一、Haproxy簡介
人們熟知的軟件負載均衡如LVS、HAProxy,各方面性能不亞於硬件負載均衡,HAProxy提供高可用性、負載均衡以及基於TCP和HTTP應用的代理,支持虛擬主機,它是免費、快速並且可靠的一種解決方案。HAProxy特別適用於那些負載特大的web站點,這些站點通常又需要會話保持或七層處理。
HAProxy相比LVS的使用要簡單很多,功能方面也很豐富。當前,HAProxy支持兩種主要的代理模式:"tcp"也即4層(大多用於郵件服務器、內部協議通信服務器等),和7層(HTTP)。在4層模式 下,HAProxy僅在客戶端和服務器之間轉發雙向流量。7層模式下,HAProxy會分析協議,並且能通過允許、拒絕、交換、增加、修改或者***請求 (request)或者回應(response)裏指定內容來控制協議,這種操作要基於特定規則。
HAProxy的負載均衡算法現在也越來越多了,具體有如下8種:
①roundrobin,表示簡單的輪詢,這個不多說,這個是負載均衡基本都具備的;
②static-rr,表示根據權重,建議關注;
③leastconn,表示最少連接者先處理,建議關注;
④source,表示根據請求源IP,這個跟Nginx的IP_hash機制類似,我們用其作爲解決session問題的一種方法
⑤ri,表示根據請求的URI;
⑥rl_param,表示根據請求的URl參數'balance url_param' requires an URL parameter name;
⑦hdr(name),表示根據HTTP請求頭來鎖定每一次HTTP請求;
⑧rdp-cookie(name),表示根據據cookie(name)來鎖定並哈希每一次TCP請求。
二、拓撲圖
三、安裝
1、安裝配置haproxy A
[root@90sec ~]# yum -y install haproxy
[root@90sec ~]# cd /etc/haproxy/
[root@90sec haproxy]# cp haproxy.cfg haproxy.cfg.bak ##備份
[root@90sec haproxy]# vim haproxy.cfg
#---------------------------------------------------------------------
# Example configuration for a possible web application. See the
# full configuration options online.
#
# http://haproxy.1wt.eu/download/1.4/doc/configuration.txt
#
#---------------------------------------------------------------------
#---------------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------
global #全局配置區域
log 127.0.0.1 local2 #日誌將通過rsyslog進行歸檔記錄
chroot /var/lib/haproxy #運行的安裝路徑
pidfile /var/run/haproxy.pid #pid文件存放的位置
maxconn 4000 #最大連接
user haproxy #運行haproxy的用戶
group haproxy #運行haprixy的組
daemon #以後臺模式運行haproxy
# turn on stats unix socket
stats socket /var/lib/haproxy/stats
#---------------------------------------------------------------------
# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
#---------------------------------------------------------------------
defaults
mode http #工作模式
log global #關閉日誌,刪除指重定向日誌
option httplog
option dontlognull #不記錄健康檢查的日誌信息
option http-server-close #啓用服務器端主動關閉
option forwardfor except 127.0.0.0/8 #傳遞客戶端IP
option redispatch #當後端服務器組中的某一臺主機故障後,能夠自動將請求重定向到組內的其它主機
retries 3 #請求重試次數
timeout http-request 10s #http請求超時時間
timeout queue 1m #一個請求在隊列裏的超時時間
timeout connect 10s #連接服務器超時時間
timeout client 1m #客戶端超時時間
timeout server 1m #客戶端超時時間
timeout http-keep-alive 10s
timeout check 10s #心跳檢測超時時間
maxconn 3000 #最大連接數
#---------------------------------------------------------------------
# main frontend which proxys to the backends
#---------------------------------------------------------------------
frontend proxy *:80
acl url_static path_beg -i /static /p_w_picpaths /javascript /stylesheets
acl url_static path_end -i .jpg .gif .png .css .js
use_backend static if url_static
default_backend dynamic
#---------------------------------------------------------------------
# static backend for serving up p_w_picpaths, stylesheets and such
#---------------------------------------------------------------------
backend static #後端調度
balance roundrobin #調度算法
server web1 172.16.36.130:80 inter 1500 rise 2 fall 3 check maxconn 5000
#----------------------------------------
listen statistics
mode http # http 7 層模式
bind *:8080 #監聽地址
stats enable #啓用狀態監控
stats auth 90sec:admin #驗證的用戶與密碼
stats uri /admin?status #訪問路徑
stats admin if TRUE #如果驗證通過了就允許登錄
stats refresh 6s #每6秒刷新一次
#---------------------------------------------------------------------
# round robin balancing between the various backends
#---------------------------------------------------------------------
backend dynamic
balance roundrobin
server web2 172.16.36.131:80 check inter 1500 rise 2 fall 3 maxconn 5000
#服務器定義,serverid爲web2,check inter 1500是檢測心跳頻率
#rise 2是2次正確認爲服務器可用
#fall 3是3次失敗認爲服務器不可用
#最大連接數據爲5000
配置日誌
[root@90sec ~]# vim /etc/rsyslog.conf
$ModLoad imtcp #取消註釋
$InputTCPServerRun 514 #取消註釋
添加一下行
