在之前的博文中,我搭建了一個1臺HAproxy+2臺Apache的WEB負載均衡測試環境,然而1臺HAproxy終歸存在單點故障的風險,如果能使用2臺HAproxy做高可用,形成主備羣集,對外提供一個VIP在兩臺HAproxy之間浮動,一旦主的故障,備機立馬接管VIP,保持HAproxy仍舊可用,那就比較完美了,其實很簡單,Keepalived就能實現這樣的功能,且在RedHat 7的安裝光盤中自帶了keepalived的RPM包,通過yum安裝非常方便。通過在兩臺HAproxy上分別安裝Keepalived,形成一主一備,使用VRRP協議檢測心跳信號,VIP可以在兩臺HAproxy之間浮動,實現HAproxy的高可用羣集架構。架構示意圖如下:
關於Apache和HAproxy的安裝配置可以參考本人之前的博文:
http://jiangjianlong.blog.51cto.com/3735273/1887279
http://jiangjianlong.blog.51cto.com/3735273/1858650
一、測試環境
計算機名 | 操作系統 | IP地址 | VIP | 安裝的軟件 |
RH7-HAproxy01 | Redhat 7.2 | 192.168.10.19 | 192.168.10.18 | Haproxy1.5.14、keepalived 1.2.13 |
RH7-HAproxy02 | Redhat 7.2 | 192.168.10.20 | Haproxy1.5.14、keepalived 1.2.13 | |
RH7-Apache01 | Redhat 7.2 | 192.168.10.21 | —— | Apache httpd 2.4 |
RH7-Apache02 | Redhat 7.2 | 192.168.10.22 | —— | Apache httpd 2.4 |
二、安裝配置keepalived
1、在兩臺HAproxy上分別使用yum install keepalived命令安裝keepalived
[root@RH7-HAproxy01 ~]# yum install keepalived
[root@RH7-HAproxy02 ~]# yum install keepalived
2、編輯RH7-HAproxy01的keepalived配置文件,將其配置成MASTER
[root@RH7-HAproxy01~]# cd /etc/keepalived/
[root@RH7-HAproxy01keepalived]# ls
keepalived.conf
[root@RH7-HAproxy01keepalived]# cp keepalived.conf keepalived.conf.BAK
[root@RH7-HAproxy01keepalived]# ls
keepalived.conf keepalived.conf.BAK
[root@RH7-HAproxy01keepalived]# vi keepalived.conf
! Configuration Filefor keepalived global_defs { notification_email { [email protected] [email protected] [email protected] } [email protected] smtp_server 192.168.200.1 smtp_connect_timeout 30 router_id LVS_DEVEL } #監測haproxy進程狀態,每2秒執行一次 vrrp_scriptchk_haproxy { script"/etc/keepalived/chk_haproxy.sh" interval 2 weight 2 fall 3 } vrrp_instance VI_1 { state MASTER #將HR7-HAproxy01標示爲MASTER interface eno50332208 #指定網絡接口 virtual_router_id 51 priority 100 #MASTER權重要高於BACKUP advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.10.18 #VIP } track_script { chk_haproxy #監測haproxy進程狀態 } }
3、編輯RH7-HAproxy02的keepalived配置文件,將其配置成BACKUP
[root@RH7-HAproxy02 ~]# cd /etc/keepalived/
[root@RH7-HAproxy02 keepalived]# ls
keepalived.conf
[root@RH7-HAproxy02 keepalived]# cp keepalived.confkeepalived.conf.BAK
[root@RH7-HAproxy02 keepalived]# ls
keepalived.conf keepalived.conf.BAK
[root@RH7-HAproxy01keepalived]# vi keepalived.conf
[root@RH7-HAproxy02~]# vi /etc/keepalived/keepalived.conf
global_defs { notification_email { [email protected] [email protected] [email protected] } [email protected] smtp_server 192.168.200.1 smtp_connect_timeout 30 router_id LVS_DEVEL } #監測haproxy進程狀態,每2秒執行一次 vrrp_scriptchk_haproxy { script"/etc/keepalived/chk_haproxy.sh" interval 2 weight 2 } vrrp_instance VI_1 { state BACKUP #將HR7-HAproxy02標識爲BACKUP interface eno50332208 #指定網絡接口 virtual_router_id 51 priority 99 #MASTER權重要高於BACKUP advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.10.18 #VIP } track_script { chk_haproxy #監測haproxy進程狀態 } }
4、在2臺HAproxy上創建chk_haproxy.sh腳本,內容如下:
vi /etc/keepalived/chk_haproxy.sh
#!/bin/bash status=$(ps aux|grephaproxy | grep -v grep | grep -v bash | wc -l) if [ "${status}" = "0" ]; then #判斷haproxy是否已經啓動 systemctl start haproxy #如果沒有啓動,則啓動haproxy程序 sleep 3 #睡眠3秒鐘以等待haproxy完全啓動 status2=$(psaux|grep haproxy | grep -v grep | grep -v bash |wc -l) if [ "${status2}" ="0" ]; then systemctl stop keepalived #如果haproxy還是沒有啓動,則將keepalived停掉,這樣VIP會自動漂移到另外一臺haproxy fi fi
5、對chk_haproxy.sh腳本賦予執行權限
6、重啓RH7-HAproxy01的keepalived服務,並查看IP,確認VIP成功綁定
7、重啓RH7-HAproxy02的keepalived服務,並查看IP,確認無VIP綁定
8、設置keepalived服務開機自動啓動
9、使用瀏覽器訪問VIP確認能正常訪問到後端的WEB頁面,負載均衡功能也正常
本文出自江健龍的技術博客http://jiangjianlong.blog.51cto.com/3735273/1905149
三、keepalived主備切換測試
1、停止haproxy服務測試chk_haproxy.sh腳本,從日誌可以看出一停止haproxy服務馬上就自動啓動起來了,chk_haproxy.sh腳本成功生效
root@RH7-HAproxy01 ~]# systemctl stop haproxy
[root@RH7-HAproxy01 ~]# tail -f /var/log/messages
2、停止keepalived服務測試主備切換,通過日誌可以看到RH7-HAproxy01的keepalived服務停止後釋放了VIP,而RH7-HAproxy02馬上進入MASTER狀態並綁定了VIP,通過瀏覽器進行訪問VIP發現仍然正常訪問
[root@RH7-HAproxy01 ~]# tail -f /var/log/messages
[root@RH7-HAproxy02 ~]# tail -f /var/log/messages
3、將RH7-HAproxy01的keepalived服務啓動,由於它原本是配置成MASTER,一旦服務起來後,馬上接管VIP,我們觀察日誌也可以很直觀地看出來
[root@RH7-HAproxy01 ~]# tail -f /var/log/messages
[root@RH7-HAproxy02 ~]# tail -f /var/log/messages
4、直接將RH7-HAproxy01關機,觀察RH7-HAproxy02的日誌也可以看出VIP的轉移過程
[root@RH7-HAproxy01 ~]#poweroff
[root@RH7-HAproxy02 ~]# tail -f /var/log/messages
本文出自江健龍的技術博客http://jiangjianlong.blog.51cto.com/3735273/1905149
關於Apache和HAproxy的安裝配置可以參考本人之前的博文: