KeepAlived+Redis+Haproxy实现主从热备,负载均衡,切换实战

KeepAlived+Redis+Haproxy实现主从热备、负载均衡、秒级切换实战

• Redis+Keepalived+Haproxy 的集群架构，分别用六个端口，实现多路复用，最终实现主从热备、负载均衡、秒级切换。此次部署了五台server,三台redis,在每台server上分别部署主从,两台server上部署了haproxy和keepalived.一台主,一台从.

• 架构思路:keepalived给haproxy做高可用,当一台haproxy出现故障时,高可用会将令一台备用的haproxy作为master,继续给后端提供服务,防止单点故障.

  redis给客户端提供服务,所以三主三从,当master出现问题时,slave会立刻替换掉master.

一、部署Redis集群

1、环境

做域名解析,修改主机名,主机名跟域名解析保持一致,防止后期的操作出现问题,有需要的也可以做一个免密登录.

192.168.122.115 redis02
192.168.122.166 redis01
192.168.122.76  redis03
#修改主机名 
hostnamectl --static set-hostname redis01
hostnamectl --static set-hostname redis02
hostnamectl --static set-hostname redis03

设置redis的环境以及修改配置文件

#修改最大可打开的文件数
cat >> /etc/security/limits.conf<< EOF
* soft nofile 102400
* hard nofile 102400
EOF
[root@redis01 ~]# echo "net.core.somaxconn = 32767" >> /etc/sysctl.conf
[root@redis01 ~]# sysctl -p
[root@redis01 ~]# echo "vm.overcommit_memory=1" >> /etc/sysctl.conf
[root@redis01 ~]# sysctl -p
[root@redis01 ~]# echo never > /sys/kernel/mm/transparent_hugepage/enabled
[root@redis01 ~]# echo "echo never > /sys/kernel/mm/transparent_hugepage/enabled"  >> /etc/rc.local
[root@redis01 ~]# chmod +x /etc/rc.local
[root@redis01 ~]# yum -y install gcc glibc glibc-kernheaders  glibc-common glibc-devel make
[root@redis01 ~]# yum -y install centos-release-scl
[root@redis01 ~]# yum -y install devtoolset-9-gcc devtoolset-9-gcc-c++ devtoolset-9-binutils
[root@redis01 ~]# scl enable devtoolset-9 bash
[root@redis01 ~]# echo "source /opt/rh/devtoolset-9/enable" >>/etc/profile
[root@redis01 ~]# cd /usr/local/src
[root@redis01 ~]# wget http://download.redis.io/releases/redis-6.0.5.tar.gz
[root@redis01 ~]# tar -zxvf redis-6.0.5.tar.gz
[root@redis01 ~]# cd redis-6.0.5/
[root@redis01 ~]# make
[root@redis01 ~]# make install PREFIX=/usr/local/redis-cluster
[root@redis01 ~]# mkdir -p /redis/{6001,6002}/{conf,data,log}
[root@redis01 ~]# grep -Ev "^$|#" /usr/local/redis-6.0.5/redis.conf
[root@redis01 ~]#cd /redis/6001/conf/
[root@redis01 conf]# cat >> redis.conf << EOF
bind 0.0.0.0
protected-mode no
port 6001
dir /redis/6001/data
cluster-enabled yes
cluster-config-file /redis/6001/conf/nodes.conf
cluster-node-timeout 5000
appendonly yes
daemonize yes
requirepass redis
pidfile /redis/6001/redis.pid
logfile /redis/6001/log/redis.log
EOF
[root@redis03 conf]# sed 's/6001/6002/g' redis.conf > /redis/6002/conf/redis.conf
[root@redis03 ~]# cat >/usr/local/redis-cluster/start-redis-cluster.sh<<-EOF
#!/bin/bash
REDIS_HOME=/usr/local/redis-cluster
REDIS_CONF=/redis
\$REDIS_HOME/bin/redis-server \$REDIS_CONF/6001/conf/redis.conf
\$REDIS_HOME/bin/redis-server \$REDIS_CONF/6002/conf/redis.conf
EOF
[root@redis03 ~]# chmod +x /usr/local/redis-cluster/start-redis-cluster.sh
[root@redis03 ~]# bash /usr/local/redis-cluster/start-redis-cluster.sh
[root@redis03 ~]# ss -anput | grep redis
tcp    LISTEN     0      511       *:6001                  *:*                   users:(("redis-server",pid=25993,fd=6))
tcp    LISTEN     0      511       *:6002                  *:*                   users:(("redis-server",pid=25995,fd=6))
tcp    LISTEN     0      511       *:16001                 *:*                   users:(("redis-server",pid=25993,fd=9))
tcp    LISTEN     0      511       *:16002                 *:*                   users:(("redis-server",pid=25995,fd=9))
[root@redis01 bin]# cd /usr/local/redis-cluster/bin   #执行
[root@redis01 bin]# ./redis-cli --cluster create 192.168.122.166:6001 192.168.122.166:6002 192.168.122.115:6001 192.168.122.115:6002 192.168.122.76:6001 192.168.122.76:6002 --cluster-replicas 1  -a redis      #若设置密码,添加-a,没有设置密码,删除
[root@redis01 ~]# ln -s /usr/local/redis-cluster/bin/redis-cli /bin/redis-cli
[root@redis65 bin]# redis-cli -c -p 6001  #登录

