HaProxy+keepalived+mycat集群高可用配置

部署图


集群部署图的理解:

1、keepalived和haproxy必须装在同一台机器上(如172.17.210.210.83机器上,keepalived和haproxy都要安装),keepalived负责为该服务器抢占vip(虚拟ip),抢占到vip后,对该主机的访问可以通过原来的ip(172.17.210.210.83)访问,也可以直接通过vip(172.17.210.210.103)访问。

2、172.17.210.64上的keepalived也会去抢占vip,抢占vip时有优先级,配置keepalived.conf中的(priority 150 #数值愈大,优先级越高,172.17.210.64上改为120,master和slave上该值配置不同)决    定。但是一般哪台主机上的keepalived服务先启动就会抢占到vip,即使是slave,只要先启动也能抢到。

3、haproxy负责将对vip的请求分发到mycat上。起到负载均衡的作用,同时haproxy也能检测到mycat是否存活,haproxy只会将请求转发到存活的mycat上。

4、如果一台服务器(keepalived+haproxy服务器)宕机,另外一台上的keepalived会立刻抢占vip并接管服务。

     如果一台mycat服务器宕机,haporxy转发时不会转发到宕机的mycat上,所以mycat依然可用。
Haproxy安装
haproxy安装
useraddhaproxy
#wget http://haproxy.1wt.eu/download/1.4/src/haproxy-1.4.25.tar.gz
 
# tar zxvf haproxy-1.4.25.tar.gz
# cd haproxy-1.4.25
# make TARGET=linux26 PREFIX=/usr/local/haproxy ARCH=x86_64
# make install PREFIX=/usr/local/haproxy
 
#cd /usr/local/haproxy
#chown -R haproxy.haproxy *

haproxy.cfg
haproxy.cfg
#cd /usr/local/haproxy
#touch haproxy.cfg
#vi/usr/local/haproxy/haproxy.cfg
global
log 127.0.0.1   local0 ##记日志的功能
    maxconn 4096
    chroot/usr/local/haproxy
    user haproxy
    group haproxy
    daemon
defaults
    log    global
    option    dontlognull
    retries    3
    option redispatch
    maxconn    2000
    contimeout    5000
    clitimeout    50000
    srvtimeout    50000
listen  admin_status 172.17.210.103:48800 ##VIP
      stats uri/admin-status        ##统计页面
      stats auth  admin:admin
      mode    http
      option  httplog
listen    allmycat_service 172.17.210.103:8096 ##转发到mycat的8066端口,即mycat的服务端口
      mode tcp
      option tcplog
        option httpchk OPTIONS * HTTP/1.1\r\nHost:\ www
      balance    roundrobin
        server    mycat_133 172.17.210.133:8066 check port 48700 inter 5s rise 2 fall 3
        server    mycat_134 172.17.210.134:8066 check port 48700 inter 5s rise 2 fall 3
      srvtimeout 20000
listen    allmycat_admin 172.17.210.103:8097 ##转发到mycat的9066端口,及mycat的管理控制台端口
      mode tcp
      option tcplog
        option httpchk OPTIONS * HTTP/1.1\r\nHost:\ www
      balance    roundrobin
        server    mycat_133 172.17.210.133:9066 check port 48700 inter 5s rise 2 fall 3
        server    mycat_83  172.17.210.134:9066 check port 48700 inter 5s rise 2 fall 3
      srvtimeout 20000
haproxy记录日志

默认haproxy是不记录日志的,为了记录日志还需要配置syslog模块,在linux下是rsyslogd服务,yum –y install rsyslog先安装rsyslog,然后
记录haproxy日志的配置
#cd /etc/rsyslog.d/
如果没有这个目录,新建
#cd /etc
#mkdir rsyslog.d
#cd /etc/rsyslog.d/
#touch haproxy.conf
#vi /etc/rsyslog.d/haproxy.conf
$ModLoad imudp
$UDPServerRun 514
 
local0.* /var/log/haproxy.log
 
 
 
