centos 6.2 keepalived/haproxy 安装测试

Haproxy 不用多说了,她可以做4/7层代理,本文是利用Haproxy的7层代理与Keepalived实现一个负载均衡器

1.系统

OS:centos6.2(64bit)
MASTER:192.168.1.67
BACKUP:192.168.1.68
VIP:192.168.1.100
Service Port:8080

2.系统日志配置

vi /etc/rsyslog.conf
#加入以下四行

$ModLoad imudp.so
$UDPServerRun 514
$UDPServerAddress 127.0.0.1
local2.* /var/log/haproxy.log

3.关闭SELINUX

sed -i 's:SELINUX=enforcing:SELINUX=disabled:g' /etc/selinux/config

4.添加VRRP通讯支持到iptables里

iptables -A INPUT -d 224.0.0.18 -j ACCEPT

5.安装Haproxy

#先安装epel包
yum install haproxy

#上面安装好了这步就可跳过,haproxy编译安装,
#mkdir -p /home/install/keepalived1
#cd /home/install/keepalive1
#wget http://haproxy.1wt.eu/download/1.4/src/haproxy-1.4.18.tar.gz
#tar -zxvf haproxy-1.4.18.tar.gz
#cd haproxy-1.4.18
#make install
#mkdir -p /usr/local/haproxy/etc
#mkdir -p /usr/local/haproxy/sbin
#cp examples/haproxy.cfg /usr/local/haproxy/etc
#ln -s /usr/local/sbin/haproxy /usr/local/haproxy/sbin/haproxy

#查看haproxy配置
cat /etc/haproxy/haproxy.cfg
#全局配置
global
 log 127.0.0.1 local2
 chroot /var/lib/haproxy
 pidfile /var/run/haproxy.pid
 maxconn 4000
 user haproxy
 group haproxy
 daemon
 # turn on stats unix socket
 #stats socket /var/lib/haproxy/stats
########默认配置############
defaults
 #默认的模式mode { tcp|http|health },tcp是4层,http是7层,health只会返回OK
 mode http
 log global
 #option http-server-close
 #option forwardfor except 127.0.0.0/8
 option httplog
 #两次连接失败就认为是服务器不可用,也可以通过后面设置
 retries 3
 option dontlognull
 #当serverId对应的服务器挂掉后,强制定向到其他健康的服务器
 option redispatch
 #当服务器负载很高的时候,自动结束掉当前队列处理比较久的链接
 option abortonclose
 #默认的最大连接数
 maxconn 2000
 timeout http-keep-alive 10s
 timeout queue 1m
 #连接超时
 timeout connect 5000ms
 #客户端超时
 timeout client 30000ms
 #服务器超时
 timeout server 30000ms
 #心跳检测超时
 timeout check 5s
########test1配置#################
listen test1 192.168.1.100:8080
 mode http
 option httplog
 balance roundrobin
 server s1 192.168.1.59:8080 maxconn 2000 check   inter 10s fall 1 rise 2
 server s2 192.168.1.60:8080 maxconn 2000 check inter 10s fall 1 rise 2
########统计页面配置########
listen admin_stats
 stats enable
 #监听端口
 bind 192.168.1.67:8000
 #http的7层模式
 mode http
 #采用http日志格式
 option httplog
 log global
 maxconn 10
 #统计页面自动刷新时间
 stats refresh 30s
 #统计页面url
 stats uri /stats
 #统计页面密码框上提示文本
 stats realm DW-test-Haproxy
 #统计页面用户名和密码设置,还是要修改一下的
 stats auth admin:admin
 stats admin if TRUE
 #隐藏统计页面上HAProxy的版本信息
 stats hide-version
#haproxy配置结束

#
#
#
#运行haproxy
/etc/init.d/haproxy start#测试一下

6.安装Keepalived(当然你也可以#yum install keepalived,但要先安装epel的包)

mkdir -p /home/install/keepalived1
cd /home/install/keepalived1
wget http://www.keepalived.org/software/keepalived-1.2.2.tar.gz
tar zxvf keepalived-1.2.2.tar.gz
cd keepalived-1.2.2
./configure
make && make install

cp /usr/local/etc/rc.d/init.d/keepalived /etc/rc.d/init.d/
cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/
mkdir /etc/keepalived
cp /usr/local/etc/keepalived/keepalived.conf /etc/keepalived/
cp /usr/local/sbin/keepalived /usr/sbin/

