centos 6.2 keepalived/haproxy 安装测试
30 Dec 2011Haproxy 不用多说了,她可以做4/7层代理,本文是利用Haproxy的7层代理与Keepalived实现一个负载均衡器
1.系统
OS:centos6.2(64bit)
MASTER:192.168.1.67
BACKUP:192.168.1.68
VIP:192.168.1.100
Service Port:8080
2.系统日志配置
vi /etc/rsyslog.conf
#加入以下四行
$ModLoad imudp.so
$UDPServerRun 514
$UDPServerAddress 127.0.0.1
local2.* /var/log/haproxy.log
3.关闭SELINUX
sed -i 's:SELINUX=enforcing:SELINUX=disabled:g' /etc/selinux/config
4.添加VRRP通讯支持到iptables里
iptables -A INPUT -d 224.0.0.18 -j ACCEPT
5.安装Haproxy
#先安装epel包
yum install haproxy
#上面安装好了这步就可跳过,haproxy编译安装,
#mkdir -p /home/install/keepalived1
#cd /home/install/keepalive1
#wget http://haproxy.1wt.eu/download/1.4/src/haproxy-1.4.18.tar.gz
#tar -zxvf haproxy-1.4.18.tar.gz
#cd haproxy-1.4.18
#make install
#mkdir -p /usr/local/haproxy/etc
#mkdir -p /usr/local/haproxy/sbin
#cp examples/haproxy.cfg /usr/local/haproxy/etc
#ln -s /usr/local/sbin/haproxy /usr/local/haproxy/sbin/haproxy
#查看haproxy配置
cat /etc/haproxy/haproxy.cfg
#全局配置
global
log 127.0.0.1 local2
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy
daemon
# turn on stats unix socket
#stats socket /var/lib/haproxy/stats
########默认配置############
defaults
#默认的模式mode { tcp|http|health },tcp是4层,http是7层,health只会返回OK
mode http
log global
#option http-server-close
#option forwardfor except 127.0.0.0/8
option httplog
#两次连接失败就认为是服务器不可用,也可以通过后面设置
retries 3
option dontlognull
#当serverId对应的服务器挂掉后,强制定向到其他健康的服务器
option redispatch
#当服务器负载很高的时候,自动结束掉当前队列处理比较久的链接
option abortonclose
#默认的最大连接数
maxconn 2000
timeout http-keep-alive 10s
timeout queue 1m
#连接超时
timeout connect 5000ms
#客户端超时
timeout client 30000ms
#服务器超时
timeout server 30000ms
#心跳检测超时
timeout check 5s
########test1配置#################
listen test1 192.168.1.100:8080
mode http
option httplog
balance roundrobin
server s1 192.168.1.59:8080 maxconn 2000 check inter 10s fall 1 rise 2
server s2 192.168.1.60:8080 maxconn 2000 check inter 10s fall 1 rise 2
########统计页面配置########
listen admin_stats
stats enable
#监听端口
bind 192.168.1.67:8000
#http的7层模式
mode http
#采用http日志格式
option httplog
log global
maxconn 10
#统计页面自动刷新时间
stats refresh 30s
#统计页面url
stats uri /stats
#统计页面密码框上提示文本
stats realm DW-test-Haproxy
#统计页面用户名和密码设置,还是要修改一下的
stats auth admin:admin
stats admin if TRUE
#隐藏统计页面上HAProxy的版本信息
stats hide-version
#haproxy配置结束
#
#
#
#运行haproxy
/etc/init.d/haproxy start#测试一下
6.安装Keepalived(当然你也可以#yum install keepalived,但要先安装epel的包)
mkdir -p /home/install/keepalived1
cd /home/install/keepalived1
wget http://www.keepalived.org/software/keepalived-1.2.2.tar.gz
tar zxvf keepalived-1.2.2.tar.gz
cd keepalived-1.2.2
./configure
make && make install
cp /usr/local/etc/rc.d/init.d/keepalived /etc/rc.d/init.d/
cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/
