Haproxy、Keepalived雙主高可用負載均衡

集合Haproxy,Keepalived雙主雙機高可用模型,不論是Haproxy還是Keepalived甚至是上游服務器均提高生產力並增強可用性,也就是如下架構中Haproxy,Keepalived,Httpd服務器任意宕機一臺服務還是可以正常運行的

規劃:

172.16.43.1 , 172.16.43.2 兩臺keepalived節點 (爲haproxy做高可用)
172.16.43.1(172.16.43.2)  兩臺haproxy (爲上游服務器做反帶)
172.16.43.3 , 172.16.43.4 兩臺web後端服務器

i) 兩臺keepalived節點

# 安裝keepalived, 兩臺均要做 (172.16.43.1,2)
yum -y install keepalived
#
# keepalived配置 (172.16.43.1)
# vim /etc/keepalived/keepalived.conf
#
global_defs {
    notification_email {
        root@localhost  # 本地郵件地址
    }
    notification_email_from keepadmin@localhost
    smtp_connect_timeout 3
    smtp_server 127.0.0.1
    router_id LVS_DEVEL_KING
}
#
vrrp_script chk_haproxy {
    script "/etc/keepalived/chk_haproxy.sh"  # 檢查腳本
    interval 2
    weight 2
}
#
vrrp_instance VI_1 {
    interface eth0
    state MASTER  # 172.16.43.1 這是主,那麼 172.16.43.2 就是備
    priority 100  # 主 比 備 優先級高
    virtual_router_id 173   # vrid是行爲vmac的根本
    garp_master_delay 1
#
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    track_interface {
        eth0
    }
    virtual_ipaddress {
        172.16.43.88/16 dev eth0
    }
    track_script {
        chk_haproxy  # 腳本跟蹤監測
    }
}
#
vrrp_instance VI_2 {
    interface eth0
    state BACKUP  # master for slave routers
    priority 99  # 99 for master
    virtual_router_id 174
    garp_master_delay 1
#
    authentication {
        auth_type PASS
        auth_pass 11111
    }
    track_interface {
        eth0
    }
    virtual_ipaddress {
        172.16.43.188/16 dev eth0
    }
}

# 172.16.43.2 keepalived配置
# vim /etc/keepalived/keepalived.conf
#
global_defs {
    notification_email {
        root@localhost
    }
    notification_email_from keepadmin@localhost
    smtp_connect_timeout 3
    smtp_server 127.0.0.1
    router_id LVS_DEVEL_KING
}
#
vrrp_script chk_haproxy {
    script "/etc/keepalived/chk_haproxy.sh"
    interval 2
    weight 2
}
#
vrrp_instance VI_1 {
    interface eth0
    state BACKUP  # BACKUP for slave routers
    priority 99  # 99 for BACKUP
    virtual_router_id 173
    garp_master_delay 1
#
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    track_interface {
        eth0
    }
    virtual_ipaddress {
        172.16.43.88/16 dev eth0
    }
    track_script {
        chk_haproxy
    }
}
#
vrrp_instance VI_2 {
    interface eth0
    state MASTER  # master for slave routers
    priority 10000  # 99 for master
    virtual_router_id 174
    garp_master_delay 1
#
    authentication {
        auth_type PASS
        auth_pass 11111
    }
    track_interface {
        eth0
    }
    virtual_ipaddress {
        172.16.43.188/16 dev eth0
    }
}

# 剛纔兩個節點 均要有 的監測腳本文件 , 防止 haproxy 停止而 keepalived 不切換的情況
# vim /etc/keepalived/chk_haproxy.sh
#
#
#!/bin/bash
#
if ! `pidof haproxy &> /dev/null`; then
    /etc/rc.d/init.d/haproxy  start
fi
sleep 2
if ! `pidof haproxy &> /dev/null`; then
    /etc/rc.d/init.d/keepalived stop
fi

###   啓動服務   ####    service keepalived start

keepalived雙主模型啓動

ii) 兩臺haproxy

# 安裝haproxy,兩臺均要 (172.16.43.1 , 2)
yum -y install haproxy
#
# 爲haproxy分別提供配置文件 , 兩臺均一樣 , 不需要更改
global
    log         127.0.0.1 local2
    chroot      /var/lib/haproxy
    pidfile     /var/run/haproxy.pid
    maxconn     4000
    user        haproxy
    group       haproxy
    daemon
#
defaults
    mode                    http  # http tcp health 模型, 這裏監控 web 站點所以使用 http
    log                     global
    option                  httplog
    option                  dontlognull
    option                  redispatch  # 調度到健康的服務器
    option http-server-close # 不接受長連接
    option forwardfor       except 127.0.0.0/8  # 在響應頭中加入forwardfor標記
    retries                 3
    timeout http-request    10s  # 超時時間設置
    timeout queue           1m
    timeout connect         10s
    timeout client          1m
    timeout server          1m
    timeout http-keep-alive 10s
    timeout check           10s
    maxconn                 30000
#
listen stats
    mode http
    bind 0.0.0.0:8080   # status 頁面在8080提供服務
    stats enable   #  status 允許操作
    stats hide-version # status 隱藏haproxy版本信息
    stats uri     /haproxyadmin?stats  # status 訪問路徑
    stats realm   Haproxy\ Statistics  # status 登陸驗證信息
    stats auth    admin:admin  # status 頁面登陸用戶名或密碼
    stats admin if TRUE
#
frontend http-in
    bind *:80
    mode http
    log global
    option httpclose
    option logasap
    option dontlognull
    capture request  header Host len 20
    capture request  header Referer len 60
    acl url_static       path_beg       -i /static /p_w_picpaths /javascript /stylesheets
    acl url_static       path_end       -i .html .jpg .jpeg .gif .png .css .js
#
    use_backend static_servers          if url_static
    default_backend dynamic_servers
#
backend static_servers
    balance roundrobin
    server imgsrv1 172.16.43.3:80 check maxconn 6000
#
backend dynamic_servers
    balance source
    server websrv1 172.16.43.3:80 check maxconn 1000
    server websrv2 172.16.43.4:80 check maxconn 1000

###   啓動服務   ####    service haproxy start

輸出狀態頁面

iii) 兩臺web後端服務器

# 安裝 httpd , php
yum -y
install httpd php

###   啓動服務   ####    service httpd start

iv) 測試

動靜分離

高可用性

關閉了上游一臺web服務器,可以見到服務請求沒有任何問題, 172.16.43.88 , 188 沒有問題