HaProxy+keepalived+mycat集群高可用配置

最新推荐文章于 2022-09-28 00:05:05 发布

暗影岛-寒冰射手

最新推荐文章于 2022-09-28 00:05:05 发布

阅读量417

点赞数

分类专栏：负载均衡 linux运维

负载均衡同时被 2 个专栏收录

168 篇文章 2 订阅

订阅专栏

linux运维

55 篇文章 0 订阅

订阅专栏

部署图

集群部署图的理解：

1、keepalived和haproxy必须装在同一台机器上（如172.17.210.210.83机器上，keepalived和haproxy都要安装），keepalived负责为该服务器抢占vip（虚拟ip），抢占到vip后，对该主机的访问可以通过原来的ip（172.17.210.210.83）访问，也可以直接通过vip（172.17.210.210.103）访问。

2、172.17.210.64上的keepalived也会去抢占vip，抢占vip时有优先级，配置keepalived.conf中的（priority 150 #数值愈大，优先级越高,172.17.210.64上改为120，master和slave上该值配置不同）决定。但是一般哪台主机上的keepalived服务先启动就会抢占到vip，即使是slave，只要先启动也能抢到。

3、haproxy负责将对vip的请求分发到mycat上。起到负载均衡的作用，同时haproxy也能检测到mycat是否存活，haproxy只会将请求转发到存活的mycat上。

4、如果一台服务器（keepalived+haproxy服务器）宕机，另外一台上的keepalived会立刻抢占vip并接管服务。

如果一台mycat服务器宕机，haporxy转发时不会转发到宕机的mycat上，所以mycat依然可用。
Haproxy安装
haproxy安装
useraddhaproxy
#wget http://haproxy.1wt.eu/download/1.4/src/haproxy-1.4.25.tar.gz

# tar zxvf haproxy-1.4.25.tar.gz
# cd haproxy-1.4.25
# make TARGET=linux26 PREFIX=/usr/local/haproxy ARCH=x86_64
# make install PREFIX=/usr/local/haproxy

#cd /usr/local/haproxy
#chown -R haproxy.haproxy *

haproxy.cfg
haproxy.cfg
#cd /usr/local/haproxy
#touch haproxy.cfg
#vi/usr/local/haproxy/haproxy.cfg
global
log 127.0.0.1   local0 ##记日志的功能
    maxconn 4096
    chroot/usr/local/haproxy
    user haproxy
    group haproxy
    daemon
defaults
    log    global
    option    dontlognull
    retries    3
    option redispatch
    maxconn    2000
    contimeout    5000
    clitimeout    50000
    srvtimeout    50000
listen admin_status 172.17.210.103:48800 ##VIP
      stats uri/admin-status        ##统计页面
      stats auth admin:admin
      mode    http
      option httplog
listen    allmycat_service 172.17.210.103:8096 ##转发到mycat的8066端口，即mycat的服务端口
      mode tcp
      option tcplog
        option httpchk OPTIONS * HTTP/1.1\r\nHost:\ www
      balance    roundrobin
        server    mycat_133 172.17.210.133:8066 check port 48700 inter 5s rise 2 fall 3
        server    mycat_134 172.17.210.134:8066 check port 48700 inter 5s rise 2 fall 3
      srvtimeout 20000
listen    allmycat_admin 172.17.210.103:8097 ##转发到mycat的9066端口，及mycat的管理控制台端口
      mode tcp
      option tcplog
        option httpchk OPTIONS * HTTP/1.1\r\nHost:\ www
      balance    roundrobin
        server    mycat_133 172.17.210.133:9066 check port 48700 inter 5s rise 2 fall 3
        server    mycat_83 172.17.210.134:9066 check port 48700 inter 5s rise 2 fall 3
      srvtimeout 20000
haproxy记录日志

默认haproxy是不记录日志的，为了记录日志还需要配置syslog模块，在linux下是rsyslogd服务，yum –y install rsyslog先安装rsyslog，然后
记录haproxy日志的配置
#cd /etc/rsyslog.d/
如果没有这个目录，新建
#cd /etc
#mkdir rsyslog.d
#cd /etc/rsyslog.d/
#touch haproxy.conf
#vi /etc/rsyslog.d/haproxy.conf
$ModLoad imudp
$UDPServerRun 514

local0.* /var/log/haproxy.log

#vi /etc/rsyslog.conf
1、在#### RULES ####上面一行的地方加入以下内容：
# Include all config files in /etc/rsyslog.d/
$IncludeConfig /etc/rsyslog.d/*.conf
#### RULES ####
2、在local7.*                                               /var/log/boot.log的下面加入以下内容（增加后的效果如下）：
# Save boot messages also to boot.log
local7.*                                               /var/log/boot.log
local0.*                                               /var/log/haproxy.log

保存，重启rsyslog服务

service rsyslog restart

现在你就可以看到日志（/var/log/haproxy.log）了

配置监听mycat是否存活

在Mycat server1 Mycat server2上都需要添加检测端口48700的脚本，为此需要用到xinetd，xinetd为linux系统的基础服务，

首先在xinetd目录下面增加脚本与端口的映射配置文件

1、如果xinetd没有安装，使用如下命令安装：

yum install xinetd -y

2、检查/etc/xinetd.conf的末尾是否有这一句：includedir /etc/xinetd.d

没有就加上，

3、检查 /etc/xinetd.d文件夹是否存在，不存在也加上

#cd /etc

#mkdir xinetd.d

4、增加 /etc/xinetd.d/mycat_status
监听mycat是否存活的配置
#cd /etc
#mkdir xinetd.d
#cd /etc/xinetd.d/
#touch mycat_status
#vim /etc/xinetd.d/mycat_status
service mycat_status
{
        flags           = REUSE
        socket_type     = stream
        port            = 48700
        wait            = no
        user            = root
        server          =/usr/local/bin/mycat_status
        log_on_failure += USERID
        disable         = no
}

5、/usr/local/bin/mycat_status脚本

mycat_status脚本
#!/bin/bash
#/usr/local/bin/mycat_status.sh
# This script checks if a mycat server is healthy running on localhost. It will
# return:
#
# "HTTP/1.x 200 OK\r" (if mycat is running smoothly)
#
# "HTTP/1.x 503 Internal Server Error\r" (else)
mycat=`/usr/local/mycat/bin/mycatstatus | grep'not running' | wc -l`
if [ "$mycat" = "0" ];
then
/bin/echo-e "HTTP/1.1 200 OK\r\n"
else
/bin/echo-e "HTTP/1.1 503 Service Unavailable\r\n"
fi

4、/etc/services中加入mycat_status服务

加入mycat_status服务
#cd /etc
#vi services
在末尾加入
mycat_status 48700/tcp # mycat_status
保存
重启xinetd服务
service xinetd restart

5、验证mycat_status服务是否启动成功

验证mycat_status服务是否启动成功
#netstat -antup|grep 48700
如果成功会现实如下内容：
[root@localhost log]# netstat -antup|grep 48700
tcp 0 0 :::48700 :::* LISTEN 12609/xinetd

启动haproxy

启动haproxy前必须先启动keepalived，否则启动不了。

/usr/local/haproxy/sbin/haproxy -f /usr/local/haproxy/haproxy.cfg

启动haproxy异常情况

如果报以下错误：

[root@localhost bin]# /usr/local/haproxy/sbin/haproxy -f /usr/local/haproxy/haproxy.cfg

[ALERT] 183/115915 (12890) : Starting proxy admin_status: cannot bind socket

[ALERT] 183/115915 (12890) : Starting proxy allmycat_service: cannot bind socket

[ALERT] 183/115915 (12890) : Starting proxy allmycat_admin: cannot bind socket

原因为：该机器没有抢占到vip

为了使用方便可以增加一个启动，停止haproxy的脚本

启动脚本starthap内容如下

#!/bin/sh

/usr/local/haproxy/sbin/haproxy -f /usr/local/haproxy/haproxy.cfg &

停止脚本stophap内容如下

#!/bin/sh

ps -ef | grep sbin/haproxy | grep -v grep |awk '{print $2}'|xargs kill -s 9

分别赋予启动权限

chmod +x starthap

chmod +x stophap

启动后可以通过http://172.17.210.103:48800/admin-status (用户名密码都是admin，haproxy.cfg中配置的)

openssl安装

openssl必须安装，否则安装keepalived时无法编译，keepalived依赖openssl。

openssl安装
tar zxvf openssl-1.0.1g.tar.gz
./config--prefix=/usr/local/openssl
./config-t
make depend
make
make test
make install
ln -s /usr/local/openssl /usr/local/ssl