#vi /etc/rsyslog.conf
1、在#### RULES ####上面一行的地方加入以下内容:
# Include all config files in /etc/rsyslog.d/
$IncludeConfig /etc/rsyslog.d/*.conf
#### RULES ####
2、在local7.*                                               /var/log/boot.log的下面加入以下内容(增加后的效果如下):
# Save boot messages also to boot.log
local7.*                                               /var/log/boot.log
local0.*                                               /var/log/haproxy.log

保存,重启rsyslog服务

service rsyslog restart

现在你就可以看到日志(/var/log/haproxy.log)了

 

配置监听mycat是否存活

在Mycat server1 Mycat server2上都需要添加检测端口48700的脚本,为此需要用到xinetd,xinetd为linux系统的基础服务,

首先在xinetd目录下面增加脚本与端口的映射配置文件

1、如果xinetd没有安装,使用如下命令安装:

yum install xinetd -y

2、检查/etc/xinetd.conf的末尾是否有这一句:includedir /etc/xinetd.d

没有就加上,

3、检查 /etc/xinetd.d文件夹是否存在,不存在也加上

#cd /etc

#mkdir xinetd.d

4、增加 /etc/xinetd.d/mycat_status
监听mycat是否存活的配置
#cd /etc
#mkdir xinetd.d
#cd /etc/xinetd.d/
#touch mycat_status
#vim /etc/xinetd.d/mycat_status
service mycat_status
{
        flags           = REUSE
        socket_type     = stream
        port            = 48700
        wait            = no
        user            = root
        server          =/usr/local/bin/mycat_status
        log_on_failure  += USERID
        disable         = no
}

5、/usr/local/bin/mycat_status脚本

 
mycat_status脚本
#!/bin/bash
#/usr/local/bin/mycat_status.sh
# This script checks if a mycat server is healthy running on localhost. It will
# return:
#
# "HTTP/1.x 200 OK\r" (if mycat is running smoothly)
#
# "HTTP/1.x 503 Internal Server Error\r" (else)
mycat=`/usr/local/mycat/bin/mycatstatus | grep'not running' | wc -l`
if [ "$mycat" = "0" ];
then
 /bin/echo-e "HTTP/1.1 200 OK\r\n"
 else
   /bin/echo-e "HTTP/1.1 503 Service Unavailable\r\n"
fi

 

4、/etc/services中加入mycat_status服务

 
加入mycat_status服务
#cd /etc
#vi services
在末尾加入
mycat_status    48700/tcp              # mycat_status
保存
重启xinetd服务
service xinetd restart

5、验证mycat_status服务是否启动成功

 
验证mycat_status服务是否启动成功
#netstat -antup|grep 48700
如果成功会现实如下内容:
[root@localhost log]# netstat -antup|grep 48700
tcp        0      0 :::48700                    :::*                        LISTEN      12609/xinetd

 

启动haproxy

启动haproxy前必须先启动keepalived,否则启动不了。


/usr/local/haproxy/sbin/haproxy -f /usr/local/haproxy/haproxy.cfg

 

启动haproxy异常情况

如果报以下错误:

[root@localhost bin]# /usr/local/haproxy/sbin/haproxy -f /usr/local/haproxy/haproxy.cfg

[ALERT] 183/115915 (12890) : Starting proxy admin_status: cannot bind socket

[ALERT] 183/115915 (12890) : Starting proxy allmycat_service: cannot bind socket

[ALERT] 183/115915 (12890) : Starting proxy allmycat_admin: cannot bind socket

原因为:该机器没有抢占到vip

 

为了使用方便可以增加一个启动,停止haproxy的脚本

启动脚本starthap内容如下

#!/bin/sh

/usr/local/haproxy/sbin/haproxy -f /usr/local/haproxy/haproxy.cfg &

 

停止脚本stophap内容如下

#!/bin/sh

ps -ef | grep sbin/haproxy | grep -v grep |awk '{print $2}'|xargs kill -s 9

 

分别赋予启动权限

chmod +x starthap

chmod +x stophap

 

