集合Haproxy,Keepalived双主双机高可用负载均衡环境,不论是Haproxy还是Keepalived甚至服务器均提高生产力并具备高可用性,也就是如下架构中Haproxy,Keepalived,Httpd服务器任意一台服务器宕机服务还是可以正常运行:
环境规划:
haproxy1:10.2.2.2(VIP:192.168.14.100) haproxy2:10.2.2.3(VIP:192.168.14.101) #两台Haproxy+Keepalived的高可用负载均衡环境服务器
web1:10.2.2.4 web2:10.2.2.5 #两台静态页面后端服务器(实现动静分离,加速站点访问)
img1:10.2.2.6 img2:10.2.2.7 #两台动态页面后端服务器(实现动静分离,加速站点访问)
haproxy1(10.2.2.2)服务器安装keepalived服务并修改配置文件
yum install -y keepalived #安装keepalived服务
vim /etc/keepalived/keepalived.conf #编辑keepalived配置文件,添加以下内容后保存
global_defs {
notification_email {
root@localhost
}
notification_email_from admin@localhost
smtp_connect_timeout 3
smtp_server 127.0.0.1
router_id LVS_DEVEL_KING
}
vrrp_script check_haproxy {
script "/etc/keepalived/check_haproxy.sh"
interval 2
weight 2
}
vrrp_instance VI_1 {
interface ens32
state MASTER
priority 100
virtual_router_id 150
garp_master_delay 1
authentication {
auth_type PASS
auth_pass 1111
}
track_interface {
ens32
}
virtual_ipaddress {
192.168.14.100/19 dev ens32
}
track_script {
check_haproxy
}
}
vrrp_instance VI_2 {
interface ens32
state BACKUP
priority 99
virtual_router_id 151
garp_master_delay 1
authentication {
auth_type PASS
auth_pass 11111
}
track_interface {
ens32
}
virtual_ipaddress {
192.168.14.101/19 dev ens32
}
}
haproxy2(10.2.2.3)服务器安装keepalived服务并修改配置文件
yum install -y keepalived #安装keepalived服务
vim /etc/keepalived/keepalived.conf #编辑keepalived配置文件,添加以下内容后保存
global_defs {
notification_email {
root@localhost
}
notification_email_from admin@localhost
smtp_connect_timeout 3
smtp_server 127.0.0.1
router_id LVS_DEVEL_KING
}
vrrp_script check_haproxy {
script "/etc/keepalived/check_haproxy.sh"
interval 2
weight 2
}
vrrp_instance VI_1 {
interface ens32
state BACKUP
priority 99
virtual_router_id 150
garp_master_delay 1
authentication {
auth_type PASS
auth_pass 1111
}
track_interface {
ens32
}
virtual_ipaddress {
192.168.14.100/19 dev ens32
}
track_script {
check_haproxy
}
}
vrrp_instance VI_2 {
interface ens32
state MASTER
priority 100
virtual_router_id 151
garp_master_delay 1
authentication {
auth_type PASS
auth_pass 11111
}
track_interface {
ens32
}
virtual_ipaddress {
192.168.14.101/19 dev ens32
}
}
编写keepalived配置文件中的haproxy检测脚本,防止 haproxy 停止而 keepalived 不切换的情况:
vim /etc/keepalived/check_haproxy.sh #编辑并新增以下内容后保存
#!/bin/bash
if ! `pidof proxy &> /dev/null`; then
systemctl start /usr/lib/systemd/system/haproxy.service
fi
sleep 2
if ! `pidof proxy &> /dev/null`; then
systemctl stop /usr/lib/systemd/system/haproxy.service
fi
启动keepalived服务并查看网卡配置是否有VIP
systemctl start keepalived
haproxy1(10.2.2.2)与haproxy2(10.2.2.3)均安装haproxy服务并且修改配置文件内容如下:两台haproxy配置文件内容相同
global
log 127.0.0.1 local2
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy
daemon
defaults
mode http
log global
option httplog
option dontlognull
option redispatch
option http-server-close
option forwardfor except 127.0.0.0/8
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 30000
listen stats
mode http
bind 0.0.0.0:8080
stats enable
stats hide-version
stats uri /haproxyadmin #haproxy后台状态页面访问地址IP/haproxyadmin
stats realm Haproxy\ Statistics
stats auth admin:admin <span style="font-family:SimSun;font-size:10px;">#haproxy后台状态页面访问帐户与密码</span>
stats admin if TRUE
frontend http-in
bind *:80
mode http
log global
option httpclose
option logasap
option dontlognull
capture request header Host len 20
capture request header Referer len 60
acl url_static path_beg -i /static /images /javascript /stylesheets
acl url_static path_end -i .html .jpg .jpeg .gif .png .css .js
use_backend static_servers if url_static
default_backend dynamic_servers
backend static_servers
balance roundrobin
server web1 10.2.2.4:80 check maxconn 6000
server web2 10.2.2.5:80 check maxconn 6000
backend dynamic_servers
balance roundrobin
server img1 10.2.2.6:80 check maxconn 1000
server img2 10.2.2.7:80 check maxconn 1000
启动两台服务器的haproxy服务并查看后台状态页面
systemctl start haproxy
至此,haproxy+keepalived环境搭建完毕,可以通过http://192.168.14.100及http://192.168.14.101两个地址分别去访问对应的后端服务器页面了,自行停止其中一台haproxy服务器去测试负载均衡及高可用功能。