基于Keepalived+Haproxy搭建四层负载均衡器
基于Keepalived+Haproxy搭建四层负载均衡器
一、前言
Haproxy是稳定、高性能、高可用性的负载均衡解决方案,支持HTTP及TCP代理后端服务器池,因支持强大灵活的7层acl规则,广泛作为HTTP反向代理。本文则详细介绍如何利用它的四层交换与Keepalived实现一个负载均衡器,适用于Socket、ICE、Mail、Mysql、私有通讯等任意TCP服务。系统架构图如下:
二、平台环境
引用
OS:Centos5.4(64X)
MASTER:192.168.0.20
BACKUP:192.168.0.21
VIP:192.168.0.100
Serivce Port:11231
三、平台安装配置
1、添加非本机IP邦定支持
引用
#vi /etc/sysctl.conf
net.ipv4.ip_nonlocal_bind=1
#sysctl –p
2、配置平台日志支持
引用
#vi /etc/syslog.conf
添加:
local3.* /var/log/haproxy.log
local0.* /var/log/haproxy.log
#vi /etc/sysconfig/syslog
修改:
SYSLOGD_OPTIONS="-r -m 0"
#/etc/init.d/syslog restart
3、关闭SELINUX
引用
vi /etc/sysconfig/selinux
修改:
SELINUX=disabled
#setenforce 0
4、配置iptables,添加VRRP通讯支持
引用
iptables -A INPUT -d 224.0.0.18 -j ACCEPT
5、Keepalived的安装、配置
引用
#mkdir -p /home/install/keepalivedha
#cd /home/install/keepalivedha
#wget http://www.keepalived.org/software/keepalived-1.2.2.tar.gz
#tar zxvf keepalived-1.2.2.tar.gz
#cd keepalived-1.2.2
#./configure
#make && make install
引用
#cp /usr/local/etc/rc.d/init.d/keepalived /etc/rc.d/init.d/
#cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/
#mkdir /etc/keepalived
#cp /usr/local/etc/keepalived/keepalived.conf /etc/keepalived/
#cp /usr/local/sbin/keepalived /usr/sbin/
#vi /etc/keepalived/keepalived.conf
view plaincopy to clipboardprint?
! Configuration File for keepalived
global_defs {
notification_email {
liutiansi@gmail.com
}
notification_email_from liutiansi@gmail.com
smtp_connect_timeout 3
smtp_server 127.0.0.1
router_id LVS_DEVEL
}
vrrp_script chk_haproxy {
script "killall -0 haproxy"
interval 2
weight 2
}
vrrp_instance VI_1 {
interface eth1
state MASTER # 从为"BACKUP"
priority 101 # 从为100
virtual_router_id 50 #路由ID,可通过#tcpdump vrrp查看。
garp_master_delay 1 #主从切换时间,单位为秒。
authentication {
auth_type PASS
auth_pass KJj23576hYgu23IP
}
track_interface {
eth0
eth1
}
virtual_ipaddress {
192.168.0.100
}
track_script {
chk_haproxy
}
#状态通知
notify_master "/etc/keepalived/Mailnotify.py master"
notify_backup "/etc/keepalived/Mailnotify.py backup"
notify_fault "/etc/keepalived/Mailnotify.py fault"
}
! Configuration File for keepalived
global_defs {
notification_email {
liutiansi@gmail.com
}
notification_email_from liutiansi@gmail.com
smtp_connect_timeout 3
smtp_server 127.0.0.1
router_id LVS_DEVEL
}
vrrp_script chk_haproxy {
script "killall -0 haproxy"
interval 2
weight 2
}
vrrp_instance VI_1 {
interface eth1
state MASTER # 从为"BACKUP"
priority 101 # 从为100
virtual_router_id 50 #路由ID,可通过#tcpdump vrrp查看。
garp_master_delay 1 #主从切换时间,单位为秒。
authentication {
auth_type PASS
auth_pass KJj23576hYgu23IP
}
track_interface {
eth0
eth1
}
virtual_ipaddress {
192.168.0.100
}
track_script {
chk_haproxy
}
#状态通知
notify_master "/etc/keepalived/Mailnotify.py master"
notify_backup "/etc/keepalived/Mailnotify.py backup"
notify_fault "/etc/keepalived/Mailnotify.py fault"
}
6、Haproxy的安装与配置
引用
#cd /home/install/keepalivedha
#wget http://haproxy.1wt.eu/download/1.4/src/haproxy-1.4.11.tar.gz
#tar -zxvf haproxy-1.4.11.tar.gz
#cd haproxy-1.4.11
#make install
#mkdir -p /usr/local/haproxy/etc
#mkdir -p /usr/local/haproxy/sbin
#cp examples/haproxy.cfg /usr/local/haproxy/etc
#ln -s /usr/local/sbin/haproxy /usr/local/haproxy/sbin/haproxy
#vi /usr/local/haproxy/etc/haproxy.cfg
view plaincopy to clipboardprint?
# this config needs haproxy-1.1.28 or haproxy-1.2.1
global
# log 127.0.0.1 local0
log 127.0.0.1 local1 notice
maxconn 5000
uid 99
gid 99
daemon
pidfile /usr/local/haproxy/haproxy.pid
defaults
log global
mode http
评论暂时关闭