启动后可以通过http://172.17.210.103:48800/admin-status (用户名密码都是admin,haproxy.cfg中配置的)


openssl安装

openssl必须安装,否则安装keepalived时无法编译,keepalived依赖openssl。

 
openssl安装
tar zxvf openssl-1.0.1g.tar.gz
./config--prefix=/usr/local/openssl
./config-t
make depend
make
make test
make install
ln -s /usr/local/openssl /usr/local/ssl

 

 
openssl配置
vi /etc/ld.so.conf
#在/etc/ld.so.conf文件的最后面,添加如下内容:
/usr/local/openssl/lib
 
vi /etc/profile
export OPENSSL=/usr/local/openssl/bin
export PATH=$PATH:$OPENSSL
 
source /etc/profile
yum installopenssl-devel -y   #如无法yum下载安装,请修改yum配置文件

 

测试:
ldd /usr/local/openssl/bin/openssl
        linux-vdso.so.1 =>  (0x00007fff996b9000)
        libdl.so.2 =>/lib64/libdl.so.2 (0x00000030efc00000)
        libc.so.6 =>/lib64/libc.so.6 (0x00000030f0000000)
        /lib64/ld-linux-x86-64.so.2 (0x00000030ef800000)
which openssl
    /usr/bin/openssl
openssl version
    OpenSSL 1.0.0-fips 29 Mar 2010
keepalived安装

本文在172.17.30.64、172.17.30.83两台机器进行keepalived安装
安装
tar zxvf keepalived-1.2.13.tar.gz
cd keepalived-1.2.13
./configure--prefix=/usr/local/keepalived
make
make install
cp /usr/local/keepalived/sbin/keepalived /usr/sbin/
cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
cp /usr/local/keepalived/etc/rc.d/init.d/keepalived/etc/init.d/
mkdir /etc/keepalived
cd /etc/keepalived/
cp /usr/local/keepalived/etc/keepalived/keepalived.conf/etc/keepalived
mkdir-p /usr/local/keepalived/var/log
keepalived配置
建检查haproxy是否存活的脚本
#新建redis检查
mkdir /etc/keepalived/scripts
cd /etc/keepalived/scripts

keepalived.conf:

vi /etc/keepalived/keepalived.conf

Master:
Master
! Configuration Filefor keepalived
vrrp_script chk_http_port {
    script"/etc/keepalived/scripts/check_haproxy.sh"
    interval 2
    weight 2
}
vrrp_instance VI_1 {
   state MASTER              #172.17.210.83上改为Master
   interface eth0            #对外提供服务的网络接口
   virtual_router_id 51      #VRRP组名,两个节点的设置必须一样,以指明各个节点属于同一VRRP组
   priority 150              #数值愈大,优先级越高,172.17.210.84上改为120
   advert_int 1              #同步通知间隔
   authentication {          #包含验证类型和验证密码。类型主要有PASS、AH两种,通常使用的类型为PASS,据说AH使用时有问题
      auth_type PASS
      auth_pass 1111
   }
 
   track_script {
      chk_http_port            #调用脚本check_haproxy.sh检查haproxy是否存活
   }
 
   virtual_ipaddress {      #vip地址,这个ip必须与我们在lvs客户端设定的vip相一致
      172.17.210.103 dev eth0 scope globa
   }
   notify_master/etc/keepalived/scripts/haproxy_master.sh
   notify_backup/etc/keepalived/scripts/haproxy_backup.sh
   notify_fault /etc/keepalived/scripts/haproxy_fault.sh
   notify_stop  /etc/keepalived/scripts/haproxy_stop.sh
}

slave:
slave
! Configuration Filefor keepalived
vrrp_script chk_http_port {
    script"/etc/keepalived/scripts/check_haproxy.sh"
    interval 2
    weight 2
}
vrrp_instance VI_1 {
   state MASTER              #172.17.210.83上改为Master
   interface eth1            #对外提供服务的网络接口
   virtual_router_id 51      #VRRP组名,两个节点的设置必须一样,以指明各个节点属于同一VRRP组
   priority 120              #数值愈大,优先级越高,172.17.210.64上改为120
   advert_int 1              #同步通知间隔
   authentication {          #包含验证类型和验证密码。类型主要有PASS、AH两种,通常使用的类型为PASS,据说AH使用时有问题
      auth_type PASS
      auth_pass 1111
   }
 
