做电影网站需要的服务器配置,做游戏都需要什么网站吗,wordpress如何打开数据库,1 企业网站的一般内容是什么HaproxyKeepalived实现负载均衡HAProxy介绍反向代理服务器,支持双机热备支持虚拟主机,但其配置简单,拥有非常不错的服务器健康检查功能,当其代理的后端服务器出现故障, HAProxy会自动将该服务器摘除,故障恢复后再自动将该服务器加入新的1.3引入了frontend,backend#xff1b;f… HaproxyKeepalived实现负载均衡HAProxy介绍 反向代理服务器,支持双机热备支持虚拟主机,但其配置简单,拥有非常不错的服务器健康检查功能,当其代理的后端服务器出现故障, HAProxy会自动将该服务器摘除,故障恢复后再自动将该服务器加入新的1.3引入了frontend,backendfrontend根据任意 HTTP请求头内容做规则匹配,然后把请求定向到相关的backend. HAProxy 提供高可用性、负载均衡以及基于 TCP 和 HTTP 应用的代理,支持虚拟主机,它是免费、快速并且可靠的一种解决方案。HAProxy 特别适用于那些负载特大的 web 站点, 这些站点通常又需要会话保持或七层处理。HAProxy 运行在当前的硬件上,完全可以支持数以万计的并发连接。并且它的运行模式使得它可以很简单安全的整 合进您当前的架构中, 同时可以保护你的 web 服务器不被暴露到网络上。Keepalived 介绍 Keepalived 的作用是检测web服务器的状态如果有一台web服务器死机或工作出现故障Keepalived将检测到并将有故障的web服务器从系统中剔除 当web服务器工作正常后Keepalived自动将web服务器加入到服务器群中这些工作全部自动完成不需要人工干涉需要人工做的只是修复故障的 web服务器。 在上篇中我使用了nginx反向代理加上keepalived来达到双机主主模式的高可用。Haproxy也是一种反向代理的软件故本次实验也将实现 haproxy 加上 keepalived 来实现主主模式的高可用。一、环境说明 本次试验依旧使用的是2台 haproxy代理服务器 加上 keepalived后端为了方便使用apache来发布网页达到测试的目的。操作系统centos7 64位软件源阿里云2台服务器haproxy1、haproxy2安装 keepalived 和安装 haproxy 来反向代理2台服务器web1、web2安装 apache 来提供服务服务器的防火墙和selinux全部关闭haproxy1 IP192.168.163.166haproxy2 IP192.168.163.167nginx1 IP192.168.163.164nginx2 IP192.168.163.165虚拟IP192.168.163.100 和 192.168.163.200拓扑图如下二、环境安装先安装好web服务器1、首先为后端的2台web服务器安装apache[rootweb1 ~]# yum install -y httpd[rootweb2 ~]# yum install -y httpd2、修改web1的域名为img.xhk.com web2的域名为test.xhk.comServerName img.xhk.com:80ServerName test.xhk.com:803、创建各自的网页[rootweb1 ~]# echo web1 /var/www/html/index.html[rootweb2 ~]# echo web2 /var/www/html/index.html4、启动服务[rootweb1 ~]# systemctl start httpd[rootweb2 ~]# systemctl start httpd5、在Client修改hosts文件并测试网页[rootclient ~]# curl img.xhk.comweb1[rootclient ~]# curl test.xhk.comweb2 接下来就是安装haproxy服务器的 haproxy 和 keepalived1、为了方便在2台haproxy服务器都使用 yum 安装[roothaproxy ~]# yum install -y haproxy keepalived2、先修改haproxy文件[roothaproxy ~]# vim /etc/haproxy/haproxy.cfggloballog 127.0.0.1 local2chroot /var/lib/haproxypidfile /var/run/haproxy.pidmaxconn 4000user haproxygroup haproxydaemonstats socket /var/lib/haproxy/stats
defaultsmode httplog globaloption httplogoption dontlognulloption http-server-closeoption forwardfor except 127.0.0.0/8option redispatchretries 3timeout http-request 10stimeout queue 1mtimeout connect 10stimeout client 1mtimeout server 1mtimeout http-keep-alive 10stimeout check 10smaxconn 3000
frontend main *:80
option forwardfor except 127.0.0.0/8
rspadd X-via:\ haproxy/www.xhk.com
rspidel Server.* stats enable #在frontend添加监控页面stats uri /xhk?stats #自定义监控页面的urlstats realm Stats\ Page\ Area #去掉空格转译stats authxhk:xhk #配置帐号密码stats refresh 5s #每5s刷新一次监控页面stats hide-version #隐藏版本信息stats admin if TRUEmaxconn 10000 #定义最大并发为10000
acl url_img hdr(host) -i img.xhk.com
acl url_test hdr(host) -i test.xhk.com
use_backend img_web if url_img
use_backend test_web if url_test
backend img_web
balance roundrobin
server web1 192.168.163.164:80 check
backend test_web
balance roundrobin
server web2 192.168.163.165:80 check保存退出3、重启 haproxy 服务[roothaproxy haproxy]# systemctl restart haproxy[roothaproxy haproxy]# systemctl status haproxy● haproxy.service - HAProxy Load Balancer Loaded: loaded (/usr/lib/systemd/system/haproxy.service; disabled; vendor preset: disabled) Active: active (running) since Sat 2017-10-21 22:31:03 EDT; 5s ago Main PID: 2265 (haproxy-systemd) CGroup: /system.slice/haproxy.service ├─2265 /usr/sbin/haproxy-systemd-wrapper -f /etc/haproxy/haproxy.cfg -p /run/haproxy.pid ├─2266 /usr/sbin/haproxy -f /etc/haproxy/haproxy.cfg -p /run/haproxy.pid -Ds └─2267 /usr/sbin/haproxy -f /etc/haproxy/haproxy.cfg -p /run/haproxy.pid -DsOct 21 22:31:03 haproxy systemd[1]: Started HAProxy Load Balancer.Oct 21 22:31:03 haproxy systemd[1]: Starting HAProxy Load Balancer...Oct 21 22:31:03 haproxy haproxy-systemd-wrapper[2265]: haproxy-systemd-wrapper: executing /usr/sbin/haproxy -f /et... -DsHint: Some lines were ellipsized, use -l to show in full.访问 haproxy 自带的监控页面用户名密码为配置文件中设置的url为haproxy服务器的IP地址加上自定义的urlhttp://192.168.163.166/xhk?stats4、接下来安装keepalived[roothaproxy haproxy]# yum install -y keepalived5、编辑 keepalived 的配置文件[roothaproxy haproxy]# vim /etc/keepalived/keepalived.conf global_defs {notification_email { # 邮件接收者rootlocalhost}notification_email_from keepalivedlocalhost #邮件发送者smtp_server 127.0.0.1 #邮件服务器地址smtp_connect_timeout 30 #超时时限router_id xhk #此处注意router_id为负载均衡标识vrrp_mcast_group4 224.0.100.19 #添加ipv4的多播地址并确保多播功能启用
}vrrp_script check_haproxy { script /root/check_haproxy.sh #检测脚本该路径就是你脚本存放的位置interval 2 #每隔2秒钟检测一次# weight -2 #优先级减去2
}vrrp_instance VI_1 {state MASTER #状态只有MASTER和BACKUP两种interface ens32 #网络接口virtual_router_id 51 #虚拟路由标识priority 100 #优先级advert_int 1 #MASTER 与BACKUP 之间同步检查的时间间隔单位为秒authentication {auth_type PASS #验证authentication。包含验证类型和验证密码auth_pass xhk #AH 使用时有问题。验证密码为明文}virtual_ipaddress {192.168.163.100 dev ens32 #虚拟ip地址,可以有多个地址}track_script { #运行上面所写的检测脚本check_haproxy}
}vrrp_instance VI_2 {state BACKUPinterface ens32virtual_router_id 52priority 99advert_int 1authentication {auth_type PASSauth_pass 123456}virtual_ipaddress {192.168.163.200 dev ens32}track_script { check_haproxy}
}保存退出6、编写检测haproxy服务状态的脚本vim /root/check_haproxy.sh#!/bin/bashps -C haproxy -o pid
if [ $? ! 0 ];thensystemctl stop keepalived
fi添加执行权限[roothaproxy2 ~]# chmod x check_haproxy.sh 第二台 haproxy 服务器也执行上述这些操作不同的是 keepalived 配置文件下面贴出第二台 haproxy 的 keepalived [roothaproxy2 ~]# vim /etc/keepalived/keepalived.conf global_defs {notification_email { # 邮件接收者rootlocalhost}notification_email_from keepalivedlocalhost #邮件发送者smtp_server 127.0.0.1 #邮件服务器地址smtp_connect_timeout 30 #超时时限router_id xhk #此处注意router_id为负载均衡标识vrrp_mcast_group4 224.0.100.19 #添加ipv4的多播地址并确保多播功能启用
}vrrp_script check_haproxy { script /root/check_haproxy.sh #检测脚本interval 2 #每隔2秒钟检测一次# weight -2 #优先级减去2
}vrrp_instance VI_1 {state BACKUP #状态只有MASTER和BACKUP两种。interface ens32 #网络接口virtual_router_id 51 #虚拟路由标识priority 99 #优先级advert_int 1 #MASTER 与BACKUP 之间同步检查的时间间隔单位为秒。authentication {auth_type PASS #验证authenticationauth_pass xhk #AH 使用时有问题。验证密码为明文}virtual_ipaddress {192.168.163.100 dev ens32 #虚拟ip地址,可以有多个地址}track_script { #运行上面所写的检测脚本check_haproxy}
}vrrp_instance VI_2 {state MASTERinterface ens32virtual_router_id 52priority 100advert_int 1authentication {auth_type PASSauth_pass 123456}virtual_ipaddress {192.168.163.200 dev ens32}track_script { check_haproxy}
