组件及实现的功能
-
Keepalived:实现对Haproxy服务的高可用,并采用双主模型配置;
-
Haproxy:实现对Nginx的负载均衡和读写分离;
-
Nginx:实现对HTTP请求的高速处理;
架构设计图
重点概念
vrrp_script中节点权重改变算法
vrrp_script 里的script返回值为0时认为检测成功,其它值都会当成检测失败;
weight 为正时,脚本检测成功时此weight会加到priority上,检测失败时不加;
主失败:
主 priority < 从 priority + weight 时会切换。
主成功:
主 priority + weight > 从 priority + weight 时,主依然为主
weight 为负时,脚本检测成功时此weight不影响priority,检测失败时priority – abs(weight)
主失败:
主 priority – abs(weight) < 从priority 时会切换主从
主成功:
主 priority > 从priority 主依然为主
具体解释详见博文“Keepalived双主模型中vrrp_script中权重改变故障排查”
部署配置
Keepalived部署
配置
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
|
yum -y
install
keepalived
# 两节点都需部署
# 172.16.25.109
# vi /etc/keepalived/keepalived.conf
! Configuration File
for
keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from admin@lnmmp.com
smtp_connect_timeout 3
smtp_server 127.0.0.1
router_id LVS_DEVEL
}
vrrp_script chk_maintaince_down {
script
"[[ -f /etc/keepalived/down ]] && exit 1 || exit 0"
interval 1
weight 2
}
vrrp_script chk_haproxy {
script
"killall -0 haproxy"
interval 1
weight 2
}
vrrp_instance VI_1 {
interface eth0
state MASTER
priority 100
virtual_router_id 125
garp_master_delay 1
authentication {
auth_type PASS
auth_pass 1e3459f77aba4ded
}
track_interface {
eth0
}
virtual_ipaddress {
172.16.25.10
/16
dev eth0 label eth0:0
}
track_script {
chk_haproxy
}
notify_master
"/etc/keepalived/notify.sh master 172.16.25.10"
notify_backup
"/etc/keepalived/notify.sh backup 172.16.25.10"
notify_fault
"/etc/keepalived/notify.sh fault 172.16.25.10"
}
vrrp_instance VI_2 {
interface eth0
state BACKUP
priority 99
virtual_router_id 126
garp_master_delay 1
authentication {
auth_type PASS
auth_pass 7615c4b7f518cede
}
track_interface {
eth0
}
virtual_ipaddress {
172.16.25.11
/16
dev eth0 label eth0:1
}
track_script {
chk_haproxy
chk_maintaince_down
}
notify_master
"/etc/keepalived/notify.sh master 172.16.25.11"
notify_backup
"/etc/keepalived/notify.sh backup 172.16.25.11"
notify_fault
"/etc/keepalived/notify.sh fault 172.16.25.11"
}
# 172.16.25.110
# vi /etc/keepalived/keepalived.conf
! Configuration File
for
keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from admin@lnmmp.com
smtp_connect_timeout 3
smtp_server 127.0.0.1
router_id LVS_DEVEL
}
vrrp_script chk_maintaince_down {
script
"[[ -f /etc/keepalived/down ]] && exit 1 || exit 0"
interval 1
weight 2
}
vrrp_script chk_haproxy {
script
"killall -0 haproxy"
interval 1
weight 2
}
vrrp_instance VI_1 {
interface eth0
state BACKUP
priority 99
virtual_router_id 125
garp_master_delay 1
authentication {
auth_type PASS
auth_pass 1e3459f77aba4ded
}
track_interface {
eth0
}
virtual_ipaddress {
172.16.25.10
/16
dev eth0 label eth0:0
}
track_script {
chk_haproxy
chk_maintaince_down
}
notify_master
"/etc/keepalived/notify.sh master 172.16.25.10"
notify_backup
"/etc/keepalived/notify.sh backup 172.16.25.10"
notify_fault
"/etc/keepalived/notify.sh fault 172.16.25.10"
}
vrrp_instance VI_2 {
interface eth0
