haproxy的高可用

一、简介

软件负载均衡一般通过两种方式来实现:基于操作系统的软负载实现和基于第三方应用的软负载实现。

LVS 就是基于 Linux 操作系统实现的一种软负载,HAProxy就是开源的并且基于第三应用实现的软负载。HAProxy 相比 LVS 的使用要简单很多,功能方面也很丰富。当前,HAProxy 支持两种主要的代理模式:"tcp"即 4 层(大多用于邮件服务器、内部协议通信服务器等)和 7 层(HTTP)在 4 层模式下, HAproxy仅在客户端和服务器之间转发双向流量。 7 层模式下, HAProxy 会分析协议,并且能通过允许、拒绝、交换、增加、修改或者删除请求(request)或者回应(response)里指定内容来控制协议,这种操作要基于特定规则。

详情可以HAProxy 官方网站(http://haproxy.1wt.eu)可以下载配置说明文档(configuration.txt)和架构文件(architecture.txt)作为参考。

二、拓扑图

三、 配置过程

注:

OS:Centos 6.5x86_64

己经安装的包组 :

#yum groupinstall -y "Development tools" "Server Platform Development"

前提:

HAproxy A与B要做到

主机名解析

时间同步

无密钥登录

1、HAproxy A配置

  • 安装keepalived、haproxy
#yum install -y keepalived haproxy

配置keepalived

  • 编辑/etc/keepalived/keepalived.conf
  • !  Configuration File for keepalived
    
    global_defs {
       notification_email {
             [email protected]
             [email protected]
       }
       notification_email_from [email protected]
       smtp_connect_timeout 3
       smtp_server 127.0.0.1
       router_id LVS_DEVEL
    }
    vrrp_script chk_haproxy {
        script "killall -0 haproxy"
        interval 1
        weight 2
    }
    vrrp_instance VI_1 {
        interface eth0
        state MASTER
        priority 201
        virtual_router_id 109
        garp_master_delay 1
    
        authentication {
            auth_type PASS
            auth_pass password
        }
        track_interface {
           eth0
        }
        virtual_ipaddress {
            172.16.1.103/16 dev eth0 label eth0:0
        }
        track_script {
            chk_haproxy
    
        }
    
        notify_master "/etc/keepalived/notify.sh master"
        notify_backup "/etc/keepalived/notify.sh backup"
        notify_fault "/etc/keepalived/notify.sh fault"
    }
    vrrp_instance VI_2 {
        interface eth0
        state BACKUP
        priority 99
        virtual_router_id 52
        garp_master_delay 1
    
        authentication {
            auth_type PASS
            auth_pass password
        }
        track_interface {
           eth0
        }
        virtual_ipaddress {
            172.16.1.109/16 dev eth0 label eth0:1
        }
        track_script {
            chk_haproxy
        }
    }

    通知脚本

#!/bin/bash
# description: An example of notify script
#
vip=172.16.1.103
contact=‘[email protected]‘
notify() {
    mailsubject="`hostname` to be $1: $vip floating"
    mailbody="`date ‘+%F\ %T‘`: vrrp transition, `hostname` changed to be $1"
    echo $mailbody | mail -s "$mailsubject" $contact
}
case "$1" in
    master)
        notify master
        /etc/rc.d/init.d/haproxy start
        exit 0
    ;;
    backup)
        notify backup
        /etc/rc.d/init.d/haproxy stop
        exit 0
    ;;
    fault)
        notify fault
        /etc/rc.d/init.d/haproxy stop
        exit 0
    ;;
    *)
        echo ‘Usage: `basename $0` {master|backup|fault}‘
        exit 1
    ;;
esac
#chmod +x /etc/keepalived/notify.sh