openssl配置
vi /etc/ld.so.conf
#在/etc/ld.so.conf文件的最后面，添加如下内容：
/usr/local/openssl/lib

vi /etc/profile
export OPENSSL=/usr/local/openssl/bin
export PATH=$PATH:$OPENSSL

source /etc/profile
yum installopenssl-devel -y #如无法yum下载安装，请修改yum配置文件

测试:
ldd /usr/local/openssl/bin/openssl
        linux-vdso.so.1 => (0x00007fff996b9000)
        libdl.so.2 =>/lib64/libdl.so.2 (0x00000030efc00000)
        libc.so.6 =>/lib64/libc.so.6 (0x00000030f0000000)
        /lib64/ld-linux-x86-64.so.2 (0x00000030ef800000)
which openssl
    /usr/bin/openssl
openssl version
    OpenSSL 1.0.0-fips 29 Mar 2010
keepalived安装

本文在172.17.30.64、172.17.30.83两台机器进行keepalived安装
安装
tar zxvf keepalived-1.2.13.tar.gz
cd keepalived-1.2.13
./configure--prefix=/usr/local/keepalived
make
make install
cp /usr/local/keepalived/sbin/keepalived /usr/sbin/
cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
cp /usr/local/keepalived/etc/rc.d/init.d/keepalived/etc/init.d/
mkdir /etc/keepalived
cd /etc/keepalived/
cp /usr/local/keepalived/etc/keepalived/keepalived.conf/etc/keepalived
mkdir-p /usr/local/keepalived/var/log
keepalived配置
建检查haproxy是否存活的脚本
#新建redis检查
mkdir /etc/keepalived/scripts
cd /etc/keepalived/scripts

keepalived.conf:

vi /etc/keepalived/keepalived.conf

Master:
Master
! Configuration Filefor keepalived
vrrp_script chk_http_port {
    script"/etc/keepalived/scripts/check_haproxy.sh"
    interval 2
    weight 2
}
vrrp_instance VI_1 {
   state MASTER              #172.17.210.83上改为Master
   interface eth0            #对外提供服务的网络接口
   virtual_router_id 51      #VRRP组名，两个节点的设置必须一样，以指明各个节点属于同一VRRP组
   priority 150              #数值愈大，优先级越高,172.17.210.84上改为120
   advert_int 1              #同步通知间隔
   authentication {          #包含验证类型和验证密码。类型主要有PASS、AH两种，通常使用的类型为PASS，据说AH使用时有问题
      auth_type PASS
      auth_pass 1111
   }

   track_script {
      chk_http_port            #调用脚本check_haproxy.sh检查haproxy是否存活
   }

   virtual_ipaddress {      #vip地址，这个ip必须与我们在lvs客户端设定的vip相一致
      172.17.210.103 dev eth0 scope globa
   }
   notify_master/etc/keepalived/scripts/haproxy_master.sh
   notify_backup/etc/keepalived/scripts/haproxy_backup.sh
   notify_fault /etc/keepalived/scripts/haproxy_fault.sh
   notify_stop /etc/keepalived/scripts/haproxy_stop.sh
}

slave：
slave
! Configuration Filefor keepalived
vrrp_script chk_http_port {
    script"/etc/keepalived/scripts/check_haproxy.sh"
    interval 2
    weight 2
}
vrrp_instance VI_1 {
   state MASTER              #172.17.210.83上改为Master
   interface eth1            #对外提供服务的网络接口
   virtual_router_id 51      #VRRP组名，两个节点的设置必须一样，以指明各个节点属于同一VRRP组
   priority 120              #数值愈大，优先级越高,172.17.210.64上改为120
   advert_int 1              #同步通知间隔
   authentication {          #包含验证类型和验证密码。类型主要有PASS、AH两种，通常使用的类型为PASS，据说AH使用时有问题
      auth_type PASS
      auth_pass 1111
   }

   track_script {
      chk_http_port            #调用脚本check_haproxy.sh检查haproxy是否存活
   }

