歡迎來到Linux教程網
Linux教程網
Linux教程網
Linux教程網
您现在的位置: Linux教程網 >> UnixLinux >  >> Linux基礎 >> 關於Linux

ubuntu+haproxy+keepalived主主負載

ubuntu+haproxy+keepalived主主負載   一.測試環境: 系統:ubuntu server 12.04    haproxy版本:1.4.24   keepalived版本:keepalived-1.2.7   haporxy01:eth0:172.16.1.36  eth1:192.168.100.36   haporxy02:eth0:172.16.1.37  eth1:192.168.100.37   vip1:172.16.1.30   vip2:172.16.1.31   nignx1 website顯示:nginx1   nginx2 website顯示:ningx2   nginx3 website顯示:nginx3   nginx4 website顯示:nginx4   二.網絡結構                                     user                                                  |                                       |             (vip1)                  |                 (vip2)           haproxy01-------keepalived-------haproxy02              / \                                          / \                  /   \                                        /   \            /     \                                      /     \           /       \                                    /       \       --------------------------------------------------------       | nginx1   nginx2                  nginx3   nginx4 |       -------------------------------------------------------- 三.安裝 1.安裝keepalvied    主機haproxy01:     wget http://www.keepalived.org/software/keepalived-1.2.7.tar.gz   tar xf keepalived-1.2.7.tar.gz   cd keepalived-1.2.7   ./configure --prefix=/usr/local/   提示:   checking for openssl/ssl.h... no   configure: error:    !!! OpenSSL is not properly installed on your system. !!!   !!! Can not include OpenSSL headers files.            !!!   安裝libssl.dev   apt-get install libssl.dev   繼續:   ./configure --prefix=/usr/local/   提示:   checking for poptGetContext in -lpopt... no   configure: error: Popt libraries is required   安裝libpopt-dev   apt-get install libpopt-dev   繼續:   ./configure --prefix=/usr/local/   make   make install   2.編輯keepalived.conf   mkdir /etc/keepalived/   vi /etc/keepalived/keepalived.conf   ########  keepalived.conf  ######## global_defs {         router_id LVS_DEVEL }   vrrp_instance VI_1 {         state MASTER  # haproxy02:BACKUP         interface eth0         virtual_router_id 51         priority 91   # 比haproxy02大         advert_int 1         authentication {                 auth_type PASS                 auth_pass 123456789         }           virtual_ipaddress {                 172.16.1.30         }   vrrp_instance VI_2 {         state BACKUP  # haproxy02:MASTER         interface eth0         virtual_router_id 52         priority 90   # 比haproxy02小         advert_int 1         authentication {                 auth_type PASS                 auth_pass 123456789         }           virtual_ipaddress {                 172.16.1.31         } ########  keepalived.conf  ########   3.啟動keepalived   /usr/local/sbin/keepalvied -f /etc/keepalived/keepalived.conf    4.查看vip   ip addr 顯示:   eth0:       inet 172.16.1.30/32 scope global eth0       inet 172.16.1.31/32 scope global eth0 #(haproxy02的keepalived未啟動,vip2在haproxy01中,haproxy02中keepalived啟動後,vip2自動跳轉到haproxy02中eth0上)   主機haproxy02:   keepalived安裝同上,keepalived.conf如下:   ########  keepalived.conf  ######## global_defs {         router_id LVS_DEVEL }   vrrp_instance VI_1 {         state BACKUP  # haproxy01:MASTER         interface eth0         virtual_router_id 51         priority 90   # 比haproxy01小         advert_int 1           authentication {             auth_type PASS             auth_pass 123456789         }           virtual_ipaddress {                 172.16.1.30         }   vrrp_instance VI_2 {         state MASTER  # haproxy01:BACKUP         interface eth0         virtual_router_id 52         priority 91   # 比haproxy01大         advert_int 1         authentication {             auth_type PASS             auth_pass 123456789         }           virtual_ipaddress {                 172.16.1.31         } ########  keepalived.conf  ########   啟動keepalived   /usr/local/sbin/keepalvied -f /etc/keepalived/keepalived.conf 查看vip:   ip addr 顯示:   eth0:       inet 172.16.1.31/32 scope global eth0 # (haproxy中eth0上vip2消失,只有vip1)   停止任意一台keepalived服務,另外一台均可自動生成vip1和vip2,確保2台haproxy高可用性   2.