实验环境:
| 角色 | ip | 配置 |
| master | 192.168.226.31 | 1C1G20G |
| backup01 | 192.168.226.32 | 1C1G20G |
| backup02 | 192.168.226.33 | 1C1G20G |
实验步骤:
1.安装haproxy
1.1装包
yum install haproxy -y1.2配置haproxy(所有节点一致)
cat /etc/haproxy/haproxy.cfg
#---------------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------
global
log 127.0.0.1 local2
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 10000
user haproxy
group haproxy
daemon
stats socket /var/lib/haproxy/stats
#---------------------------------------------------------------------
# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
#---------------------------------------------------------------------
defaults
mode http
log global
option httplog
option dontlognull
option http-server-close
option forwardfor except 127.0.0.0/8
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 5000
#---------------------------------------------------------------------
# HAProxy statistics backend
#---------------------------------------------------------------------
listen haproxy1-monitoring *:1984
mode http
stats enable
stats show-legends
stats refresh 5s
stats uri /
stats realm Haproxy\ Statistics
stats auth openstack:12345
stats admin if TRUE
cat /etc/haproxy/haproxy_run.sh
#!/bin/bash -x
# We need to run haproxy with one `-f` for each service, because including an
# entire config directory was not a feature until version 1.7 of HAProxy.
# So, append "-f $cfg" to the haproxy command for each service file.
# This will run haproxy_cmd *exactly once*.
find /etc/haproxy/services.d/ -mindepth 1 -print0 | \
xargs -0 -Icfg echo -f cfg | \
xargs /usr/sbin/haproxy-systemd-wrapper -p /run/haproxy.pid -f /etc/haproxy/haproxy.cfg
cat /usr/lib/systemd/system/haproxy.service
[Unit]
Description=HAProxy Load Balancer
After=syslog.target network.target
[Service]
EnvironmentFile=/etc/sysconfig/haproxy
#ExecStart=/usr/sbin/haproxy-systemd-wrapper -f /etc/haproxy/haproxy.cfg -p /run/haproxy.pid $OPTIONS
ExecStart=/etc/haproxy/haproxy_run.sh
ExecReload=/bin/kill -USR2 $MAINPID
KillMode=mixed
[Install]
WantedBy=multi-user.target
mkdir -p /etc/haproxy/services.d/
#各个服务的配置文件存放在这个目录中
cat /etc/haproxy/services.d/mariadb.cfg
listen mariadb
mode tcp
option clitcpka
timeout client 3600s
option srvtcpka
timeout server 3600s
option mysql-check user haproxy post-41
option tcplog
bind 192.168.226.250:3306
server db1 192.168.226.31:3306 check inter 2000 rise 2 fall 5
server db2 192.168.226.32:3306 check inter 2000 rise 2 fall 5
server db3 192.168.226.33:3306 check inter 2000 rise 2 fall 5
systemctl daemon-reload
2.安装keepalived
2.1装包
yum install keepalived psmisc -y
2.2配置master节点
#priority配置的说明:数字越大,优先级越高,master数字最大,如果有多个backup,设置为不同的数字。
cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
hanxj@test.com
}
notification_email_from hanxj@test.com
smtp_server mail.test.com
smtp_connect_timeout 300
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_script check_haproxy {
script "pkill -0 haproxy"
interval 2
weight 2
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 51
priority 102
advert_int 1
#smtp_alert
notify /usr/local/bin/checkhaproxy.sh
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
check_haproxy
}
track_interface {
ens33
}
virtual_ipaddress {
192.168.226.250 dev ens33
}
}
cat /usr/local/bin/checkhaproxy.sh #此文件必须有执行权限
#!/bin/bash
TYPE=$1
NAME=$2
STATE=$3
case $STATE in
"MASTER") systemctl start haproxy
exit 0
;;
"BACKUP") systemctl stop haproxy
exit 0
;;
"FAULT") systemctl stop haproxy
exit 0
;;
*) echo "unknown state"
exit 1
;;
esac
2.3配置backup节点
cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
hxj@superred.com.cn
}
notification_email_from hxj@superred.com.cn
smtp_server mail.superred.com.cn
smtp_connect_timeout 300
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_script check_haproxy {
script "pkill -0 haproxy"
interval 2
weight 2
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 51
priority 101
advert_int 1
smtp_alert
notify /usr/local/bin/checkhaproxy.sh
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
check_haproxy
}
track_interface {
ens33
}
virtual_ipaddress {
192.168.226.250 dev ens33
}
}
cat /usr/local/bin/checkhaproxy.sh #此文件必须有执行权限
#!/bin/bash
TYPE=$1
NAME=$2
STATE=$3
case $STATE in
"MASTER") systemctl start haproxy
exit 0
;;
"BACKUP") systemctl stop haproxy
exit 0
;;
"FAULT") systemctl stop haproxy
exit 0
;;
*) echo "unknown state"
exit 1
;;
esac
2.4启动服务
在所有节点执行下面命令
systemctl start keepalived
master上启动了keepalived,绑定了vip,启动了haproxy,则启动成功
2.5验证高可用
在master节点执行下面命令
reboot
在backup节点查看vip是否漂移过来,haproxy是否正常启动,若vip漂移成功,haproxy已经启动,则高可用没有问题。
3.在所有节点配置内核参数
echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf
echo "net.ipv4.ip_nonlocal_bind = 1" >> /etc/sysctl.conf
sysctl -p
扫一扫
865
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
