此篇为测试环境:Rhed5.4 2.6.18-164.el5
lvs-dr1 IP:192.168.20.9
lvs-dr2 IP:192.16.20.10
VIP:192.168.20.100
lvs-web1 IP:192.168.10.20
lvs-web2 IP:192.168.10.30
lvs-dr1和lvs-dr2做同样设置,以lvs-dr1为例
1.添加非本机IP邦定支持
#vi /etc/sysctl.conf
net.ipv4.ip_nonlocal_bind=1
#sysctl –p
2.配置iptables,添加VRRP通讯支持
iptables -A INPUT -d 224.0.0.18 -j ACCEPT
3.Haproxy的安装
从官方网站: 下载最新版本。
# tar xvf haproxy-1.4.18.tar.gz
# cd haproxy-1.4.18
# make TARGET=linux26 PREFIX=/usr/local/haprpxy
# make install PREFIX=/usr/local/haproxy
安装完毕后,进入安装目录创建配置文件
# cd /usr/local/haproxy/
# mkdir conf
# cd conf/
# vim haproxy.conf
global
log 127.0.0.1 local0
maxconn 65535
chroot /usr/local/haproxy
uid 99
gid 99
daemon
nbproc 1
pidfile /usr/local/haproxy/haproxy.pid
#debug
defaults
log 127.0.0.1 local3
mode http
option httplog
option httpclose
option dontlognull
option forwardfor
option redispatch
retries 2
maxconn 2000
balance source
#stats uri /web-status
contimeout 5000
clitimeout 50000
srvtimeout 50000
frontend 192.168.20.100
bind *:80
mode http
option httplog
log global
default_backend phppool
backend phppool
balance source
option httpchk HEAD /info.html HTTP/1.0
server web1 192.168.10.20:80 weight 5 check inter 2000 rise 2 fall 3
server web2 192.168.10.30:80 weight 3 check inter 2000 rise 2 fall 3
listen stats_auth 192.168.20.9:8080
# listen stats_auth 192.168.0.21:80 # backup config
stats enable
stats uri /admin-status #管理地址
stats auth admin:123456 #管理帐号:管理密码
stats admin if TRUE
配置文件建议写成这种frontend(前台)和backend(后台)的形式,方便我们根据需求也可以利用HAProxy的正则做成动静分离或根据特定的文件名后缀(比如.php或.jsp)访问指定的phppool池或javapool池(Nginx也能实现此项功能),我们还可以指定静态服务器池,让客户端对静态文件(比如bmp或jsp或html)访问我们的Nginx静态服务器,所以前后台的模型也是非常有用的,不喜欢frontend(前台)和backend(后台)的朋友可以对比下以前没有采用这种模式的配置文件,内容如下:
global
log 127.0.0.1 local0
maxconn 65535
chroot /usr/local/haproxy
uid 99
gid 99
daemon
nbproc 8
pidfile /usr/local/haproxy/haproxy.pid
#debug
defaults
log 127.0.0.1 local3
mode http
option httplog
option httpclose
option dontlognull
option forwardfor
option redispatch
retries 2
maxconn 2000
balance source
#stats uri /haproxy-stats
contimeout 5000
clitimeout 50000
srvtimeout 50000
listen 192.168.20.100
bind *:80
mode http
option httplog
log global
option httpchk HEAD /info.html HTTP/1.0
server web1 203.93.236.147:80 weight 5 check inter 2000 rise 2 fall 3
server web2 203.93.236.146:80 weight 3 check inter 2000 rise 2 fall 3
listen stats_auth 192.168.20.9:8080
# listen stats_auth 192.168.0.21:80 # backup config
stats enable
stats uri /admin-status #管理地址
stats auth admin:123456 #管理帐号:管理密码
stats admin if TRUE
4.替HAProxy添加日志支持
# vim /etc/syslog.conf
添加内容如下:
local3.* /var/log/haproxy.log
local0.* /var/log/haproxy.log
我们编辑/etc/sysconfig/syslog文件,修改内容如下:
#vi /etc/sysconfig/syslog
修改:
SYSLOGD_OPTIONS="-r -m 0"
#/etc/init.d/syslog restart
5.建立haproxy启动脚本,/root/haproxy
#!/bin/sh
# chkconfig 35 on
# description: HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments.
# Source function library.
if [ -f /etc/init.d/functions ]; then
. /etc/init.d/functions
elif [ -f /etc/rc.d/init.d/functions ] ; then
. /etc/rc.d/init.d/functions
else
exit 0
fi
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ ${NETWORKING} = "no" ] && exit 0
[ -f /usr/local/haproxy/conf/haproxy.cfg ] || exit 1
RETVAL=0
start() {
/usr/local/haproxy/sbin/haproxy -c -q -f /usr/local/haproxy/conf/haproxy.cfg
if [ $? -ne 0 ]; then
echo "Errors found in configuration file."
return 1
fi
echo -n "Starting HAproxy: "
daemon /usr/local/haproxy/sbin/haproxy -D -f /usr/local/haproxy/conf/haproxy.cfg -p /var/run/haproxy.pid
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/haproxy
return $RETVAL
}
stop() {
echo -n "Shutting down HAproxy: "
killproc haproxy -USR1
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/haproxy
[ $RETVAL -eq 0 ] && rm -f /var/run/haproxy.pid
return $RETVAL
}
restart() {
/usr/local/haproxy/sbin/haproxy -c -q -f /usr/local/haproxy/conf/haproxy.cfg
if [ $? -ne 0 ]; then
echo "Errors found in configuration file, check it with 'haproxy check'."
return 1
fi
stop
start
}
check() {
/usr/local/haproxy/sbin/haproxy -c -q -V -f /usr/local/haproxy/conf/haproxy.cfg
}
rhstatus() {
status haproxy
}
condrestart() {
[ -e /var/lock/subsys/haproxy ] && restart || :
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
restart
;;
reload)
restart
;;
condrestart)
condrestart
;;
status)
rhstatus
;;
check)
check
;;
*)
echo $"Usage: haproxy {start|stop|restart|reload|condrestart|status|check}"
RETVAL=1
esac
exit $RETVAL
6.Keepalived安装与配置
软件包下载地址
(1)、配置各个结点的主机名、IP地址。配置过程暂省略,如上面所示
注:修改主机名需要/etc/sysconfig/network和/etc/hosts两个文件,然后重新启动生效。
⑵、安装keepalived,从官方网站下载keepalived-1.2.2.tar.gz后
# tar xvf keepalived-1.2.2.tar.gz
# cd keepalived-1.2.2
# ./configure
Make && make install
# 查看keepalived位置 #
[root@lvs-dr1 keepalived-1.2.2]# find / -name "keepalived"
/root/keepalived-1.2.2/keepalived
/root/keepalived-1.2.2/keepalived/etc/keepalived
/root/keepalived-1.2.2/bin/keepalived
/usr/local/sbin/keepalived
/usr/local/etc/rc.d/init.d/keepalived
/usr/local/etc/keepalived
/usr/local/etc/sysconfig/keepalived
#cp /usr/local/etc/rc.d/init.d/keepalived /etc/rc.d/init.d/
#cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/
#mkdir /etc/keepalived
#cp /usr/local/etc/keepalived/keepalived.conf /etc/keepalived/
#cp /usr/local/sbin/keepalived /usr/sbin/
#service keepalived start|stop #做成系统启动服务方便管理.
# cd /etc/keepalived/
# more keepalived.conf
global_defs {
notification_email {
15301727316@189.cn
}
notification_email_from zalifei@126.com
smtp_connect_timeout 3
smtp_server 127.0.0.1
router_id LVS_DEVEL
}
vrrp_script chk_haproxy {
script "killall -0 haproxy"
interval 2
weight 2
}
vrrp_instance VI_1 {
interface eth1
state MASTER # 从为BACKUP
priority 101 # 从为100
virtual_router_id 50 #路由ID,可通过#tcpdump vrrp查看。
garp_master_delay 1 #主从切换时间,单位为秒。
authentication {
auth_type PASS
auth_pass KJj23576hYgu23IP
}
track_interface {
eth0
eth1
}
virtual_ipaddress {
192.168.20.100
}
track_script {
chk_haproxy
}
}
一切顺利之后,接下来启动lvs-dr1和lvs-dr2的服务
# service keepalived start
# ./haproxy start
如果想查看虚拟IP我们可以用ip a密令来实现
[root@lvs-dr1 ~]# ip a
1: lo: mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:0c:29:5d:e8:67 brd ff:ff:ff:ff:ff:ff
inet 192.168.20.9/24 brd 192.168.20.255 scope global eth0
inet6 fe80::20c:29ff:fe5d:e867/64 scope link
valid_lft forever preferred_lft forever
3: eth1: mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:0c:29:5d:e8:71 brd ff:ff:ff:ff:ff:ff
inet 192.168.10.10/24 brd 192.168.10.255 scope global eth1
inet 192.168.20.100/32 scope global eth1
inet6 fe80::20c:29ff:fe5d:e871/64 scope link
valid_lft forever preferred_lft forever
4: sit0: mtu 1480 qdisc noop
link/sit 0.0.0.0 brd 0.0.0.0
现在我们可以测试了(web.test.com)来访问我们后端的web服务器
7.Haproxy界面如下 用户名admin,密码123456
HAProxy的特点是:
1、HAProxy是支持虚拟主机的,以前有朋友说这个不支持虚拟主机,我这里特此更正一下。
2、能够补充Nginx的一些缺点比如Session的保持,Cookie的引导等工作
3、支持url检测后端的服务器出问题的检测会有很好的帮助。
4、它跟LVS一样,本身仅仅就只是一款负载均衡软件;单纯从效率上来讲HAProxy更会比Nginx有更出色的负载均衡速度,在并发处理上也是优于Nginx的。
5、HAProxy可以对Mysql读进行负载均衡,对后端的MySQL节点进行检测和负载均衡,不过在后端的MySQL slaves数量超过10台时性能不如LVS,所以我向大家推荐LVS+Keepalived。
6、HAProxy的算法现在也越来越多了,具体有如下8种:
①roundrobin,表示简单的轮询,这个不多说,这个是负载均衡基本都具备的;
②static-rr,表示根据权重,建议关注;
③leastconn,表示最少连接者先处理,建议关注;
④source,表示根据请求源IP,这个跟Nginx的IP_hash机制类似,我们用其作为解决session问题的一种方法,建议关注;
⑤ri,表示根据请求的URI;
⑥rl_param,表示根据请求的URl参数'balance url_param' requires an URL parameter name;
⑦hdr(name),表示根据HTTP请求头来锁定每一次HTTP请求;
⑧rdp-cookie(name),表示根据据cookie(name)来锁定并哈希每一次TCP请求。
参考博文
抚琴煮酒:http://andrewyu.blog.51cto.com/1604432/669491
运维进行时:http://blog.liuts.com/post/223/
阅读(3430) | 评论(0) | 转发(0) |