mkdir /etc/keepalived
cp /usr/local/etc/keepalived/keepalived.conf /etc/keepalived/
cp /usr/local/sbin/keepalived /usr/sbin/
#keepalived配置
cat /etc/keepalived/keepalived.conf
global_defs {
notification_email {
xxx@gmail.com
}
notification_email_from xxx@gmail.com
smtp_connect_timeout 3
smtp_server 127.0.0.1
router_id HA_DEVEL_1
}
vrrp_script chk_haproxy {
#监测haproxy
script "killall -0 haproxy"
#2s检查一次
interval 2
weight 2
}
vrrp_instance VI_1 {
interface eth0
#从为BACKUP
state MASTER
#从为100
priority 101
#路由ID,可通过#tcpdump vrrp查看。
virtual_router_id 50
#主从切换时间,单位为秒。
garp_master_delay 1
authentication {
auth_type PASS
#主从要一样,记得改一下哦
auth_pass XXXXXXXXXX
}
virtual_ipaddress {
192.168.1.100 #VIP
}
#将Linux中你想监控的网络接口卡监控起来,当其中的一块出现故障是keepalived都将视为路由器出现故障
track_interface {
eth0
eth1
}
track_script {
chk_haproxy
}
#状态通知
# notify_master "/etc/keepalived/Mailnotify.py master"
# notify_backup "/etc/keepalived/Mailnotify.py backup"
# notify_fault "/etc/keepalived/Mailnotify.py fault"
}
#keepalived配置结束
#
#
#启动相关服务
/etc/init.d/haproxy start
/etc/init.d/keepalived start
#查看有没有节点记录
tcpdump vrrp
7.haproxy界面 (现在的haproxy可以在页面上手动启用或禁用节点)
访问http://192.168.1.67:8000/stats
注:关于keepalive里的状态通知,这里借用一下天斯的python脚本
Mailnotify.py
#!/usr/local/bin/python
#coding: utf-8
from email.MIMEMultipart import MIMEMultipart
from email.MIMEText import MIMEText
from email.MIMEImage import MIMEImage
from email.header import Header
import sys
import smtplib
#---------------------------------------------------------------
# Name: Mailnotify.py
# Purpose: Mail notify to SA
# Author: Liutiansi
# Email: liutiansi@gamil.com
# Created: 2011/03/09
# Copyright: (c) 2011
#--------------------------------------------------------------
strFrom = 'admin@domain.com'
strTo = 'liutiansi@gmail.com'
smtp_server='smtp.domain.com'
smtp_pass='123456'
if sys.argv[1]!="master" and sys.argv[1]!="backup" and sys.argv[1]!="fault":
sys.exit()
else:
notify_type=sys.argv[1]
mail_title='[紧急]负载均衡器邮件通知'
mail_body_plain=notify_type+'被激活,请做好应急处理。'
mail_body_html='<b><font color=red>'+notify_type+'被激活,请做好应急处理。</font></b>'
msgRoot = MIMEMultipart('related')
msgRoot['Subject'] =Header(mail_title,'utf-8')
msgRoot['From'] = strFrom
msgRoot['To'] = strTo
msgAlternative = MIMEMultipart('alternative')
msgRoot.attach(msgAlternative)
msgText = MIMEText(mail_body_plain, 'plain', 'utf-8')
msgAlternative.attach(msgText)
msgText = MIMEText(mail_body_html, 'html','utf-8')
msgAlternative.attach(msgText)
smtp = smtplib.SMTP()
smtp.connect(smtp_server)
smtp.login(smtp_user,smtp_pass)
smtp.sendmail(strFrom, strTo, msgRoot.as_string())
smtp.quit()
然后放在/etc/keepalived 目录下(记得修改脚本里的邮箱地址),chmod +x /etc/keepalived/Mailnotify.py
把keepalived.conf的 “#状态通知” 以下的注释去掉,重启keepalived服务就可以了,嘿嘿