1.haproxy的配置
(1)负载均衡
在主机中下载: haproxy-1.6.11.tar.gz 并用 scp 传给 server1
[root@server1 ~]# yum install rpm-build -y
[root@server1 ~]# yum install pcre-devel -y
[root@server1 ~]# rpmbuild -tb haproxy-1.6.11.tar.gz
Executing(%prep): /bin/sh -e /var/tmp/rpm-tmp.JxCLZp
+ umask 022
+ cd /root/rpmbuild/BUILD
+ cd /root/rpmbuild/BUILD
+ rm -rf haproxy-1.6.11
+ /bin/tar -xf -
+ /usr/bin/gzip -dc /root/haproxy-1.6.11.tar.gz
+ STATUS=0
+ '[' 0 -ne 0 ']'
+ cd haproxy-1.6.11
+ /bin/chmod -Rf a+rX,u+w,g-w,o-w .
+ exit 0
Executing(%build): /bin/sh -e /var/tmp/rpm-tmp.gZ6hlw
+ umask 022
+ cd /root/rpmbuild/BUILD
+ cd haproxy-1.6.11
+ /usr/bin/make USE_PCRE=1 DEBUG= ARCH=x86_64 TARGET=linux26
gcc -Iinclude -Iebtree -Wall -m64 -march=x86-64 -O2 -g -fno-strict-aliasing -Wdeclaration-after-statement -DTPROXY -DCONFIG_HAP_CRYPT -DENABLE_POLL -DENABLE_EPOLL -DNETFILTER -DUSE_GETSOCKNAME -DUSE_PCRE -I/usr/include -DCONFIG_HAPROXY_VERSION=\"1.6.11\" -DCONFIG_HAPROXY_DATE=\"2016/12/25\" \
-DBUILD_TARGET='"linux26"' \
-DBUILD_ARCH='"x86_64"' \
-DBUILD_CPU='"generic"' \
-DBUILD_CC='"gcc"' \
-DBUILD_CFLAGS='"-m64 -march=x86-64 -O2 -g -fno-strict-aliasing -Wdeclaration-after-statement"' \
-DBUILD_OPTIONS='"USE_PCRE=1"' \
-c -o src/haproxy.o src/haproxy.c
make: gcc: Command not found ##没有安装gcc
make: *** [src/haproxy.o] Error 127
error: Bad exit status from /var/tmp/rpm-tmp.gZ6hlw (%build)
RPM build errors:
Bad exit status from /var/tmp/rpm-tmp.gZ6hlw (%build)
[root@server1 ~]# yum install gcc -y
##只要没有error即可
[root@server1 ~]# rpmbuild -tb haproxy-1.6.11.tar.gz
..........
[root@server1 ~]# cd rpmbuild/RPMS
[root@server1 RPMS]# ls
x86_64
[root@server1 RPMS]# cd x86_64/
[root@server1 x86_64]# ls
haproxy-1.6.11-1.x86_64.rpm
[root@server1 x86_64]# rpm -qpl haproxy-1.6.11-1.x86_64.rpm
/etc/haproxy
/etc/rc.d/init.d/haproxy
/usr/sbin/haproxy
/usr/share/doc/haproxy-1.6.11
/usr/share/doc/haproxy-1.6.11/CHANGELOG
/usr/share/doc/haproxy-1.6.11/README
/usr/share/doc/haproxy-1.6.11/architecture.txt
/usr/share/doc/haproxy-1.6.11/configuration.txt
/usr/share/doc/haproxy-1.6.11/intro.txt
/usr/share/doc/haproxy-1.6.11/management.txt
/usr/share/doc/haproxy-1.6.11/proxy-protocol.txt
/usr/share/man/man1/haproxy.1.gz
[root@server1 x86_64]# rpm -ivh haproxy-1.6.11-1.x86_64.rpm
Preparing... ########################################### [100%]
1:haproxy ########################################### [100%]
[root@server1 x86_64]# cd
[root@server1 ~]# ls
anaconda-ks.cfg install.log rpmbuild
haproxy-1.6.11.tar.gz install.log.syslog
[root@server1 ~]# tar zxf haproxy-1.6.11.tar.gz
[root@server1 ~]# ls
anaconda-ks.cfg haproxy-1.6.11.tar.gz install.log.syslog
haproxy-1.6.11 install.log rpmbuild
[root@server1 ~]# cd haproxy-1.6.11
[root@server1 haproxy-1.6.11]# ls
CHANGELOG doc include Makefile src VERDATE
contrib ebtree LICENSE README SUBVERS VERSION
CONTRIBUTING examples MAINTAINERS ROADMAP tests
[root@server1 haproxy-1.6.11]# find -name *.spec
./examples/haproxy.spec
#以.spec结尾的文件都会自动生模板
[root@server1 haproxy-1.6.11]# vim test.spec
[root@server1 haproxy]# /etc/init.d/haproxy start
Starting haproxy: [ OK ]在server2与server3中做以下相同的操作:
[root@server2 ~]# yum install httpd
[root@server2 ~]# /etc/init.d/httpd start
Starting httpd: httpd: Could not reliably determine the server's fully qualified domain name, using 172.25.52.2 for ServerName
[ OK ]
[root@server2 ~]# vim /var/www/html/index.html
Server2
[root@server3 ~]# yum install httpd
[root@server3 ~]# /etc/init.d/httpd start
Starting httpd: httpd: Could not reliably determine the server's fully qualified domain name, using 172.25.52.3 for ServerName
[ OK ]
[root@server3 ~]# vim /var/www/html/index.html
Server3测试:
健康检查:
监控:
##监控中用颜色来区分节点的状态
[root@server2 ~]# /etc/init.d/httpd start
Starting httpd: httpd: Could not reliably determine the server's fully qualified domain name, using 172.25.52.2 for ServerName
[ OK ]
(2)日志的管理:
[root@server1 ~]# vim /etc/rsyslog.conf
[root@server1 etc]# /etc/init.d/rsyslog restart
Shutting down system logger: [ OK ]
Starting system logger: [ OK ]测试:
##没有日志
[root@server1 etc]# cd /var/log/
在网页上输入:172.25.52.1 访问刷新一下
#此时便可以看到日志记录
[root@server1 log]# cat haproxy.log
Aug 4 12:04:17 localhost haproxy[1997]: 172.25.52.250:36234 [04/Aug/2018:12:04:17.530] public static/statsrv2 0/0/0/0/0 200 274 - - ---- 1/1/0/0/0 0/0 "GET / HTTP/1.1"(3)算法:
[root@server1 ~]# cd /etc/haproxy
[root@server1 haproxy]# ls
haproxy.cfg
[root@server1 haproxy]# vim haproxy.cfg
[root@server1 haproxy]# /etc/init.d/haproxy reload测试:
##一直都是server2 因为server2的权重大
[root@server2 ~]# /etc/init.d/httpd status
httpd (pid 1518) is running...
[root@server3 ~]# /etc/init.d/httpd status
httpd (pid 2461) is running...
(4)动态 php (动静结合)
[root@server3 ~]# yum install php -y
[root@server3 ~]# /etc/init.d/httpd restart
Stopping httpd: [ OK ]
Starting httpd: httpd: apr_sockaddr_info_get() failed for server3
httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName
[ OK ]
[root@server3 ~]# cd /var/www/html
[root@server3 html]# ls
index.html
[root@server3 html]# vim index.php
测试:
[root@server1 haproxy]# vim haproxy.cfg
[root@server1 haproxy]# /etc/init.d/haproxy reload测试:
访问172.25.52.1/index.php 时会自动跳转到server3上访问php
(5)黑名单的设定以及重定向:
[root@server1 haproxy]# vim haproxy.cfg
[root@server1 haproxy]# /etc/init.d/haproxy reload测试:
当黑名单里的用户访问时 重定向到 阿帕奇的默认发布文件的内容
[root@server1 haproxy]# yum install httpd -y
[root@server1 haproxy]# vim /etc/httpd/conf/httpd.conf
[root@server1 html]# /etc/init.d/httpd restart
Stopping httpd: [FAILED]
Starting httpd: httpd: Could not reliably determine the server's fully qualified domain name, using 172.25.52.1 for ServerName
[ OK ]
[root@server1 html]# /etc/init.d/httpd restart
Stopping httpd:
[ OK ]
Starting httpd: httpd: Could not reliably determine the server's fully qualified domain name, using 172.25.52.1 for ServerName
[ OK ]
[root@server1 haproxy]# cd /var/www/html/
[root@server1 html]# vim index.html
[root@server1 html]# cd ..
