一、安装haproxy作为端口转发服务器(主服务器:172.28.5.4,备服务器:172.28.5.8,浮点IP为:172.28.5.6)
1、下载
cd /usr/local/src
wget https://github.com/haproxy/haproxy/archive/v1.5-dev20.tar.gz
2、解压
tar - zvxf v1.5-dev20.tar.gz
cd haproxy-1.5-dev20
3、编译
make TARGET=linux26 prefix=/usr/local/haproxy
make install prefix=/usr/local/haproxy
4、配置文件
mkdir /etc/haproxy
touch /etc/haproxy/haproxy.conf
vim /etc/haproxy/haproxy.conf
global log 127.0.0.1 local2 ###[err warning info debug] chroot /usr/local/haproxy pidfile /var/run/haproxy.pid ###haproxy的pid存放路径,启动进程的用户必须有权限访问此文件 maxconn 65535 ###最大连接数,默认4000 daemon defaults mode http log global timeout connect 20s timeout server 60s timeout client 60s retries 3 listen stats bind 0.0.0.0:8888 #监听端口 stats refresh 30s #统计页面自动刷新时间 stats uri /stats #统计页面url stats realm Haproxy Manager #统计页面密码框上提示文本 stats auth admin:hl95smsjh #统计页面用户名和密码设置 stats hide-version #隐藏统计页面上HAProxy的版本信息 listen cmppv2 bind :7890 #监听端口 mode tcp log global timeout connect 20s timeout server 60s timeout client 60s retries 3 server s1 xxx.xxx.xxx.xxx:7890 #转发IP+端口 listen cmppv22 bind :7891 #监听端口 mode tcp log global timeout connect 20s timeout server 60s timeout client 60s retries 3 server s2 xxx.xxx.xxx.xxx:7891 #转发IP+端口
5、启动haproxy
haproxy -f /etc/haproxy/haproxy.conf
6、查看启动结果
ps -ef|grep ha
启动成功
7、添加7890和7891到防火墙
firewall-cmd --zone=public --add-port=7890/tcp --permanent
firewall-cmd --zone=public --add-port=7891/tcp --permanent
firewall-cmd --reload
找一台机器telnet测试
连接成功
同样的在172.28.5.8的备份服务器上也安装haproxy。
至此haproxy转发服务器配置完毕
二、安装keepalived做haproxy主备服务器高可用
在两台服务器上分别安装keepalived
1、下载
cd /usr/local/src
wget http://www.keepalived.org/software/keepalived-1.3.4.tar.gz
2、解压
tar -zxvf keepalived-1.3.4.tar.gz
cd keepalived-1.3.4
安装前需要的环境:
yum -y install wget
yum -y install pcre*
yum -y install openssl-devel
yum -y install zlib
3、编译
./configure --prefix=/usr/local/keepalived-1.3.4
make && make install
4、配置文件
mkdir /etc/keepalived
touch /etc/keepalived/keepalived.conf
vim keepalived.conf
! Configuration File for keepalived global_defs { notification_email { [email protected] [email protected] [email protected] } notification_email_from [email protected] smtp_server 192.168.200.1 smtp_connect_timeout 30 router_id LVS_DEVEL vrrp_skip_check_adv_addr vrrp_strict vrrp_garp_interval 0 vrrp_gna_interval 0 } vrrp_script chk_haproxy { #调用外部的辅助脚本进行资源监控,并根据监控的结果状态能实现优先动态>调整 script "/usr/local/keepalived-1.4.5/check_haproxy.sh" interval 2 #每2秒检查执行一次 weight 2 fall 2 #如果连续两次检测为错误状态则认为服务部可用 rise 1 #检测一次成功就认为服务正常 } vrrp_instance VI_1 { #配置虚拟路由实例 state MASTER #定义该节点为MASTER节点 interface em1 #定义VIP绑定的物理网卡 virtual_router_id 51 #设置虚路由拟路由id,同一集群的节点群必须相同 priority 100 #设定优先级 advert_int 1 #设定master与backup之间vrrp通告的时间间隔,单位是秒 #nopreempt #设定keepalived的切换模式,默认是抢占failover,这里是非抢占,没有启用 authentication { #定义验证方式与密码 auth_type PASS auth_pass 1234 } virtual_ipaddress { 172.28.5.6 } track_script { #用于追踪脚本执行状态,定义在vrrp_instance段中 chk_haproxy } }
