Keepalived+Haproxy 安装配置

时间 2019-12-01

标签 keepalived+haproxy keepalived haproxy 安装配置栏目负载均衡繁體版

原文原文链接

1 安装配置keepalive

1.1 安装前准备

在home下建立omcr目录将ISO文件（rhel-server-7.1-x86_64-dvd.iso）上传到/home/omcr目录下
将ISO文件挂载为伪设备

mount –o loop /home/omcr/rhel-server-7.1-x86_64-dvd.iso /mnt/cdromlinux

配置yum源，在/etc/yum.repos.d/目录下建立myYum.repo文件，将下面内容copy到该文件

[InstallMedia] #表明整个库的名字不能有空格web

name=Red Hat Enterprise Linux 7.1 #这个库的说明没啥意义redis

baseurl=file:///mnt/cdrom #以什么方式传输路径在哪里方式能够有file ftp httpc#

metadata_expire=-1bash

gpgcheck=0 #是否gpg文件来检查软件包的签名 1是 0 否服务器

cost=500网络

enabled=1 #是否启用这个更新库 0表示不启用app

安装openssl-devel

使用下面的命令查询是否安装，负载均衡

rpm -qa | grep openssl-develfrontend

为空说明未安装，执行下面命令

yum install -y openssl-devel

安装libnl-devel

使用下面的命令查询是否安装，

rpm -qa | grep libnl-devel

为空说明未安装，执行下面命令

yum -y install libnl-devel

7．安装libnfnetlink-devel

将libnfnetlink-devel-1.0.1-4.el7.x86_64.rpm上传到/home/omcr目录下，而后执行

rpm –ivh libnfnetlink-devel-1.0.1-4.el7.x86_64.rpm

1.2 安装keepalived

安装前准备工做成功执行完成以后，就能够开始安装Keepalived软件系统，步骤以下：

1.将keepalived-2.0.5.tar.gz源文件上传到/home/omcr目录下

2.解压keepalived-2.0.5.tar.gz源文件

tar -zxvf keepalived-2.0.5.tar.gz

3.编译并安装

cd /home/omcr/ keepalived-2.0.5

./configure --prefix=/usr/local/keepalived

make && make install

以上命令执行完成，安装过程完成。

1.3 注册为系统服务

为了方便用户使用系统命令启停Keepalived服务，经过如下步骤将安装好的Keepalived软件注册为系统服务

1）

cp /usr/local/keepalived/sbin/keepalived /usr/sbin/

2）

cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/

1.4 配置keepalived启动脚本

在/etc/init.d/下建立keepalived

修改该文件权限为可执行

chmod +x /etc/init.d/keepalived

文件内容以下（用于keepalived定时检测代理的服务状态）：

#!/bin/sh

# Startup script for the Keepalived daemon

# processname: keepalived

# pidfile: /var/run/keepalived.pid

# config: /etc/keepalived/keepalived.conf

# chkconfig: - 21 79

# description: Start and stop Keepalived

# Source function library

. /etc/rc.d/init.d/functions

# Source configuration file (we set KEEPALIVED_OPTIONS there)

. /etc/sysconfig/keepalived

RETVAL=0

prog="keepalived"

start() {

echo -n $"Starting $prog: "

daemon keepalived ${KEEPALIVED_OPTIONS}

RETVAL=$?

echo

[ $RETVAL -eq 0 ] && touch /var/lock/subsys/$prog

}

stop() {

echo -n $"Stopping $prog: "

killproc keepalived

RETVAL=$?

echo

[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/$prog

}

reload() {

echo -n $"Reloading $prog: "

killproc keepalived -1

RETVAL=$?

echo

}

# See how we were called.

case "$1" in

start)

start

;;

stop)

stop

;;

reload)

reload

;;

restart)

stop

start

;;

condrestart)

if [ -f /var/lock/subsys/$prog ]; then

stop

start

;;

status)

status keepalived

RETVAL=$?

;;

echo "Usage: $0 {start|stop|reload|restart|condrestart|status}"

RETVAL=1

esac

exit $RETVAL

1.5 配置keepalived的核心配置文件

将keepalive.conf和 check_haproxy.sh 、send_arp.sh文件分别上传到主备机/etc/keepalived目录下，编辑keepalive.config文件以下

global_defs {

notification_email { #指定Keepalived在发生事情的时候，发送邮件通知，每行一个地址

root@localhost

}

notification_email_from keepalived@localhost #指定发件人

smtp_server 127.0.0.1 #发送email的smtp地址

smtp_connect_timeout 30 #超时时间

router_id haproxy #运行Keepalived的机器标识号，主从机必须不一样

}

vrrp_script chk_haproxy {

script "/etc/keepalived/check_haproxy.sh"

interval 2

weight 2

}

vrrp_instance VI_1 {

state BACKUP #指定keepalive的角色MASTER表明主服务器BACKUP表示备用机

interface ens1f0 #指定HA监测网络的接口

virtual_router_id 51 #虚拟路由标识同一vrrp实例只有一个，即主备机相同

priority 99 #定义优先级，数字越大优先级越高主机必须大于备机

advert_int 1 #设定主备负载均衡器之间同步检查的时间间隔单位是秒

unicast_src_ip 192.168.222.137 #本地ip地址

unicast_peer {

192.168.222.136 #对端IP地址

}

authentication { #设定验证类型和密码

auth_type PASS #设定验证类型有PASS和AH两种

auth_pass 1111 #设置密码同一个vrrp_instance实例下主备机必须设置相同才能正常通讯

}

track_script { #执行监控的服务

chk_haproxy

}

virtual_ipaddress { #keepalive的虚拟ip

192.168.52.201

}

# notify_master "/etc/keepalived/send_arp.sh ens1f0 192.168.52.201 192.168.50.1"

}

1.6 配置keepalive服务自启动

设置开机自启动

chkconfig keepalived on

取消开机自启动

systemctl disable keepalived.service 取消开机自动启动

测试是否绑定成功

1)停掉服务

systemctl stop keepalived 或者 service keepalived stop

2)重启

sudo service keepalived restart

3)运行 ip addr查看是否绑定成功

也可执行

systemctl status keepalived

1.7 启停keepalive服务

keepalived被注册为系统服务后能够经过如下命令启动、中止服务或者查询服务的运行状态。

1）查询keepalived服务状态

systemctl status keepalived 或者 service keepalived status

2）启动keepalived服务

systemctl start keepalived 或者 service keepalived start

3）中止keepalived服务

systemctl stop keepalived 或者 service keepalived stop

1 安装配置haproxy

1.1 安装前准备

配置syslog

vi /etc/rsyslog.conf

开启UDP 514 端口

# Provides UDP syslog reception

$ModLoad imudp

$UDPServerRun 514

设置haproxy日志存放目录

local2.* /var/log/haproxy.log

再修改/etc/sysconfig/rsyslog

vi /etc/sysconfig/rsyslog

修改内容为

SYSLOGD_OPTIONS="-r -m 0"

说明：-r:打开接受外来日志消息的功能,其监控514 UDP端口;

-x:关闭自动解析对方日志服务器的FQDN信息,这能避免DNS不完整所带来的麻烦;

-m:修改syslog的内部mark消息写入间隔时间(0为关闭),例如240为每隔240分钟写入一次"--MARK--"信息;

-h:默认状况下,syslog不会发送从远端接受过来的消息到其余主机,而使用该选项,则把该开关打开,全部

接受到的信息均可根据syslog.conf中定义的@主机转发过去

重启rsyslog服务

systemctl restart rsyslog

1.2 安装haproxy

安装前准备工做成功执行完成以后，就能够开始安装Haproxy软件系统，步骤以下：

1.将haproxy-1.5.18.tar.gz源文件上传到/home/omcr目录下

2.解压haproxy-1.5.18.tar.gz源文件

tar -zxvf haproxy-1.5.18.tar.gz

3.编译并安装

cd /home/omcr/haproxy-1.5.18

uname -r #查看系统内核版本号结果3.10.0-229.el7.x86_64

make TARGET=linux3100 #3100表明系统内核版本号

make install PREFIX=/usr/local/haproxy

以上命令执行完成，安装过程完成。

1.3 配置启动脚本

为了方便用户使用系统命令启停haproxy服务，经过如下步骤将安装好的haproxy软件注册为系统服务

在/etc/init.d/下建立haproxy

修改该文件权限为可执行

chmod +x /etc/init.d/ haproxy

文件内容以下：

#!/bin/sh

#chkconfig: 2345 10 90

#description:haproxy

# Source function library

. /etc/rc.d/init.d/functions

PROGNAME=haproxy

PROGDIR=/usr/local/haproxy

DAEMON=$PROGDIR/sbin/$PROGNAME

CONFIG=$PROGDIR/$PROGNAME.cfg

PIDFILE=$PROGDIR/$PROGNAME.pid

SCRIPTNAME=/etc/init.d/$PROGNAME

# Gracefully exit if the package has been removed.

test -x $DAEMON || exit 0

RETVAL=0

start()

{

$DAEMON -f $CONFIG

RETVAL=$?

echo -e "$PROGNAME started"

}

stop()

{

haproxy_pid="$(cat $PIDFILE)"

kill -9 $haproxy_pid

RETVAL=$?

echo -e "$PROGNAME stoped "

}

restart()

{

$DAEMON -f $CONFIG -p $PIDFILE -sf $(cat $PIDFILE)

RETVAL=$?

echo -e "$PROGNAME restarted "

}

case "$1" in

start)

start

;;

stop)

stop

;;

restart)

restart

;;

status)

status $PROGNAME

RETVAL=$?

