高可用Web架构Keepalived+Haproxy

此篇文章比较适合新手，因为这个是我一步一步搭建的，之前也没有接触过，期间遇到的问题都有陈列。

一、安装环境：
（因为我安装的系统是CentOS6.3 basic 所以很多依赖包是没有安装的，因此在安装的过程中会出现一些报错，需要我安装依赖包，为了让大家更加明白不同报错的解决方法，本人将每一个报错的解决方法逐一列出）
HA01、02作为提供keepalived+haproxy的服务主机，WEB01、02作为后端的App Server.
HA01:192.168.10.100 MASTER
HA02:192.168.10.101 BACKUP
VIP：192.168.10.110
WEB01:192.168.10.200
WEB02:192.168.10.201

二、编译安装keepalived

[root@HA01 ~]#wget http://www.keepalived.org/software/keepalived-1.2.7.tar.gz [root@HA01 ~]# tar -zxvf keepalived-1.2.7.tar.gz
[root@HA01 ~]# cd keepalived-1.2.7
[root@HA01 keepalived-1.2.7]# ./configure --sysconfdir=/etc
报错：

checking for gcc... no
checking for cc... no
checking for cl.exe... No

解决：[root@HA01keepalived-1.2.7]# yum -y install gcc
[root@HA01 keepalived-1.2.7]# ./configure --sysconfdir=/etc
报错：

configure: error:
!!!OpenSSL is not properly installed on your system. !!!
!!!Can not include OpenSSL headers files.!!!

解决：[root@HA01keepalived-1.2.7]# yum -y install openssl-devel
[root@HA01 keepalived-1.2.7]# ./configure --sysconfdir=/etc
报错：

configure: error: Popt libraries isrequired

解决：[root@HA01keepalived-1.2.7]#yum -y install popt-devel
[root@HA01 keepalived-1.2.7]# ./configure --sysconfdir=/etc
到这里keepalived安装完成
下面需要进行编译
先安装make依赖包
[root@HA01 keepalived-1.2.7]#yum -y install make
[root@HA01 keepalived-1.2.7]# make && make install//编译
编译完成之后需要修改配置文件
[root@HA01keepalived-1.2.7]# vi /etc/keepalived/keepalived.conf

! Configuration File for keepalived
#global_defs {
#   notification_email {
#     gaoming@123.com
#   }
#   notification_email_from gaoming@123.com
#   smtp_server 192.168.200.1
#   smtp_connect_timeout 30
#   router_id LVS_DEVEL
#}
vrrp_instance VI_1 {
state MASTER          #备机服务器HA02上将MASTER改为BACKUP
interface eth0
virtual_router_id 51
priority 100             #备机服务器HA02上将100改为99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.10.110/24 dev eth0 scope global
}
}
real_server 192.168.10.100 80 {    #备机服务器HA02上将IP改为192.168.10.101
TCP_CHECK {
}
}

修改了之后分别启动keepalived
[root@HA01 keepalived-1.2.7]#/etc/init.d/keepalived start
出现错误：正在启动keepalived：/bin/bash:keepalived: command not found
解决方法：将文件keepalived文件cp到/usr/sbin/
[root@HA01 keepalived-1.2.7]# cp /usr/local/sbin/keepalived /usr/sbin/
[root@HA01 keepalived-1.2.7]#/etc/init.d/keepalived start
测试
[root@HA01 ~]# ip add
2: eth0:<BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen1000
link/ether 00:0c:29:22:a5:d0 brd ff:ff:ff:ff:ff:ff
inet 192.168.10.100/24 brd 192.168.10.255 scope global eth0
inet 192.168.10.110/24 scope global secondary eth0
inet6 fe80::20c:29ff:fe22:a5d0/64 scope link
valid_lft forever preferred_lft forever
[root@HA02 ~]# ip add
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP>mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:03:a8:15 brd ff:ff:ff:ff:ff:ff
inet 192.168.10.101/24 brd 192.168.10.255 scope global eth0
inet6 fe80::20c:29ff:fe03:a815/64 scope link
valid_lft forever preferred_lft forever
停了主上的keepalived，备上将接管keepalived服务
[root@HA02 ~]# ip add
2: eth0:<BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen1000
link/ether 00:0c:29:03:a8:15 brd ff:ff:ff:ff:ff:ff
inet 192.168.10.101/24 brd 192.168.10.255 scope global eth0
inet 192.168.10.110/24 scope global secondary eth0
inet6 fe80::20c:29ff:fe03:a815/64 scope link
valid_lft forever preferred_lft forever

三、编译安装Haproxy
[root@HA02 ~]#wget http://haproxy.1wt.eu/download/1.4/src/haproxy-1.4.22.tar.gz [root@HA02 ~]#tar -zxvf haproxy-1.4.22.tar.gz
[root@HA02 ~]#cd haproxy-1.4.22
[root@HA01 haproxy-1.4.22]#groupadd haproxy
[root@HA01 haproxy-1.4.22]#useradd haproxy -g haproxy
[root@HA01 haproxy-1.4.22]#make TARGET=linux26 PREFIX=/usr/local/haproxy
[root@HA01 haproxy-1.4.22]# make install PREFIX=/usr/local/haproxy

1.编辑配置文件
[root@HA01selinux]# vi /etc/haproxy/haproxy.cfg

global
log 127.0.0.1 local2
#    log 127.0.0.1 local1 notice
#    maxconn 4096
user haproxy
group haproxy
daemon
defaults
log global
mode http
option tcplog
option dontlognull
retries 3
option redispatch
maxconn 20000
contimeout 3600s
clitimeout 3600s
srvtimeout 3600s
listen App :8083            #提供给前端的port
mode    http
option forwardfor
option  httpclose
option  httpchk GET /index.jsp
balance roundrobin
#    balance source
server Server1 192.168.10.200:8082 check inter 30000 rise 1 fall 2  #后端App Server IP&port
server Server2 192.168.10.201:8082 check inter 30000 rise 1 fall 2  #后端App Server IP&port
listen http-in          #haproxy监控配置
bind :8080      #监听端口
mode http
stats refresh 5s
stats auth  admin:password      #login账号密码
stats uri       /monitor        #url地址

2.Init脚本的配置
[root@HA01 haproxy-1.4.22]#cat /etc/init.d/haproxy

#!/bin/sh
#
# haproxy
#
# chkconfig:   - 85 15
# description:  HAProxy is a free, very fast and reliable solution \
#               offering high availability, load balancing, and \
#               proxying for TCP and  HTTP-based applications
# processname: haproxy
# config:      /etc/haproxy/haproxy.cfg
# pidfile:     /var/run/haproxy.pid

# Source function library.
. /etc/rc.d/init.d/functions

# Source networking configuration.
. /etc/sysconfig/network

# Check that networking is up.
[ "$NETWORKING" = "no" ] && exit 0

exec="/usr/sbin/haproxy"
prog=$(basename $exec)

[ -e /etc/sysconfig/$prog ] && . /etc/sysconfig/$prog

lockfile=/var/lock/subsys/haproxy

check() {
$exec -c -V -f /etc/$prog/$prog.cfg
}

start() {
$exec -c -q -f /etc/$prog/$prog.cfg
if [ $? -ne 0 ]; then
echo "Errors in configuration file, check with $prog check."
return 1
fi

echo -n $"Starting $prog: "
# start it up here, usually something like "daemon $exec"
daemon $exec -D -f /etc/$prog/$prog.cfg -p /var/run/$prog.pid
retval=$?
echo
[ $retval -eq 0 ] && touch $lockfile
return $retval
}

stop() {
echo -n $"Stopping $prog: "
# stop it here, often "killproc $prog"
killproc $prog
retval=$?
echo
[ $retval -eq 0 ] && rm -f $lockfile
return $retval
}

restart() {
$exec -c -q -f /etc/$prog/$prog.cfg
if [ $? -ne 0 ]; then
echo "Errors in configuration file, check with $prog check."
return 1
fi
stop
start
}

reload() {
$exec -c -q -f /etc/$prog/$prog.cfg
if [ $? -ne 0 ]; then
echo "Errors in configuration file, check with $prog check."
return 1
fi
echo -n $"Reloading $prog: "
$exec -D -f /etc/$prog/$prog.cfg -p /var/run/$prog.pid -sf $(cat /var/run/$prog.pid)
retval=$?
echo
return $retval
}

force_reload() {
restart
}

fdr_status() {
status $prog
}

case "$1" in
start|stop|restart|reload)
$1
;;
force-reload)
force_reload
;;
check)
check
;;
status)
fdr_status
;;
condrestart|try-restart)
[ ! -f $lockfile ] || restart
;;
*)
echo $"Usage: $0 {start|stop|status|restart|try-restart|reload|force-reload}"
exit 2
esac

[root@HA01 haproxy-1.4.22]# chmod a+x/etc/init.d/haproxy
[root@HA01 haproxy-1.4.22]# chkconfig --add haproxy
4.启动服务
[root@HA01 haproxy-1.4.22]#service haproxy start
四、测试
使用VIP测试进入haproxy监控界面（这是我公司现在的架构）



本文出自 “wemux” 博客，请务必保留此出处http://wemux.blog.51cto.com/2848943/1204717