HAProxy+Keepalived 負載均衡高可用配置

準備作業
- 安裝haproxy和keepalived
- - 編譯安裝HAProxy
  - 啟動haproxy需要的配置
  - 安裝Keepalived
- 節點服務器安裝nginx和寫入網頁
配置haproxy
配置keepalived
- 主調度器配置keepalived
- 副調度器配置keepalived
配置keepalived自動切換腳本
- 撰寫主調度器的自動檢測腳本
- 撰寫副調度器的自動檢測腳本
設定HAProxy的日志
測驗
- 測驗負載均衡
- 測驗高可用

準備作業

五臺虛擬機

主機	IP	功能
主調度器	192.168.188.10	主要調度器，轉發漂移地址
從調度器	192.168.188.20	備份調度器，起主調度器的備份作用
節點服務器1-3	192.168.188.100-102	web服務器

安裝haproxy和keepalived

編譯安裝HAProxy

詳細安裝請看HAProxy 搭建Web群集.

curl -R -O https://www.lua.org/ftp/lua-5.4.3.tar.gz
tar xf lua-5.4.3.tar.gz -C /usr/local
cd /usr/local/lua-5.4.3
yum install -y readline-devel
make linux

查看安裝版本
./src/lua
lua-5.4.3  Copyright (C) 1994-2020 Lua.org, PUC-Rio
> print('hello world')
hello world


yum install -y gcc gcc-c++ glibc glibc-devel pcre pcre-devel openssl openssl-devel systemd-devel net-tools iotop bc zlib-devel ntpdate lsof tcpdump

進入haproxy原始碼包目錄

make -j `lscpu |awk 'NR==4{print $2}'` ARCH=x86_64 TARGET=linux-glibc USE_PCRE=1 USE_OPENSSL=1 USE
_ZLIB=1 USE_SYSTEMD=1 USE_CPU_AFFINITY=1 USE_LUA=1 LUA_INC=/usr/local/lua-5.4.3/src/ LUA_LIB=/usr/local/lua-5.4.3/src/ PREFIX=/usr/local/haproxy

echo $?   檢查是否成功編譯

make install PREFIX=/usr/local/haproxy

cd /usr/local/haproxy/sbin

./haproxy -v

HA-Proxy version 2.3.5-5902ad9 2021/02/06 - https://haproxy.org/
Status: stable branch - will stop receiving fixes around Q1 2022.
Known bugs: http://www.haproxy.org/bugs/bugs-2.3.5.html
Running on: Linux 3.10.0-862.el7.x86_64 #1 SMP Fri Apr 20 16:44:24 UTC 2018 x86_64

啟動haproxy需要的配置

HAProxy啟動腳本

vim /lib/systemd/system/haproxy.service 

[Unit]
Description=HAProxy Load Balancer
After=syslog.target network.target

[Service]
ExecStartPre=/usr/local/haproxy/sbin/haproxy -f /etc/haproxy/haproxy.cfg -c -q
ExecStart=/usr/local/haproxy/sbin/haproxy -Ws -f /etc/haproxy/haproxy.cfg -p /var/lib/haproxy/haproxy.pid
ExecReload=/bin/kill -USR2 $MAINPID

[Install]
WantedBy=multi-user.target


創建組態檔目錄
mkdir -p /etc/haproxy

將樣本組態檔拷貝到/etc/haproxy里
cp examples/haproxy.cfg /etc/haproxy/haproxy.cfg

如果沒有haproxy.cfg 可以自己寫一個
vim /etc/haproxy/haproxy.cfg

global
  user     haproxy	# 用戶
  group    haproxy
  daemon
  nbproc   2
  #cpu-map  1  0
  #cpu-map  2  1
  maxconn  100000
  chroot   /usr/local/haproxy	# 鎖定家目錄
  pidfile  /var/lib/haproxy/haproxy.pid	 #pid檔案位置
  log      127.0.0.1 local0 info

defaults
  log      global
  option   httplog
  option   http-keep-alive
  option   redispatch
  option   forwardfor
  maxconn  100000
  mode     http
  retries  3
  timeout  check 5s
  timeout  connect 5s
  timeout  client 60s
  timeout  server 60s
  timeout  http-request 10s
  timeout  queue 1m

listen stats
  bind     0.0.0.0:8888		# 埠8888
  log      global
  mode     http
  stats    enable
  stats    hide-version
  stats    realm Haproxy\ Statistics
  stats    uri     /stats	# 查看狀態網頁后綴
  stats    refresh 5s
  stats    auth    admin:123	# 授權訪問 用戶名:密碼

創建haproxy用戶和組

groupadd haproxy
useradd -M -s /sbin/nologin haproxy -g haproxy

給用戶haproxy授權
mkdir -p /var/lib/haproxy
chown -R haproxy:haproxy /usr/local/haproxy/
chown -R haproxy:haproxy /var/lib/haproxy/

啟動haproxy
systemctl start haproxy
systemctl status haproxy

瀏覽器驗證輸入ip:埠號/stats
在這里插入圖片描述
兩臺調度器的haproxy都安裝成功

安裝Keepalived

yum install -y keepalived

節點服務器安裝nginx和寫入網頁

yum install -y nginx
cd /usr/share/nginx/html
echo 'this is web100' > ./index.html
systemctl start nginx

