haproxy+keepalived負(fù)載均衡之主備切換(centos)

發(fā)布時(shí)間：2012-06-11 22:40:18 作者：佚名

本文介紹haproxy+keepalived雙機(jī)熱備負(fù)載均衡，在centos5.4上調(diào)試通過

VIP: 192.168.1.100
Master: 192.168.1.238
Slave: 192.168.1.239
真實(shí)IP:
RIP1: 192.168.1.235
RIP2: 192.168.1.236

以下為安裝步驟
第一步：安裝haproxy
下載http://haproxy.1wt.eu/download/1.4/src/haproxy-1.4.18.tar.gz
#tar zxvf haproxy-1.4.18.tar.gz
#make TARGET=linux26
#make install
第二步：安裝ipvs
根據(jù)ipvs官網(wǎng)介紹，不同版本內(nèi)核適用的ipvs版本不一樣。http://www.linuxvirtualserver.org/software/ipvs.html
2.6.18 適用于1.24的各個(gè)版本
ipvsadm-1.24-6.src.rpm (for kernel between 2.6.10 and 2.6.27.4) - December 10, 2005
ipvsadm-1.24-5.src.rpm (for 1.2.0 or later) - October 27, 2004
ipvsadm-1.24-4.src.rpm (for 1.1.8 or later) - January 10, 2004
ipvsadm-1.24-3.src.rpm (for 1.1.8 or later) - December 20, 2003
ipvsadm-1.24.tar.gz - December 10, 2005
安裝之前，軟連接系統(tǒng)內(nèi)核目錄
ln -s /usr/src/kernels/2.6.18-194.11.3.el5-i686/ /usr/src/linux
查看系統(tǒng)當(dāng)前的內(nèi)核版本：
uname -r
2.6.18-164.el5

有時(shí)你找不到這個(gè)內(nèi)核的路徑，系統(tǒng)安裝后并沒有kernerls的目錄
解決方法：yum install kernel-devel
接下來在進(jìn)行連接編譯就ok了！

我們使用最新的 ipvsadm-1.24.tar.gz，下載安裝。
tar zxvf ipvsadm-1.24.tar.gz
cd ipvsadm-1.24
make
make install

第三步，安裝keepalived
從http://www.keepalived.org上下載最新的keepalived-1.2.2.tar.gz。
tar zxvf keepalived-1.2.2.tar.gz
cd keepalived-1.2.2
./configure
make
make install
安裝完畢。配置
(1)：
cp /usr/local/etc/rc.d/init.d/keepalived /etc/rc.d/init.d/
cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/
mkdir /etc/keepalived
cp /usr/local/etc/keepalived/keepalived.conf /etc/keepalived/
ln -s /usr/local/sbin/keepalived /usr/sbin/
service keepalived start
如果安裝時(shí)的編譯參數(shù)為： ./configure --prefix=/usr/local/keepalived
則操作步驟如下：
cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/rc.d/init.d/
cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
mkdir /etc/keepalived
cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/
ln -s /usr/local/keepalived/sbin/keepalived /usr/sbin/
service keepalived start

以下為詳細(xì)的配置文件

二、haproxy
（1）、haproxy配置文件 haproxy.cfg
global
daemon
chroot /usr/local/haproxy
maxconn 256
user haproxy
group haproxy
log-send-hostname xiaokk.com
log-tag my_xiaokk
nbproc 1
pidfile /var/run/haproxy.pid
log 127.0.0.1 local0 info
defaults
maxconn 256
mode http
timeout connect 5000ms
timeout client 50000ms
timeout server 50000ms
timeout check 2000
retries 3
option httpclose
option httplog
option dontlognull
option forwardfor
option redispatch
option abortonclose
frontend http-www
bind 192.168.1.100:80
acl ha_policy hdr_reg(host) -i ^(www.test-haproxy.com|test-haproxy.com|demo.test-haproxy.com|www.hellobaby.com)
acl ha_baby hdr_dom(host) -i hellobaby.com
use_backend ha_www if ha_policy
use_backend ha_www if ha_baby
log 127.0.0.1 local0 info
listen admin_status
bind 192.168.1.100:1080
mode http
log 127.0.0.1 local0 info
stats uri /admin?status
stats refresh 30s
stats realm Haproxy\ Admin\ Center
stats auth admin:admin
stats hide-version
backend ha_www
mode http
balance source
cookie SERVERID
option httpchk HEAD /index.html
server w1 192.168.1.235:80 cookie 1 check inter 1500 rise 3 fall 3 weight 1
server w2 192.168.1.236:85 cookie 1 check inter 1500 rise 3 fall 3 weight 2
(2)、haproxy啟卻腳本 haproxy.sh

#!/bin/sh
#
# chkconfig: - 85 15
# description: HA-Proxy is a TCP/HTTP reverse proxy which is particularly \
# suited for high availability environments.
#
# processname: haproxy
# config: /usr/local/haproxy/conf/haproxy.cfg
# pidfile: /var/run/haproyx.pid
#

# Source function library.
if [ -f /etc/init.d/functions ]; then
. /etc/init.d/functions
elif [ -f /etc/rc.d/init.d/functions ]; then
. /etc/rc.d/init.d/functions
else
exit 0
fi