;;

echo "Usage: $SCRIPTNAME {start|stop|restart}" >&2

RETVAL=1

;;

esac

exit $RETVAL

1.1 配置haproxy的核心配置文件

将haproxy.cfg文件分别上传到主备机/usr/local/haproxy目录下，编辑haproxy.cfg文件将其中的IP地址修改成实际的集群服务节点IP地址。

#---------------------------------------------------------------------

# Example configuration for a possible web application. See the

# full configuration options online.

# http://haproxy.1wt.eu/download/1.4/doc/configuration.txt

#---------------------------------------------------------------------

# Global settings

#---------------------------------------------------------------------

global

# to have these messages end up in /var/log/haproxy.log you will

# need to:

# 1) configure syslog to accept network log events. This is done

# by adding the '-r' option to the SYSLOGD_OPTIONS in

# /etc/sysconfig/syslog

# 2) configure local2 events to go to the /var/log/haproxy.log

# file. A line like the following can be added to

# /etc/sysconfig/syslog

# local2.* /var/log/haproxy.log

log 127.0.0.1 local2

chroot /usr/local/haproxy

pidfile /usr/local/haproxy/haproxy.pid

maxconn 4000

user root

group root

daemon

# turn on stats unix socket

stats socket /usr/local/haproxy/stats

#---------------------------------------------------------------------

# common defaults that all the 'listen' and 'backend' sections will

# use if not designated in their block

#---------------------------------------------------------------------

defaults

mode tcp #默认的模式mode{mode|http|health}，tcp4层http7层，health只会返回ok

log global

option tcplog #日志类别有httplog

option dontlognull

option http-server-close

# option forwardfor except 127.0.0.0/8

option redispatch

retries 3 #3次链接失败就默认服务器不可用

timeout http-request 10s

timeout queue 1m

timeout connect 10s

timeout client 1m

timeout server 1m

timeout http-keep-alive 10s

timeout check 10s

maxconn 3000

#---------------------------------------------------------------------

# main frontend which proxys to the backends

#---------------------------------------------------------------------

frontend rabbitmq

bind *:5672

default_backend rabbitmq_cluster

frontend redis

bind *:6379

default_backend redis_cluster

frontend mycat

bind *:8066

default_backend mycat_cluster

#---------------------------------------------------------------------

# round robin balancing between the various backends

#---------------------------------------------------------------------

backend rabbitmq_cluster

mode tcp

balance roundrobin

server master 192.168.53.11:5672 check inter 2000 rise 2 fall 3

server slaver 192.168.53.12:5672 check inter 2000 rise 2 fall 3

backend redis_cluster

mode tcp

balance roundrobin

server master 192.168.53.11:6379 check inter 2000 rise 2 fall 3

server slaver 192.168.53.12:6379 check inter 2000 rise 2 fall 3

backend mycat_cluster

mode tcp

balance roundrobin

server master 192.168.52.155:8066 check inter 2000 rise 2 fall 3

server slaver 192.168.53.12:8066 check inter 2000 rise 2 fall 3

listen cluster_monitoring

bind *:9098 #监听端口

mode http

option httplog #采用http日志格式

timeout client 3h

timeout server 3h

timeout connect 3h

stats enable

stats uri /stats #统计页面url

stats refresh 5s #统计页面自动刷新时间

1.2 配置haproxy服务自启动

如需配置服务自启动需在上面的配置文件(/etc/rc.d/init.d/haproxy)中添加下面两句到#!/bin/bash以后

#chkconfig: 2345 10 90

#description:haproxy

说明：

----其中2345是默认启动级别，级别有0-6共7个级别。

----等级0表示：表示关机

----等级1表示：单用户模式

----等级2表示：无网络链接的多用户命令行模式

----等级3表示：有网络链接的多用户命令行模式

----等级4表示：不可用

----等级5表示：带图形界面的多用户模式

----等级6表示：从新启动

----10是启动优先级，90是停机优先级，优先级范围是0-100，数字越大，优先级越低。

再执行

chkconfig --add haproxy

重启服务器执行以下命令查看是否配置成功

netstat -ntlp | grep haproxy

1.3 启停haproxy服务

haproxy被注册为系统服务后能够经过如下命令启动、中止服务或者查询服务的运行状态。

1）查询haproxy服务状态

systemctl status haproxy

2）启动haproxy服务

systemctl start haproxy

3）中止haproxy服务

systemctl stop haproxy