KeepAlived+Redis+Haproxy实现主从热备、负载均衡、秒级切换实战
-
Redis+Keepalived+Haproxy 的集群架构,分别用六个端口,实现多路复用,最终实现主从热备、负载均衡、秒级切换。此次部署了五台server,三台redis,在每台server上分别部署主从,两台server上部署了haproxy和keepalived.一台主,一台从.
-
架构思路:keepalived给haproxy做高可用,当一台haproxy出现故障时,高可用会将令一台备用的haproxy作为master,继续给后端提供服务,防止单点故障.
redis给客户端提供服务,所以三主三从,当master出现问题时,slave会立刻替换掉master.
一、部署Redis集群
1、环境
做域名解析,修改主机名,主机名跟域名解析保持一致,防止后期的操作出现问题,有需要的也可以做一个免密登录.
192.168.122.115 redis02
192.168.122.166 redis01
192.168.122.76 redis03
#修改主机名
hostnamectl --static set-hostname redis01
hostnamectl --static set-hostname redis02
hostnamectl --static set-hostname redis03
设置redis的环境以及修改配置文件
#修改最大可打开的文件数
cat >> /etc/security/limits.conf<< EOF
* soft nofile 102400
* hard nofile 102400
EOF
[root@redis01 ~]# echo "net.core.somaxconn = 32767" >> /etc/sysctl.conf
[root@redis01 ~]# sysctl -p
[root@redis01 ~]# echo "vm.overcommit_memory=1" >> /etc/sysctl.conf
[root@redis01 ~]# sysctl -p
[root@redis01 ~]# echo never > /sys/kernel/mm/transparent_hugepage/enabled
[root@redis01 ~]# echo "echo never > /sys/kernel/mm/transparent_hugepage/enabled" >> /etc/rc.local
[root@redis01 ~]# chmod +x /etc/rc.local
[root@redis01 ~]# yum -y install gcc glibc glibc-kernheaders glibc-common glibc-devel make
[root@redis01 ~]# yum -y install centos-release-scl
[root@redis01 ~]# yum -y install devtoolset-9-gcc devtoolset-9-gcc-c++ devtoolset-9-binutils
[root@redis01 ~]# scl enable devtoolset-9 bash
[root@redis01 ~]# echo "source /opt/rh/devtoolset-9/enable" >>/etc/profile
[root@redis01 ~]# cd /usr/local/src
[root@redis01 ~]# wget http://download.redis.io/releases/redis-6.0.5.tar.gz
[root@redis01 ~]# tar -zxvf redis-6.0.5.tar.gz
[root@redis01 ~]# cd redis-6.0.5/
[root@redis01 ~]# make
[root@redis01 ~]# make install PREFIX=/usr/local/redis-cluster
[root@redis01 ~]# mkdir -p /redis/{6001,6002}/{conf,data,log}
[root@redis01 ~]# grep -Ev "^$|#" /usr/local/redis-6.0.5/redis.conf
[root@redis01 ~]#cd /redis/6001/conf/
[root@redis01 conf]# cat >> redis.conf << EOF
bind 0.0.0.0
protected-mode no
port 6001
dir /redis/6001/data
cluster-enabled yes
cluster-config-file /redis/6001/conf/nodes.conf
cluster-node-timeout 5000
appendonly yes
daemonize yes
requirepass redis
pidfile /redis/6001/redis.pid
logfile /redis/6001/log/redis.log
EOF
[root@redis03 conf]# sed 's/6001/6002/g' redis.conf > /redis/6002/conf/redis.conf
[root@redis03 ~]# cat >/usr/local/redis-cluster/start-redis-cluster.sh<<-EOF
#!/bin/bash
REDIS_HOME=/usr/local/redis-cluster
REDIS_CONF=/redis
\$REDIS_HOME/bin/redis-server \$REDIS_CONF/6001/conf/redis.conf
\$REDIS_HOME/bin/redis-server \$REDIS_CONF/6002/conf/redis.conf
EOF
[root@redis03 ~]# chmod +x /usr/local/redis-cluster/start-redis-cluster.sh
[root@redis03 ~]# bash /usr/local/redis-cluster/start-redis-cluster.sh
[root@redis03 ~]# ss -anput | grep redis
tcp LISTEN 0 511 *:6001 *:* users:(("redis-server",pid=25993,fd=6))
tcp LISTEN 0 511 *:6002 *:* users:(("redis-server",pid=25995,fd=6))
tcp LISTEN 0 511 *:16001 *:* users:(("redis-server",pid=25993,fd=9))
tcp LISTEN 0 511 *:16002 *:* users:(("redis-server",pid=25995,fd=9))
[root@redis01 bin]# cd /usr/local/redis-cluster/bin #执行
[root@redis01 bin]# ./redis-cli --cluster create 192.168.122.166:6001 192.168.122.166:6002 192.168.122.115:6001 192.168.122.115:6002 192.168.122.76:6001 192.168.122.76:6002 --cluster-replicas 1 -a redis #若设置密码,添加-a,没有设置密码,删除
[root@redis01 ~]# ln -s /usr/local/redis-cluster/bin/redis-cli /bin/redis-cli
[root@redis65 bin]# redis-cli -c -p 6001 #登录
127.0.0.1:6001> cluster nodes #查看节点
#cluster info 查看节点的数量
#验证集群
127.0.0.1:6001> set name redis #设置key
-> Redirected to slot [5798] located at 192.168.152.134:6001
OK
192.168.152.134:6001> quit
[root@redis01 ~]# redis-cli -c -p 6002
127.0.0.1:6002> get name
-> Redirected to slot [5798] located at 192.168.152.134:6001
"redis"
[root@redis01 ~]# redis-cli -h 192.168.152.135 -p 6002 #测试其他的两个ip能否登录成功 测试成功,开始部署haproxy,keepalived
二、部署Keepalived,实现主从热备、秒级切换
当一台server出现问题时,为了防止单点故障,我们可以设置高可用,当一台haproxy挂掉时,keepalived会迅速将vip飘逸到另一台haproxy,防止客户端访问不到后端的数据库.