# Source networking configuration.
. /etc/sysconfig/network

# Check that networking is up
[ ${NETWORKING} = "no" ] && exit 0

[ -f /usr/local/haproxy/conf/haproxy.cfg ] || exit 1

RETVAL=0

# start Haproxy
start() {
/usr/local/haproxy/sbin/haproxy -c -q -f /usr/local/haproxy/conf/haproxy.cfg
if [ $? -ne 0 ]; then
echo "Errors found in configuration file."
return 1
fi

echo -n "Starting Haproxy: "
daemon /usr/local/haproxy/sbin/haproxy -D -f /usr/local/haproxy/conf/haproxy.cfg -p /var/run/haproxy.pid
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/haproxy
return $RETVAL
}

# stop Haproxy
stop() {
echo -n "Shutting down Haproxy: "
killproc haproxy -USR1
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/haproxy
[ $RETVAL -eq 0 ] && rm -f /var/run/haproxy.pid
return $RETVAL
}

# restart Haproxy
restart() {
/usr/local/haproxy/sbin/haproxy -c -q -f /usr/local/haproxy/conf/haproxy.cfg
if [ $? -ne 0 ]; then
echo "ERR found in configuration file, check it with 'haproxy check'."
return 1
fi
stop
start
}

# check haproxy
check() {
/usr/local/haproxy/sbin/haproxy -c -q -V -f /usr/local/haproxy/conf/haproxy.cfg
}

# rsstatus
rhstatus() {
status haproxy
}

# condrestart
condrestart() {
[ -e /var/lock/subsys/haproxy ] && restart || :
}

# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
restart
;;
reload)
restart
;;
condrestart)
condrestart
;;
status)
rhstatus
;;
check)
check
;;
*)
echo $"Usage: haproxy {start|stop|restart|reload|condrestart|status|check}"
RETVAL
esac

exit $RETVAL

三、keepalived配置文件
Master的配置文件：
! Configuration File for keepalived
global_defs {
router_id LVS_1
}
vrrp_script chk_haproxy {
script "/etc/keepalived/check_haproxy.sh"
interval 2
weight 2
}
vrrp_instance VI_1 {
state MASTER
priority 99
advert_int 1
virtual_router_id 50
garp_master_delay 1
interface eth0
authentication {
auth_type PASS
auth_pass Kxiaokk345Pix
}
track_interface {
eth0
}
virtual_ipaddress {
192.168.1.100
}
track_script {
chk_haproxy
}
notify_master "/etc/keepalived/mailnotify.py master"
notify_backup "/etc/keepalived/mailnotify.py backup"
notify_fault "/etc/keepalived/mailnotify.py fault"
}

Slave的配置文件
! Configuration File for keepalived
global_defs {
router_id LVS_2
}
vrrp_script chk_haproxy {
script "/etc/keepalived/check_haproxy.sh"
interval 5
weight 2
}
vrrp_instance VI_1 {
state BACKUP
priority 96
advert_int 1
virtual_router_id 50
garp_master_delay 1
interface eth0
authentication {
auth_type PASS
auth_pass Kxiaokk345Pix
}
track_interface {
eth0
}
virtual_ipaddress {
192.168.1.100
}

track_script {
chk_haproxy
}
notify_master "/etc/keepalived/mailnotify.py master"
notify_backup "/etc/keepalived/mailnotify.py backup"
notify_fault "/etc/keepalived/mailnotify.py fault"
}
###### --- haproxy存活狀態(tài)檢測(cè)腳本
#!/bin/bash
#
# desc: check haproxy service
#
A=`ip address show eth0 | grep 192.168.1.100 | wc -l`
B=`ps -C haproxy --no-heading | wc -l`

if [ $A -eq 1 ]; then
if [ $B -eq 0 ]; then
/usr/local/haproxy/haproxy.sh start
sleep 3
fi
fi
######----

主備切換時(shí)郵件提醒程序(此程序源自litus，有小改動(dòng)，調(diào)試通過)
#!/usr/bin/python
#coding: utf-8
from email.MIMEMultipart import MIMEMultipart
from email.MIMEText import MIMEText
from email.MIMEImage import MIMEImage
from email.Header import Header
import sys
import smtplib

#-------------------------------
# file: mailnotify.py
# desc: send notify email
#
#-------------------------------
strFrom = 'toplover@sina.com'
strTo = 'toplover@126.com'
smtp_server = 'smtp.sina.com'
smtp_user = 'toplover'
smtp_pass = 'xxx***xxx'

if sys.argv[1] != "master" and sys.argv[1] != "backup" and sys.argv[1] != "fault":
sys.exit()
else:
notify_type = sys.argv[1]

mail_title = "[crt] Haproxy-notify-info"
mail_body_plain = notify_type + 'alive,please check it now'
mail_body_html = '<b><font color=red>' + notify_type + 'alive,please check it now'

msgRoot = MIMEMultipart('related')
msgRoot['Subject'] = Header(mail_title,'utf-8')
msgRoot['From'] = strFrom
msgRoot['To'] = strTo

msgAlternative = MIMEMultipart('alternative')
msgRoot.attach(msgAlternative)

msgText = MIMEText(mail_body_plain, 'plain', 'utf-8')
msgAlternative.attach(msgText)

msgText = MIMEText(mail_body_html, 'html', 'utf-8')
msgAlternative.attach(msgText)

smtp = smtplib.SMTP()
smtp.connect(smtp_server)
smtp.login(smtp_user,smtp_pass)
smtp.sendmail(strFrom, strTo, msgRoot.as_string())
smtp.quit()
到此完成了簡(jiǎn)單的haproxy+keepalived負(fù)載均衡主從熱備功能。
不明之處請(qǐng)參閱haproxy官方cofiguration.txt文件及keepalived官方文檔。