十年网站开发经验 + 多家企业客户 + 靠谱的建站团队
量身定制 + 运营维护+专业推广+无忧售后,网站问题一站解决
本章节主要介绍配置HaProxy+Keepalived高可用群集,Mycat的配置就不在这里做介绍,可以参考我前面写的几篇关于Mycat的文章。
创新互联公司于2013年开始,先为同德等服务建站,同德等地企业,进行企业商务咨询服务。为同德企业网站制作PC+手机+微官网三网同步一站式服务解决您的所有建站问题。部署图:
HaProxy安装
181和179两台服务器安装haproxy的步骤一致
--创建haproxy用户 useradd haproxy--解压完后进入haproxy目录 cd haproxy-1.4.25/ --编译安装 make TARGET=linux26 PREFIX=/usr/local/haproxy ARCH=x86_64 make install PREFIX=/usr/local/haproxy
HaProxy配置
cd /usr/local/haproxy touch haproxy.cfg vim haproxy.cfg
global
log 127.0.0.1 local0 ##记日志的功能
maxconn 4096
chroot /usr/local/haproxy
user haproxy
group haproxy
daemon
defaults
log global
option dontlognull
retries 3
option redispatch
maxconn 2000
contimeout 5000
clitimeout 50000
srvtimeout 50000
listen admin_stats 192.168.57.180:48800 ##统计页面
stats uri /admin-status
stats auth admin:admin
mode http
option httplog
listen mycat_service 192.168.57.180:18066 ##客户端就是通过这个ip和端口进行连接,这个vip和端口绑定的是mycat8066端口
mode tcp
option tcplog
option httpchk OPTIONS * HTTP/1.1\r\nHost:\ www
balance roundrobin
server mycat_181 192.168.57.181:8066 check port 48700 inter 5s rise 2 fall 3
server mycat_179 192.168.57.179:8066 check port 48700 inter 5s rise 2 fall 3
srvtimeout 20000
listen mycat_admin 192.168.57.180:19066 ##客户端就是通过这个ip和端口进行连接,这个vip和端口绑定的是mycat9066端口
mode tcp
option tcplog
option httpchk OPTIONS * HTTP/1.1\r\nHost:\ www
balance roundrobin
server mycat_181 192.168.57.181:9066 check port 48700 inter 5s rise 2 fall 3
server mycat_179 192.168.57.179:9066 check port 48700 inter 5s rise 2 fall 3
srvtimeout 20000
配置haproxy记录日志功能
yum –y install rsyslog mkdir /etc/rsyslog.d cd /etc/rsyslog.d/ touch haproxy.conf vim haproxy.conf
$ModLoad imudp $UDPServerRun 514local0.* /var/log/haproxy.log
vim /etc/rsyslog.conf
在#### RULES ####上面一行加入以下内容
# Include all config files in /etc/rsyslog.d/$IncludeConfig /etc/rsyslog.d/*.conf
在local7.* /var/log/boot.log下面加入以下内容
local0.* /var/log/haproxy.log
重启rsyslog服务
service rsyslog restart
将rsyslog加入自动启动服务
chkconfig --add rsyslogchkconfig --level 2345 rsyslog on
配置监听mycat是否存活
安装xinetd插件
yum install xinetd -y
cd etc
service mycat_status { flags = REUSE socket_type = stream port = 48700wait = nouser = nobody server =/usr/local/bin/mycat_status log_on_failure += USERID disable = no }
创建xinetd启动服务脚本
vim /usr/local/bin/mycat_status
#!/bin/bash #/usr/local/bin/mycat_status.sh # This script checks if a mycat server is healthy running on localhost. It will # return: # # "HTTP/1.x 200 OK\r" (if mycat is running smoothly) # # "HTTP/1.x 503 Internal Server Error\r" (else) mycat=`/usr/local/mycat/bin/mycat status |grep 'not running'| wc -l`if [ "$mycat" = "0" ];then/bin/echo -e "HTTP/1.1 200 OK\r\n"else/bin/echo -e "HTTP/1.1 503 Service Unavailable\r\n" fi
修改脚本文件权限
我就是在这里被坑了很久,根据权威指南上面mycat_status这个脚本里面的内容也有很多问题,好几个地方没有空格.