}不同之处也不过就是各个 instance 的优先级要互为主备7、开启 keepalived 服务[roothaproxy ~]# systemctl start keepalived[roothaproxy2 ~]# systemctl start keepalived查看keepalived状态 [roothaproxy ~]# systemctl status keepalived● keepalived.service - LVS and VRRP High Availability Monitor Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled) Active: active (running) since Sat 2017-10-21 22:44:46 EDT; 4min 5s ago Process: 2278 ExecStart/usr/sbin/keepalived $KEEPALIVED_OPTIONS (codeexited, status0/SUCCESS) Main PID: 2279 (keepalived) CGroup: /system.slice/keepalived.service ├─2279 /usr/sbin/keepalived -D ├─2280 /usr/sbin/keepalived -D └─2281 /usr/sbin/keepalived -DOct 21 22:45:04 haproxy Keepalived_vrrp[2281]: Sending gratuitous ARP on ens32 for 192.168.163.100Oct 21 22:45:06 haproxy Keepalived_vrrp[2281]: Sending gratuitous ARP on ens32 for 192.168.163.200Oct 21 22:45:06 haproxy Keepalived_vrrp[2281]: VRRP_Instance(VI_2) Sending/queueing gratuitous ARPs on ens32 for ...3.200Oct 21 22:45:06 haproxy Keepalived_vrrp[2281]: Sending gratuitous ARP on ens32 for 192.168.163.200Oct 21 22:45:06 haproxy Keepalived_vrrp[2281]: Sending gratuitous ARP on ens32 for 192.168.163.200Oct 21 22:45:06 haproxy Keepalived_vrrp[2281]: Sending gratuitous ARP on ens32 for 192.168.163.200Oct 21 22:45:06 haproxy Keepalived_vrrp[2281]: Sending gratuitous ARP on ens32 for 192.168.163.200Oct 21 22:45:36 haproxy Keepalived_vrrp[2281]: VRRP_Instance(VI_2) Received advert with higher priority 100, ours 99Oct 21 22:45:36 haproxy Keepalived_vrrp[2281]: VRRP_Instance(VI_2) Entering BACKUP STATEOct 21 22:45:36 haproxy Keepalived_vrrp[2281]: VRRP_Instance(VI_2) removing protocol VIPs.Hint: Some lines were ellipsized, use -l to show in full.[roothaproxy ~]# ip addr show1: lo: LOOPBACK,UP,LOWER_UP mtu 65536 qdisc noqueue state UNKNOWN qlen 1 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever2: ens32: BROADCAST,MULTICAST,UP,LOWER_UP mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:4a:86:70 brd ff:ff:ff:ff:ff:ff inet 192.168.163.166/24 brd 192.168.163.255 scope global ens32 valid_lft forever preferred_lft forever inet 192.168.163.100/32 scope global ens32 valid_lft forever preferred_lft forever inet6 fe80::20c:29ff:fe4a:8670/64 scope link valid_lft forever preferred_lft forever可以发现因为第一台服务器的 VI_1 的优先级高所以haproxy拿到了vip为192.168.163.100而 VI_2 的优先级低所以让 haproxy2 拿到了192.168.163.200自己降为backup三、测试环节在Client绑定域名让Client访问img.xhk.com、test.xhk.com 时分别去到192.168.163.100、192.168.163.200[rootclient ~]# cat /etc/hosts127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4::1 localhost localhost.localdomain localhost6 localhost6.localdomain6192.168.163.100 img.xhk.com test.xhk.com192.168.163.200 img.xhk.com test.xhk.com访问网页[rootclient ~]# curl img.xhk.comweb1[rootclient ~]# curl test.xhk.comweb2停掉第一台的haproxy服务[roothaproxy ~]# systemctl stop haproxy[roothaproxy ~]# systemctl status haproxy● haproxy.service - HAProxy Load Balancer Loaded: loaded (/usr/lib/systemd/system/haproxy.service; disabled; vendor preset: disabled) Active: inactive (dead)Oct 21 22:31:03 haproxy systemd[1]: Stopping HAProxy Load Balancer...Oct 21 22:31:03 haproxy haproxy-systemd-wrapper[2253]: haproxy-systemd-wrapper: SIGTERM - 2256.Oct 21 22:31:03 haproxy haproxy-systemd-wrapper[2253]: haproxy-systemd-wrapper: exit, haproxy RC0Oct 21 22:31:03 haproxy systemd[1]: Started HAProxy Load Balancer.Oct 21 22:31:03 haproxy systemd[1]: Starting HAProxy Load Balancer...Oct 21 22:31:03 haproxy haproxy-systemd-wrapper[2265]: haproxy-systemd-wrapper: executing /usr/sbin/haproxy -f /et... -DsOct 21 23:17:19 haproxy systemd[1]: Stopping HAProxy Load Balancer...Oct 21 23:17:19 haproxy haproxy-systemd-wrapper[2265]: haproxy-systemd-wrapper: SIGTERM - 2267.Oct 21 23:17:19 haproxy haproxy-systemd-wrapper[2265]: haproxy-systemd-wrapper: exit, haproxy RC0Oct 21 23:17:19 haproxy systemd[1]: Stopped HAProxy Load Balancer.Hint: Some lines were ellipsized, use -l to show in full.[roothaproxy ~]# systemctl status keepalived ● keepalived.service - LVS and VRRP High Availability Monitor Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled) Active: inactive (dead)Oct 21 22:45:06 haproxy Keepalived_vrrp[2281]: Sending gratuitous ARP on ens32 for 192.168.163.200Oct 21 22:45:06 haproxy Keepalived_vrrp[2281]: Sending gratuitous ARP on ens32 for 192.168.163.200Oct 21 22:45:36 haproxy Keepalived_vrrp[2281]: VRRP_Instance(VI_2) Received advert with higher priority 100, ours 99Oct 21 22:45:36 haproxy Keepalived_vrrp[2281]: VRRP_Instance(VI_2) Entering BACKUP STATEOct 21 22:45:36 haproxy Keepalived_vrrp[2281]: VRRP_Instance(VI_2) removing protocol VIPs.Oct 21 23:17:20 haproxy Keepalived[2279]: StoppingOct 21 23:17:20 haproxy systemd[1]: Stopping LVS and VRRP High Availability Monitor...Oct 21 23:17:20 haproxy Keepalived_vrrp[2281]: VRRP_Instance(VI_1) sent 0 priorityOct 21 23:17:20 haproxy Keepalived_vrrp[2281]: VRRP_Instance(VI_1) removing protocol VIPs.Oct 21 23:17:21 haproxy systemd[1]: Stopped LVS and VRRP High Availability Monitor.停掉第一台的 haproxy 之后keepalived的检测脚本检测到 haproxy 服务停止执行脚本停掉自身的keepalived进程查看第二台 haproxy 服务器haproxy2的keepalived状态[roothaproxy2 ~]# systemctl status keepalived● keepalived.service - LVS and VRRP High Availability Monitor Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled) Active: active (running) since Sat 2017-10-21 22:45:35 EDT; 35min ago Process: 2451 ExecStart/usr/sbin/keepalived $KEEPALIVED_OPTIONS (codeexited, status0/SUCCESS) Main PID: 2452 (keepalived) CGroup: /system.slice/keepalived.service ├─2452 /usr/sbin/keepalived -D ├─2453 /usr/sbin/keepalived -D └─2454 /usr/sbin/keepalived -DOct 21 23:17:21 haproxy2 Keepalived_vrrp[2454]: Sending gratuitous ARP on ens32 for 192.168.163.100[roothaproxy2 ~]# ip addr show1: lo: LOOPBACK,UP,LOWER_UP mtu 65536 qdisc noqueue state UNKNOWN qlen 1 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever2: ens32: BROADCAST,MULTICAST,UP,LOWER_UP mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:d5:fc:a2 brd ff:ff:ff:ff:ff:ff inet 192.168.163.167/24 brd 192.168.163.255 scope global dynamic ens32 valid_lft 1369sec preferred_lft 1369sec inet 192.168.163.200/32 scope global ens32 valid_lft forever preferred_lft forever inet 192.168.163.100/32 scope global ens32 valid_lft forever preferred_lft forever inet6 fe80::20c:29ff:fed5:fca2/64 scope link valid_lft forever preferred_lft forever2个VIP都已经漂移到 haproxy2 上进行网页访问[rootclient ~]# curl img.xhk.comweb1[rootclient ~]# curl test.xhk.comweb2实验成功 转载于:https://blog.51cto.com/xhk777/1975006