   track_script {
      chk_http_port            #调用脚本check_haproxy.sh检查haproxy是否存活
   }
 
   virtual_ipaddress {      #vip地址,这个ip必须与我们在lvs客户端设定的vip相一致
      172.17.210.103 dev eth1 scope globa
   }
   notify_master/etc/keepalived/scripts/haproxy_master.sh
   notify_backup/etc/keepalived/scripts/haproxy_backup.sh
   notify_fault /etc/keepalived/scripts/haproxy_fault.sh
   notify_stop  /etc/keepalived/scripts/haproxy_stop.sh
}

check_haproxy.sh

vi /etc/keepalived/scripts/check_haproxy.sh

脚本含义:如果没有haproxy进程存在,就启动haproxy,停止keepalived
check_haproxy.sh
#!/bin/bash
STARTHAPROXY="/usr/local/haproxy/sbin/haproxy -f /usr/local/haproxy/haproxy.cfg"
STOPKEEPALIVED="/etc/init.d/keepalived stop"
LOGFILE="/usr/local/keepalived/var/log/keepalived-haproxy-state.log"
echo "[check_haproxy status]" >> $LOGFILE
A=`ps-C haproxy --no-header |wc-l`
echo "[check_haproxy status]" >> $LOGFILE
date >> $LOGFILE
if [ $A -eq 0 ];then
echo $STARTHAPROXY >> $LOGFILE
$STARTHAPROXY >> $LOGFILE  2>&1
sleep5
fi
if [ `ps -C haproxy --no-header |wc-l` -eq 0 ];then
exit 0
else
exit 1
fi

haproxy_master.sh(master和slave一样)
haproxy_master.sh
#!/bin/bash
STARTHAPROXY=`/usr/local/haproxy/sbin/haproxy-f /usr/local/haproxy/haproxy.cfg`
STOPHAPROXY=`ps-ef | grep sbin/haproxy | grep -vgrep |awk'{print $2}'|xargskill -s 9`
LOGFILE="/usr/local/keepalived/var/log/keepalived-haproxy-state.log"
echo "[master]" >> $LOGFILE
date >> $LOGFILE
echo "Being master...." >> $LOGFILE 2>&1
echo "stop haproxy...." >> $LOGFILE 2>&1
$STOPHAPROXY >> $LOGFILE  2>&1
echo "start haproxy...." >> $LOGFILE 2>&1
$STARTHAPROXY >> $LOGFILE  2>&1
echo "haproxy stared ..." >> $LOGFILE

haproxy_backup.sh(master和slave一样)
haproxy_backup.sh
#!/bin/bash
STARTHAPROXY=`/usr/local/haproxy/sbin/haproxy-f /usr/local/haproxy/haproxy.cfg`
STOPHAPROXY=`ps-ef | grep sbin/haproxy | grep -vgrep |awk'{print $2}'|xargskill -s 9`
LOGFILE="/usr/local/keepalived/var/log/keepalived-haproxy-state.log"
echo "[backup]" >> $LOGFILE
date >> $LOGFILE
echo "Being backup...." >> $LOGFILE 2>&1
echo "stop haproxy...." >> $LOGFILE 2>&1
$STOPHAPROXY >> $LOGFILE  2>&1
echo "start haproxy...." >> $LOGFILE 2>&1
$STARTHAPROXY >> $LOGFILE  2>&1
echo "haproxy stared ..." >> $LOGFILE


haproxy_fault.sh(master和slave一样)
haproxy_fault.sh
#!/bin/bash
LOGFILE=/usr/local/keepalived/var/log/keepalived-haproxy-state.log
echo "[fault]" >> $LOGFILE
date >> $LOGFILE

 

haproxy_stop.sh(master和slave一样)
haproxy_stop.sh
#!/bin/bash
LOGFILE=/usr/local/keepalived/var/log/keepalived-haproxy-state.log
echo "[stop]" >> $LOGFILE
date >> $LOGFILE

启用服务
启用服务
#启用服务
service keepalived start
---------------------
https://blog.csdn.net/wdw1206/article/details/44201331

  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值