chmod 777 /usr/local/bin/mycat_status chmod 777 /etc/xinetd.d/mycat_status
将启动脚本加入服务
vim /etc/services
在末尾加入
mycat_status 48700/tcp # mycat_status
重启xinetd服务
service xinetd restart
将xinetd加入自启动服务
chkconfig --add xinetdchkconfig --level 2345 xinetd on
页面测试
http://192.168.57.180:48800/admin-status
由于179还没有安装好,所以这里179显示连接失败
创建haproxy启停脚本
启动脚本
touch /usr/local/haproxy/sbin/start chmod +x /usr/local/haproxy/sbin/start vim /usr/local/haproxy/sbin/start
#!/bin/sh/usr/local/haproxy/sbin/haproxy -f /usr/local/haproxy/haproxy.cfg &
关闭脚本
touch /usr/local/haproxy/sbin/stop chmod +x /usr/local/haproxy/sbin/stop vim /usr/local/haproxy/sbin/stop
#!/bin/sh ps -ef | grep sbin/haproxy | grep -v grep |awk '{print $2}'|xargs kill -s 9
授权
chown -R haproxy.haproxy /usr/local/haproxy/*
Keepalived安装步骤
keepalived的安装步骤过程在两台服务器上除了keepalived.conf配置文件稍微有点区别外其他的地方都一致。
openssl安装
./config --prefix=/usr/local/openssl./config -t make depend make make test make install ln -s /usr/local/openssl /usr/local/ssl vim /etc/ld.so.conf
在文件末尾加入以下内容
/usr/local/openssl/lib
修改环境变量
vim /etc/profile
在文件末尾加入以下内容
export OPENSSL=/usr/local/openssl/bin export PATH=$PATH:$OPENSSL
使环境变量立刻生效
source /etc/profile
安装openssl-devel
yum install openssl-devel -y
测试
ldd /usr/local/openssl/bin/openssl
vdso.so. ( lib64libdl.so. ( lib64libc.so. (lib64ldlinuxx86.so. (
which openssl
/usr/bin/openssl
openssl version
OpenSSL 1.0.0-fips 29 Mar 2010
keepalived安装
./configure --prefix=/usr/local/keepalivedmake make install cp /usr/local/keepalived/sbin/keepalived /usr/sbin/cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/mkdir /etc/keepalived cd /etc/keepalived/cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived mkdir -p /usr/local/keepalived/var/log
创建配置文件和脚本
mkdir etckeepalivedscripts cd /etc/keepalived/scripts
vim /etc/keepalived/keepalived.conf
master
! Configuration Fileforkeepalived vrrp_script chk_http_port { script"/etc/keepalived/scripts/check_haproxy.sh" interval 2weight 2} vrrp_instance VI_1 { state MASTER #192.168.57.179上改为BACKUP interface eth0 #对外提供服务的网络接口 virtual_router_id 51 #VRRP组名,两个节点的设置必须一样,以指明各个节点属于同一VRRP组 priority 150 #数值愈大,优先级越高,backup上改为120 advert_int 1 #同步通知间隔 authentication { #包含验证类型和验证密码。类型主要有PASS、AH两种,通常使用的类型为PASS,据说AH使用时有问题 auth_type PASS auth_pass 1111} track_script { chk_http_port #调用脚本check_haproxy.sh检查haproxy是否存活 } virtual_ipaddress { #vip地址,haproxy配置的使用的就是这里配置的VIP192.168.57.180 dev eth0 scope global } notify_master /etc/keepalived/scripts/haproxy_master.sh notify_backup /etc/keepalived/scripts/haproxy_backup.sh notify_fault /etc/keepalived/scripts/haproxy_fault.sh notify_stop /etc/keepalived/scripts/haproxy_stop.sh }
backup