1、环境
-
我们可以使用三台server,在搭建好的redis中,任选两台做keepalived,这里用的舞台server,在另外两台上做了keepalived和haproxy
[root@hamaster ~]# yum -y install keepalived #安装 [root@hamaster ~]# vim /etc/keepalived/keepalived.conf #修改配置文件 #主从一致 ! Configuration File for keepalived global_defs { router_id directory2 #id不同 } vrrp_script check_run { script "/etc/ha.sh" #执行脚本 interval 5 } vrrp_instance VI_1 { state BACKUP #两台server不一样,主为master,从为backup interface ens33 nopreempt virtual_router_id 80 priority 50 #优先级不同,主的高,可设置为100 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.246.100/24 #虚拟ip,自己添加的 } track_script { check_run } }
部署完成之后,查看ip看是否有vip的存在,若不在,可能是配置文件有问题
判断haproxy的脚本
给脚本权限
#!/bin/bash systemctl status haproxy if [ $? -eq 0 ];then echo "successful" else systemctl stop keepalived fi chmod +x /etc/ha.sh
三、部署haproxy,实现访问6379端口时,轮询访问六个节点
1、安装 haproxy
[root@ha-proxy-master ~]# yum -y install haproxy
[root@ha-proxy-master ~]# cp -rf /etc/haproxy/haproxy.cfg{,.bak} #备份
[root@ha-proxy-master ~]# vim /etc/haproxy/haproxy.cfg
#部署两台haproxy
global
log 127.0.0.1 local0
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user nobody
group nobody
daemon
defaults
mode http
log global
option dontlognull
retries 3
maxconn 3000
contimeout 50000
clitimeout 50000
srvtimeout 50000
listen stats
bind *:8888 #修改的haproxy的端口号
stats enable
stats hide-version
stats uri /haproxy #访问ip的时候,加上uri
stats realm Haproxy\ stats
stats auth admin:admin #设置的密码,账户
stats admin if TRUE
listen redis
bind *:6379 #redis的端口号
mode tcp #采用的tcp协议
balance roundrobin #实现轮循
server redis1 192.168.122.166:6001 check
server redis2 192.168.122.166:6002 check
server redis3 192.168.122.115:6001 check
server redis4 192.168.122.115:6002 check
server redis5 192.168.122.76:6001 check
server redis6 192.168.122.76:6002 check
2、Haproxy rsyslog 日志配置
[root@hamaster ~]# vim /etc/rsyslog.conf
# Provides UDP syslog reception
$ModLoad imudp #打开
$UDPServerRun 514
**********************
#### RULES ####
# Log all kernel messages to the console.
# Logging much else clutters up the screen.
#kern.* /dev/console
# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
*.info;mail.none;authpriv.none;cron.none /var/log/messages
# The authpriv file has restricted access.
authpriv.* /var/log/secure
local0.* #添加haproxy的日志对象,一定要跟haproxy的配置文件向符合
/var/log/haproxy.log #指定路径
# Log all the mail messages in one place.
[root@hamaster ~]# systemctl restart rsyslog.service
#重新启动日志文件才可以生效
3.浏览器访问测试 haproxy
http://192.168.122.43:8888/haproxy
这里的ip时haproxy,端口指定的haproxy,后期的路径是在haproxy中设定的uri,一定要指定,否则访问不到.
访问到以上图片,证明自己部署成功…