   virtual_ipaddress {      #vip地址，这个ip必须与我们在lvs客户端设定的vip相一致
      172.17.210.103 dev eth1 scope globa
   }
   notify_master/etc/keepalived/scripts/haproxy_master.sh
   notify_backup/etc/keepalived/scripts/haproxy_backup.sh
   notify_fault /etc/keepalived/scripts/haproxy_fault.sh
   notify_stop /etc/keepalived/scripts/haproxy_stop.sh
}

check_haproxy.sh

vi /etc/keepalived/scripts/check_haproxy.sh

脚本含义：如果没有haproxy进程存在，就启动haproxy，停止keepalived
check_haproxy.sh
#!/bin/bash
STARTHAPROXY="/usr/local/haproxy/sbin/haproxy -f /usr/local/haproxy/haproxy.cfg"
STOPKEEPALIVED="/etc/init.d/keepalived stop"
LOGFILE="/usr/local/keepalived/var/log/keepalived-haproxy-state.log"
echo "[check_haproxy status]" >> $LOGFILE
A=`ps-C haproxy --no-header |wc-l`
echo "[check_haproxy status]" >> $LOGFILE
date >> $LOGFILE
if [ $A -eq 0 ];then
echo $STARTHAPROXY >> $LOGFILE
$STARTHAPROXY >> $LOGFILE 2>&1
sleep5
fi
if [ `ps -C haproxy --no-header |wc-l` -eq 0 ];then
exit 0
else
exit 1
fi

haproxy_master.sh(master和slave一样)
haproxy_master.sh
#!/bin/bash
STARTHAPROXY=`/usr/local/haproxy/sbin/haproxy-f /usr/local/haproxy/haproxy.cfg`
STOPHAPROXY=`ps-ef | grep sbin/haproxy | grep -vgrep |awk'{print $2}'|xargskill -s 9`
LOGFILE="/usr/local/keepalived/var/log/keepalived-haproxy-state.log"
echo "[master]" >> $LOGFILE
date >> $LOGFILE
echo "Being master...." >> $LOGFILE 2>&1
echo "stop haproxy...." >> $LOGFILE 2>&1
$STOPHAPROXY >> $LOGFILE 2>&1
echo "start haproxy...." >> $LOGFILE 2>&1
$STARTHAPROXY >> $LOGFILE 2>&1
echo "haproxy stared ..." >> $LOGFILE

haproxy_backup.sh(master和slave一样)
haproxy_backup.sh
#!/bin/bash
STARTHAPROXY=`/usr/local/haproxy/sbin/haproxy-f /usr/local/haproxy/haproxy.cfg`
STOPHAPROXY=`ps-ef | grep sbin/haproxy | grep -vgrep |awk'{print $2}'|xargskill -s 9`
LOGFILE="/usr/local/keepalived/var/log/keepalived-haproxy-state.log"
echo "[backup]" >> $LOGFILE
date >> $LOGFILE
echo "Being backup...." >> $LOGFILE 2>&1
echo "stop haproxy...." >> $LOGFILE 2>&1
$STOPHAPROXY >> $LOGFILE 2>&1
echo "start haproxy...." >> $LOGFILE 2>&1
$STARTHAPROXY >> $LOGFILE 2>&1
echo "haproxy stared ..." >> $LOGFILE

haproxy_fault.sh(master和slave一样)
haproxy_fault.sh
#!/bin/bash
LOGFILE=/usr/local/keepalived/var/log/keepalived-haproxy-state.log
echo "[fault]" >> $LOGFILE
date >> $LOGFILE

haproxy_stop.sh(master和slave一样)
haproxy_stop.sh
#!/bin/bash
LOGFILE=/usr/local/keepalived/var/log/keepalived-haproxy-state.log
echo "[stop]" >> $LOGFILE
date >> $LOGFILE

启用服务
启用服务
#启用服务
service keepalived start
---------------------
https://blog.csdn.net/wdw1206/article/details/44201331

暗影岛-寒冰射手

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
HaProxy+keepalived+mycat集群高可用配置

部署图集群部署图的理解：1、keepalived和haproxy必须装在同一台机器上（如172.17.210.210.83机器上，keepalived和haproxy都要安装），keepalived负责为该服务器抢占vip（虚拟ip），抢占到vip后，对该主机的访问可以通过原来的ip（172.17.210.210.83）访问，也可以直接通过vip（172.17.210.210.103）访...
复制链接

扫一扫