! Configuration Fileforkeepalived vrrp_script chk_http_port { script"/etc/keepalived/scripts/check_haproxy.sh" interval 2weight 2} vrrp_instance VI_1 { state BACKUP #192.168.57.179上改为BACKUP interface eth0 #对外提供服务的网络接口 virtual_router_id 51 #VRRP组名,两个节点的设置必须一样,以指明各个节点属于同一VRRP组 priority 120 #数值愈大,优先级越高,backup上改为120 advert_int 1 #同步通知间隔 authentication { #包含验证类型和验证密码。类型主要有PASS、AH两种,通常使用的类型为PASS,据说AH使用时有问题 auth_type PASS auth_pass 1111} track_script { chk_http_port #调用脚本check_haproxy.sh检查haproxy是否存活 } virtual_ipaddress { #vip地址192.168.57.180 dev eth0 scope global } notify_master /etc/keepalived/scripts/haproxy_master.sh notify_backup /etc/keepalived/scripts/haproxy_backup.sh notify_fault /etc/keepalived/scripts/haproxy_fault.sh notify_stop /etc/keepalived/scripts/haproxy_stop.sh }
vim /etc/keepalived/scripts/check_haproxy.sh
#!/bin/bash STARTHAPROXY="/usr/local/haproxy/sbin/haproxy -f /usr/local/haproxy/haproxy.cfg" STOPKEEPALIVED="/etc/init.d/keepalived stop" LOGFILE="/usr/local/keepalived/var/log/keepalived-haproxy-state.log" echo "[check_haproxy status]" >> $LOGFILE A=`ps -C haproxy --no-header |wc -l`echo "[check_haproxy status]" >> $LOGFILE date >> $LOGFILEif [ $A -eq 0 ];thenecho $STARTHAPROXY >> $LOGFILE $STARTHAPROXY >> $LOGFILE 2>&1sleep 5 fiif [ `ps -C haproxy --no-header |wc -l` -eq 0 ];thenexit 0elseexit 1fi
vim /etc/keepalived/scripts/haproxy_master.sh
#!bin`usrlocalhaproxysbinhaproxy f usrlocalhaproxy"usrlocalkeepalivedkeepalivedhaproxystate." $LOGFILE $LOGFILE $LOGFILE $LOGFILE $LOGFILE $LOGFILE
vim /etc/keepalived/scripts/haproxy_backup.sh
#!/bin/bash STARTHAPROXY=`/usr/local/haproxy/sbin/haproxy -f /usr/local/haproxy/haproxy.cfg` STOPHAPROXY=`ps -ef | grep sbin/haproxy | grep -v grep | awk '{print $2}'| xargs kill -s 9` LOGFILE="/usr/local/keepalived/var/log/keepalived-haproxy-state.log" echo "[backup]" >> $LOGFILE date >> $LOGFILE echo "Being backup...." >> $LOGFILE 2>&1echo "stop haproxy...." >> $LOGFILE 2>&1$STOPHAPROXY >> $LOGFILE 2>&1echo "start haproxy...." >> $LOGFILE 2>&1$STARTHAPROXY >> $LOGFILE 2>&1echo "haproxy stared ..." >> $LOGFILE
vim /etc/keepalived/scripts/haproxy_fault.sh
#!/bin/bash LOGFILE=/usr/local/keepalived/var/log/keepalived-haproxy-state.logecho "[fault]" >> $LOGFILE date >> $LOGFILE
vim /etc/keepalived/scripts/haproxy_stop.sh
#!/bin/bash LOGFILE=/usr/local/keepalived/var/log/keepalived-haproxy-state.logecho "[stop]" >> $LOGFILE date >> $LOGFILE
赋予脚本可执行权限
chmod 777 /etc/keepalived/scripts/*
将keepalived加入自启动服务
chkconfig --add keepalivedchkconfig --level 2345 keepalived on--启动服务service keepalived start
权威指南上面代码部分好多处都存在问题,几乎每一块代码都存在问题,有时候往往一个空格需要花很长的时间去找这个问题,所以在代码方面要细心;特别是复制别人的代码不要原本照抄最好是检查一下,除了代码本身的问题权限有时候也是容易忽略的错误,特别是可执行文件要注意是否有可执行权限。
另外有需要云服务器可以了解下创新互联cdcxhl.cn,海内外云服务器15元起步,三天无理由+7*72小时售后在线,公司持有idc许可证,提供“云服务器、裸金属服务器、高防服务器、香港服务器、美国服务器、虚拟主机、免备案服务器”等云主机租用服务以及企业上云的综合解决方案,具有“安全稳定、简单易用、服务可用性高、性价比高”等特点与优势,专为企业上云打造定制,能够满足用户丰富、多元化的应用场景需求。