-
haproxy+keepalived搭建和配置
前言
安装方式:yum
服务器环境:Centos7.5
haproxy版本:1.5.18
目标:实现两台haproxy服务器双机热备,以解决haproxy服务器单点故障问题,实现服务器的高可用;
1、准备工作
1.1 服务器准备
- haproxy11:192.168.45.11
- haproxy12:192.168.45.12
- 虚拟ip地址:192.168.145.10
1.2 关闭防火墙
# 查看防火墙状态,如果状态是“running”,那么关闭! firewall-cmd --state # 关闭防火墙 systemctl stop firewalld- 1
- 2
- 3
- 4
1.3 设置selinux
setenforce 0- 1
2、haproxy安装与配置
haproxy11与haproxy12安装与配置完全一致2.1 安装
yum -y install haproxy cp /etc/haproxy/haproxy.cfg /etc/haproxy/haproxy.cfg.bak vi /etc/haproxy/haproxy.cfg- 1
- 2
- 3
2.2 haproxy.cfg配置
#--------------------------------------------------------------------- # Example configuration for a possible web application. See the # full configuration options online. # # http://haproxy.1wt.eu/download/1.4/doc/configuration.txt # #--------------------------------------------------------------------- #--------------------------------------------------------------------- # Global settings #--------------------------------------------------------------------- global log 127.0.0.1 local1 chroot /var/lib/haproxy pidfile /var/run/haproxy.pid maxconn 4000 user haproxy group haproxy daemon stats socket /var/lib/haproxy/stats defaults mode http log global option httplog option dontlognull option http-server-close option forwardfor except 127.0.0.0/8 option redispatch retries 3 timeout http-request 10s timeout queue 1m timeout connect 10s timeout client 1m timeout server 1m timeout http-keep-alive 10s timeout check 10s maxconn 3000 listen stats bind 0.0.0.0:8888 mode http stats enable stats hide-version stats uri /haproxystats stats realm Haproxy\ stats stats auth admin:admin stats admin if TRUE frontend http-in bind 0.0.0.0:5672 mode tcp log global option httplog option httpclose default_backend rabbitmq-server backend rabbitmq-server mode tcp balance roundrobin server node1 192.168.45.201:5672 maxconn 2000 weight 1 check inter 5s rise 2 fall 2 server node2 192.168.45.202:5672 maxconn 2000 weight 1 check inter 5s rise 2 fall 2 server node3 192.168.45.203:5672 maxconn 2000 weight 1 check inter 5s rise 2 fall 2- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
- 63
2.3 rsyslog 日志配置
vi /etc/rsyslog.conf- 1
# Provides UDP syslog reception # 打开下面的配置 $ModLoad imudp $UDPServerRun 514 # Provides TCP syslog reception # 打开下面的配置 $ModLoad imtcp $InputTCPServerRun 514 # Save boot messages also to boot.log # 添加下面的配置 local1.* /var/log/haproxy/haproxy.log- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
2.4 启动服务
# 创建日志文件夹 mkidr /var/log/haproxy # 启动日志服务 systemctl restart rsyslog.service # 启动haproxy systemctl start haproxy # 查看haproxy 启动日志 cat /var/log/haproxy/haproxy.log # 实时查看haproxy 日志 tail -f /var/log/haproxy.log- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
2.5 登录并验证
haproxy11管理后台地址:192.168.45.11:8888/haproxystats
haproxy12管理后台地址:192.168.45.12:8888/haproxystats
账号:admin
密码:admin
3、安装与配置keepalived
在haproxy11与haproxy12中分别安装keepalived3.1 安装keepalived
yum -y install keepalived- 1
3.2 配置keepalived(haproxy11)
cp /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak vi /etc/keepalived/keepalived.conf- 1
- 2
keepalived.conf配置内容
! Configuration File for keepalived global_defs { router_id director1 } vrrp_script check_haproxy { script "/etc/keepalived/haproxy_chk.sh" interval 5 } vrrp_instance VI_1 { state MASTER interface ens33 virtual_router_id 80 priority 100 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.45.10 } track_script { check_haproxy } }- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
3.3 配置keepalived(haproxy12)
cp /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak vi /etc/keepalived/keepalived.conf- 1
- 2
keepalived.conf配置内容
! Configuration File for keepalived global_defs { router_id director2 } vrrp_script check_haproxy { script "/etc/keepalived/haproxy_chk.sh" interval 5 } vrrp_instance VI_1 { state BACKUP interface ens33 virtual_router_id 80 priority 50 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.45.10 } track_script { check_haproxy } }- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
3.4 配置健康检测脚本haproxy_chk.sh
haproxy11 与 haproxy12 中的配置一样!#!/usr/bin/env bash # test haproxy server running systemctl status haproxy.service &>/dev/null if [ $? -ne 0 ];then systemctl start haproxy.service &>/dev/null sleep 5 systemctl status haproxy.service &>/dev/null if [ $? -ne 0 ];then systemctl stop keepalived fi fi- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
3.5 验证虚拟IP
systemctl start keepalived # 在haproxy11 和haproxy12 都成功启动的情况下,分别在haproxy11 和haproxy12中运行下列命令 ip addr- 1
- 2
- 3
停掉 haproxy11 服务器 在 haproxy12 中查看ip地址:
4、相关启动命令
firewall-cmd --state systemctl stop firewalld && setenforce 0 systemctl restart rsyslog.service systemctl start haproxy systemctl start keepalived systemctl status haproxy- 1
- 2
- 3
- 4
- 5
- 6
5、遇到的问题
5.1 网卡问题
当搭建好 haproxy + keepalived 双活热备服务器后,在测试过程中发现,当完全关闭其中某一台haproxy服务器后,发现:IP 地址无法正常显示,即:ip addr 等相关命令中,没有之前配置的IP地址信息,且使用命令:systemctl restart network.service 会报错:
解决方案:# 查看NetworkManager状态 systemctl status NetworkManager # NetworkManager和network是两个不同的服务,它们是互相冲突的。最根本的解决办法就是把NetworkManager服务停掉 # 暂停, 服务器重启后还是会启动 systemctl stop NetworkManager # 永久停止 systemctl disable NetworkManager # 启动网络服务 systemctl start network.service # 查看IP地址, 看是否正常。如果还是不行,那就重启服务器吧! ip addr- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
5.2 keepalived服务问题
当搭建好 haproxy + keepalived 双活热备服务器后,在测试过程中发现,有时候keepalived服务即使是运行状态,还是无法使用vip访问haproxy服务器的地址。那么可能需要重启keepalived服务:
systemctl restart keepalived- 1
-
相关阅读:
24考研调剂 | 武汉纺织大学
面试编程题
学习和巩固mysql的经典练习题目
技术干货 | MindSpore非线性最小二乘优化器助力更快更轻量的三维重建
Pytorch:模块(Module类)
Elasticsearch:二进制数据类型 - binary field
`Algorithm-Solution` `AcWing` 903. 昂贵的聘礼
【毕业季】计算机行业现况的个人分析,请您探讨
【计网笔记06】计算机网络之应用层协议(SMTP协议、POP3协议、HTTP协议)、DNS域名系统、电子邮件系统
pg分组过滤
- 原文地址:https://blog.csdn.net/u010404909/article/details/125409043