配置haproxy

主副調度器haproxy配置可以一樣

vim /etc/haproxy/haproxy.cfg

global
  user     haproxy
  group    haproxy
  daemon
  nbproc   2
  #cpu-map  1  0
  #cpu-map  2  1
  maxconn  100000
  #chroot   /usr/local/haproxy
  #pidfile  /var/lib/haproxy/haproxy.pid
  log      127.0.0.1 local2 info

defaults
  log      global
  option   httplog
  #option   http-server-close
  option   dontlognull
  maxconn  100000
  mode     http
  retries  3
  timeout  connect 5000
  timeout  client 50000
  timeout  server 50000

listen stats
  bind     0.0.0.0:8888
  log      global
  mode     http
  stats    enable
  stats    hide-version
  stats    realm Haproxy\ Statistics
  stats    uri     /stats
  stats    refresh 5s
  stats    auth    admin:123


listen WEB_PORT_80
   bind 192.168.188.188:80
   mode http
   option httpchk GET /index.html
   balance roundrobin
   server web1 192.168.188.150:80  check inter 2000 fall 3 rise 5
   server web2 192.168.188.101:80  check inter 2000 fall 3 rise 5
   server web3 192.168.188.102:80  check inter 2000 fall 3 rise 5

從服務器啟動HAProxy的時候可能會啟動不了
因為監聽了漂移ip 但是備服務器上沒漂移ip
解決方法：

vi /etc/sysctl.conf 
添加
net.ipv4.ip_nonlocal_bind = 1  # 忽略監聽ip的檢查

sysctl -p

配置keepalived

主調度器配置keepalived

vim /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {
   router_id HAP1
}

vrrp_instance VI_1 {
    state MASTER
    interface ens33
    virtual_router_id 66
    priority 120
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.188.188
    }
}

副調度器配置keepalived


! Configuration File for keepalived

global_defs {
   router_id HAP2	# 組名字修改
}

vrrp_instance VI_1 {
    state BACKUP	# 改成備份
    interface ens33
    virtual_router_id 66
    priority 100		# 優先級比主調度器低
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.188.188
    }
}

ip addr查看虛擬地址
主調度器獲得虛擬地址
在這里插入圖片描述
副調度器沒有虛擬地址

配置keepalived自動切換腳本

撰寫主調度器的自動檢測腳本

#!/bin/bash
a=`ps -C haproxy --no-header|wc -l`
if [ $a -eq 0 ];then
        systemctl start haproxy
        echo "haproxy start..."
        sleep 3
        if [ `ps -C haproxy --no-header|wc -l` -eq 0 ];then
                systemctl stop keepalived
                echo "haproxy is down" 
                sleep 3
        fi
fi

在主調度器的keepalived.conf檔案中添加

vim /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {
   router_id HAP1
}
vrrp_script check_haproxy {		# 自動檢測腳本的方案名稱
        script '/etc/keepalived/check_haproxy.sh'	# 腳本的絕對路徑
        interval 2		# 自動運行的間隔
}
vrrp_instance VI_1 {
    state MASTER
    interface ens33
    virtual_router_id 66
    priority 120
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }   
    virtual_ipaddress {
        192.168.188.188
    }   
    track_script {		# 追蹤腳本
        check_haproxy	# 追蹤的腳本方案名稱
    }   
}

chmod +x check_haproxy.sh 
systemctl enable keepalived --now
systemctl restart keepalived

撰寫副調度器的自動檢測腳本

#!/bin/bash
a=`ip a | grep 192.168.188.188 | wc -l`
b=`ps -ef | grep haproxy | grep -v grep | awk '{print $2}'`
if [ $a -gt 0 ];then
        systemctl start haproxy
else 
        kill -9 $b
		sleep 3600
fi

! Configuration File for keepalived

global_defs {
   router_id HAP2
}
vrrp_script check_haproxy {
        script '/etc/keepalived/check_haproxy.sh'
        interval 2
}

vrrp_instance VI_1 {
    state BACKUP
    interface ens33
    virtual_router_id 66
    priority 90
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }   
    virtual_ipaddress {
        192.168.188.188
    }   
    track_script {
        check_haproxy
    }   
}

chmod +x check_haproxy.sh
systemctl enable keepalived --now
systemctl restart keepalived

設定HAProxy的日志

查看haproxy的主組態檔
vim /etc/haproxy/haproxy.cfg

在global下面添加有
log      127.0.0.1 local2 info	# 這里的local2可以是{1..7之間}

然后下面defaults里面添加有
log global

vim /etc/rsyslog.conf 

添加
local2.*	/var/log/haproxy.log

將注釋取消
$ModLoad imudp
$UDPServerRun 514

保存之后重啟服務
systemctl restart haproxy
systemctl restart rsyslog
systemctl status rsyslog

然后就會出現haproxy的日志檔案
ls /var/log/haproxy.log

測驗

測驗負載均衡

打開瀏覽器
這是主調度器的狀態界面
在這里插入圖片描述

這是副調度器的狀態界面
在這里插入圖片描述
連接數都為0 因為是副調度器

重繪瀏覽器
在這里插入圖片描述

輪詢成功！！！！！！！

測驗高可用

我們將主調度器關閉
繼續重繪網頁

并且動態查看日志
tailf /var/log/messages

在這里插入圖片描述
副調度器成為主調度器

重繪網頁之后網頁也沒受影響副調度器的狀態界面也產生了資訊
在這里插入圖片描述
最后我們又把主調度器開啟
漂移地址回到主調度器

在這里插入圖片描述

轉載請註明出處，本文鏈接：https://www.uj5u.com/qita/273312.html

標籤：其他

上一篇：Linux編程基礎之shell腳本修改檔案名

下一篇：Linux_行程間通信(行程間通信，匿名管道，命名管道）

Web服務器群集——HAProxy+Keepalived 負載均衡高可用配置步驟