环境:
主机名 | IP | 网卡名称 | 服务 |
---|---|---|---|
haproxy-master | 192.168.58.140 | 网卡接口:ens160 | haproxy、keepalived |
haproxy-slave: | 192.168.58.141 | 网卡接口:ens160 | haproxy、keepalived |
web-1: | 192.168.58.138 | 网卡接口:ens160 | httpd |
web-2: | 192.168.58.139 | 网卡接口:ens160 | httpd |
部署httpd
//web-1和web-2部署httpd
[root@web-1 ~]# yum -y install httpd
[root@web-1 ~]# echo 'master' > /var/www/html/index.html
[root@web-1 ~]# systemctl restart httpd
[root@web-1 ~]# systemctl enable httpd
[root@web-2 ~]# yum -y install httpd
[root@web-2 ~]# echo 'slave' > /var/www/html/index.html
[root@web-2 ~]# systemctl restart httpd
安装haproxy
//haproxy-master和haproxy-slave主机安装haproxy
//安装haproxy
#源码安装
[root@haproxy-master ~]# wget https://src.fedoraproject.org/repo/pkgs/haproxy/haproxy-2.1.3.tar.gz/sha512/4728c1177b2bba69465cbc56b1ed73a1b2d36891ba2d94d29bb49714ad98ccfac4b52947735aded211f0cd8070002f5406ddd77cabd2f8230b00438189dd7a60/haproxy-2.1.3.tar.gz
//安装编译环境
[root@haproxy-master ~]# yum -y install make gcc pcre-devel bzip2-devel openssl-devel systemd-devel
//创建haproxy用户
[root@haproxy-master ~]# useradd -r -M -s /sbin/nologin haproxy
//解压和安装
[root@haproxy-master ~]# tar -zxvf haproxy-2.1.3.tar.gz
[root@haproxy-master ~]# cd haproxy-2.1.3
[root@haproxy-master haproxy-2.1.3]# make clean
[root@haproxy-master haproxy-2.1.3]# make -j $(grep 'processor' /proc/cpuinfo |wc -l) TARGET=linux-glibc USE_OPENSSL=1 USE_ZLIB=1 USE_PCRE=1 USE_SYSTEMD=1
[root@haproxy-master haproxy-2.1.3]# make install PREFIX=/usr/local/haproxy
[root@haproxy-master haproxy-2.1.3]# cp haproxy /usr/sbin/
//修改LB的内核参数
[root@haproxy-master ~]# mkdir /etc/haproxy
[root@haproxy-master ~]# vim /etc/haproxy/haproxy.cfg
net.ipv4.ip_nonlocal_bind = 1
net.ipv4.ip_forward = 1
//修改haproxy配置文件
[root@haproxy-master ~]# vim /etc/haproxy/haproxy.cfg
global
daemon
maxconn 256
defaults
mode http
timeout connect 5000ms
timeout client 50000ms
timeout server 50000ms
frontend http-in
bind *:80
default_backend servers
backend servers
server web01 192.168.58.138:80
server web02 192.168.58.139:80
//启动haproxy,配置haproxy.service服务单元文件
[root@haproxy-master ~]# vim /usr/lib/systemd/system/haproxy.service
[Unit]
Description=HAProxy Load Balancer
After=syslog.target network.target
[Service]
ExecStartPre=/usr/local/haproxy/sbin/haproxy -f /etc/haproxy/haproxy.cfg -c -q
ExecStart=/usr/local/haproxy/sbin/haproxy -Ws -f /etc/haproxy/haproxy.cfg -p /var/run/haproxy.pid
ExecReload=/bin/kill -USR2 $MAINPID
[Install]
WantedBy=multi-user.target
//启动haproxy服务
[root@haproxy-master ~]# systemctl restart haproxy
[root@haproxy-master ~]# systemctl restart rsyslog
[root@haproxy-master ~]# systemctl enable haproxy
[root@haproxy-master ~]# systemctl enable rsyslog
//配置日志信息
[root@haproxy-master ~]# vim /etc/rsyslog.conf
local0.* /var/log/haproxy.log
//使用WEB网页访问测试
[root@haproxy-master ~]# vim /etc/haproxy/haproxy.cfg
//清空,修改为如下:
global
log 127.0.0.1 local0 info
#log loghost local0 info
maxconn 20480
#chroot /usr/local/haproxy
pidfile /var/run/haproxy.pid
#maxconn 4000
user haproxy
group haproxy
daemon
#---------------------------------------------------------------------
#common defaults that all the 'listen' and 'backend' sections will
#use if not designated in their block
#---------------------------------------------------------------------
defaults
mode http
log global
option dontlognull
option httpclose
option httplog
#option forwardfor
option redispatch
balance roundrobin
timeout connect 10s
timeout client 10s
timeout server 10s
timeout check 10s
maxconn 60000
retries 3
#--------------统计页面配置------------------
listen admin_stats
bind 0.0.0.0:8189
stats enable
mode http
log global
stats uri /haproxy_stats #访问网页后缀URL
stats realm Haproxy\ Statistics
stats auth admin:admin #用户名和密码
#stats hide-version
stats admin if TRUE
stats refresh 30s
#---------------web设置-----------------------
listen webcluster
bind 0.0.0.0:80
mode http
#option httpchk GET /index.html
log global
maxconn 3000
balance roundrobin
cookie SESSION_COOKIE insert indirect nocache
server web01 192.168.58.138:80 check inter 2000 fall 5
server web02 192.168.58.139:80 check inter 2000 fall 5
[root@haproxy-master ~]# systemctl restart haproxy
[root@haproxy-master ~]# ss -anlt
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:8189 0.0.0.0:*
LISTEN 0 128 0.0.0.0:80 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
haproxy-slave安装haproxy和上方一样
略
keepalived安装
配置主keepalived
[root@haproxy-master ~]# yum -y install keepalived
配置主keepalived
[root@haproxy-master ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id lb01
}
vrrp_instance VI_1 {
state MASTER
interface ens160
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass yexiaotian
}
virtual_ipaddress {
192.168.58.250
}
}
virtual_server 192.168.58.250 80 {
delay_loop 6
lb_algo rr
lb_kind DR
persistence_timeout 50
protocol TCP
real_server 192.168.58.140 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
[root@haproxy-master ~]# systemctl restart keepalived
配置备keepalived
[root@haproxy-slave ~]# yum -y install keepalived
[root@haproxy-slave ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id lb02
}
vrrp_instance VI_1 {
state BACKUP
interface ens160
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass yexiaotian
}
virtual_ipaddress {
192.168.58.250
}
}
virtual_server 192.168.58.250 80 {
delay_loop 6
lb_algo rr
lb_kind DR
persistence_timeout 50
protocol TCP
real_server 192.168.58.141 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
[root@haproxy-slave ~]# systemctl restart keepalived