127.0.0.1:6001> cluster nodes   #查看节点
#cluster info  查看节点的数量
#验证集群
127.0.0.1:6001> set name redis  #设置key
-> Redirected to slot [5798] located at 192.168.152.134:6001
OK
192.168.152.134:6001> quit
[root@redis01 ~]# redis-cli -c -p 6002
127.0.0.1:6002> get name
-> Redirected to slot [5798] located at 192.168.152.134:6001
"redis"  
[root@redis01 ~]# redis-cli -h 192.168.152.135 -p 6002 #测试其他的两个ip能否登录成功   测试成功,开始部署haproxy,keepalived

二、部署Keepalived，实现主从热备、秒级切换

​ 当一台server出现问题时,为了防止单点故障,我们可以设置高可用,当一台haproxy挂掉时,keepalived会迅速将vip飘逸到另一台haproxy,防止客户端访问不到后端的数据库.

1、环境

• 我们可以使用三台server,在搭建好的redis中,任选两台做keepalived,这里用的舞台server,在另外两台上做了keepalived和haproxy

  [root@hamaster ~]# yum -y install keepalived  #安装
  [root@hamaster ~]# vim /etc/keepalived/keepalived.conf  #修改配置文件
  #主从一致
  ! Configuration File for keepalived
  
  global_defs {
     router_id directory2    #id不同
  }
  vrrp_script check_run {
     script "/etc/ha.sh"     #执行脚本
     interval 5
  }
  vrrp_instance VI_1 { 
      state BACKUP    #两台server不一样,主为master,从为backup
      interface ens33
      nopreempt
      virtual_router_id 80
      priority 50      #优先级不同,主的高,可设置为100
      advert_int 1
      authentication { 
          auth_type PASS
          auth_pass 1111
      }
      virtual_ipaddress {
          192.168.246.100/24     #虚拟ip,自己添加的
     }
     track_script {
          check_run     
      }
  }
  

  部署完成之后,查看ip看是否有vip的存在,若不在,可能是配置文件有问题

  判断haproxy的脚本

  给脚本权限

  #!/bin/bash
  systemctl status haproxy
          if [ $? -eq 0 ];then
                  echo "successful"
          else
                  systemctl stop keepalived
          fi      
   chmod +x /etc/ha.sh
  

三、部署haproxy，实现访问6379端口时，轮询访问六个节点

1、安装 haproxy

[root@ha-proxy-master ~]# yum -y install haproxy
[root@ha-proxy-master ~]# cp -rf /etc/haproxy/haproxy.cfg{,.bak}  #备份
[root@ha-proxy-master ~]# vim /etc/haproxy/haproxy.cfg
#部署两台haproxy
global
    log                     127.0.0.1 local0
    chroot                  /var/lib/haproxy
    pidfile                 /var/run/haproxy.pid
    maxconn                 4000
    user                    nobody
    group                   nobody
    daemon

defaults
    mode                     http
    log                      global
    option                   dontlognull
    retries                  3
    maxconn                  3000
    contimeout               50000
    clitimeout               50000
    srvtimeout               50000

listen stats
    bind                    *:8888    #修改的haproxy的端口号
    stats                   enable
    stats                   hide-version
    stats uri               /haproxy       #访问ip的时候,加上uri
    stats realm             Haproxy\ stats
    stats auth              admin:admin    #设置的密码,账户
    stats admin             if TRUE
    
listen  redis
        bind *:6379    #redis的端口号
        mode tcp              #采用的tcp协议
        balance roundrobin    #实现轮循
        server redis1 192.168.122.166:6001 check
        server redis2 192.168.122.166:6002 check
        server redis3 192.168.122.115:6001 check
        server redis4 192.168.122.115:6002 check
        server redis5 192.168.122.76:6001 check
        server redis6 192.168.122.76:6002 check

2、Haproxy rsyslog 日志配置

[root@hamaster ~]# vim /etc/rsyslog.conf 


# Provides UDP syslog reception
$ModLoad imudp   #打开
$UDPServerRun 514  
**********************

#### RULES ####

# Log all kernel messages to the console.
# Logging much else clutters up the screen.
#kern.*                                                 /dev/console

# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
*.info;mail.none;authpriv.none;cron.none                /var/log/messages

# The authpriv file has restricted access.
authpriv.*                /var/log/secure
local0.*     #添加haproxy的日志对象,一定要跟haproxy的配置文件向符合       
/var/log/haproxy.log  #指定路径
# Log all the mail messages in one place.
[root@hamaster ~]# systemctl restart rsyslog.service 
#重新启动日志文件才可以生效

3.浏览器访问测试 haproxy

http://192.168.122.43:8888/haproxy

这里的ip时haproxy,端口指定的haproxy,后期的路径是在haproxy中设定的uri,一定要指定,否则访问不到.
访问到以上图片,证明自己部署成功…