首页 > 服务配置 > Haproxy keepalived的线上高可用
2016
03-18

Haproxy keepalived的线上高可用

系统:CentOS 6.5 HA-Proxy version 1.5.2 keepalived-1.2.13
http://haproxy.com/
http://www.haproxy.org/社区,也就是http://haproxy.1wt.eu
http://blog.haproxy.com/
http://www.keepalived.org/
http://cbonte.github.io/haproxy-dconv/configuration-1.5.html#2.1 haproxy文档
eth0 192.168.10.1 manager   外网  eth1 192.168.22.26/24
eth0 192.168.10.2 backup     外网  eth1 192.168.22.118/24
192.168.10.3   web1   静态
192.168.10.4   web2   动态

Haproxy keepalived的线上高可用 - 第1张  | linux工匠|关注运维自动化|Python开发|linux高可用集群|数据库维护|性能提优|系统架构

安装软件包

manager和backup 安装haproxy、keepalived

web1安装httpd服务,并启动httpd服务

web2安装httpd和php服务,并启动httpd服务

配置haproxy

负载均衡方式一般用cookie识别或session识别
这里把haproxy的日志改一个路径,为/var/log/haproxy.log

web1和web2日志添加X-Forwarded-For首部,让后端服务器记录真实请求ip,web1和web2都做以下改动

[root@manager haproxy]# scp haproxy.cfg root@backup:/etc/haproxy 把配置复制一份给backup

检查并启动服务查看

# haproxy -f /etc/haproxy/haproxy.cfg

# service haproxy restart

浏览器打开192.168.22.26,Ctrl+F5刷新查看页面

打开manager和backup的页面都会出现phpinfo的页面,是因为不满足url_static,走dynamic_servers规则

查看haproxy和web1,web2的日志来检查

http://192.168.22.26:8080/haproxy?stats 这个页面查看haproxy的后台状态

Haproxy keepalived的线上高可用 - 第2张  | linux工匠|关注运维自动化|Python开发|linux高可用集群|数据库维护|性能提优|系统架构

配置keepalived

manager主节点keepalived配置

keepalived备节点配置

此时VIP192.168.22.249在manager上面,当把主节点haproxy服务停止,那么VIP将漂移到备节点,自己在浏览器查看,

~~~分割线~~~

下面是keepalived互为主从的配置,manager节点跑一个web应用,backup也跑一个web应用,不浪费服务器资源。当一个节点挂死,两个VIP会在另一个节点上面,这时候网卡上配置两个VIP资源

manager的keepalived配置

 

backup的keepalived配置

主备都启动haproxy和keepalived服务,查看haproxy和keepalived的日志
/var/log/haproxy.log
/var/log/messages
在manager上把haproxy服务停止,查看节点ip地址,和keepalived日志,此时VIP192.168.22.249就会转移到backup上面,日志就不贴了
manager网卡:

Haproxy keepalived的线上高可用 - 第3张  | linux工匠|关注运维自动化|Python开发|linux高可用集群|数据库维护|性能提优|系统架构

backup网卡

Haproxy keepalived的线上高可用 - 第4张  | linux工匠|关注运维自动化|Python开发|linux高可用集群|数据库维护|性能提优|系统架构

haproxy在公司内常用于负载均衡,配置的强大和灵活、不出故障。官方介绍haproxy主要特点:

Load balancing

  • Numerous balancing algorithms may be applied by server or by server group, with weighting
  • Content switching: request routing based on their content
  • SSL (one of the best SSL stack on the market)
  • Multi criteria session persistence management
  • HTTP header management via access control lists (ACL)
  • Support web services and web sockets

High availability

  • Smooth server shutdown and startup
  • Overload protection
  • Continuous server monitoring
  • High availability (VRRP / Route Health Injection)

Application performance

  • HTTP compression
  • Management of server logs in offload mode
  • Traffic analytic logs with customizable log format
  • TCP/HTTP acceleration via buffering
  • Dynamic connection control
  • Early release of connections
  • no limit in number of servers, farms, services (validated in production with 300.000 of each object)

Security

  • Reverse-Proxy
  • Protocol validation
  • Information leaks prevention
  • Protection against DoS, DDoS, worms, brute force, backdoor and Advanced persistent threat (APT)
  • Real time behavior analysis
  • Management of white/blacklists and URL restrictions
  • Filtering of HTTP / HTTPS queries and replies

Integration and administration

  • Protocol compliance
  • full support of IPv6
  • syslog
  • proxy protocol (Amazon ELB, nginx, …)
  • Integration with standard operating systems
  • Backwards compatible with HAProxy configurations
最后编辑:
作者:bbotte
这个作者貌似有点懒,什么都没有留下。

留下一个回复

你的email不会被公开。