Haproxy+Keepalived
structure
Configuration | |
---|---|
scheduler | Install and configure Haproxy, Keepalived, haproxy1 has a higher priority than haproxy2 |
web cluster | Compile and install nginx, and mount the shared files provided by the storage server to the root directory of the website |
Storage server | Install nfs-utils, rpcbind; share files |
equipment | install software | effect |
---|---|---|
haproxy1 | Haproxy、Keepalived | Master scheduler, receiving users |
haproxy2 | Haproxy、Keepalived | Standby scheduler, when the main fails, replace the main |
nginx1 | nginx | Provide services to users |
nginx2 | nginx | Provide services to users |
nfs | nfs-utils、rpcbind | Provide storage services for web clusters |
NFS
1. Need to install nfs-utils, rpcbind software package
yum -y install nfs-utils rpcbind
2. Set the shared directory
(for the convenience of testing, so set two different directories to distinguish)
mkdir /opt/nginx1
mkdir /opt/nginx2
echo "<html><title>nginx1</title><body><h1>This is nginx1</h1></body></html>" >> /opt/nginx1/index.html
echo "<html><title>nginx2</title><body><h1>This is nginx2</h1></body></html>" >> /opt/nginx2/index.html
3. Edit configuration files, share directories
vi /etc/exports
/opt/nginx1 192.168.2.16(ro)
/opt/nginx2 192.168.2.17(ro)
Reboot
systemctl restart nfs
View the NFS shared directory published by the machine
showmount -e
Web cluster
Use xftp to upload software packages
yum install dependencies
yum -y install gcc gcc-c++ make pcre pcre-devel zlib zlib-devel
Create a non-loginable account for ngxin to use
useradd -M -s /sbin/nologin nginx
Unzip
tar xf nginx-1.12.2.tar.gz
cd nginx-1.12.2/
Configuration content
./configure \
--prefix=/usr/local/nginx \
--user=nginx \
--group=nginx \
--with-http_stub_status_module
Compile and install
make && make install
Establish nginx soft connection
ln -s /usr/local/nginx/sbin/nginx /usr/local/sbin/
Nginx configuration file soft connection
ln -s /usr/local/nginx/conf/nginx.conf /etc/
Check that nginx can run normally
nginx -t
View the shared directory of the NFS server
showmount -e 192.168.2.18
Mount the directory to the root directory of the website
nginx1
mount 192.168.2.18:/opt/nginx1 /usr/local/nginx/html/
nginx2
mount 192.168.2.18:/opt/nginx2 /usr/local/nginx/html/
Check if the mount is successful
cat /usr/local/nginx/html/index.html
Turn off the firewall
systemctl stop firewalld
setenforce 0
vi /etc/selinux/config
SELINUX=disabled
test
curl http://localhost
scheduler
1. Installation and configuration of haproxy (main and standby must be installed)
xftp upload file haproxy
Yum installs dependent packages, decompresses, and installs
yum -y install gcc gcc-c++ make pcre-devel bzip2-devel
tar xf haproxy-1.4.24.tar.gz
cd haproxy-1.4.24/
make TARGET=linux26
make install
Create a directory, copy
mkdir /etc/haproxy
cp examples/haproxy.cfg /etc/haproxy/
Edit haproxy.cfg
vi /etc/haproxy/haproxy.cfg
Annotation
#chroot /usr/share/haproxy
#redispatch
delete
Remove all listen options
Add to
listen webcluster 0.0.0.0:80
option httpchk GET /index.html
balance roundrobin
server nginx1 192.168.2.16:80 check inter 2000 fall 3
server nginx2 192.168.2.17:80 check inter 2000 fall 3
2. Install keepalived (main and standby must be installed)
xftp upload keepalived file, unzip
tar xf keepalived-2.0.13.tar.gz
Install compilation tools and plugins
yum -y install gcc gcc-c++ make popt-devel kernel-devel openssl-devel
Switch directory, compile and install
cd keepalived-2.0.13/
./configure --prefix=/
make && make install
Join the system management service, set it to start automatically after booting
cp keepalived/etc/init.d/keepalived /etc/init.d/
systemctl enable keepalived.service
haproxy1 configuration file
(Master scheduler)
vi /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id Haproxy_01
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 51
priority 150
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.2.100
}
}
haproxy2 configuration file
(From the scheduler)
! Configuration File for keepalived
global_defs {
router_id Haproxy_02
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 51
priority 145
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.2.100
}
}
test
1. Browser access test (both active and standby are normal)
2. ip addr test (both active and standby are normal)
3. Simulate the main scheduler network failure test
Haproxy monitoring script
If the Haproxy1 device only fails in the Haproxy service and Keepalived does not fail, then the standby scheduler will not be enabled, which will cause service interruption. Therefore, Keepalived needs to be turned off. At this time, you need to write a script to monitor Haproxy. If Haproxy is turned off, the script will automatically turn off Keepalived.
Edit script
vi /etc/keepalived/check_haproxy.sh
#!/bin/bash
#haproxy失效关闭keepalived
A=`ps -C haproxy --no-header |wc -l`
if [ $A -eq 0 ];then
/usr/local/haproxy/sbin/haproxy -f /usr/local/haproxy/conf/haproxy.cfg
sleep 3
if [ `ps -C haproxy --no-header |wc -l` -eq 0 ];then
/etc/init.d/keepalived stop
fi
fi
Add permissions
chmod 755 /etc/keepalived/check_haproxy.sh
Modify the configuration file
vi /etc/keepalived/keepalived.conf
Configuration file comparison
weight -20
Means priority -20; priority 150
means priority 150
Herein above and adds a profile compared haproxy detection monitoring script
assumes that the script detects service haproxy normal priority only priority 150
take effect when the primary priority 150, standby priority 145, served by a master scheduler
hypothesis haproxy service script detects abnormal, the priority weight -20
and priority 150
the sum determined, this time on the priority of 130, 145 and the alternate, backup at this time instead of the main service will be
! Configuration File for keepalived
vrrp_script chk_http_port {
script "/etc/keepalived/check_haproxy.sh"
interval 2
weight -20
global_defs {
router_id Haproxy_01
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 51
priority 150
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
chk_http_port
}
virtual_ipaddress {
192.168.2.100
}
}
}
test