[root@server1 haproxy]# vim haproxy.cfg
[root@server1 haproxy]# /etc/init.d/haproxy reload测试:
访问172.25.52.1时 重定向 到百度
[root@server1 haproxy]# vim haproxy.cfg
[root@server1 haproxy]# /etc/init.d/haproxy reload测试:(需要先连上热点)
输入 172.25.52.1
会自动跳转到百度 因为做了重定向
(6)读写
安装包:Redhat.jpg[root@server1 ~]# cd /etc/haproxy/
[root@server1 haproxy]# ls
Haproxy.cfg
[root@server1 haproxy]# vim haproxy.cfg
[root@server1 haproxy]# /etc/init.d/haproxy reload[root@server2 ~]# cd /var/www/html/images/
[root@server2 html]# mkdir images
[root@server2 ~]# ls
anaconda-ks.cfg install.log install.log.syslog redhat.jpg
[root@server2 ~]# cp redhat.jpg /var/www/html/images/
[root@server2 ~]# cd /var/www/html/images/
[root@server2 images]# ls
redhat.jpg测试:
输入:172.25.52.1/images/redhat.jpg
上传:
在主机中:
lftp 172.25.254.250:/pub/docs/haproxy> mirror upload
Total: 1 directory, 2 files, 0 symlinks
New: 2 files, 0 symlinks
1184 bytes transferred
[root@foundation52 Desktop]# scp -r upload/ 172.25.52.3:/var/www/html
root@172.25.52.3's password:
index.php 100% 257 0.3KB/s 00:00
upload_file.php 100% 927 0.9KB/s 00:00
[root@foundation52 Desktop]# scp -r upload/ 172.25.52.2:/var/www/html
root@172.25.52.2's password:
index.php 100% 257 0.3KB/s 00:00
upload_file.php 100% 927 0.9KB/s 00:00在server2与server3中做以下相同操:
[root@server3 ~]# cd /var/www/html
[root@server3 html]# ls
index.html index.php upload
[root@server3 html]# cd upload/
[root@server3 upload]# ls
index.php upload_file.php
[root@server3 upload]# mv * ..
mv: overwrite `../index.php'? Yes
[root@server3 upload]#cd ..
[root@server3 html]#chmod 777 upload/测试:
##更改上传图片大小的限制
[root@server3 html]# vim upload_file.php
[root@server2 images]# cd /var/www/html
[root@server2 html]# ls
images index.html index.httpd upload
[root@server2 html]# cd upload/
[root@server2 upload]# ls
index.php upload_file.php
[root@server2 upload]# mv * ..
[root@server2 upload]# cd ..
[root@server2 html]# chmod 777 upload
[root@server2 html]# vim upload_file.php
[root@server2 html]# yum install -y php
[root@server2 html]# /etc/init.d/httpd restart
Stopping httpd: [ OK ]
Starting httpd: httpd: Could not reliably determine the server's fully qualified domain name, using 172.25.52.2 for ServerName##编写配置文件
[root@server1 haproxy]# vim haproxy.cfg
[root@server1 haproxy]# /etc/init.d/haproxy reload
[ OK ]测试:
输入172.25.52.1 点击 Browse
选择上传图片
点击Sumit
默认上传到了server3上
server2 只起到读的作用
而 server 3 却起到了 写的作用
2.pacemaker的配置
准备工作:
在server1与server4上做以下相同的操作
##安装服务
[root@server1 haproxy]# yum install pacemaker corosy
[root@server1 haproxy]# cd /etc/corosync/
[root@server1 corosync]# ls
corosync.conf.example corosync.conf.example.udpu service.d uidgid.d
[root@server1 corosync]# cp corosync.conf.example corosync.conf
[root@server1 corosync]# vim corosync.conf
##多播地址与多播端口能和别人的不能相同以防发生冲突
[root@server1 corosync]# /etc/init.d/corosync start
Starting Corosync Cluster Engine (corosync): [ OK ]
##查看日志时没有报错信息才说明重启成功
[root@server1 corosync]# cat /var/log/messages
[root@server1 corosync]# scp corosync.conf server4:/etc/corosync/
The authenticity of host 'server4 (172.25.52.4)' can't be established.
