概述??
本章節主要介紹配置HaProxy+Keepalived高可用群集,Mycat的配置就不在這里做介紹,可以參考我前面寫的幾篇關于Mycat的文章。
?部署圖:
?
配置??
?HaProxy安裝
181和179兩臺服務器安裝haproxy的步驟一致
--創建haproxy用戶 useradd?haproxy--解壓完后進入haproxy目錄 cd?haproxy-1.4.25/--編譯安裝 make?TARGET=linux26?PREFIX=/usr/local/haproxy?ARCH=x86_64make?install?PREFIX=/usr/local/haproxy
HaProxy配置
?
cd?/usr/local/haproxytouch?haproxy.cfgvim?haproxy.cfg
global
log 127.0.0.1 local0 ##記日志的功能
maxconn 4096
chroot /usr/local/haproxy
user haproxy
group haproxy
daemon
defaults
log global
option dontlognull
retries 3
option redispatch
maxconn 2000
contimeout 5000
clitimeout 50000
srvtimeout 50000
listen admin_stats 192.168.57.180:48800?##統計頁面
stats uri /admin-status?
stats auth admin:admin
mode http
option httplog
listen mycat_service 192.168.57.180:18066 ##客戶端就是通過這個ip和端口進行連接,這個vip和端口綁定的是mycat8066端口
mode tcp
option tcplog
option httpchk OPTIONS * HTTP/1.1\r\nHost:\ www
balance roundrobin
server mycat_181 192.168.57.181:8066 check port 48700 inter 5s rise 2 fall 3
server mycat_179 192.168.57.179:8066 check port 48700 inter 5s rise 2 fall 3
srvtimeout 20000
listen mycat_admin 192.168.57.180:19066 ##客戶端就是通過這個ip和端口進行連接,這個vip和端口綁定的是mycat9066端口
mode tcp
option tcplog
option httpchk OPTIONS * HTTP/1.1\r\nHost:\ www
balance roundrobin
server mycat_181 192.168.57.181:9066 check port 48700 inter 5s rise 2 fall 3
server mycat_179 192.168.57.179:9066 check port 48700 inter 5s rise 2 fall 3
srvtimeout 20000
配置haproxy記錄日志功能
yum?–y?install?rsyslogmkdir?/etc/rsyslog.dcd?/etc/rsyslog.d/touch?haproxy.confvim?haproxy.conf
$ModLoad?imudp $UDPServerRun?514local0.*?/var/log/haproxy.log
vim?/etc/rsyslog.conf
在#### RULES ####上面一行加入以下內容
#?Include?all?config?files?in?/etc/rsyslog.d/$IncludeConfig?/etc/rsyslog.d/*.conf
在local7.* /var/log/boot.log下面加入以下內容
local0.*?/var/log/haproxy.log
?重啟rsyslog服務
service?rsyslog?restart
將rsyslog加入自動啟動服務
chkconfig?--add?rsyslogchkconfig?--level?2345?rsyslog?on
?
配置監聽mycat是否存活
安裝xinetd插件
yum?install?xinetd?-y
cd?etc
service?mycat_status
{
flags?=?REUSE
socket_type?=?stream
port?=?48700wait?=?nouser?=?nobody
server?=/usr/local/bin/mycat_status
log_on_failure?+=?USERID
disable?=?no
} 創建xinetd啟動服務腳本
vim /usr/local/bin/mycat_status
#!/bin/bash #/usr/local/bin/mycat_status.sh #?This?script?checks?if?a?mycat?server?is?healthy?running?on?localhost.?It?will #?return: # #?"HTTP/1.x?200?OK\r"?(if?mycat?is?running?smoothly) # #?"HTTP/1.x?503?Internal?Server?Error\r"?(else) mycat=`/usr/local/mycat/bin/mycat?status?|grep?'not?running'|?wc?-l`if?[?"$mycat"?=?"0"?];then/bin/echo?-e?"HTTP/1.1?200?OK\r\n"else/bin/echo?-e?"HTTP/1.1?503?Service?Unavailable\r\n" fi
修改腳本文件權限
我就是在這里被坑了很久,根據權威指南上面mycat_status這個腳本里面的內容也有很多問題,好幾個地方沒有空格.
chmod?777?/usr/local/bin/mycat_status chmod?777?/etc/xinetd.d/mycat_status
?
將啟動腳本加入服務
vim /etc/services
在末尾加入
mycat_status?48700/tcp?#?mycat_status
重啟xinetd服務
service?xinetd?restart
將xinetd加入自啟動服務
chkconfig?--add?xinetdchkconfig?--level?2345?xinetd?on
?
頁面測試
http://192.168.57.180:48800/admin-status
由于179還沒有安裝好,所以這里179顯示連接失敗
創建haproxy啟停腳本
啟動腳本
touch?/usr/local/haproxy/sbin/start chmod?+x?/usr/local/haproxy/sbin/start vim??/usr/local/haproxy/sbin/start
#!/bin/sh/usr/local/haproxy/sbin/haproxy?-f?/usr/local/haproxy/haproxy.cfg?&
關閉腳本
touch?/usr/local/haproxy/sbin/stop chmod?+x?/usr/local/haproxy/sbin/stop vim?/usr/local/haproxy/sbin/stop
#!/bin/sh
ps?-ef?|?grep?sbin/haproxy?|?grep?-v?grep?|awk?'{print?$2}'|xargs?kill?-s?9 授權
chown?-R?haproxy.haproxy?/usr/local/haproxy/*
Keepalived安裝步驟
keepalived的安裝步驟過程在兩臺服務器上除了keepalived.conf配置文件稍微有點區別外其他的地方都一致。
openssl安裝
./config?--prefix=/usr/local/openssl./config?-t make?depend make make?test make?install ln?-s?/usr/local/openssl?/usr/local/sslvim?/etc/ld.so.conf
在文件末尾加入以下內容
/usr/local/openssl/lib
修改環境變量
vim?/etc/profile
在文件末尾加入以下內容
export?OPENSSL=/usr/local/openssl/bin export?PATH=$PATH:$OPENSSL
使環境變量立刻生效
source?/etc/profile
安裝openssl-devel
yum?install?openssl-devel?-y
?
測試
ldd?/usr/local/openssl/bin/openssl
vdso.so.??(?lib64libdl.so.?(?lib64libc.so.?(lib64ldlinuxx86.so.?(
which?openssl
/usr/bin/openssl
openssl?version
OpenSSL?1.0.0-fips?29?Mar?2010
keepalived安裝
./configure?--prefix=/usr/local/keepalivedmake make?install cp?/usr/local/keepalived/sbin/keepalived?/usr/sbin/cp?/usr/local/keepalived/etc/sysconfig/keepalived?/etc/sysconfig/cp?/usr/local/keepalived/etc/rc.d/init.d/keepalived?/etc/init.d/mkdir?/etc/keepalived cd?/etc/keepalived/cp?/usr/local/keepalived/etc/keepalived/keepalived.conf?/etc/keepalived mkdir?-p??/usr/local/keepalived/var/log
?
創建配置文件和腳本
mkdir?etckeepalivedscriptscd?/etc/keepalived/scripts
vim?/etc/keepalived/keepalived.conf
master
!?Configuration?Fileforkeepalived
vrrp_script?chk_http_port?{
script"/etc/keepalived/scripts/check_haproxy.sh"
interval?2weight?2}
vrrp_instance?VI_1?{
state?MASTER?#192.168.57.179上改為BACKUP
interface?eth0?#對外提供服務的網絡接口
virtual_router_id?51?#VRRP組名,兩個節點的設置必須一樣,以指明各個節點屬于同一VRRP組
priority?150?#數值愈大,優先級越高,backup上改為120
advert_int?1?#同步通知間隔
authentication?{?#包含驗證類型和驗證密碼。類型主要有PASS、AH兩種,通常使用的類型為PASS,據說AH使用時有問題
auth_type?PASS
auth_pass?1111}
track_script?{
chk_http_port?#調用腳本check_haproxy.sh檢查haproxy是否存活
}
virtual_ipaddress?{?#vip地址,haproxy配置的使用的就是這里配置的VIP192.168.57.180?dev?eth0?scope?global
}
notify_master?/etc/keepalived/scripts/haproxy_master.sh
notify_backup?/etc/keepalived/scripts/haproxy_backup.sh
notify_fault?/etc/keepalived/scripts/haproxy_fault.sh
notify_stop?/etc/keepalived/scripts/haproxy_stop.sh
} backup
!?Configuration?Fileforkeepalived
vrrp_script?chk_http_port?{
script"/etc/keepalived/scripts/check_haproxy.sh"
interval?2weight?2}
vrrp_instance?VI_1?{
state?BACKUP?#192.168.57.179上改為BACKUP
interface?eth0?#對外提供服務的網絡接口
virtual_router_id?51?#VRRP組名,兩個節點的設置必須一樣,以指明各個節點屬于同一VRRP組
priority?120?#數值愈大,優先級越高,backup上改為120
advert_int?1?#同步通知間隔
authentication?{?#包含驗證類型和驗證密碼。類型主要有PASS、AH兩種,通常使用的類型為PASS,據說AH使用時有問題
auth_type?PASS
auth_pass?1111}
track_script?{
chk_http_port?#調用腳本check_haproxy.sh檢查haproxy是否存活
}
virtual_ipaddress?{?#vip地址192.168.57.180?dev?eth0?scope?global
}
notify_master?/etc/keepalived/scripts/haproxy_master.sh
notify_backup?/etc/keepalived/scripts/haproxy_backup.sh
notify_fault?/etc/keepalived/scripts/haproxy_fault.sh
notify_stop?/etc/keepalived/scripts/haproxy_stop.sh
} vim?/etc/keepalived/scripts/check_haproxy.sh
#!/bin/bash STARTHAPROXY="/usr/local/haproxy/sbin/haproxy?-f?/usr/local/haproxy/haproxy.cfg" STOPKEEPALIVED="/etc/init.d/keepalived?stop" LOGFILE="/usr/local/keepalived/var/log/keepalived-haproxy-state.log" echo?"[check_haproxy?status]"?>>?$LOGFILE A=`ps?-C?haproxy?--no-header?|wc?-l`echo?"[check_haproxy?status]"?>>?$LOGFILE date?>>?$LOGFILEif?[?$A?-eq?0?];thenecho?$STARTHAPROXY?>>?$LOGFILE $STARTHAPROXY?>>?$LOGFILE?2>&1sleep?5 fiif?[?`ps?-C?haproxy?--no-header?|wc?-l`?-eq?0?];thenexit?0elseexit?1fi
vim?/etc/keepalived/scripts/haproxy_master.sh
#!bin`usrlocalhaproxysbinhaproxy?f?usrlocalhaproxy"usrlocalkeepalivedkeepalivedhaproxystate."??$LOGFILE??$LOGFILE??$LOGFILE??$LOGFILE??$LOGFILE??$LOGFILE
vim?/etc/keepalived/scripts/haproxy_backup.sh
#!/bin/bash
STARTHAPROXY=`/usr/local/haproxy/sbin/haproxy?-f?/usr/local/haproxy/haproxy.cfg`
STOPHAPROXY=`ps?-ef?|?grep?sbin/haproxy?|?grep?-v?grep?|?awk?'{print?$2}'|?xargs?kill?-s?9`
LOGFILE="/usr/local/keepalived/var/log/keepalived-haproxy-state.log"
echo?"[backup]"?>>?$LOGFILE
date?>>?$LOGFILE
echo?"Being?backup...."?>>?$LOGFILE?2>&1echo?"stop?haproxy...."?>>?$LOGFILE?2>&1$STOPHAPROXY?>>?$LOGFILE?2>&1echo?"start?haproxy...."?>>?$LOGFILE?2>&1$STARTHAPROXY?>>?$LOGFILE?2>&1echo?"haproxy?stared?..."?>>?$LOGFILE vim?/etc/keepalived/scripts/haproxy_fault.sh
#!/bin/bash LOGFILE=/usr/local/keepalived/var/log/keepalived-haproxy-state.logecho?"[fault]"?>>?$LOGFILE date?>>?$LOGFILE
vim /etc/keepalived/scripts/haproxy_stop.sh
#!/bin/bash LOGFILE=/usr/local/keepalived/var/log/keepalived-haproxy-state.logecho?"[stop]"?>>?$LOGFILE date?>>?$LOGFILE
?賦予腳本可執行權限
chmod?777?/etc/keepalived/scripts/*
將keepalived加入自啟動服務
chkconfig?--add?keepalivedchkconfig?--level?2345?keepalived?on--啟動服務service?keepalived?start
?
?
總結??
權威指南上面代碼部分好多處都存在問題,幾乎每一塊代碼都存在問題,有時候往往一個空格需要花很長的時間去找這個問題,所以在代碼方面要細心;特別是復制別人的代碼不要原本照抄最好是檢查一下,除了代碼本身的問題權限有時候也是容易忽略的錯誤,特別是可執行文件要注意是否有可執行權限。
?