安裝haproxy   wget http://haproxy.1wt.eu/download/1.4/src/haproxy-1.4.24.tar.gz   tar xf haproxy-1.4.24.tar.gz    cd haproxy-1.4.24 查看ubuntu版本信息:   uname -a 顯示:   Linux ubuntu37 3.2.0-51-generic #77-Ubuntu SMP Wed Jul 24 20:18:19 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux   make TARGET=37-ubuntu   make PREFIX=/usr/local/haproxy install 建立haproxy用戶     useradd haproxy   2.編輯haproxy.cfg   mkdir /etc/haproxy   vi /etc/haproxy/haproxy.cfg   ########  haproxy.cfg  ######## global      log 127.0.0.1 local0      maxconn 51200      user haproxy      group haproxy      daemon   defaults      log  127.0.0.1 local3      mode http      option dontlognull      balance roundrobin          retries 2      option redispatch      option abortonclose         maxconn 51200      contimeout 5000      clitimeout 50000      srvtimeout 50000   listen haproxy01      bind 172.16.1.30:80      mode http      option  httpclose       option forceclose      option  forwardfor      option originalto      option  redispatch      balance leastconn      timeout check 5s      stats uri /stats          # haproxy負載監控頁面 例:http://172.16.1.30/stats      stats refresh 15s       # 監控頁面刷新時間      stats realm baison-test-Haproxy      stats auth admin:admin      # 監控頁面賬號密碼      stats hide-version              # 隱藏haproxy版本信息      cookie  SESSION_COOKIE  insert indirect nocache   maxconn 40960      server nginx1 192.168.100.11:80 weight 1 cookie nginx1 check inter 2000 rise 2 fall 3       server nginx2 192.168.100.12:80 weight 1 cookie nginx2 check inter 2000 rise 2 fall 3   listen haproxy02      bind 172.16.1.31:80      mode http      option  httpclose       option forceclose      option  forwardfor      option originalto      option  redispatch      balance leastconn      cookie  SESSION_COOKIE  insert indirect nocache      maxconn 40960      server nginx3 192.168.100.13:80 weight 1 cookie nginx3 check inter 2000 rise 2 fall 3      server nginx4 192.168.100.14:80 weight 1 cookie nginx4 check inter 2000 rise 2 fall 3 ########  haproxy.cfg  ######## 啟動haproxy:   /usr/local/haproxy/sbin/haproxy -f /etc/haproxy/haproxy.cfg   主機haproxy02: 安裝同上,haproxy.cfg同上 啟動haproxy:   /usr/local/haproxy/sbin/haproxy -f /etc/haproxy/haproxy.cfg   四:測試 通過浏覽器訪問:   http://172.16.1.30 頁面顯示:nginx1、nginx2輪詢切換   http://172.16.1.31 頁面顯示:nginx3、nginx4輪詢切換 可通過監控頁面查看負載情況:   http://172.16.1.30/stats   停止任意一台haproxy服務,站點均不受影響   五:haproxy日志 1.在/etc/rsyslog.conf中: 添加haproxy日志路徑:   local0.* /var/log/haproxy.log    local3.* /var/log/haproxy.log 取消注釋:   #$ModLoad imudp  ==》$ModLoad imudp   #$UDPServerRun 514 ==》$UDPServerRun 514 重啟rsyslog服務   service rsyslog restart   2.核實services文件   grep 514 /etc/services 顯示:   syslog 514/udp    為ok!!! 如不存在,手動添加:   vi /etc/default/rsyslog   RSYSLOGD_OPTIONS="-r -c 5" 重啟syslog服務,   service rsyslog restart   六:優化haproxy服務器 1.內核結果如下:   sysctl -p   net.ipv4.ip_forward = 1   net.ipv4.ip_nonlocal_bind = 1   net.ipv4.tcp_syncookies = 1   net.ipv4.tcp_tw_reuse = 1   net.ipv4.ip_local_port_range = 1024 65535   net.nf_conntrack_max = 1310720   net.ipv4.tcp_tw_reuse = 1   net.ipv4.tcp_fin_timeout = 15   net.core.netdev_max_backlog = 4096   net.core.rmem_max = 16777216   net.core.somaxconn = 1310720   net.core.wmem_max = 16777216   net.ipv4.tcp_max_syn_backlog = 20480   net.ipv4.tcp_max_tw_buckets = 400000   net.ipv4.tcp_no_metrics_save = 1   net.ipv4.tcp_rmem = 4096 87380 16777216   net.ipv4.tcp_syn_retries = 2   net.ipv4.tcp_synack_retries = 2   net.ipv4.tcp_wmem = 4096 65536 16777216   vm.min_free_kbytes = 65536   net.ipv4.tcp_sack = 1   net.ipv4.tcp_timestamps = 1   net.ipv4.tcp_tw_recycle = 1 拷貝至sysctl.conf中   vi /etc/sysctl.conf   2.ulimit數值永久化 執行:   ulimit -SHn 顯示:   1024 永久化: a.在/etc/pam.d/login中,添加:   pam_limits.so (有時候系統默認添加) 查找文件位置:    find / -name pam_limits.so 顯示:   /lib/x86_64-linux-gnu/security/pam_limits.so b.在/etc/security/limits.conf中,添加:   root    soft nofile 10240 #實際值   root    hard nofile 10240 #實際值 c.修改 /etc/rc.local 添加:   echo 8061540 > /proc/sys/fs/file-max 執行:   echo 8061540 > /proc/sys/fs/file-max   3.nginx服務器內核參數優化 sysctl -p   net.ipv4.tcp_fin_timeout = 30   net.ipv4.tcp_keepalive_intvl = 2   net.ipv4.tcp_keepalive_probes = 2   net.ipv4.tcp_keepalive_time = 120   net.ipv4.tcp_syn_retries = 10   net.ipv4.tcp_sack = 1   net.ipv4.tcp_timestamps = 1  
Copyright © Linux教程網 All Rights Reserved