haproxy+keepalived搭建01
前言
安装方式:yum
服务器环境:Centos7.5
haproxy版本:1.5.18
目标:实现两台haproxy服务器双机热备,以解决haproxy服务器单点故障问题,实现服务器的高可用;
1、准备工作
1.1 服务器准备
- haproxy11:192.168.45.11
- haproxy12:192.168.45.12
- 虚拟ip地址:192.168.145.10
1.2 关闭防火墙
# 查看防火墙状态,如果状态是“running”,那么关闭!
firewall-cmd --state
# 关闭防火墙
systemctl stop firewalld
1.3 设置selinux
setenforce 0
2、haproxy安装与配置
haproxy11与haproxy12安装与配置完全一致
2.1 安装
yum -y install haproxy
cp /etc/haproxy/haproxy.cfg /etc/haproxy/haproxy.cfg.bak
vi /etc/haproxy/haproxy.cfg
2.2 haproxy.cfg配置
#---------------------------------------------------------------------
# Example configuration for a possible web application. See the
# full configuration options online.
#
# http://haproxy.1wt.eu/download/1.4/doc/configuration.txt
#
#---------------------------------------------------------------------
#---------------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------
global
log 127.0.0.1 local1
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy
daemon
stats socket /var/lib/haproxy/stats
defaults
mode http
log global
option httplog
option dontlognull
option http-server-close
option forwardfor except 127.0.0.0/8
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 3000
listen stats
bind 0.0.0.0:8888
mode http
stats enable
stats hide-version
stats uri /haproxystats
stats realm Haproxy\ stats
stats auth admin:admin
stats admin if TRUE
frontend http-in
bind 0.0.0.0:5672
mode tcp
log global
option httplog
option httpclose
default_backend rabbitmq-server
backend rabbitmq-server
mode tcp
balance roundrobin
server node1 192.168.45.201:5672 maxconn 2000 weight 1 check inter 5s rise 2 fall 2
server node2 192.168.45.202:5672 maxconn 2000 weight 1 check inter 5s rise 2 fall 2
server node3 192.168.45.203:5672 maxconn 2000 weight 1 check inter 5s rise 2 fall 2
2.3 rsyslog 日志配置
vi /etc/rsyslog.conf
# Provides UDP syslog reception
# 打开下面的配置
$ModLoad imudp
$UDPServerRun 514
# Provides TCP syslog reception
# 打开下面的配置
$ModLoad imtcp
$InputTCPServerRun 514
# Save boot messages also to boot.log
# 添加下面的配置
local1.* /var/log/haproxy/haproxy.log
2.4 启动服务
# 创建日志文件夹
mkidr /var/log/haproxy
# 启动日志服务
systemctl restart rsyslog.service
# 启动haproxy
systemctl start haproxy
# 查看haproxy 启动日志
cat /var/log/haproxy/haproxy.log
# 实时查看haproxy 日志
tail -f /var/log/haproxy.log
2.5 登录并验证
haproxy11管理后台地址:192.168.45.11:8888/haproxystats
haproxy12管理后台地址:192.168.45.12:8888/haproxystats
账号:admin
密码:admin
3、安装与配置keepalived
在haproxy11与haproxy12中分别安装keepalived
3.1 安装keepalived
yum -y install keepalived
3.2 配置keepalived(haproxy11)
cp /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak
vi /etc/keepalived/keepalived.conf
keepalived.conf配置内容
! Configuration File for keepalived
global_defs {
router_id director1
}
vrrp_script check_haproxy {
script "/etc/keepalived/haproxy_chk.sh"
interval 5
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 80
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.45.10
}
track_script {
check_haproxy
}
}
3.3 配置keepalived(haproxy12)
cp /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak
vi /etc/keepalived/keepalived.conf
keepalived.conf配置内容
! Configuration File for keepalived
global_defs {
router_id director2
}
vrrp_script check_haproxy {
script "/etc/keepalived/haproxy_chk.sh"
interval 5
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 80
priority 50
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.45.10
}
track_script {
check_haproxy
}
}
3.4 配置健康检测脚本haproxy_chk.sh
haproxy11 与 haproxy12 中的配置一样!
#!/usr/bin/env bash
# test haproxy server running
systemctl status haproxy.service &>/dev/null
if [ $? -ne 0 ];then
systemctl start haproxy.service &>/dev/null
sleep 5
systemctl status haproxy.service &>/dev/null
if [ $? -ne 0 ];then
systemctl stop keepalived
fi
fi
3.5 验证虚拟IP
systemctl start keepalived
# 在haproxy11 和haproxy12 都成功启动的情况下,分别在haproxy11 和haproxy12中运行下列命令
ip addr
停掉 haproxy11 服务器 在 haproxy12 中查看ip地址:
4、相关启动命令
firewall-cmd --state
systemctl stop firewalld && setenforce 0
systemctl restart rsyslog.service
systemctl start haproxy
systemctl start keepalived
systemctl status haproxy
5、遇到的问题
5.1 网卡问题
当搭建好 haproxy + keepalived 双活热备服务器后,在测试过程中发现,当完全关闭其中某一台haproxy服务器后,发现:IP 地址无法正常显示,即:ip addr 等相关命令中,没有之前配置的IP地址信息,且使用命令:systemctl restart network.service 会报错:
解决方案:
# 查看NetworkManager状态
systemctl status NetworkManager
# NetworkManager和network是两个不同的服务,它们是互相冲突的。最根本的解决办法就是把NetworkManager服务停掉
# 暂停, 服务器重启后还是会启动
systemctl stop NetworkManager
# 永久停止
systemctl disable NetworkManager
# 启动网络服务
systemctl start network.service
# 查看IP地址, 看是否正常。如果还是不行,那就重启服务器吧!
ip addr
5.2 keepalived服务问题
当搭建好 haproxy + keepalived 双活热备服务器后,在测试过程中发现,有时候keepalived服务即使是运行状态,还是无法使用vip访问haproxy服务器的地址。那么可能需要重启keepalived服务:
systemctl restart keepalived