<b>背景:</b>
最近為一傳統行業客戶部署阿裡中間件的過程中,需要使用負載均衡技術,最初計劃使用lvs的dr模式,但考慮到使用lvs dr+keepalived模式 配置較為複雜,伺服器數量較多,需要在後端伺服器上做vip綁定和arp抑制操作,後期維護困難,還有windows系統,而且使用者對linux系統不熟悉。後來準備使用lvs的nat模式,因為nat模式不需要對後端伺服器做修改,可是nat模式對網絡結構有要求,我們不能改變使用者的網絡結構。于是使用了haproxy的反向代理功能。與keepalived做高可用使用了負載的功能。
<b>1 安裝haproxy</b>
yum install haproxy –y
rpm -ql haproxy
/etc/haproxy
/etc/haproxy/haproxy.cfg
/etc/logrotate.d/haproxy
/etc/rc.d/init.d/haproxy
/usr/bin/halog
/usr/sbin/haproxy
<b>2 haproxy主要配置</b>
#---------------------------------------------------------------------
# main frontend which proxys to the backends
frontend address
bind 10.6.68.200:8080
mode tcp
default_backend address-rs
frontend diamond
bind 10.6.68.201:8080
default_backend diamond-rs
frontend dauth-80
bind 10.6.68.202:80
default_backend dauth-80-rs
frontend dauth-443
bind 10.6.68.202:443
default_backend dauth-443-rs
………………
# static backend for serving up images, stylesheets and such
backend address-rs
balance roundrobin
server server 10.6.68.101:8080 check
server server 10.6.68.102:8080 check
backend diamond-rs
server server 10.6.68.126:8080 check
server server 10.6.68.127:8080 check
server server 10.6.68.128:8080 check
backend dauth-80-rs
server server 10.6.68.124:80 check
server server 10.6.68.125:80 check
backend dauth-443-rs
server server 10.6.68.124:443 check
server server 10.6.68.125:443 check
……………………
<b>3 keepalived 配置</b>
[root@haproxy01 keepalived]# cat keepalived.conf
! configuration file for keepalived
global_defs {
notification_email {
}
router_id haproxy01
}
vrrp_script chk_http_port {
script "/etc/keepalived/check_haproxy.sh"
interval 2
weight 2
vrrp_instance vi_1 {
state master
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type pass
auth_pass ……
}
track_script {
chk_http_port
}
virtual_ipaddress {
10.6.68.200
10.6.68.201
10.6.68.202
…………
[root@haproxy 02 keepalived]# cat keepalived.conf
router_id haproxy02
state backup
priority 90
track_script {
10.6.68.200/24
10.6.68.201/24
10.6.68.202/24
………
<b>4 haproxy的檢測腳本--判斷haproxy是否是存活的。</b>
vim check_haproxy.sh
#!/bin/bash
if [ $(ps -c haproxy --no-header | wc -l) -eq 0 ]; then
/etc/init.d/haproxy restart &>/dev/null
fi
sleep 2