RSA key fingerprint is fc:68:3f:d9:a8:07:dd:06:20:09:b5:02:fb:33:a9:99.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'server4,172.25.52.4' (RSA) to the list of known hosts.
root@server4's password:
corosync.conf 100% 492 0.5KB/s 00:00[root@server4 ~]# yum install pacemaker corosy -y
[root@server4 ~]# cd /etc/corosync
[root@server4 corosync]# ls
corosync.conf corosync.conf.example.udpu uidgid.d
corosync.conf.example service.d
[root@server4 corosync]# /etc/init.d/corosync start
Starting Corosync Cluster Engine (corosync): [ OK ]
##查看日志时没有报错日志才说明重启成功
[root@server4 corosync]# cat /var/log/messages在主机中:
下载:pssh-2.3.1-2.1.x86_64.rpm crmsh-1.2.6-0.rc2.2.1.x86_64.rpm
[root@foundation52 ~]# scp pssh-2.3.1-2.1.x86_64.rpm crmsh-1.2.6-0.rc2.2.1.x86_64.rpm server1:
root@server1's password:
pssh-2.3.1-2.1.x86_64.rpm 100% 49KB 49.1KB/s 00:00
crmsh-1.2.6-0.rc2.2.1.x86_64.rpm 100% 483KB 483.4KB/s 00:00[root@server1 ~]# ls
anaconda-ks.cfg images redhat.jpg
crmsh-1.2.6-0.rc2.2.1.x86_64.rpm install.log rpmbuild
haproxy-1.6.11 install.log.syslog
haproxy-1.6.11.tar.gz pssh-2.3.1-2.1.x86_64.rpm
[root@server1 ~]# yum install pssh-2.3.1-2.1.x86_64.rpm crmsh-1.2.6-0.rc2.2.1.x86_64.rpm -y
[root@server1 ~]# ls
anaconda-ks.cfg images redhat.jpg
crmsh-1.2.6-0.rc2.2.1.x86_64.rpm install.log rpmbuild
haproxy-1.6.11 install.log.syslog
haproxy-1.6.11.tar.gz pssh-2.3.1-2.1.x86_64.rpm
[root@server1 ~]# scp crmsh-1.2.6-0.rc2.2.1.x86_64.rpm pssh-2.3.1-2.1.x86_64.rpm server4:
root@server4's password:
crmsh-1.2.6-0.rc2.2.1.x86_64.rpm 100% 483KB 483.4KB/s 00:00
pssh-2.3.1-2.1.x86_64.rpm 100% 49KB 49.1KB/s 00:00[root@server4 ~]# ls
anaconda-ks.cfg install.log.syslog
crmsh-1.2.6-0.rc2.2.1.x86_64.rpm pssh-2.3.1-2.1.x86_64.rpm
install.log
[root@server4 ~]# yum install crmsh-1.2.6-0.rc2.2.1.x86_64.rpm pssh-2.3.1-2.1.x86_64.rpm -y监控:
[root@server1 corosync]# crm_mon
(1)管理资源
当pacemaker启动的时候,他会自动记录节点的数量和详细信息,以及基层软件和Pacemaker的版本。
[root@server4 corosync]# crm
crm(live)# configure
showcrm(live)configure# show
node server1
node server4
property $id="cib-bootstrap-options" \
dc-version="1.1.10-14.el6-368c726" \
cluster-infrastructure="classic openais (with plugin)" \
expected-quorum-votes="2"
##关闭STONITH的特性
crm(live)configure# property stonith-enabled=false
#注意:每做一次操作就得提交一次
crm(live)configure# commit
crm(live)configure# show
node server1
node server4
property $id="cib-bootstrap-options" \
dc-version="1.1.10-14.el6-368c726" \
cluster-infrastructure="classic openais (with plugin)" \
expected-quorum-votes="2" \
stonith-enabled="false"
首先要做的是配置一个IP地址,不管集群服务在哪运行,我们要一个固定的地址来提供服务。
添加vip 并且每隔1分钟检测一次
crm(live)configure# primitive vip ocf:heartbeat:IPaddr2 params ip=172.25.52.100 cidr_netmask=24 op monitor interval=1min
