haproxy双机HA方案
实现方案haproxy+keepalived
网络参数调优
echo 1 > /proc/sys/net/ipv4/ip_forward
echo 5000000 > /proc/sys/net/netfilter/nf_conntrack_max
echo 256512 > /sys/module/nf_conntrack/parameters/hashsize
# 打开tcp_tw_reuse
echo 1 > /proc/sys/net/ipv4/tcp_tw_reuse
...
...
文件固化/etc/sysctl.d/99-sysctl.conf
net.netfilter.nf_conntrack_max = 10000000
net.netfilter.nf_conntrack_generic_timeout = 60
net.netfilter.nf_conntrack_tcp_timeout_established = 60
net.netfilter.nf_conntrack_tcp_timeout_fin_wait = 20
net.netfilter.nf_conntrack_tcp_timeout_syn_recv = 20
net.netfilter.nf_conntrack_tcp_timeout_time_wait = 20
net.netfilter.nf_conntrack_buckets = 524288
net.core.netdev_max_backlog = 50000
net.ipv4.tcp_max_syn_backlog = 50000
网卡调整
ethtool -G eth1 tx 4096
ethtool -G eth1 rx 4096
ethtool -G eth0 rx 4096
ethtool -G eth0 tx 4096
安装
如果没有killall 需要安装
apt-get install psmisc
apt-get install haproxy keepalived
haproxy配置
vi /etc/default/haproxy
# Set ENABLED to 1 if you want the init script to start haproxy.
ENABLED=1
vi /etc/haproxy/haproxy.cfg
global
# 设置进程数,比较狠就CPU核数
nbproc 40
frontend lvs2-lvs3
bind *:80
maxconn 12000
acl is_lvs2 hdr_end(host) -i a.b.xxx.com
acl is_lvs3 hdr_end(host) -i d.b.xxx.com
use_backend lvs2 if is_lvs2
use_backend lvs3 if is_lvs3
backend lvs2
mode http
balance roundrobin
#option http-server-close
timeout http-keep-alive 3000
option forwardfor
fullconn 12000
cookie SRVNAME insert
server 192.168.47.17:3000 192.168.47.17:3000 cookie S1 check
server 192.168.47.17:3001 192.168.47.17:3001 cookie S2 check
backend lvs3
mode http
balance roundrobin
#option http-server-close
timeout http-keep-alive 3000
option forwardfor
fullconn 12000
cookie SRVNAME insert
server 192.168.93.32:3000 192.168.93.32:3000 cookie S201 check
server 192.168.93.32:3001 192.168.93.32:3001 cookie S202 check
listen statistics
mode http
bind *:1026
stats enable
stats auth admin:1234
stats uri /status
stats hide-version
stats admin if TRUE
stats refresh 5s
tcp-request content accept
keepalived配置
vi /etc/keepalived/keepalived.conf
global_defs {
router_id LVS_MASTER #BACKUP上修改为LVS_BACKUP
}
vrrp_script chk_http_port {
script "killall -0 haproxy"
interval 2
weight 2
}
vrrp_instance VI_1 {
state MASTER #BACKUP上修改为BACKUP
interface bond0
virtual_router_id 88 #虚拟路由ID,0-255,区分多个instance的VRRP组播,同网段唯一,主备一致
priority 99 #BACKUP上修改为80
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
chk_http_port
}
virtual_ipaddress {
192.168.48.62 #virtual server
}
}
启动服务
/etc/init.d/keepalived restart
/etc/init.d/haproxy restart
检查主从ip信息
ip addr
less /var/log/messages
主从切换测试
/etc/init.d/haproxy stop
ip addr
less /var/log/messages
Keepalived_vrrp[38721]: VRRP_Script(chk_http_port) failed
Keepalived_vrrp[38721]: VRRP_Instance(VI_1) Received higher prio advert
Keepalived_vrrp[38721]: VRRP_Instance(VI_1) Entering BACKUP STATE
Keepalived_vrrp[76012]: VRRP_Instance(VI_1) forcing a new MASTER election
Keepalived_vrrp[76012]: VRRP_Instance(VI_1) Transition to MASTER STATE
Keepalived_vrrp[76012]: VRRP_Instance(VI_1) Entering MASTER STATE
日志配置和logrotate
vi /etc/rsyslog.d/49-haproxy.conf
if $programname startswith ‘haproxy’ then /home/edt/var/log/haproxy.log
&~
/etc/init.d/rsyslog restart
vi /etc/logrotate.d/haproxy
mv /etc/cron.daily/logrotate /etc/cron.hourly/logrotate
参考
Setting Up A High-Availability Load Balancer
ubuntu下安装haproxy+keepalived实现负载均衡
高可用软件keepalived详解