web集群(haproxy负载均衡+keepalived高可用)
主机名 | 主机 | IP地址 |
---|---|---|
lvs1 | haproxy+keepalived | 192.168.88.38 |
proxy | haproxy+keepalived | 192.168.88.66 |
web1 | nginx | 192.168.88.10 |
web2 | nginx | 192.168.88.20 |
配置lvs1,proxy
安装haproxy
[root@lvs1 ~]# yum -y install haproxy
[root@lvs1 ~]# vim /etc/haproxy/haproxy.cfg
[root@lvs1 ~]# cat /etc/haproxy/haproxy.cfg
global#log 127.0.0.1 local2log /dev/log local0 infolog /dev/log local0 notice#chroot /var/lib/haproxypidfile /var/run/haproxy.pidmaxconn 4000user haproxygroup haproxydaemonnbproc 1# turn on stats unix socketstats socket /var/lib/haproxy/statsdefaultsmode httplog globaloption httplogoption dontlognulloption http-server-closeoption forwardfor except 127.0.0.0/8option redispatchretries 3timeout http-request 10stimeout queue 1mtimeout connect 10stimeout client 1mtimeout server 1mtimeout http-keep-alive 10stimeout check 10smaxconn 3000
listen statsbind *:9000mode httpstats enablestats hide-versionstats uri /statsstats refresh 30sstats realm Haproxy\ Statisticsstats auth admin:admin
listen web 0.0.0.0:80 balance roundrobin balance roundrobin #负载均衡调度算法server web1 192.168.88.10:80 check inter 2000 fall 3
check inter 2000 fall 3 #表示启用对此后端服务器执行健康检查,设置健康状态检查的时间间隔,单位为毫秒连续三次检测不到心跳频率则认为该节点失效server web2 192.168.88.20:80 check inter 2000 fall 3
[root@lvs1 ~]# systemctl start haproxy.service
proxy主机步骤如上
安装keepalived
#主节点
[root@lvs1 ~]# yum -y install keepalived
[root@lvs1 ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalivedglobal_defs {# 通知邮件服务器的配置notification_email {# 当master失去VIP或则VIP的时候,会发一封通知邮件到your-email@qq.comyour-email@qq.com}# 发件人信息notification_email_from keepalived@qq.com# 邮件服务器地址smtp_server 127.0.0.1# 邮件服务器超时时间smtp_connect_timeout 30# 邮件TITLErouter_id lvs1
}
vrrp_script check_nginx { #检查haproxy宕机,关闭keepalived服务script "/etc/keepalived/check_haproxy.sh"interval 3
}
vrrp_instance VI_1 {# 主机: MASTER# 备机: BACKUPstate MASTER# 实例绑定的网卡, 用ip a命令查看网卡编号interface ens37# 虚拟路由标识,这个标识是一个数字(1-255),在一个VRRP实例中主备服务器ID必须一样virtual_router_id 88# 优先级,数字越大优先级越高,在一个实例中主服务器优先级要高于备服务器priority 90# 主备之间同步检查的时间间隔单位秒advert_int 1# 验证类型和密码authentication {# 验证类型有两种 PASS和HAauth_type PASS# 验证密码,在一个实例中主备密码保持一样auth_pass 11111111}# 虚拟IP地址,可以有多个,每行一个virtual_ipaddress {192.168.88.88/24}track_script {check_nginx }
}
[root@lvs1 ~]# systemctl start keepalived
#从节点
[root@proxy ~]# yum -y install keepalived
[root@proxy ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalivedglobal_defs {# 通知邮件服务器的配置notification_email {# 当master失去VIP或则VIP的时候,会发一封通知邮件到your-email@qq.comyour-email@qq.com}# 发件人信息notification_email_from keepalived@qq.com# 邮件服务器地址smtp_server 127.0.0.1# 邮件服务器超时时间smtp_connect_timeout 30# 邮件TITLErouter_id proxy
}
vrrp_script check_nginx {script "/etc/keepalived/check_nginx.sh"interval 3
}
vrrp_instance VI_1 {# 主机: MASTER# 备机: BACKUPstate BACKUP# 实例绑定的网卡, 用ip a命令查看网卡编号interface ens37# 虚拟路由标识,这个标识是一个数字(1-255),在一个VRRP实例中主备服务器ID必须一样virtual_router_id 88# 优先级,数字越大优先级越高,在一个实例中主服务器优先级要高于备服务器priority 80# 主备之间同步检查的时间间隔单位秒advert_int 1# 验证类型和密码authentication {# 验证类型有两种 PASS和HAauth_type PASS# 验证密码,在一个实例中主备密码保持一样auth_pass 11111111}# 虚拟IP地址,可以有多个,每行一个virtual_ipaddress {192.168.88.88/24}track_script {check_nginx }
}
[root@proxy ~]# systemctl start keepalived
验证
此时使用ip a查看,vip地址在主节点上
[root@lvs1 ~]# ip a
3: ens37: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000link/ether 00:0c:29:48:b3:7b brd ff:ff:ff:ff:ff:ffinet 192.168.88.38/24 brd 192.168.88.255 scope global noprefixroute ens37valid_lft forever preferred_lft foreverinet 192.168.88.88/24 scope global secondary ens37valid_lft forever preferred_lft foreverinet6 fe80::dbb5:b534:a44a:a21/64 scope link noprefixroute valid_lft forever preferred_lft forever
[root@lvs1 ~]# curl 192.168.88.88
test2
[root@lvs1 ~]# curl 192.168.88.88
test1
[root@lvs1 ~]# curl 192.168.88.88
test1
[root@lvs1 ~]# curl 192.168.88.88
test2
假如把主节点的haproxy服务关闭,查看keepalived是否会自动关闭,并且把vip地址漂浮到从节点
[root@lvs1 ~]# systemctl status keepalived.service
● keepalived.service - LVS and VRRP High Availability MonitorLoaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled)Active: active (running) since 日 2024-03-17 23:35:28 CST; 24min ago
[root@lvs1 ~]# systemctl stop haproxy.service
[root@lvs1 ~]# systemctl status keepalived.service
● keepalived.service - LVS and VRRP High Availability MonitorLoaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled)
[root@lvs1 ~]# ip a
3: ens37: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000link/ether 00:0c:29:48:b3:7b brd ff:ff:ff:ff:ff:ffinet 192.168.88.38/24 brd 192.168.88.255 scope global noprefixroute ens37valid_lft forever preferred_lft foreverinet6 fe80::dbb5:b534:a44a:a21/64 scope link noprefixroute valid_lft forever preferred_lft forever
[root@proxy ~]# ip a
3: ens37: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000link/ether 00:0c:29:e4:cd:ac brd ff:ff:ff:ff:ff:ffinet 192.168.88.66/24 brd 192.168.88.255 scope global noprefixroute ens37valid_lft forever preferred_lft foreverinet 192.168.88.88/24 scope global secondary ens37valid_lft forever preferred_lft foreverinet6 fe80::20c:29ff:fee4:cdac/64 scope link valid_lft forever preferred_lft forever
发现配置的检查haproxy脚本生效,vip地址也漂浮到了proxy从节点上
[root@ceph01 ~]# curl 192.168.88.88
test2
[root@ceph01 ~]# curl 192.168.88.88
test1
[root@ceph01 ~]# curl 192.168.88.88
test1
[root@ceph01 ~]# curl 192.168.88.88
test2
总结
通过以上验证,实现了使用haproxy来达到负载均衡的效果,keepalived来达到HA的效果。保证的web集群正常访问