crm(live)configure# commit
crm(live)configure# bye
bye
注意:在我们做出任何改变之前,最好用crm_verify -L -V
命令检查一下配置。监控:
[root@server1 ~]# /etc/init.d/corosync stop
Signaling Corosync Cluster Engine (corosync) to terminate: [ OK ]
Waiting for corosync services to unload:. [ OK ]监控:
[root@server1 ~]# /etc/init.d/corosync start
Starting Corosync Cluster Engine (corosync): [ OK ]监控:
添加haproxy资源
[root@server1 ~]# cd rpmbuild/
[root@server1 rpmbuild]# ls
BUILD BUILDROOT RPMS SOURCES SPECS SRPMS
[root@server1 rpmbuild]# cd RPMS/
[root@server1 RPMS]# ls
x86_64
[root@server1 RPMS]# cd x86_64/
[root@server1 x86_64]# ls
haproxy-1.6.11-1.x86_64.rpm
[root@server1 x86_64]# scp haproxy-1.6.11-1.x86_64.rpm 172.25.52.4:
root@172.25.52.4's password:
haproxy-1.6.11-1.x86_64.rpm 100% 768KB 768.2KB/s 00:00
[root@server1 x86_64]# cd /etc/haproxy/
[root@server1 haproxy]# ls
haproxy.cfg
[root@server1 haproxy]# scp haproxy.cfg 172.25.52.4:/etc/haproxy/
root@172.25.52.4's password:
haproxy.cfg 100% 2064 2.0KB/s 00:00[root@server4 ~]# ls
anaconda-ks.cfg install.log
crmsh-1.2.6-0.rc2.2.1.x86_64.rpm install.log.syslog
haproxy-1.6.11-1.x86_64.rpm pssh-2.3.1-2.1.x86_64.rpm
[root@server4 ~]# rpm -ivh haproxy-1.6.11-1.x86_64.rpm
Preparing... (10########################################### [100%]
1:haproxy ( ########################################### [100%]
[root@server4 ~]# /etc/init.d/haproxy start
Starting haproxy: [ OK ]测试:
[root@server1 haproxy]# crm
crm(live)# configure
crm(live)configure# show
node server1
node server4
primitive haproxy lsb:haproxy \
op moniter interval="1min"
primitive vip ocf:heartbeat:IPaddr2 \
params ip="172.25.52.100" cidr_netmask="24" \
op monitor interval="1min" \
meta target-role="Stopped"
property $id="cib-bootstrap-options" \
dc-version="1.1.10-14.el6-368c726" \
cluster-infrastructure="classic openais (with plugin)" \
expected-quorum-votes="2" \
stonith-enabled="false" \
no-quorum-policy="ignore"
crm(live)configure# primitive haproxy lsb:haproxy op monitor interval=1min
crm(live)configure# commit
注意:如果haproxy添加错误 先停掉它 然后删除 再重新添加即可:
crm(live)configure# cd
crm(live)# resource
crm(live)resource# stop haproxy
crm(live)resource# cd
crm(live)configure# delete haproxy
crm(live)configure# primitive haproxy lsb:haproxy op monitor interval=1min监控:
(2)Fence:
在主机中:
[root@foundation52 cluster]# systemctl status fence_virtd
● fence_virtd.service - Fence-Virt system host daemon
Loaded: loaded (/usr/lib/systemd/system/fence_virtd.service; disabled; vendor preset: disabled)
Active: inactive (dead)
Aug 04 09:33:26 foundation52.ilt.example.com systemd[1]: [/usr/lib/syst...
Aug 04 09:33:27 foundation52.ilt.example.com systemd[1]: [/usr/lib/syst...
Aug 04 09:33:28 foundation52.ilt.example.com systemd[1]: [/usr/lib/syst...
Aug 04 16:37:35 foundation52.ilt.example.com systemd[1]: [/usr/lib/syst...
Hint: Some lines were ellipsized, use -l to show in full.
##打开 fence_virtd服务
[root@foundation52 cluster]# systemctl start fence_virtd
[root@foundation52 cluster]# systemctl status fence_virtd
● fence_virtd.service - Fence-Virt system host daemon
Loaded: loaded (/usr/lib/systemd/system/fence_virtd.service; disabled; vendor preset: disabled)
Active: active (running) since Sat 2018-08-04 16:37:44 CST; 10min ago
Process: 25231 ExecStart=/usr/sbin/fence_virtd $FENCE_VIRTD_ARGS (code=exited, status=0/SUCCESS)
Main PID: 25236 (fence_virtd)
CGroup: /system.slice/fence_virtd.service
└─25236 /usr/sbin/fence_virtd -w
Aug 04 16:37:44 foundation52.ilt.example.com systemd[1]: Starting Fence...
Aug 04 16:37:44 foundation52.ilt.example.com fence_virtd[25236]: fence_...
Aug 04 16:37:44 foundation52.ilt.example.com systemd[1]: Started Fence-...
Hint: Some lines were ellipsized, use -l to show in full.
将主机里的fence_xvm.key 传给server1与server4在server1与server4中做以下相同的操作:
[root@server1 ~]# ls
anaconda-ks.cfg install.log
crmsh-1.2.6-0.rc2.2.1.x86_64.rpm install.log.syslog
fence_xvm.key #有key pssh-2.3.1-2.1.x86_64.rpm
haproxy-1.6.11 redhat.jpg
haproxy-1.6.11.tar.gz rpmbuild
images
[root@server1 ~]# scp fence_xvm.key /etc/cluster
[root@server1 ~]# cd /etc/cluster
[root@server1 cluster]# ls
fence_xvm.key
[root@server1 cluster]# ll
total 4
-rw-r--r-- 1 root root 128 Aug 4 16:42 fence_xvm.key
[root@server1 ~]# yum install -y fence-virt
[root@server4 ~]# ls
anaconda-ks.cfg install.log
crmsh-1.2.6-0.rc2.2.1.x86_64.rpm install.log.syslog
fence_xvm.key #有key pssh-2.3.1-2.1.x86_64.rpm
haproxy-1.6.11 redhat.jpg
haproxy-1.6.11.tar.gz rpmbuild
images
[root@server4 ~]# scp fence_xvm.key /etc/cluster
[root@server4 ~]# cd /etc/cluster
[root@server4 cluster]# ls
fence_xvm.key
[root@server4 cluster]# ll
total 4
-rw-r--r-- 1 root root 128 Aug 4 16:42 fence_xvm.key
[root@server4 ~]# yum install -y fence-virt[root@server1 ~]# crm
crm(live)# configure
crm(live)configure# property stonith-enabled=true
crm(live)configure# show
node server1
node server4
primitive haproxy lsb:haproxy \
op monitor interval="1min"
primitive vip ocf:heartbeat:IPaddr2 \
params ip="172.25.52.100" cidr_netmask="24" \
op monitor interval="1min" \
meta target-role="Stopped"
group hagroup vip haproxy
property $id="cib-bootstrap-options" \
dc-version="1.1.10-14.el6-368c726" \
cluster-infrastructure="classic openais (with plugin)" \
expected-quorum-votes="2" \
stonith-enabled="true" \
no-quorum-policy="ignore"
crm(live)configure# primitive vmfence stonith:fence_xvm params pcmk_host_map="server1:westos1;server4:westos4" op monitor interval=1min
crm(live)configure# commit
crm(live)configure# bye
bye监控:
测试:
在 server1上 执行 fence_xvm -H westos1
此时 Server1会自动重启
并且 server4 会顶替工作
本文章为转载内容,我们尊重原作者对文章享有的著作权。如有内容错误或侵权问题,欢迎原作者联系我们进行内容更正或删除文章。