state MASTER
priority 100
virtual_router_id 126
garp_master_delay 1
authentication {
auth_type PASS
auth_pass 7615c4b7f518cede
}
track_interface {
eth0
}
virtual_ipaddress {
172.16.25.11
/16
dev eth0 label eth0:1
}
track_script {
chk_haproxy
}
notify_master
"/etc/keepalived/notify.sh master 172.16.25.11"
notify_backup
"/etc/keepalived/notify.sh backup 172.16.25.11"
notify_fault
"/etc/keepalived/notify.sh fault 172.16.25.11"
}
# vi /etc/keepalived/notify.sh
#!/bin/bash
# Author: Jason.Yu <admin@lnmmp.com>
# description: An example of notify script
#
contact=
'root@localhost'
notify() {
mailsubject=
"`hostname` to be $1: $2 floating"
mailbody=
"`date '+%F %H:%M:%S'`: vrrp transition, `hostname` changed to be $1"
echo
$mailbody | mail -s
"$mailsubject"
$contact
}
case
"$1"
in
master)
notify master $2
/etc/rc
.d
/init
.d
/haproxy
restart
exit
0
;;
backup)
notify backup $2
# 在节点切换成backup状态时,无需刻意停止haproxy服务,防止chk_maintaince和chk_haproxy多次对haproxy服务操作;
exit
0
;;
fault)
notify fault $2
# 同上
exit
0
;;
*)
echo
'Usage: `basename $0` {master|backup|fault}'
exit
1
;;
esac
|
启动服务
|
1
|
service keepalived start
# 在两个节点上都需要启动
|
keepalived双主模型启动
Haproxy部署
安装配置
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
|
yum -y
install
haproxy
# 两节点都需部署
vi
/etc/haproxy/haproxy
.cfg
# 两节点配置一致
global
log 127.0.0.1 local2
chroot
/var/lib/haproxy
pidfile
/var/run/haproxy
.pid
maxconn 4000
user haproxy
group haproxy
daemon
# 以后台程序运行;
defaults
mode http
# 选择HTTP模式,即可进行7层过滤;
log global
option httplog
# 可以得到更加丰富的日志输出;
option dontlognull
option http-server-close
# server端可关闭HTTP连接的功能;
option forwardfor except 127.0.0.0
/8
# 传递client端的IP地址给server端,并写入“X-Forward_for”首部中;
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 30000
listen stats
mode http
bind 0.0.0.0:1080
# 统计页面绑定1080端口;
stats
enable
# 开启统计页面功能;
stats hide-version
# 隐藏Haproxy版本号;
stats uri
/haproxyadmin
?stats
# 自定义统计页面的访问uri;
stats realm Haproxy\ Statistics
# 统计页面密码验证时的提示信息;
stats auth admin:admin
# 为统计页面开启登录验证功能;
stats admin
if
TRUE
# 若登录用户验证通过,则赋予管理功能;
frontend http-
in
bind *:80
mode http
log global
option httpclose
option logasap
option dontlognull
capture request header Host len 20
capture request header Referer len 60
acl url_static path_beg -i
/static
/images
/javascript
/stylesheets
acl url_static path_end -i .jpg .jpeg .gif .png .css .js .html
use_backend static_servers
if
url_static
# 符合ACL规则的,请求转入后端静态服务器
default_backend dynamic_servers
# 默认请求转入后端动态服务器
backend static_servers
balance roundrobin
server imgsrv1 192.168.0.25:80 check maxconn 6000
# 静态服务器,可配置多台,还可设置权重weight;
backend dynamic_servers
balance
source
# 对于动态请求利用source调度算法,可一定程度上实现session保持;但最好利用cookie绑定的方式实现session保持
server websrv1 192.168.0.35:80 check maxconn 1000
# 动态服务器,可配置多台,还可设置权重weight;
|
启动服务
|
1
|
service haproxy start
# 两节点都需要启动
|
Nginx部署
见博客“如何测试Nginx的高性能”
访问验证
Haproxy统计页面测试
动静分离测试
高可用测试
本文转自 xxrenzhe11 51CTO博客,原文链接:http://blog.51cto.com/xxrenzhe/1405455,如需转载请自行联系原作者