配置haproxy

  • 编辑配置文件 /etc/haproxy/haproxy.cfg
#---------------------------------------------------------------------
# Example configuration for a possible web application.  See the
# full configuration options online.
#
#   http://haproxy.1wt.eu/download/1.4/doc/configuration.txt
#
#---------------------------------------------------------------------
#---------------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------
global #全局配置区域
    log         127.0.0.1 local2  #日志将通过rsyslog进行归档记录
    chroot      /var/lib/haproxy #运行的安装路径
    pidfile     /var/run/haproxy.pid #pid文件存放的位置
    maxconn     4000  #最大连接
    user        haproxy  #运行haproxy的用户
    group       haproxy  #运行haprixy的组
    daemon     #以后台模式运行haproxy
    # turn on stats unix socket
    stats socket /var/lib/haproxy/stats
#---------------------------------------------------------------------
# common defaults that all the ‘listen‘ and ‘backend‘ sections will
# use if not designated in their block
#---------------------------------------------------------------------
defaults
    mode                    http  #工作模式
    log                     global #记录日志
    option                  httplog
    option                  dontlognull #不记录健康检查的日志信息
    option http-server-close  #启用服务器端主动关闭
    option forwardfor       except 127.0.0.0/8 #传递客户端IP
    option                  redispatch #当后端服务器组中的某一台主机故障后,能够自动将请求重定向到组内的其它主机
    retries                 3 #请求重试次数
    timeout http-request    10s #http请求超时时间
    timeout queue           1m #一个请求在队列里的超时时间
    timeout connect         10s #连接服务器超时时间
    timeout client          1m #客户端超时时间
    timeout server          1m #客户端超时时间
    timeout http-keep-alive 10s
    timeout check           10s #心跳检测超时时间
    maxconn                 3000 #最大连接数
#---------------------------------------------------------------------
# main frontend which proxys to the backends
#---------------------------------------------------------------------
frontend  proxy *:80
    acl url_static       path_beg       -i /static /images /javascript /stylesheets
    acl url_static       path_end       -i .jpg .gif .png .css .js
    use_backend static          if url_static
    default_backend             dynamic
#---------------------------------------------------------------------
# static backend for serving up images, stylesheets and such
#---------------------------------------------------------------------
backend static  #后端调度
    balance     roundrobin #调度算法
    server      web2 192.168.1.108:80 inter 1500 rise 2 fall 3  check maxconn 5000
#----------------------------------------
listen statistics
    mode http  # http 7 层模式
    bind *:8080 #监听地址
    stats enable #启用状态监控
    stats auth admin:essun #验证的用户与密码
    stats uri /admin?status #访问路径
    stats admin if TRUE #如果验证通过了就允许登录
    stats refresh 6s #每6秒刷新一次
    acl allow src 172.16.1.0/24 #允许的IP地址
    tcp-request content accept if allow #如果允许的地址段就允许访问
    tcp-request content reject #拒绝非法连接
#---------------------------------------------------------------------
# round robin balancing between the various backends
#---------------------------------------------------------------------
backend dynamic
    balance     roundrobin
    server      web2 192.168.1.40:80 check inter 1500 rise 2 fall 3   maxconn 5000
#服务器定义,serverid为web2,check inter 1500是检测心跳频率
#rise 2是2次正确认为服务器可用
#fall 3是3次失败认为服务器不可用
#最大连接数据为5000
server  web3 192.168.1.104:80 check inter 1500 rise 2 fall 3   maxconn 5000
  • 将此文件同时也复制到HAproxy B上一份

2、HAproxy B的配置

安装keepalived、haproxy

#yum install -y keepalived haproxy
  • 修改keepalived在配置文件(/etc/keepalived/keepalived.conf)
  • ! Configuration File for keepalived
    
    global_defs {
       notification_email {
             [email protected]
             [email protected]
       }
       notification_email_from [email protected]
       smtp_connect_timeout 3
       smtp_server 127.0.0.1
       router_id LVS_DEVEL
    }
    vrrp_script chk_haproxy {
        script "killall -0 haproxy"
        interval 1
        weight 2
    }
    vrrp_instance VI_1 {
        interface eth0
        state BACKUP
        priority 200
        virtual_router_id 109
        garp_master_delay 1
    
        authentication {
            auth_type PASS
            auth_pass password
        }
        track_interface {
           eth0
        }
        virtual_ipaddress {
            172.16.1.103/16 dev eth0 label eth0:0
        }
        track_script {
            chk_haproxy
    
        }
    
    }
    vrrp_instance VI_2 {
        interface eth0
        state MASTER
        priority 100
        virtual_router_id 52
        garp_master_delay 1
    
        authentication {
            auth_type PASS
            auth_pass password
        }
        track_interface {
           eth0
        }
        virtual_ipaddress {
            172.16.1.109/16 dev eth0 label eth0:1
        }
        track_script {
            chk_haproxy
        }
    
        notify_master "/etc/keepalived/notify.sh master"
        notify_backup "/etc/keepalived/notify.sh backup"
        notify_fault "/etc/keepalived/notify.sh fault"
    }

