案例环境
4台CentOS服务器用来搭建群集
一台客户机用来测试
便于实验所有主机全部关闭防火墙
案例实施
1.配置keepalived+haproxy主服务器
使用yum工具安装keepalived及依赖软件
[root@master ~]# yum -y install keepalived pcre-devel bzip2-devel
编辑keepalived配置文件,修改以下几项
[root@master ~]# vim /etc/keepalived/keepalived.conf
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_MASTER //此服务器的名称
}
vrrp_instance VI_1 {
state MASTER //热备状态,MASTER表示主服务器
interface eth0 //承载虚拟IP地址的物理网卡
virtual_router_id 51 //虚拟路由器的ID号,每个热备组保持一致
priority 100 //优先级
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.10.150 //指定虚拟IP地址
}
}
编译安装haprixy
[root@master ~]# tar zxf haproxy-1.5.19.tar.gz
[root@master ~]# cd haproxy-1.5.19/
[root@master haproxy-1.5.19]# make TARGET=linux2628 && make install
*TARGET的值根据内核版本选定
创建配置文件目录
[root@master haproxy-1.5.19]# mkdir /etc/haproxy
将源码包里的haproxy.cfg配置文件复制过来
[root@master haproxy-1.5.19]# cp examples/haproxy.cfg /etc/haproxy/
编辑配置文件
[root@master ~]# vim /etc/haproxy/haproxy.cfg
global
log 127.0.0.1 local0
log 127.0.0.1 local1 notice
#log loghost local0 info
maxconn 4096
#chroot /usr/share/haproxy //注释此行
uid 99
gid 99
daemon
#debug
#quiet
defaults
log global
mode http
option httplog
option dontlognull
retries 3
redispatch
maxconn 2000
contimeout 5000
clitimeout 50000
srvtimeout 50000
listen webcluster 0.0.0.0:80 //定义一个名为webcluster的应用
option httpchk /index.html //检查服务器的index.html文件
balance roundrobin //负载均衡调度算法,采用的轮询
server ins1 192.168.10.103 check inter 2000 fall 3 //定义web节点
server ins2 192.168.10.104 check inter 2000 fall 3 //定义备份节点
复制源码包里的控制脚本并添加为系统服务
[root@master ~]# cd haproxy-1.5.19/examples/
[root@master examples]# cp haproxy.init /etc/init.d/haproxy
[root@master examples]# ln -s /usr//local/sbin/haproxy /usr/sbin/haproxy
[root@master examples]# chmod +x /etc/init.d/haproxy
[root@master examples]# chkconfig --add haproxy
启动keepalived,haproxy服务
[root@master ~]# systemctl start haproxy
[root@master ~]# systemctl start keepalived
查看是否在监听
[root@localhost ~]# netstat -anpt | grep 80(默认监听80端口)
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 4083/haproxy
2.配置keepalived+haproxy备份服务器(安装步骤同上)
修改备份服务器keeepalived配置文件
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_BACKUP //修改服务器名
}
vrrp_instance VI_1 {
state BACKUP //热备状态改为BACKUP
interface ens33
virtual_router_id 51
priority 95 //修改优先级为95
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.10.150
}
}
3.搭建web服务进行测试
[root@web1 ~]# yum install httpd -y
[root@web1 ~]# vim /var/www/html/index.html
103.com
[root@web1 ~]# systemctl start httpd
[root@web2 ~]# yum install httpd -y
[root@web2 ~]# vim /var/www/html/index.html
104.com
[root@web2 ~]# systemctl start httpd
4.客户机使用浏览器访问虚拟IP
多刷新几次页面,会轮流出现103.com与104.com,关闭主服务器再次刷新页面依旧可以访问虚拟IP地址,keepalived+haproxy高可用群集就搭建完成了。