一、Keepalived简介
ipvs提供高可用性,能够生成ipvs规则;也可以使用脚本来帮助高可用其他应用程序,没有heartbeart重量级;主要用在高可用ipvs,及一些反向代理应用程序
。
1.拓扑图
说明:1.两个代理服务器通过VIP向外提供数据
2.两个代理服务器都可以代理后端的服务器
3.为测试方便,后端服务器至提供静态页面
2.ip规划
3.安装配置haproxy
关于haproxy的详细配置,
[[email protected] ~]# cat /etc/haproxy/haproxy.cfg
#---------------------------------------------------------------------
# Example configuration
for
a possible web application. See the
# full configuration options online.
#
# http:
//haproxy.1wt.eu/download/1.4/doc/configuration.txt
#
#---------------------------------------------------------------------
#---------------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------
global
# to have these messages end up
in
/
var
/log/haproxy.log you will
# need to:
#
#
1
) configure syslog to accept network log events. This
is
done
# by adding the
‘-r‘
option to the SYSLOGD_OPTIONS
in
# /etc/sysconfig/syslog
#
#
2
) configure local2 events to go to the /
var
/log/haproxy.log
# file. A line like the following can be added to
# /etc/sysconfig/syslog
#
# local2.* /
var
/log/haproxy.log
#
log
127.0
.
0.1
local2
chroot /
var
/lib/haproxy
pidfile /
var
/run/haproxy.pid
maxconn
4000
user haproxy
group haproxy
daemon
# turn on stats unix socket
stats socket /
var
/lib/haproxy/stats
#---------------------------------------------------------------------
# common defaults that all the
‘listen‘
and
‘backend‘
sections will
#
use
if
not designated
in
their block
#---------------------------------------------------------------------
defaults
mode http
log global
option httplog
option dontlognull
option http-server-close
option forwardfor except
127.0
.
0.0
/
8
option redispatch
retries
3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn
3000
#---------------------------------------------------------------------
# main frontend which proxys to the backends
#---------------------------------------------------------------------
frontend main *:
80
default_backend
static
#---------------------------------------------------------------------
#
static
backend
for
serving up images, stylesheets and such
#---------------------------------------------------------------------
backend
static
balance roundrobin
server node2
192.168
.
1.202
:
80
check maxconn
2000
server node3
192.168
.
1.203
:
80
check maxconn
2000
#---------------------------------------------------------------------
# round robin balancing between the
var
ious backends
#---------------------------------------------------------------------
说明:两个节点的HAproxy的配置文件应该保持一样
4.测试haproxy的配置
5.安装配置keepalived
①、安装keepalived
keepalived的安装可以通过yum源来安装,也可以通过编译源码来安装,本处通过yum源赖安装
②、配置keepalived主节点
[[email protected] ~]# cat /etc/keepalived/keepalived.conf
! Configuration File
for
keepalived
global_defs {
//全局参数
notification_email {
//邮件
[email protected]
//收件人地址
}
notification_email_from [email protected]
//发件人地址
smtp_server
127.0
.
0.1
//邮件服务器的地址
smtp_connect_timeout
30
//间隔时间
router_id LVS_DEVEL
//邮件服务器的组的id
}
vrrp_script chk_haproxy {
script
"killall -0 haproxy"
//检查haproxy是否在线
interval
1
//检查间隔时间
weight -
5
//如果检查失败,则权重-5
}
vrrp_instance VI_1 {
//定义第一个集群
state MASTER
//初始状态为主节点,从节点应该为BACKUP
interface
eth0
//配置ip的端口
virtual_router_id
51
//本组集群的id号,主从节点必须一样
priority
100
//主节点的优先级,备用节点的优先级必须低于主节点
advert_int
1
//心跳检查间隔时间
authentication {
auth_type PASS
//通信为明文密码通信
auth_pass
1111
//通信的密码,主从节点必须一样
}
virtual_ipaddress {
192.168
.
1.99
//定义一个VIP
}
track_script {
//调用上面的命令
chk_haproxy
}
}
③、配置keepalived从节点
[[email protected] ~]# cat /etc/keepalived/keepalived.conf
! Configuration File
for
keepalived
global_defs {
notification_email {
[email protected]
}
notification_email_from [email protected]
smtp_server
127.0
.
0.1
smtp_connect_timeout
30
router_id LVS_DEVEL
}
vrrp_script chk_haproxy {
script
"killall -0 haproxy"
interval
1
weight -
5
}
vrrp_instance VI_1 {
state BACKUP
interface
eth0
virtual_router_id
51
priority
99
advert_int
1
authentication {
auth_type PASS
auth_pass
1111
}
virtual_ipaddress {
192.168
.
1.99
}
track_script {
chk_haproxy
}
}
2
: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu
1500
qdisc pfifo_fast state UP qlen
1000
link/ether
00
:0c:
29
:
56
:
78
:cd brd ff:ff:ff:ff:ff:ff
inet
192.168
.
1.204
/
24
brd
192.168
.
1.255
scope global eth0
inet
192.168
.
1.99
/
32
scope global eth0
inet6 fe80::20c:29ff:fe56:78cd/
64
scope link tentative dadfailed
valid_lft forever preferred_lft forever
可以看到ip地址已经配置上去了
我们可以看到网页访问正常
下面,我们模拟服务器损坏,将node1上的haproxy关掉,看看ip地址是否会转移到node4上
[[email protected] ~]# ip add
1
: lo: <LOOPBACK,UP,LOWER_UP> mtu
16436
qdisc noqueue state UNKNOWN
link/loopback
00
:
00
:
00
:
00
:
00
:
00
brd
00
:
00
:
00
:
00
:
00
:
00
inet
127.0
.
0.1
/
8
scope host lo
inet6 ::
1
/
128
scope host
valid_lft forever preferred_lft forever
2
: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu
1500
qdisc pfifo_fast state UP qlen
1000
link/ether
00
:0c:
29
:
56
:
78
:cd brd ff:ff:ff:ff:ff:ff
inet
192.168
.
1.204
/
24
brd
192.168
.
1.255
scope global eth0
inet
192.168
.
1.99
/
32
scope global eth0
inet6 fe80::20c:29ff:fe56:78cd/
64
scope link tentative dadfailed
valid_lft forever preferred_lft forever
查看网页是否能够访问正常
OK!!可以看到我们的页面访问正常,这就可以实现当前段的一个反向代理服务器宕机或者后端的一个web服务宕机,服务都可以正常对外提供
7.扩展
我们还可以自定义通知机制
#!/bin/bash
# Author: zero<[email protected]
>
# description: An example of notify script
#
vip=
192.168
.
1.99
contact=
‘[email protected]‘
notify() {
mailsubject=
"`hostname` to be $1: $vip floating"
mailbody=
"`date ‘+%F %H:%M:%S‘`: vrrp transition, `hostname` changed to be $1"
echo $mailbody | mail -s
"$mailsubject"
$contact
}
case
"$1"
in
master)
notify master
exit
0
;;
backup)
notify backup
exit
0
;;
fault)
notify fault
exit
0
;;
*)
echo
‘Usage: `basename $0` {master|backup|fault}‘
exit
1
;;
esac
在keepalived的配置文件中通过notify来调用,如下所示
notify_master
"/etc/keepalived/notify.sh master"
notify_backup
"/etc/keepalived/notify.sh backup"
notify_fault
"/etc/keepalived/notify.sh fault"
时间: 2024-10-08 06:14:13