将路径为/usr/local/src/keepalived-1.3.4/keepalived/etc/init.d的文件keepalived拷贝到/etc/init.d下
cp /usr/local/src/keepalived-1.3.4/keepalived/etc/init.d/keepalived /etc/init.d/keepalived
将路径为/usr/local/keepalived-1.3.4/etc/sysconfig/keepalived的文件拷贝到 /etc/sysconfig/keepalived
cp/usr/local/keepalived-1.3.4/etc/sysconfig/keepalived /etc/sysconfig/keepalived
/usr/local/keepalived-1.4.5/check_haproxy.sh用于检测haproxy进程是否存在,不存在的话,尝试启动haproxy,如果启动没有成功,则关闭自己服务器的keepalived服务文件内容如下
#!/bin/bash COUNT=$(ps -C haproxy --no-header |wc -l) echo $COUNT if [ $COUNT -eq 0 ] then haproxy -f /etc/haproxy/haproxy.conf echo "重启haproxy" sleep 3 COUNT=$(ps -C haproxy --no-header |wc -l) if [ $COUNT -eq 0 ] then echo "停止keepalived" /etc/init.d/keepalived stop fi fi
5、添加执行权限
chmod +x /etc/init.d/keepalived
chmod +x /usr/local/keepalived-1.4.5/check_haproxy.sh
6、添加keepalived到系统服务
chkconfig --add keepalived
7、启动
service keepalived start
8、查看
service keepalived status
启动成功
9、查看网卡的浮点IP设置
ip a
设置成功
同样在备份服务器172.28.5.8上也安装keppalived服务,唯一不同的是keepalived配置文件
! Configuration File for keepalived global_defs { notification_email { [email protected] [email protected] [email protected] } notification_email_from [email protected] smtp_server 192.168.200.1 smtp_connect_timeout 30 router_id LVS_DEVEL vrrp_skip_check_adv_addr vrrp_strict vrrp_garp_interval 0 vrrp_gna_interval 0 } vrrp_script chk_haproxy { #调用外部的辅助脚本进行资源监控,并根据监控的结果状态能实现优先动态调整 script "/usr/local/keepalived-1.4.5/check_haproxy.sh" interval 2 #每2秒检查执行一次 weight 2 fall 2 #如果连续两次检测为错误状态则认为服务部可用 rise 1 #检测一次成功就认为服务正常 } vrrp_instance VI_1 { #配置虚拟路由实例 state BACKUP #定义该节点为BACKUP节点 interface em1 #定义VIP绑定的物理网卡 virtual_router_id 51 #设置虚路由拟路由id,同一集群的节点群必须相同 priority 95 #设定优先级 advert_int 1 #设定master与backup之间vrrp通告的时间间隔,单位是秒 #nopreempt #设定keepalived的切换模式,默认是抢占failover,这里是非抢占,没有启用 authentication { #定义验证方式与密码 auth_type PASS auth_type PASS auth_pass hl951234 } virtual_ipaddress { 172.28.5.6 } track_script { #用于追踪脚本执行状态,定义在vrrp_instance段中 chk_haproxy } }
state BACKUP #定义该节点为BACKUP节点
priority 95 #设定优先级,备份服务器优先级低一些。主服务器设置的是100启动备份服务器keepalived服务
启动成功
ip a
三、测试高可用
1、关闭主服务器172.28.5.4的keepalived服务
service keepalived stop
2、查看IP
ip a
此时浮点IP已经解绑
再关闭172.28.5.4haproxy服务
kill -9 37655
此时telnet 172.28.5.4 7890,已经不能连接
但是 telnet 172.28.5.6 7890 ,依然可以连接,说明172.28.5.6IP已经漂移到172.28.5.8的备份服务器上
四、恢复主服务器haproxy以及keepalived服务
service keepliaved start
keepliaved会自动监测haproxy服务,并重启
查看ip
ip a
成功绑定,但此时备份服务器一直接管服务,主服务器变为备份服务器,备份服务器变为主服务器,知道备份服务器下线为止。
原文地址:https://www.cnblogs.com/sky-cheng/p/10655767.html