更多博文請關注:沒有傘的孩子必須努力奔跑 (www.xuchanggang.cn)
在上篇mariadb galera cluster博文中,實現了數據庫之間的多主複製,數據庫對外提供了好幾個IP地址,我們在這裏通過haproxy的虛擬IP(就如mysql-proxy一樣),來對外提供一個IP地址來實現數據庫的負載均衡,通過keepalived來判斷haproxy的存活情況。
一.Haproxy和keepalived的概述:
haproxy是一款免費的提供高可用性,負載均衡以及基於TCP(第四層)和HTTP(第七層)應用的代理軟件,藉助haproxy可以快速並且可靠的提供基於TCP和HTTP應用的代理解決方案.
keepalived主要作用是LoadBalance master和LoadBalance backup之間的健康檢查,實現故障轉換.
haproxy官方網站:http://haproxy.1wt.eu/
keepalived官方網站:http://www.keepalived.org/
二.haproxy的特點和算法:
1.haproxy的特點是:
(1).免費開源,穩定性也是非常好
(2).能夠補充Nginx的一些缺點比如Session的保持,Cookie的引導等工作
(3).支持虛擬主機
(4).是一款負載均衡軟件,單純從效率上來講HAProxy比Nginx有更出色的負載均衡速度,在併發處理上也是優於Nginx的
(5).可以對Mysql讀進行負載均衡,對後端的MySQL節點進行檢測和負載均衡[這點是我門dba需要關注的重點]
2.haproxy的算法現在也越來越多了,具體有如下8種:
(1).roundrobin:表示簡單的輪詢[數據庫負載的話,建議使用此方式,使用source的話,後端數據庫宕掉的話,會有一個連接出錯]
(2).static-rr:表示根據權重
(3).leastconn:表示最少連接者先處理
(4).source:表示根據請求源IP,這個跟Nginx的IP_hash機制類似,我們用其作爲解決session問題的一種方法[此方法針對數據庫待定]
(5).ri:表示根據請求的URI
(6).rl_param:表示根據請求的URl參數'balance url_param' requires an URL parameter name
(7).hdr(name):表示根據HTTP請求頭來鎖定每一次HTTP請求
(8).rdp-cookie(name):表示根據cookie(name)來鎖定並哈希每一次TCP請求
三.haproxy+keepalived+mariadb galera cluster高可用負載搭建演示:
# 這裏配置的主要目的其實是針對mariadb galera cluster來實現數據庫的負載均衡,但這裏爲了方便演示,使用mysql數據庫來替代galera cluster(mysql數據庫不配置主從,方便顯示效果)
# 再次聲明:如果僅僅是mysql數據庫讀寫負載,是不需要此架構的,這個架構僅針對mariadb galera cluster
1.環境:
os:red hat linux 6(64位,2.6內核) haproxy1/keepalived1:192.168.1.100 (master) haproxy2/keepalived2:192.168.1.101 (backup) mysql1:192.168.1.102 mysql2:192.168.1.103 haproxy vip:192.168.1.220
2.配置實現圖:
3.詳細配置步驟如下:
(1).在192.168.1.100上安裝配置haproxy
[root@client100 ~]# tar -xf haproxy-1.4.24.tar.gz [root@client100 ~]# cd haproxy-1.4.24 # 注意下面的TARGET必須大寫,不然會報錯(如果報gcc錯誤,安裝gcc軟件) [root@client100 haproxy-1.4.24]# make TARGET=linux26 prefix=/usr/local/haproxy [root@client100 haproxy-1.4.24]# make install PREFIX=/usr/local/haproxy [root@client100 haproxy-1.4.24]# cd /usr/local/haproxy/ # conf目錄如果不存在,請先建立該目錄[下面這步複製配置的模板文件可以忽略] [root@client100 haproxy-1.4.24]# cp examples/haproxy.cfg /usr/local/haproxy/conf/haproxy.conf # 在當前目錄下,建立兩個目錄conf logs(分別存放HAproxy的配置文件,PID文件和日誌文件) [root@client100 haproxy]# mkdir conf logs [root@client100 haproxy]# vim conf/haproxy.conf # 以下有部分參數其實是不需要設置的 global log 127.0.0.1 local0 maxconn 4096 # 最大連接數 chroot /usr/local/haproxy # 安裝路徑 uid 99 # 所屬用戶id gid 99 # 所屬用戶組id[用戶和組可以自己創建的] daemon # 後臺運行 quiet nbproc 1 # 進程數,可以同時開啓多個 pidfile /usr/local/haproxy/logs/haproxy.pid defaults log global mode http # 所處理的類別[7層:http;4層:tcp] retries 3 # 3次連接失敗就認爲服務不可用 option httplog # 日誌類別http日誌格式 option dontlognull # 不記錄健康檢查的日誌信息 option redispatch # serverid對應服務器宕掉後,強制定向到其他健康的服務器 option abortonclose #當服務器負載很高的話,自動結束到當前處理比較久的連接 maxconn 4096 # 最大連接數 contimeout 50000 # 連接超時 clitimeout 50000 # 客戶端連接超時 srvtimeout 50000 # 心跳檢測超時 listen mysql_proxy 0.0.0.0:3306 mode tcp # 監聽4層 模式 balance roundrobin # 負載均衡方式爲輪詢 # balance source # 此負載方式數據庫負載不建議使用,http可以使用 option tcpka option httpchk # 心跳檢測 # option mysql-check user haproxy server mysql1 192.168.1.102:3306 weight 1 # 後端真是數據庫ip地址和端口,權重 server mysql2 192.168.1.103:3306 weight 1 # 後端真是數據庫ip地址和端口,權重 # 啓動測試,看haproxy啓動是否正常 [root@client100 haproxy]# /usr/local/haproxy/sbin/haproxy-f haproxy.conf [root@client100 haproxy]# ps -ef |grep haproxy # 編寫haproxy啓動腳本[可編寫也可以不編寫,建議編寫] [root@client100 haproxy]# vim /etc/init.d/haproxy #!/bin/bash BASE_DIR="/usr/local/haproxy" ARGV="$@" start() { echo"START HAPoxy SERVERS" $BASE_DIR/sbin/haproxy-f $BASE_DIR/conf/haproxy.conf } stop() { echo"STOP HAPoxy Listen" kill-TTOU $(cat$BASE_DIR/logs/haproxy.pid) echo"STOP HAPoxy process" kill-USR1 $(cat$BASE_DIR/logs/haproxy.pid) } case$ARGVin start) start ERROR=$? ;; stop) stop ERROR=$? ;; restart) stop start ERROR=$? ;; *) echo"hactl.sh [start|restart|stop]" esac exit$ERROR # 賦予腳本可執行權限 [root@client100 haproxy]# chmod +x /etc/init.d/haproxy
