部署haproxy+keepalived高可用负载均衡器
source link: https://blog.51cto.com/lxycneo/5795054
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
部署haproxy+keepalived高可用负载均衡器
精选 原创尽管HAProxy非常稳定,但仍然无法规避操作系统故障、主机硬件故障、网络故障甚至断电带来的风险。所以必须对HAProxy实施高可用方案。
下面将介绍利用Keepalived实现的HAProxy热备方案。即两台主机上的两个HAProxy实例同时在线,其中权重较高的实例为MASTER,MASTER出现问题时,另一台实例自动接管所有流量。
1、地址规划
192.168.28.101
haproxy+keepalive2
192.168.28.102
VIP
192.168.28.110
harbor
192.168.28.202
1、使用yum安装软件(如果服务器不能联网,可以选择源码安装,这里为了简单,直接使用yum)
2、关闭防火墙和selinux
iptables -F && iptables -X && iptables -Z
systemctl stop firewalld.service && systemctl disable firewalld.service
关闭Selinux
setenforce 0
echo 'sed -i "s/^SELINUX=enforcing/SELINUX=disabled/g" /etc/sysconfig/selinux
sed -i "s/^SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config
sed -i "s/^SELINUX=permissive/SELINUX=disabled/g" /etc/sysconfig/selinux
sed -i "s/^SELINUX=permissive/SELINUX=disabled/g" /etc/selinux/config'| sh
3、配置时间同步
cat > /etc/chrony.conf <<EOF
server ntp.aliyun.com iburst
stratumweight 0
driftfile /var/lib/chrony/drift
rtcsync
makestep 10 3
bindcmdaddress 127.0.0.1
bindcmdaddress ::1
keyfile /etc/chrony.keys
commandkey 1
generatecommandkey
logchange 0.5
logdir /var/log/chrony
EOF
systemctl enable chronyd && systemctl start chronyd
3、配置kepalived
复制VRRP模板
master节点配置
修改配置如下
global_defs {
notification_email {
acassen
}
notification_email_from [email protected]
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL1
}
vrrp_instance VI_1 {
state MASTER
interface ens33
garp_master_delay 10
smtp_alert
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.28.110
}
}
backup节点配置
global_defs {
notification_email {
acassen
}
notification_email_from [email protected]
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL2
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
garp_master_delay 10
smtp_alert
virtual_router_id 51
priority 50
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.28.110
}
}
4、配置haproxy
hapeoxy配置如下:
主备机配置一样
scp /etc/haproxy/haproxy.cfg 192.168.28.101:/etc/haproxy/haproxy.cfg
global
log 127.0.0.1 local0 info
#log loghost local0 info
maxconn 20480
#chroot /usr/local/haproxy
pidfile /var/run/haproxy.pid
#maxconn 4000
user haproxy
group haproxy
daemon
#---------------------------------------------------------------------
#common defaults that all the 'listen' and 'backend' sections will
#use if not designated in their block
#---------------------------------------------------------------------
defaults
mode http
log global
option dontlognull
option httpclose
option httplog
#option forwardfor
option redispatch
balance roundrobin
timeout connect 10s
timeout client 10s
timeout server 10s
timeout check 10s
maxconn 60000
retries 3
#--------------统计页面配置------------------
listen admin_stats
bind 0.0.0.0:8189
stats enable
mode http
log global
stats uri /haproxy_stats
stats realm Haproxy\ Statistics
stats auth admin:admin
#stats hide-version
stats admin if TRUE
stats refresh 30s
#---------------web设置-----------------------
listen harbor-80
bind *:80
mode tcp
server server1 192.168.28.201:80 check inter 3s fall 3 rise 3
listen harbor-443
bind *:443
mode tcp
server server1 192.168.28.201:443 check inter 3s fall 3 rise 3
启动服务:
systemctl start haproxy && systemctl enable haproxy && systemctl status haproxy
5、测试效果
打开 https://192.168.28.110/查看负载后的地址
master:
keepalived状态:
backup:
keepalived状态:
关闭master
backup:
keepalived状态:
网页访问:
haproxy页面:
切换为backup PID
启动master
backup:
keepalived状态:
master:
keepalived状态:
访问网页正常:
haproxy页面:
切换为master PID
由此可见,高可用负载均衡器正常使用。
- 打赏
- 赞
- 收藏
- 评论
- 分享
- 举报
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK