Haproxy通過結合Keepalived實現負載均衡器節點的高可用
環境介紹:CentOS 6.5平臺
Haproxy1:10.10.10.128/24
Haproxy2:10.10.10.129/24
web1:10.10.10.130/24
web2:10.10.10.131/24
VIP:10.10.10.100/24
部署前準備:
1、時間同步:
ntpdate ntp1.aliyun.com
2、防火牆策略:
service iptables stop
chkconfig iptables off
3、SELinux策略:
sed -i 's#SELINUX=enforcing#SELINUX=disabled#' /etc/selinux/config
4、更換國內yum源:
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-6.repo
yum clean all
yum makecache
5、重啓服務器
reboot
web服務器配置:
1、安裝httpd服務
yum install httpd -y
2、修改配置文件:/etc/httpd/conf/httpd.conf
.....
Listen 8080
ServerName 10.10.10.130:8080 #web1
ServerName 10.10.10.131:8080 #web2
3、修改web主頁:/var/www/html/index.html
echo "web1" >/var/www/html/index.html #web1
echo "web2" >/var/www/html/index.html #web2
4、啓動web服務:
service httpd start
chkconfig httpd on
5、驗證服務是否正常:
lsof -i:8080
curl 10.10.10.130:8080 #返回web1
curl 10.10.10.131:8080 #返回web2
Haproxy服務器配置:
1、安裝Haproxy服務
yum install haproxy -y
2、修改配置文件:/etc/haproxy/haproxy.cfg
cp /etc/haproxy/haproxy /etc/haproxy/haproxy.cfg.bak
vim /etc/haproxy/haproxy.cfg
.........
.........
#---------------------------------------------------------------------
# main frontend which proxys to the backends
#---------------------------------------------------------------------
frontend main
bind 0.0.0.0:80
acl url_static path_beg -i /static /images /javascript /stylesheets
acl url_static path_end -i .jpg .gif .png .css .js
use_backend static if url_static
default_backend dynamic
#---------------------------------------------------------------------
# static backend for serving up images, stylesheets and such
#---------------------------------------------------------------------
backend static
balance roundrobin
server static 127.0.0.1:80 check
#---------------------------------------------------------------------
# round robin balancing between the various backends
#---------------------------------------------------------------------
backend dynamic
balance roundrobin
server web1 10.10.10.130:8080 check maxconn 2000
server web2 10.10.10.131:8080 check maxconn 2000
3、檢測配置文件是否正確:
haproxy -c -f /etc/haproxy/haproxy.cfg
4、啓動Haproxy
service haproxy start
chkconfig haproxy on
5、驗證是否正常解析:
curl 10.10.10.128 //重複兩次,分別顯示web1和web2
curl 10.10.10.129 //重複兩次,分別顯示web1和web2
Keepalived配置:
1、安裝keepalived服務:
yum -y install keepalived
2、修改配置文件:
#MASTER端:
! Configuration File for keepalived
#定義檢查腳本
vrrp_script check_haproxy {
script "/etc/keepalived/check_haproxy.sh"
interval 2
weight 2
}
global_defs {
notification_email {
root@localhost
}
notification_email_from keepalived@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id haproxy1
}
vrrp_instance ha1 {
state MASTER
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.10.10.100/24 dev eth0
}
track_script{
check_haproxy
}
}
#BACKUP端:
.........
router_id haproxy2 #修改虛擬路由的ID
state BACKUP #修改角色
priority 80 #修改優先級
重啓各服務:
service keepalived restart
service haproxy restart
驗證:
ip addr
發現虛擬ip:10.10.10.100在MASTER端
訪問10.10.10.100正常
/etc/keepalived/check_haproxy.sh
#!/bin/bash
A=`ps -C haproxy --no-header |wc -l`
if [ $A -eq 0 ];then
/etc/init.d/keepalived stop
fi
驗證Haproxy+Keepalived服務的可靠性:
web端:關閉web1的httpd服務,service httpd stop
curl 10.10.10.100 #正常返回web2
Haproxy端:關閉haproxy1的keepalived服務,service keepalived stop
curl 10.10.10.100 #正常輪詢返回web1/web2
通過ip addr 可以查看 VIP漂移到Haproxy2中