[!Tip]
部署HAProxy+keepalived转载请注明来源:https://janrs.com/53n2
部署 HAPorxy + keepalived
1.开启 ip 转发
打开配置文件
vim /etc/sysctl.conf打开以下参数
net.ipv4.ip_forward = 1使配置生效
sysctl -p2.部署 HAProxy 以及 keepalived
2.1 安装
[!NOTE]
两台服务器都要安装
apt install keepalived haproxy -y开启开机启动
systemctl enable haproxy && systemctl enable keepalived开启服务
systemctl start haproxy && systemctl start keepalived2.2 添加用户组以及用户
[!NOTE]
两台服务器都要添加
groupadd -r keepalived_script
useradd -r -s /sbin/nologin -g keepalived_script -M keepalived_script2.3 配置 keepalived
刚安装完 keepalived 是没有配置文件的,查看 status 会提示没有配置文件
systemctl status keepalived显示如下
● keepalived.service - Keepalive Daemon (LVS and VRRP)
Loaded: loaded (/lib/systemd/system/keepalived.service; enabled; vendor preset: enabled)
Active: inactive (dead)
Condition: start condition failed at Mon 2023-02-13 02:32:22 EST; 8min ago
└─ ConditionFileNotEmpty=/etc/keepalived/keepalived.conf was not met
Feb 13 02:14:10 ha01 systemd[1]: Condition check resulted in Keepalive Daemon (LVS and VRRP) being skipped.
Feb 13 02:32:22 ha01 systemd[1]: Condition check resulted in Keepalive Daemon (LVS and VRRP) being skipped.2.3.1 添加检测 haproxy 进程的脚本文件
[!NOTE]
两台服务器都要添加
cat > /etc/keepalived/chk_haproxy.sh <<'EOF'
#!/bin/bash
count=$(ps -ef |grep haproxy |egrep -cv "grep|$$")
if [ "$count" -eq 0 ];
then
exit 1
else
exit 0
fi
EOF
chmod +x /etc/keepalived/chk_haproxy.sh2.3.2 添加 keepalived.conf 配置
2.3.2.1 添加 MASTER 主配置
cat > /etc/keepalived/keepalived.conf <<EOF
global_defs {
script_user root
enable_script_security
router_id ha01 # 虚拟路由名称
}
# HAProxy健康检查配置
vrrp_script chk_haproxy {
script "/etc/keepalived/chk_haproxy.sh" # 执行检测脚本
interval 2 # 脚本运行周期,秒
}
# 虚拟路由配置
vrrp_instance VI_1 {
state MASTER # 本机实例状态,MASTER/BACKUP,备机配置文件中请写BACKUP
interface ens192 # 本机网卡名称,使用ifconfig命令查看
virtual_router_id 51 # 虚拟路由编号,主备机保持一致
priority 101 # 本机初始权重,备机请填写小于主机的值(例如99)
advert_int 1 # 争抢虚地址的周期,秒
authentication {
auth_type PASS
auth_pass adminPWD # 认证类型和密码主备一样,要不然无法互相认证
}
virtual_ipaddress {
192.168.1.130 # 虚地址IP,主备机保持一致
}
track_script {
chk_haproxy # 对应的健康检查配置
}
}
EOF重启服务并查看是否有 vip
systemctl restart keepalived && ip a | grep 130显示如下即为 vip 已经设置成功
inet 192.168.1.130/32 scope global ens1922.3.2.2 添加 BACKUP 从配置
cat > /etc/keepalived/keepalived.conf <<EOF
global_defs {
script_user root
enable_script_security
router_id ha02 # 虚拟路由名称
}
# HAProxy健康检查配置
vrrp_script chk_haproxy {
script "/etc/keepalived/chk_haproxy.sh" # 执行检测脚本
interval 2 # 脚本运行周期,秒
}
# 虚拟路由配置
vrrp_instance VI_1 {
state BACKUP # 本机实例状态,MASTER/BACKUP,备机配置文件中请写BACKUP
interface ens192 # 本机网卡名称,使用ifconfig命令查看
virtual_router_id 51 # 虚拟路由编号,主备机保持一致
priority 100 # 本机初始权重,备机请填写小于主机的值(例如99)
advert_int 1 # 争抢虚地址的周期,秒
authentication {
auth_type PASS
auth_pass adminPWD # 认证类型和密码主备一样,要不然无法互相认证
}
virtual_ipaddress {
192.168.1.130 # 虚地址IP,主备机保持一致
}
track_script {
chk_haproxy # 对应的健康检查配置
}
}
EOF重启服务并查看状态
systemctl restart keepalived && systemctl status keepalived2.4 配置 haproxy
添加 haproxy.cnf配置, 打开配置文件
vim /etc/haproxy/haproxy.cfg追加以下配置
[!NOTE]
MyCat的ip地址以及端口根据自己的服务器配置修改
listen admin_status
bind :48800 ##VIP
stats uri /admin-status ##统计页面
stats auth admin:admin # 设置统计页面认证的用户和密码,如果要设置多个,另起一行写入即可
mode http
option httplog
listen allmycat_service
bind :33066 ##转发到 mycat 的 8066 端口,即 mycat 的服务端口
mode tcp
option tcplog
option tcpka ## 是否允许向server和client发送keepalive
option httpchk OPTIONS * HTTP/1.1\r\nHost:\ www
balance roundrobin
server mycat01 192.168.1.141:8066 check port 48700 inter 5s rise 2 fall 3
server mycat02 192.168.1.142:8066 check port 48700 inter 5s rise 2 fall 3
#srvtimeout 20000
timeout server 20000重启
systemctl restart haproxy查看状态
systemctl status haproxy查看管理界面,打开地址:192.168.1.130:48800/admin-status 输入账号密码,都是:admin。截图如下:
3.测试
3.1 测试高可用
测试 vip 是否有漂移参考:(https://janrs.com/?p=60#toc-23)
3.2 测试连接数据库
使用 vip 地址连接数据库,能够连接得上即可
mysql -u john -p -h 192.168.1.130 -P 33066
文章评论
这是我见过最牛逼的教程
让它融入
@匿名 ?