local2.* /var/log/haproxy.log
[root@90sec ~]# service rsyslog restart
Shutting down system logger: [ OK ]
Starting system logger: [ OK ]
2、安裝keepalived
[root@90sec src]# tar xf keepalived-1.2.12.tar.gz
[root@90sec src]# cd keepalived-1.2.12
[root@90sec keepalived-1.2.12]# ./configure --prefix=/usr/local/keepalived --with-dir=/usr/src/kernels/*/
[root@90sec keepalived-1.2.12]# make && make install
[root@90sec keepalived-1.2.12]# mkdir /etc/keepalived
[root@90sec keepalived-1.2.12]# cp -f keepalived/etc/keepalived/keepalived.conf /etc/keepalived/
[root@90sec keepalived-1.2.12]# cp -f keepalived/etc/init.d/keepalived.init /etc/init.d/keepalived
[root@90sec keepalived-1.2.12]# cp -f keepalived/etc/init.d/keepalived.sysconfig /etc/sysconfig/keepalived
[root@90sec keepalived-1.2.12]# cp -f /usr/local/keepalived/sbin/keepalived /sbin/
[root@90sec keepalived-1.2.12]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email { #郵件通知
}
notification_email_from root@localhost
smtp_server 127.0.0.1 #使用本機郵件服務
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_scrip chk_haproxy { #檢測haproxy
script "killall -0 haproxy"
interval 1
weight 2
}
vrrp_instance VI_1 {
state MASTER #在A上主,B 上是備
interface eth0
virtual_router_id 200 #路由ID
priority 100 #優先級
advert_int 1
authentication { #路由之間認證機制
auth_type PASS
auth_pass 1111
}
virtual_ipaddress { # VIP
192.168.83.100/24 dev eth0 label eth0:0
}
track_scripts {
chk_haproxy
}
track_interface {
eth0
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
vrrp_instance VI_2 {
state BACKUP #在A 備,在B 主
interface eth0
virtual_router_id 51
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.83.200/24 dev eth0 label eth0:1
}
track_scripts {
chk_haproxy
}
track_interface {
eth0
}
}
爲keepalived提供腳本服務
#!/bin/bash
#Author: MageEdu <[email protected]> #腳本出處
#description: An ample of notify script
vip=192.168.83.100
contact='root@localhost'
notify() {
mailsubject="`hostname` to be $1: $vip floating"
mailbody="`date '+%F %H:%M:%S'`: vrrp transition, `hostname` changed to be $1"
echo$mailbody | mail -s "$mailsubject"$contact
}
case"$1"in
master)
notify master
/etc/rc.d/init.d/haproxystart
exit0
;;
backup)
notify backup
/etc/rc.d/init.d/haproxystop
exit0
;;
fault)
notify fault
/etc/rc.d/init.d/haproxystop
exit0
;;
*)
echo'Usage: `basename $0` {master|backup|fault}'
exit1
;;
esac
配置haproxy B
因爲haproxy A 和haproxy B 配置文件相同,所以發送一份即可
[root@90sec /]#scp /etc/haproxy/haproxy.cfg 192.168.83.133:/etc/haproxy/haproxy.cfg
配置heepalived
! Configuration File for keepalived
global_defs {
notification_email {
}
notification_email_from root@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_scrip chk_haproxy {
script "killall -0 haproxy"
interval 1
weight 2
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 200
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.83.100 dev eth0 label eth0:0
}
track_scripts {
chk_haproxy
}
track_interface {
eth0
}
}
vrrp_instance VI_2 {
state MASTER
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.83.200/24 dev eth0 label eth0:1
}
track_scripts {
chk_haproxy
}
track_interface {
eth0
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
注意:
notify_master
"/etc/keepalived/notify.sh master"
notify_backup
"/etc/keepalived/notify.sh backup"
notify_fault
"/etc/keepalived/notify.sh fault"
3個狀態分別要執行的腳本,只能放在 MASTER中,原因是:因爲是互爲主從,每個主的都會有個另外一個主的從,如果
把這 “3個狀態執行腳本” 寫入到從的區域中,那麼另外一個主的從狀態就會執行這個腳本,因爲就會停掉所要高可用的
程序,這就造成了,兩個VIP全部轉移到其中一個服務器上去。
keepalived提供腳本服務相同,所以只需修改VIP 地址即可。日誌配置方式也相同,參照上面即可。
四、測試keeplived功能
二個節點服務正常時
關閉haproxy A 上的keepalived看VIP 是否漂移
五、配置後端web服務
爲web1 靜態配置,並上傳一張圖片
爲web2動態配置
# yum install -y php php-mysql
# vim /var/www/html/index.php
<h1>WebCome to WEB2</h1>
<?php
phpinfo();
?>
# service httpd start
Starting httpd: [ OK ]
六、測試動靜態頁
監控頁面
歡迎指導,交流。。。。。。。。。。。。