(2).在192.168.1.101上安裝配置haproxy
[root@client101 ~]# tar -xf haproxy-1.4.24.tar.gz [root@client101 ~]# cd haproxy-1.4.24 [root@client101 haproxy-1.4.24]# make TARGET=linux26 prefix=/usr/local/haproxy [root@client101 haproxy-1.4.24]# make install PREFIX=/usr/local/haproxy [root@client101 haproxy-1.4.24]# cd /usr/local/haproxy/ [root@client101 haproxy]# mkdir conf logs [root@client101 haproxy]# vim conf/haproxy.conf global log 127.0.0.1 local0 maxconn 4096 chroot /usr/local/haproxy uid 99 gid 99 daemon quiet nbproc 1 pidfile /usr/local/haproxy/logs/haproxy.pid defaults log global mode http retries 3 option httplog option dontlognull option redispatch option abortonclose maxconn 4096 contimeout 50000 clitimeout 50000 srvtimeout 50000 listen mysql_proxy 0.0.0.0:3306 mode tcp balance roundrobin # balance source option tcpka option httpchk # option mysql-check user haproxy server mysql1 192.168.1.102:3306 weight 1 server mysql2 192.168.1.103:3306 weight 1 [root@client100 haproxy]# /usr/local/haproxy/sbin/haproxy-f haproxy.conf [root@client100 haproxy]# ps -ef |grep haproxy # 編寫haproxy啓動腳本[可編寫也可以不編寫,建議編寫] [root@client100 haproxy]# vim /etc/init.d/haproxy #!/bin/bash BASE_DIR="/usr/local/haproxy" ARGV="$@" start() { echo"START HAPoxy SERVERS" $BASE_DIR/sbin/haproxy-f $BASE_DIR/conf/haproxy.conf } stop() { echo"STOP HAPoxy Listen" kill-TTOU $(cat$BASE_DIR/logs/haproxy.pid) echo"STOP HAPoxy process" kill-USR1 $(cat$BASE_DIR/logs/haproxy.pid) } case$ARGVin start) start ERROR=$? ;; stop) stop ERROR=$? ;; restart) stop start ERROR=$? ;; *) echo"hactl.sh [start|restart|stop]" esac exit$ERROR # 賦予腳本可執行權限 [root@client100 haproxy]# chmod +x /etc/init.d/haproxy
(3).在192.168.1.100上安裝配置keepalived
# keepalived需要openssl依賴包 [root@client100 ~]# yum -y install openssl* gcc make # 建立keepalived安裝目錄 [root@client100 ~]# mkdir /usr/local/keepalived [root@client100 ~]# tar -xf keepalived-1.2.9.tar.gz [root@client100 ~]# cd keepalived-1.2.9 [root@client100 keepalived-1.2.9]# ./configure --prefix=/usr/local/keepalived && make && make install # 複製相應文件到指定目錄 [root@client100 keepalived-1.2.9]# cp /usr/local/keepalived/sbin/keepalived /usr/sbin/ [root@client100 keepalived-1.2.9]# cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/ [root@client100 keepalived-1.2.9]# cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/ [root@client100 keepalived-1.2.9]# mkdir /etc/keepalived [root@client100 keepalived-1.2.9]# cd /etc/keepalived/ # 編輯配置文件 [root@client100 keepalived]# vim keepalived.conf global_defs { notification_email { [email protected] # e-mail地址 } notification_email_from [email protected] smtp_server smtp.163.com # 郵件服務器地址 smtp_connect_timeout 30 # 連接超時時間 router_id LVS_Master } vrrp_script chk_http_port { script "/etc/keepalived/check_haproxy.sh" # haproxy運行檢測腳本[haproxy宕掉重啓haproxy服務] interval 5 # 腳本執行間隔 weight -5 #執行腳本後優先級變更:5表示優先級+5;-5則表示優先級-5 } vrrp_instance VI_A { state MASTER # 主上此值爲MASTER,從上爲BACKUP interface eth0 virtual_router_id 50 # 此值主從必須一致 priority 100 advert_int 1 authentication { # authentication兩個參數值,主從也必須一致 auth_type PASS auth_pass kongzhong } track_script { chk_http_port } virtual_ipaddress { 192.168.1.220 # haproxy提供的虛擬IP地址 } } #啓動keepalived服務 [root@client100 keepalived]# /etc/init.d/keepalivedstart # 編輯check_haproxy.sh腳本 [root@client100 keepalived]# vim/etc/keepalived/check_haproxy.sh # 此腳本用來檢測haproxy是否正常,不正常啓動 #!/bin/bash A=`ps-C haproxy --no-header |wc-l` if[ $A -eq0 ];then /etc/init.d/haproxyrestart echo"Start haproxy"&>/dev/null sleep3 if[ `ps-C haproxy --no-header |wc-l` -eq0 ];then /etc/init.d/keepalivedstop echo"Stop keepalived"&>/dev/null fi fi # 賦予腳本可執行權限 [root@client100 keepalived]#chmod +x /etc/keepalived/check_haproxy.sh
(4).在192.168.1.101上安裝配置keepalived
# keepalived需要openssl依賴包 [root@client101 ~]# yum -y install openssl* gcc make # 建立keepalived安裝目錄 [root@client101 ~]# mkdir /usr/local/keepalived [root@client101 ~]# cd keepalived-1.2.9 [root@client101 keepalived-1.2.9]# ./configure --prefix=/usr/local/keepalived && make && make install # 複製相應文件到指定目錄 [root@client101 keepalived-1.2.9]# cp /usr/local/keepalived/sbin/keepalived /usr/sbin/ [root@client101 keepalived-1.2.9]# cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/ [root@client101 keepalived-1.2.9]# cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/ [root@client101 keepalived-1.2.9]# mkdir /etc/keepalived [root@client101 keepalived-1.2.9]# cd /etc/keepalived/ # 編輯配置文件 [root@client101 keepalived]# vim keepalived.conf global_defs { notification_email { [email protected] } notification_email_from [email protected] smtp_server smtp.163.com smtp_connect_timeout 30 router_id LVS_Master } vrrp_script chk_http_port { script "/etc/keepalived/check_haproxy.sh" interval 5 weight -5 } vrrp_instance VI_A { state BACKUP interface eth0 virtual_router_id 50 priority 80 advert_int 1 authentication { auth_type PASS auth_pass kongzhong } track_script { chk_http_port } virtual_ipaddress { 192.168.1.220 } } #啓動keepalived服務 [root@client101 keepalived]# /etc/init.d/keepalivedstart # 編輯check_haproxy.sh腳本 [root@client101 keepalived]# vim/etc/keepalived/check_haproxy.sh # 此腳本用來檢測haproxy是否正常,不正常啓動 #!/bin/bash A=`ps-C haproxy --no-header |wc-l` if[ $A -eq0 ];then /etc/init.d/haproxyrestart echo"Start haproxy"&>/dev/null sleep3 if[ `ps-C haproxy --no-header |wc-l` -eq0 ];then /etc/init.d/keepalivedstop echo"Stop keepalived"&>/dev/null fi fi # 賦予腳本可執行權限 [root@client101 keepalived]#chmod +x /etc/keepalived/check_haproxy.sh
(5).192.168.1.102,192.168.1.103兩臺數據庫啓動
[root@client102 ~]# /etc/init.d/mysqld start [root@client103 ~]# /etc/init.d/mysqld start # 兩臺數據庫上分別建立kz數據庫,創建允許登陸的用戶 mysql> create database kz; mysql> grant all privileges on kz.* to 'kz'@'192.168.1.%' identified by 'kz'; mysql> flush privileges # 下面爲了測試登陸到那臺數據庫服務器上 # 我們在192.168.1.102上建立kz102這張表 mysql> use kz mysql> create table kz102(a int); # 我們在192.168.1.103上建立kz103這張表 mysql> use kz mysql> create table kz103(a int);
4.下面就可以測試,這裏就不演示詳細內容,簡要說明一下大概步驟
(1).haproxy是否正常啓動:ps -ef |grep haproxy
(2).keepalived是否啓動正常/IP是否可以正常切換:ip add|grep 192.168.1.220
(3).使用kz登陸數據庫,是否能正常登陸,登陸的是那一臺數據庫服務器
mysql -ukz -pkz -h192.168.1.220
use kz
show tables
(4).後端數據庫宕掉1臺,再次登陸看是否能正常登陸
到此,測試完畢,有問題歡迎反饋,拍磚.