#keepalived配置
cat /etc/keepalived/keepalived.conf
global_defs {
 notification_email {
 xxx@gmail.com
}
notification_email_from xxx@gmail.com
 smtp_connect_timeout 3
 smtp_server 127.0.0.1
 router_id HA_DEVEL_1
}

vrrp_script chk_haproxy {
 #监测haproxy
 script "killall -0 haproxy"
 #2s检查一次
 interval 2
 weight 2
}
vrrp_instance VI_1 {
 interface eth0
 #从为BACKUP
 state MASTER
 #从为100
 priority 101
 #路由ID,可通过#tcpdump vrrp查看。
 virtual_router_id 50
 #主从切换时间,单位为秒。
 garp_master_delay 1
 authentication {
  auth_type PASS
  #主从要一样,记得改一下哦
  auth_pass XXXXXXXXXX
 }
 virtual_ipaddress {
  192.168.1.100 #VIP
 }
 #将Linux中你想监控的网络接口卡监控起来,当其中的一块出现故障是keepalived都将视为路由器出现故障
 track_interface {
  eth0
  eth1
 }
 track_script {
  chk_haproxy
 }
 #状态通知
 # notify_master "/etc/keepalived/Mailnotify.py master"
 # notify_backup "/etc/keepalived/Mailnotify.py backup"
 # notify_fault "/etc/keepalived/Mailnotify.py fault"
}
#keepalived配置结束

#
#
#启动相关服务
/etc/init.d/haproxy start
/etc/init.d/keepalived start
#查看有没有节点记录
tcpdump vrrp

7.haproxy界面 (现在的haproxy可以在页面上手动启用或禁用节点)

访问http://192.168.1.67:8000/stats

注:关于keepalive里的状态通知,这里借用一下天斯的python脚本

Mailnotify.py

#!/usr/local/bin/python
#coding: utf-8
from email.MIMEMultipart import MIMEMultipart
from email.MIMEText import MIMEText
from email.MIMEImage import MIMEImage
from email.header import Header
import sys
import smtplib

#---------------------------------------------------------------
# Name:        Mailnotify.py
# Purpose:     Mail notify to SA
# Author:      Liutiansi
# Email:       liutiansi@gamil.com
# Created:     2011/03/09
# Copyright:   (c) 2011
#--------------------------------------------------------------
strFrom = 'admin@domain.com'
strTo = 'liutiansi@gmail.com'
smtp_server='smtp.domain.com'
smtp_pass='123456'

if sys.argv[1]!="master" and sys.argv[1]!="backup"  and sys.argv[1]!="fault":
    sys.exit()
else:
    notify_type=sys.argv[1]

mail_title='[紧急]负载均衡器邮件通知'
mail_body_plain=notify_type+'被激活,请做好应急处理。'
mail_body_html='<b><font color=red>'+notify_type+'被激活,请做好应急处理。</font></b>'

msgRoot = MIMEMultipart('related')
msgRoot['Subject'] =Header(mail_title,'utf-8')
msgRoot['From'] = strFrom
msgRoot['To'] = strTo

msgAlternative = MIMEMultipart('alternative')
msgRoot.attach(msgAlternative)

msgText = MIMEText(mail_body_plain, 'plain', 'utf-8')
msgAlternative.attach(msgText)

msgText = MIMEText(mail_body_html, 'html','utf-8')
msgAlternative.attach(msgText)

smtp = smtplib.SMTP()
smtp.connect(smtp_server)
smtp.login(smtp_user,smtp_pass)
smtp.sendmail(strFrom, strTo, msgRoot.as_string())
smtp.quit()

然后放在/etc/keepalived 目录下(记得修改脚本里的邮箱地址),chmod +x /etc/keepalived/Mailnotify.py

把keepalived.conf的 “#状态通知” 以下的注释去掉,重启keepalived服务就可以了,嘿嘿

参考:1. 2. 3.