    修改通知脚本

#!/bin/bash
# description: An example of notify script
#
vip=172.16.1.109
contact=‘[email protected]‘
notify() {
    mailsubject="`hostname` to be $1: $vip floating"
    mailbody="`date ‘+%F\ %T‘`: vrrp transition, `hostname` changed to be $1"
    echo $mailbody | mail -s "$mailsubject" $contact
}
case "$1" in
    master)
        notify master
        /etc/rc.d/init.d/haproxy start
        exit 0
    ;;
    backup)
        notify backup
        /etc/rc.d/init.d/haproxy stop
        exit 0
    ;;
    fault)
        notify fault
        /etc/rc.d/init.d/haproxy stop
        exit 0
    ;;
    *)
        echo ‘Usage: `basename $0` {master|backup|fault}‘
        exit 1
    ;;
esac
#chmod +x /etc/keepalived/notify.sh
  • 由于HAproxy A中的haporxy配置与HAporxy B 的配置文件相同从HAproxy A中发过来一份放在同一目录下即可
#scp -p /etc/haproxy/haproxy.cnf 192.168.1.109:/etc/haproxy/

3、测试一下keepalived功能

  • HAproxy B 上面的ip地址

  • 将ha2上的keepalived停止后,ip地址己经转移到了ha1上了

当ha2启动后,172.16.1.109还是会回到ha2上面。

4、安装后端的web服务

  • web1 静态页面 (192.168.1.108)
#yum install -y httpd
[[email protected] ~]# cd /var/www/html/
[[email protected] html]# echo "<h1>这是一个静态页面,地址为192.168.1.108</h1>" > index.html
[[email protected] html]# ll
total 4
-rw-r--r-- 1 root root 59 May  3 12:50 index.html
[[email protected] html]# cat index.html
<h1>这是一个静态页面,地址为192.168.1.108</h1>
[[email protected] html]# service httpd start
Starting httpd: httpd: apr_sockaddr_info_get() failed for essun.node3.com
httpd: Could not reliably determine the server‘s fully qualified domain name, using 127.0.0.1 for ServerName
                                                           [  OK  ]
[[email protected] html]# curl http://192.168.1.108
<h1>这是一个静态页面,地址为192.168.1.108</h1>

在/var/www/html中放一张图片,仅供测试

  • web2 动态页面 (192.168.1.40)
[[email protected] yum.repos.d]# yum install -y  httpd php php-mysql mysql-server mysql-devel
[[email protected] yum.repos.d]# cd /var/www/html/
[[email protected] html]# vim index.php
[[email protected] html]# service httpd restart
Stopping httpd:                                            [FAILED]
Starting httpd: httpd: apr_sockaddr_info_get() failed for essun.node4.com
httpd: Could not reliably determine the server‘s fully qualified domain name, using 127.0.0.1 for ServerName
                                                           [  OK  ]
[[email protected] html]# cat index.php
<h1>我是动态页面,地址是192.168.1.40</h1>
<?php
    phpinfo();
?>
[[email protected] html]# curl  -I http://192.168.1.40/index.php
HTTP/1.1 200 OK
Date: Sat, 03 May 2014 05:11:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Connection: close
Content-Type: text/html; charset=UTF-8
  • web3 动态页面(192.168.1.104)
[[email protected] yum.repos.d]# yum install -y  httpd php php-mysql mysql-server mysql-devel
[[email protected] yum.repos.d]# cd /var/www/html/
[[email protected] html]# vim index.php
[[email protected] yum.repos.d]# service httpd restart
Stopping httpd:                                            [FAILED]
Starting httpd:                                            [  OK  ]
[[email protected] html]# cat index.php
<h1>我也是动态页面,地址是192.168.1.104</h1>
<?php
    phpinfo();
?>
[[email protected] yum.repos.d]# curl -I http://192.168.1.104
HTTP/1.1 200 OK
Date: Sat, 03 May 2014 05:14:22 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Connection: close
Content-Type: text/html; charset=UTF-8

四、测试

1、利用两个vip任意一个测试一下

  • 静态页面测试

动态页面测试web2 (192.168.1.40)

  • 动态页面测试 web3 (192.168.1.104)

  • 监控页面,验证用户身份

  • 验证通过后

  • 其中一个keepalived宕机后完不会影响到服务的正常的运行

===================================完===================================================

haproxy的高可用,布布扣,bubuko.com

时间: 2024-10-26 20:25:51

haproxy的高可用的相关文章

keepalived+haproxy实现高可用

实验环境: 2台centos 6.5作为keepalived+haproxy的高可用,3台centos6.5配置httpd作为后端server,haproxy的轮询采用rr调度算法.vip:192.168.8.199 ha1:eth1:192.168.8.41,keepalived+haproxy ha3:eth1:192.168.8.43,keepalived+haproxy  rs1:192.168.8.21.httpd rs2:192.168.8.22.httpd rs3:192.168.

Haproxy+keepalived高可用、负载均衡安装部署方案

1     环境说明 前端两台haproxy+keepalived互为主从,提供高可用:另外基于不同域名访问不同的虚拟ip实现负载均衡 1.1     环境描述 服务器A(主.从):eth0:10.241.51.245   eth1:192.168.1.9 服务器B(从.主):eth2:10.241.51.246   eth1:192.168.1.10 服务器C(web01):eth0:10.241.51.247 服务器D(web02):eth0:10.241.51.248 VIP1:10.24

用keepalived来实现haproxy的高可用性能

一.haproxy和keepalived的解释: 1.haproxy:haproxy是免费.极速且可靠的用于为TCP和基于HTTP应用程序提供负载均衡和代理服务的解决方案,尤其适用于高负载且需要持久连接或7层处理机制的web站点. 2.haproxy的特性:客户端侧的长连接(client-side keep-alive):TCP加速(TCP speedups): 响应池(response buffering):RDP协议:基于源的粘性(source-based stickiness):更好的统计

haproxy实现的web反向代理,动静分离,以及基于keepalived实现的haproxy的高可用

   haproxy于Nginx一样都是做反向代理,但是与其相比,haproxy更专注于web代理.HAProxy是单进程多请求,也支持多进程,HAProxy运行在当前的硬件上,完全可以支持数以万计的并发连接.       haproxy功能的实现全部基于配置文件,所以我们需要了解很多的配置指令,玩转指令,再结合实际情况,我们就玩转了haproxy,其实haproxy的配置也很简单,下面我们一起简单认识和了解一些haproxy的基本功能和相关知识.         CentOS6.5自带的rpm

基于keepalived对HAproxy做高可用集群

一.Keepalived简介 Keepalived的作用是检测web服务器的状态,如果有一台web服务器死机,或工作出现故障,Keepalived将检测到,并将有故障的web服务器从系统中剔除,当web服务器工作正常后Keepalived自动将web服务器加入到服务器群中,这些工作全部自动完成,不需要人工干涉,需要人工做的只是修复故障的web服务器. Layer3,4&7工作在IP/TCP协议栈的IP层,TCP层,及应用层,原理分别如下: Layer3:Keepalived使用Layer3的方式

使用keepalived实现haproxy的高可用

一.haproxy和keepalived的解释及本次实验的拓扑图: 1.haproxy:haproxy是免费.极速且可靠的用于为TCP和基于HTTP应用程序提供负载均衡和代理服务的解决方案,尤其适用于高负载且需要持久连接或7层处理机制的web站点. 2.haproxy的特性:客户端侧的长连接(client-side keep-alive):TCP加速(TCP speedups): 响应池(response buffering):RDP协议:基于源的粘性(source-based stickine

HAProxy双机高可用之HAProxy+Keepalived

Haproxy HAProxy 提供高可用性.负载均衡以及基于 TCP 和 HTTP 应用的代理,支持虚拟主机, 它是免费.快速并且可靠的一种解决方案.HAProxy 特别适用于那些负载特大的 web 站 点, 这些站点通常又需要会话保持或七层处理.HAProxy 运行在当前的硬件上,完全可 以支持数以万计的并发连接.并且它的运行模式使得它可以很简单安全的整合进您当前 的架构中, 同时可以保护你的 web 服务器不被暴露到网络上. 实验环境:rhel6.5 selinux and iptable

Heartbeat+Haproxy实现高可用

环境说明: 主机名 角色 IP地址 mylinux1.contoso.com heartbeat+haproxy eth0:192.168.100.121 eth1:172.16.100.121 mylinux2.contoso.com heartbeat+haproxy eth0:192.168.100.122 eth1:172.16.100.122 mylinux3.contoso.com web server 1 eth0:192.168.100.181 mylinux4.contoso.

案例一(haproxy+keepalived高可用负载均衡系统)【转】

1.搭建环境描述: 操作系统: [[email protected] ~]# cat /etc/redhat-release CentOS release 6.7 (Final) 地址规划: 主机名 IP地址 集群角色 虚拟IP haproxy-server 10.0.0.35 主HAProxyServer 10.0.0.40 haproxy-backup 10.0.0.36 备用HAProxyServer webapp1 10.0.0.150 Backend Server 无 webapp2