Haproxy 不用多说了,她可以做4/7层代理,本文是利用Haproxy的7层代理与Keepalived实现一个负载均衡器
1.系统
OS:centos6.2(64bit) MASTER:192.168.1.67 BACKUP:192.168.1.68 VIP:192.168.1.100 Service Port:8080 |
2.系统日志配置
vi /etc/rsyslog.conf #加入以下四行 $ModLoad imudp.so $UDPServerRun 514 $UDPServerAddress 127.0.0.1 local2.* /var/log/haproxy.log |
3.关闭SELINUX
sed -i 's:SELINUX=enforcing:SELINUX=disabled:g' /etc/selinux/config |
4.添加VRRP通讯支持到iptables里
iptables -A INPUT -d 224.0.0.18 -j ACCEPT |
5.安装Haproxy
#先安装epel包 yum install haproxy #上面安装好了这步就可跳过,haproxy编译安装, #mkdir -p /home/install/keepalived1 #cd /home/install/keepalive1 #tar -zxvf haproxy-1.4.18.tar.gz #cd haproxy-1.4.18 #make install #mkdir -p /usr/local/haproxy/etc #mkdir -p /usr/local/haproxy/sbin #cp examples/haproxy.cfg /usr/local/haproxy/etc #ln -s /usr/local/sbin/haproxy /usr/local/haproxy/sbin/haproxy #查看haproxy配置 cat /etc/haproxy/haproxy .cfg #全局配置 global log 127.0.0.1 local2 chroot /var/lib/haproxy pidfile /var/run/haproxy .pid maxconn 4000 user haproxy group haproxy daemon # turn on stats unix socket #stats socket /var/lib/haproxy/stats ########默认配置############ defaults #默认的模式mode { tcp|http|health },tcp是4层,http是7层,health只会返回OK mode http log global #option http-server-close #option forwardfor except 127.0.0.0/8 option httplog #两次连接失败就认为是服务器不可用,也可以通过后面设置 retries 3 option dontlognull #当serverId对应的服务器挂掉后,强制定向到其他健康的服务器 option redispatch #当服务器负载很高的时候,自动结束掉当前队列处理比较久的链接 option abortonclose #默认的最大连接数 maxconn 2000 timeout http-keep-alive 10s timeout queue 1m #连接超时 timeout connect 5000ms #客户端超时 timeout client 30000ms #服务器超时 timeout server 30000ms #心跳检测超时 timeout check 5s ########test1配置################# listen test1 192.168.1.100:8080 mode http option httplog balance roundrobin server s1 192.168.1.59:8080 maxconn 2000 check inter 10s fall 1 rise 2 server s2 192.168.1.60:8080 maxconn 2000 check inter 10s fall 1 rise 2 ########统计页面配置######## listen admin_stats stats enable #监听端口 bind 192.168.1.67:8000 #http的7层模式 mode http #采用http日志格式 option httplog log global maxconn 10 #统计页面自动刷新时间 stats refresh 30s #统计页面url stats uri /stats #统计页面密码框上提示文本 stats realm DW- test -Haproxy #统计页面用户名和密码设置,还是要修改一下的 stats auth admin:admin stats admin if TRUE #隐藏统计页面上HAProxy的版本信息 stats hide-version #haproxy配置结束 # # # #运行haproxy /etc/init .d /haproxy start #测试一下 |
6.安装Keepalived(当然你也可以#yum install keepalived,但要先安装epel的包)
mkdir -p /home/install/keepalived1 cd /home/install/keepalived1 wget http: //www .keepalived.org /software/keepalived-1 .2.2. tar .gz tar zxvf keepalived-1.2.2. tar .gz cd keepalived-1.2.2 . /configure make && make install cp /usr/local/etc/rc .d /init .d /keepalived /etc/rc .d /init .d/ cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/ mkdir /etc/keepalived cp /usr/local/etc/keepalived/keepalived .conf /etc/keepalived/ cp /usr/local/sbin/keepalived /usr/sbin/ #keepalived配置 cat /etc/keepalived/keepalived .conf global_defs { notification_email { xxx@gmail.com } notification_email_from xxx@gmail.com smtp_connect_timeout 3 smtp_server 127.0.0.1 router_id HA_DEVEL_1 } vrrp_script chk_haproxy { #监测haproxy script "killall -0 haproxy" #2s检查一次 interval 2 weight 2 } vrrp_instance VI_1 { interface eth0 #从为BACKUP state MASTER #从为100 priority 101 #路由ID,可通过#tcpdump vrrp查看。 virtual_router_id 50 #主从切换时间,单位为秒。 garp_master_delay 1 authentication { auth_type PASS #主从要一样,记得改一下哦 auth_pass XXXXXXXXXX } virtual_ipaddress { 192.168.1.100 #VIP } #将Linux中你想监控的网络接口卡监控起来,当其中的一块出现故障是keepalived都将视为路由器出现故障 track_interface { eth0 eth1 } track_script { chk_haproxy } #状态通知 # notify_master "/etc/keepalived/Mailnotify.py master" # notify_backup "/etc/keepalived/Mailnotify.py backup" # notify_fault "/etc/keepalived/Mailnotify.py fault" } #keepalived配置结束 # # #启动相关服务 /etc/init .d /haproxy start /etc/init .d /keepalived start #查看有没有节点记录 tcpdump vrrp |
7.haproxy界面 (现在的haproxy可以在页面上手动启用或禁用节点)
访问http://192.168.1.67:8000/stats
注:关于keepalive里的状态通知,这里借用一下天斯的python脚本
Mailnotify.py
#!/usr/local/bin/python #coding: utf-8 from email.MIMEMultipart import MIMEMultipart from email.MIMEText import MIMEText from email.MIMEImage import MIMEImage from email.header import Header import sys import smtplib #--------------------------------------------------------------- # Name: Mailnotify.py # Purpose: Mail notify to SA # Author: Liutiansi # Email: liutiansi@gamil.com # Created: 2011/03/09 # Copyright: (c) 2011 #-------------------------------------------------------------- strFrom = 'admin@domain.com' strTo = 'liutiansi@gmail.com' smtp_server = 'smtp.domain.com' smtp_pass = '123456' if sys.argv[ 1 ]! = "master" and sys.argv[ 1 ]! = "backup" and sys.argv[ 1 ]! = "fault" : sys.exit() else : notify_type = sys.argv[ 1 ] mail_title = '[紧急]负载均衡器邮件通知' mail_body_plain = notify_type + '被激活,请做好应急处理。' mail_body_html = '<b><font color=red>' + notify_type + '被激活,请做好应急处理。</font></b>' msgRoot = MIMEMultipart( 'related' ) msgRoot[ 'Subject' ] = Header(mail_title, 'utf-8' ) msgRoot[ 'From' ] = strFrom msgRoot[ 'To' ] = strTo msgAlternative = MIMEMultipart( 'alternative' ) msgRoot.attach(msgAlternative) msgText = MIMEText(mail_body_plain, 'plain' , 'utf-8' ) msgAlternative.attach(msgText) msgText = MIMEText(mail_body_html, 'html' , 'utf-8' ) msgAlternative.attach(msgText) smtp = smtplib.SMTP() smtp.connect(smtp_server) smtp.login(smtp_user,smtp_pass) smtp.sendmail(strFrom, strTo, msgRoot.as_string()) smtp.quit() |
然后放在/etc/keepalived 目录下(记得修改脚本里的邮箱地址),chmod +x /etc/keepalived/Mailnotify.py
把keepalived.conf的 “#状态通知” 以下的注释去掉,重启keepalived服务就可以了,嘿嘿