Shulou(Shulou.com)06/01 Report--

Overview

This chapter focuses on configuring HaProxy+Keepalived high-availability clusters. The configuration of Mycat will not be introduced here. You can refer to my previous articles on Mycat.

Deployment diagram:

Configuration

HaProxy installation

The steps for installing haproxy on the two servers are the same.

-- create haproxy user useradd haproxy-- after decompression, enter the haproxy directory, cd haproxy-1.4.25/--, compile and install make TARGET=linux26 PREFIX=/usr/local/haproxy ARCH=x86_64make install PREFIX=/usr/local/haproxy

HaProxy configuration

Cd / usr/local/haproxytouch haproxy.cfgvim haproxy.cfg

Global

Log 127.0.0.1 local0 # # logging function

Maxconn 4096

Chroot / usr/local/haproxy

User haproxy

Group haproxy

Daemon

Defaults

Log global

Option dontlognull

Retries 3

Option redispatch

Maxconn 2000

Contimeout 5000

Clitimeout 50000

Srvtimeout 50000

Listen admin_stats 192.168.57.180 purl 48800 # # Statistics page

Stats uri / admin-status

Stats auth admin:admin

Mode http

Option httplog

Listen mycat_service 192.168.57.180 vip 18066 # # client connects to the port through this ip, and this vip is bound to the port mycat8066 port

Mode tcp

Option tcplog

Option httpchk OPTIONS * HTTP/1.1\ r\ nHost:\ www

Balance roundrobin

Server mycat_181 192.168.57.181:8066 check port 48700 inter 5s rise 2 fall 3

Server mycat_179 192.168.57.179:8066 check port 48700 inter 5s rise 2 fall 3

Srvtimeout 20000

Listen mycat_admin 192.168.57.180 vip 19066 # # client connects to the port through this vip, which binds to the port

Mode tcp

Option tcplog

Option httpchk OPTIONS * HTTP/1.1\ r\ nHost:\ www

Balance roundrobin

Server mycat_181 192.168.57.181:9066 check port 48700 inter 5s rise 2 fall 3

Server mycat_179 192.168.57.179:9066 check port 48700 inter 5s rise 2 fall 3

Srvtimeout 20000

Configure the haproxy logging feature

Yum-y install rsyslogmkdir / etc/rsyslog.dcd / etc/rsyslog.d/touch haproxy.confvim haproxy.conf

$ModLoad imudp$UDPServerRun 514local0.* / var/log/haproxy.log

Vim / etc/rsyslog.conf

Add the following to the line # RULES # above

# Include all config files in / etc/rsyslog.d/$IncludeConfig / etc/rsyslog.d/*.conf

Add the following under local7.* / var/log/boot.log

Local0.* / var/log/haproxy.log

Restart the rsyslog service

Service rsyslog restart

Add rsyslog to the auto-start service

Chkconfig-add rsyslogchkconfig-level 2345 rsyslog on

Configure to listen for the survival of mycat

Install the xinetd plug-in

Yum install xinetd-ycd etc

Service mycat_status {flags = REUSEsocket_type = streamport = 48700wait = nouser = nobodyserver = / usr/local/bin/mycat_statuslog_on_failure + = USERIDdisable = no}

Create a xinetd startup service script

Vim / usr/local/bin/mycat_status

#! / bin/bash#/usr/local/bin/mycat_status.sh# This script checks if a mycat server is healthy running on localhost. It will# return:## "HTTP/1.x 200 OK\ r" (if mycat is running smoothly) # # "HTTP/1.x 503 Internal Server Error\ r" (else) mycat= `/ usr/local/mycat/bin/mycat status | grep 'not running' | wc-l`if ["$mycat" = "0"]; then/bin/echo-e "HTTP/1.1 200 OK\ r\ n" else/bin/echo-e "HTTP/1.1 503 Service Unavailable\ r\ n" fi

Modify script file permissions

I was cheated here for a long time. According to the authoritative guide, there are a lot of problems with the content of the mycat_status script, and there are no spaces in several places.

Chmod 777 / usr/local/bin/mycat_statuschmod 777 / etc/xinetd.d/mycat_status

Add the startup script to the service

Vim / etc/services

Add at the end

Mycat_status 48700/tcp # mycat_status

Restart the xinetd service

Service xinetd restart

Add xinetd to the self-startup service

Chkconfig-add xinetdchkconfig-level 2345 xinetd on

Page testing

Http://192.168.57.180:48800/admin-status

Because 179 is not installed yet, 179 shows that the connection failed

Create a haproxy start and stop script

Startup script

Touch / usr/local/haproxy/sbin/startchmod + x / usr/local/haproxy/sbin/startvim / usr _ license _ localCharger haproxyash _ startstartstartCharger _

Close script

Touch / usr/local/haproxy/sbin/stopchmod + x / usr/local/haproxy/sbin/stopvim / usr grep grep haproxyqqxr _ ef _ grep sbin/haproxy | grep-v _ grep | awk'{print $2}'| xargs kill-s 9.

Authorization

Chown-R haproxy.haproxy / usr/local/haproxy/*

Keepalived installation steps

The installation procedure for keepalived is the same on both servers except for a slight difference in the keepalived.conf configuration file.

Openssl installation

. / config-- prefix=/usr/local/openssl./config-tmake dependmakemake testmake installln-s / usr/local/openssl / usr/local/sslvim / etc/ld.so.conf

Add the following at the end of the file

/ usr/local/openssl/lib

Modify environment variabl

Vim / etc/profile

Add the following at the end of the file

Export OPENSSL=/usr/local/openssl/binexport PATH=$PATH:$OPENSSL

Make the environment variable take effect immediately

Source / etc/profile

Install openssl-devel

Yum install openssl-devel-y

test

Ldd / usr/local/openssl/bin/opensslvdso.so. (lib64libdl.so. (lib64libc.so. (lib64ldlinuxx86.so. (which openssl/usr/bin/opensslopenssl versionOpenSSL 1.0.0-fips 29 Mar 2010

Keepalived installation

. / configure-- prefix=/usr/local/keepalivedmakemake installcp / usr/local/keepalived/sbin/keepalived / usr/sbin/cp / usr/local/keepalived/etc/sysconfig/keepalived / etc/sysconfig/cp / usr/local/keepalived/etc/rc.d/init.d/keepalived / etc/init.d/mkdir / etc/keepalivedcd / etc/keepalived/cp / usr/local/keepalived/etc/keepalived/keepalived.conf / etc/keepalivedmkdir-p / usr/local/keepalived/var/log

Create configuration files and scripts

Mkdir etckeepalivedscriptscd / etc/keepalived/scripts

Vim / etc/keepalived/keepalived.conf

Master

! Configuration Fileforkeepalivedvrrp_script chk_http_port {script "/ etc/keepalived/scripts/check_haproxy.sh" interval 2weight 2} vrrp_instance VI_1 {state MASTER # 192.168.57.179 is changed to the group name of virtual_router_id 51 # VRRP, the network interface that provides services to BACKUPinterface eth0 #. The settings of the two nodes must be the same to indicate that each node belongs to the same VRRP group, the larger the value. The higher the priority, the backup is changed to 120advert_int 1 # synchronization notification interval authentication {# contains the authentication type and password. There are two main types: PASS and AH. The commonly used type is PASS. It is said that there are problems with the use of AH. Auth_type PASSauth_pass 1111} track_script {chk_http_port # call script check_haproxy.sh to check whether haproxy survives} virtual_ipaddress {# vip address The haproxy configuration uses the VIP192.168.57.180 dev eth0 scope global} notify_master / etc/keepalived/scripts/haproxy_master.shnotify_backup / etc/keepalived/scripts/haproxy_backup.shnotify_fault / etc/keepalived/scripts/haproxy_fault.shnotify_stop / etc/keepalived/scripts/haproxy_stop.sh} configured here.

Backup

! Configuration Fileforkeepalivedvrrp_script chk_http_port {script "/ etc/keepalived/scripts/check_haproxy.sh" interval 2weight 2} vrrp_instance VI_1 {state BACKUP # 192.168.57.179 is changed to the group name of virtual_router_id 51 # VRRP, the network interface that provides services to BACKUPinterface eth0 #. The settings of the two nodes must be the same to indicate that each node belongs to the same VRRP group, the larger the value. The higher the priority, the backup is changed to 120advert_int 1 # synchronization notification interval authentication {# contains the authentication type and password. There are two main types: PASS and AH, and the commonly used type is PASS. It is said that there is a problem with the use of AH auth_type PASSauth_pass 1111} track_script {chk_http_port # call script check_haproxy.sh to check whether haproxy is alive} virtual_ipaddress {# vip address 192.168.57.180 dev eth0 scope global} notify_master / etc/keepalived/scripts/haproxy_master.shnotify_backup / etc/keepalived/scripts/haproxy_backup.shnotify_fault / etc/keepalived/scripts/haproxy_fault.shnotify_stop / etc/keepalived/scripts/haproxy_stop.sh}

Vim / etc/keepalived/scripts/check_haproxy.sh

#! / bin/bashSTARTHAPROXY= "/ usr/local/haproxy/sbin/haproxy-f / usr/local/haproxy/haproxy.cfg" STOPKEEPALIVED= "/ etc/init.d/keepalived stop" LOGFILE= "/ usr/local/keepalived/var/log/keepalived-haproxy-state.log" echo "[check_haproxy status]" > > $LOGFILEA= `ps-C haproxy--no-header | wc-l`echo "[check_haproxy status]" > $LOGFILEdate > > $LOGFILEif [$A-eq 0]; thenecho $STARTHAPROXY > > $LOGFILE$STARTHAPROXY > > $LOGFILE 2 > & 1sleep 5fiif [`ps-C haproxy--no-header | wc-l`-eq 0] Thenexit 0elseexit 1fi

Vim / etc/keepalived/scripts/haproxy_master.sh

#! bin`usrlocalhaproxysbinhaproxy f usrlocalhaproxy "usrlocalkeepalivedkeepalivedhaproxystate." $LOGFILE $LOGFILE

Vim / etc/keepalived/scripts/haproxy_backup.sh

#! / bin/bashSTARTHAPROXY= `/ usr/local/haproxy/sbin/haproxy-f / usr/local/haproxy/ haproxy.cfg`STOPHAPROXY = `ps-ef | grep sbin/haproxy | grep-v grep | awk'{print $2}'| xargs kill-s 9`LOGFILE = "/ usr/local/keepalived/var/log/keepalived-haproxy-state.log" echo "[backup]" > > $LOGFILEdate > > $LOGFILEecho "Being backup...." > $LOGFILE 2 > & 1echo "stop haproxy...." > > $LOGFILE 2 > & 1$ STOPHAPROXY > > $LOGFILE 2 > & 1echo "start haproxy.. .. "> > $LOGFILE 2 > & 1$ STARTHAPROXY > > $LOGFILE 2 > & 1echo" haproxy stared. "> > $LOGFILE

Vim / etc/keepalived/scripts/haproxy_fault.sh

#! / bin/bashLOGFILE=/usr/local/keepalived/var/log/keepalived-haproxy-state.logecho "[fault]" > > $LOGFILEdate > > $LOGFILE

Vim / etc/keepalived/scripts/haproxy_stop.sh

#! / bin/bashLOGFILE=/usr/local/keepalived/var/log/keepalived-haproxy-state.logecho "[stop]" > > $LOGFILEdate > > $LOGFILE

Give executable permissions to the script

Chmod 777 / etc/keepalived/scripts/*

Add keepalived to the self-startup service

Chkconfig-- add keepalivedchkconfig-- level 2345 keepalived on-- launch Service service keepalived start

Summary

There are problems in many parts of the code above in the authoritative guide, almost every piece of code has a problem, sometimes a space takes a long time to find this problem, so be careful in the code In particular, the best way to copy other people's code is to check it. In addition to the problem permissions of the code itself, it is sometimes easy to ignore errors, especially executable files to pay attention to whether there are executable permissions.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.