測,若是一個 session 交互沒有數據,這個 session就不會被記錄 21 retries 3 22 maxconn 50000 #最大鏈接數 23 timeout http-request 10s 24 timeout queue 1m 25 timeout connect 10s 26 timeout client 1m 27 timeout server 1m 28 timeout http-keep-alive 10s 29 timeout check 10s 30 31 #errorfile 502 /usr/local/haproxy/html/maintain.html 32 #errorfile 503 /usr/local/haproxy/html/maintain.html 33 #errorfile 504 /usr/local/haproxy/html/maintain.html 34 35 frontend main 36 bind *:80 #監聽地址 37 acl url_static path_beg -i /static /images /javascript /stylesheets 38 acl url_static path_end -i .jpg .gif .png .css .js 39 use_backend static if url_static 40 default_backend my_webserver 41 #定義一個名爲my_app前端部分。此處將對於的請求轉發給後端 42 backend static 43 #使用了靜態動態分離(若是url_path匹配 .jpg .gif .png .css .js靜態文件則訪問此後端) 44 balance roundrobin #負載均衡算法(#banlance roundrobin 輪詢) 45 server static 127.0.0.1:80 check 46 #靜態文件部署在本機(也能夠部署在其餘機器或者squid緩存服務器 47 acl host_www hdr_reg(host) -i ^(www.haproxy.test|haproxy.test) #測試用的域名 48 49 backend my_webserver 50 mode http 51 option forwardfor 52 balance roundrobin 53 cookie SERVERID 54 option httpchk HEAD /index.html 55 server web01 10.8.8.51:80 cookie web01 check inter 2000 rise 3 fall 3 weight 3 56 server web02 10.8.8.52:80 cookie web02 check inter 2000 rise 3 fall 3 weight 3 57 stats enable 58 #啓用統計頁;基於默認的參數啓用頁面信息,經過訪問此頁面能顯示華麗的web狀態界面 59 stats uri /stats #默認uri頁面信息,不安全,能夠本身定義頁面的uri
以上爲haproxy配置文件內容,可刪除#註釋行。linux
1 $ /usr/local/tengine/sbin/nginx -s stop 2 $ chkconfig nginx off 3 #關閉本機的nginx服務,由於haproxy配置文件用的是80端口,防止端口衝突 4 $ /usr/local/haproxy/sbin/haproxy -f /usr/local/haproxy/haproxy.cfg 5 #指定配置文件啓動 6 [root@haproxy_master ~]# lsof -i:80 #查看80端口 7 COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME 8 haproxy 3962 root 4u IPv4 32829 0t0 TCP *:http (LISTEN) 9 haproxy 3962 root 8u IPv4 32871 0t0 TCP haproxy_master:35201->10.8.8.51:http (SYN_SENT)
win 10瀏覽器打開監控頁面測試是否安裝成功:nginx
以一樣的方法在haproxy_backup,ip爲10.8.8.54上安裝haproxy。web
在web0一、web02上搭建簡單的測試頁面,測試haproxy負載均衡。redis
web0一、web02分別弄個測試頁面,域名爲haproxy.test。
hosts文件分別指向haproxy_master、haproxy_backup的ip,添加hosts以下:
10.8.8.53 www.haprox.test haproxy.test
#10.8.8.54 www.haproxy.test haproxy.test 算法
經過訪問負載均衡haproxy_master,自動跳轉至web0一、web02:
刷新一下便會自動跳轉至web02,haproxy.cfg配置文件使用的是輪詢算法:
此時再打開http://10.8.8.53/stats監控頁面,web0一、web02的status狀態爲up在線。
至此,haproxy_master測試正常,修改hosts測試haproxy_backup正常,haproxy安裝完成。
haproxy安裝完成後,實現了負載均衡。keepalieved將haproxy實現高可用性,當主服
務器haproxy_master出現故障或宕機時,另外一臺備用服務器haproxy_backup將自動接管。
1 $ yum install openssl-devel psmisc libnl* libnfnetlink-devel -y #安裝依賴 2 $ cd /home/eleven/tools/ 3 $ wget http://www.keepalived.org/software/keepalived-1.4.0.tar.gz 4 $ cd keepalived-1.4.0 5 $ ./configure –prefix=/usr/local/keepalived #編譯安裝,注意兩個橫線–prefix 6 $ make 7 $ make install
$ cp /usr/local/keepalived/sbin/keepalived /usr/sbin/ $ cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/ $ touch /etc/init.d/keepalived $ chmod +x /etc/init.d/keepalived $ vi /etc/init.d/keepalived #編輯keepalived啓動文件,內容以下: 因爲本站編碼字體格式不一樣,複製致使文件不可用,本站下載:keepalived啓動服務文件
1 $ mkdir /etc/keepalived/ 2 $ cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/ 3 $ vi /etc/keepalived/keepalived.conf #編輯配置文件,更改成如下內容: 4 因爲本站編碼字體格式不一樣,複製可能致使文件不可用,keepalived配置文件
keepalived配置文件:
1 global_defs { 2 notification_email { 3 #mr@mruse.cn #配置郵件,郵件服務器等,能夠不用配置。zabbix監控。 4 #sysadmin@firewall.loc 5 } 6 notification_email_from xxx@163.com 7 smtp_server smtp@163.com 8 smtp_connect_timeout 30 9 router_id LVS_1 10 } 11 12 vrrp_instance VI_1 { 13 state MASTER #另外一臺haproxy_bakcup機子改成BACKUP 14 interface eth0 15 virtual_router_id 51 16 priority 100 #另外一臺haproxy_bakcup機子改成50 17 advert_int 1 18 authentication { 19 auth_type PASS 20 auth_pass MrUse 21 } 22 virtual_ipaddress { 23 10.8.8.55 24 } 25 }
1 $ service keepalived start #啓動keepalived 2 $ service keepalived stop #停用keepalived 3 $ service keepalived status #查看keepalived 4 $ service keepalived restart #重啓keepalived 5 6 $ ps -ef|grep keepalived |grep -v grep 7 root 8767 1 0 15:51 ? 00:00:00 /usr/local/keepalived/sbin/keepalived -D 8 root 8768 8767 0 15:51 ? 00:00:00 /usr/local/keepalived/sbin/keepalived -D 9 root 8769 8767 0 15:51 ? 00:00:00 /usr/local/keepalived/sbin/keepalived -D 10 #查看keepalived進程,有3個-D說明成功
以一樣的方法在haproxy_backup服務器上安裝haproxy跟keepalived。
keepalived的backup配置文件相對於master修改以下:
state BACKUP
priority 50
1 [root@haproxy_master ~]# ip addr sh eth0 #查看ip,或直接用ip addr命令 2 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 3 link/ether 00:0c:29:ca:46:75 brd ff:ff:ff:ff:ff:ff 4 inet 10.8.8.53/24 brd 10.8.8.255 scope global eth0 5 valid_lft forever preferred_lft forever 6 inet 10.8.8.55/32 scope global eth0 7 valid_lft forever preferred_lft forever 8 inet6 fe80::7874:1014:1870:f00d/64 scope link 9 valid_lft forever preferred_lft forever
1 [root@haproxy_backup ~]# vi /etc/rc.local #添加如下兩行 2 /usr/local/haproxy/sbin/haproxy -f /usr/local/haproxy/haproxy.cfg 3 service keepalived start 4 #注意rc.local是否有執行權限,不然開機不會自啓動。
至此,haproxy+keepalived搭建完成,須要注意的是兩臺機子防火牆添加容許互訪。