私有云落地解决方案之openstack高可用（pike版本）-haproxy

作者：【吴业亮】

博客：http://blog.csdn.net/wylfengyujiancheng

1、三个节点安装haproxy，并设置开机自动启动

#  yum install -y haproxy#  systemctl enable haproxy

2、跟rsyslog结合配置haproxy日志，在三个节点上都操作
配置/etc/rsyslog.d/haproxy.conf

$ModLoad imudp$UDPServerRun 514$template Haproxy,"%rawmsg% \n"local0.=info -/var/log/haproxy.log;Haproxylocal.notice -/var/log/haproxy-status.log;Haproxylocal.* ~

# systemctl restart rsyslog.service# systemctl status rsyslog.service

3、在三个节点上配置haproxy.cfg文件

global    log             127.0.0.1 local3    chroot          /var/lib/haproxy    pidfile         /var/run/haproxy.pid    stats  socket     /var/lib/haproxy/stats    maxconn         40000    user            haproxy    group           haproxy    daemon    spread-checks      3    tune.bufsize      32768    tune.maxrewrite 1024    tune.ssl.default-dh-param  2048defaults    mode    http    log     global    option  httplog    option  tcplog    option  redispatch    option  http-server-close    option  splice-auto    option  dontlognull    retries 3    timeout http-request 20s    timeout queue 1m    timeout connect 10s    timeout client 1m    timeout server 1m    timeout check 10s    maxconn 8000listen stats    bind 0.0.0.0:8888    mode http    stats enable    stats uri /    stats realm Haproxy\ Statistics    stats auth admin:Changeme_123    stats  refresh 5s    stats  show-node    stats  show-legends    stats  hide-versionlisten db-cloud    bind 172.16.8.50:3306    balance  source    hash-type consistent    mode       tcp    option  tcplog    option  clitcpka    option  srvtcpka    option  httpchk    timeout client  28801s    timeout server  28801s            server node1 172.16.8.60:3306 check port 9200 inter 20s fastinter 2s downinter 2s rise 3 fall 3            server node2 172.16.8.61:3306 check port 9200 inter 20s fastinter 2s downinter 2s rise 3 fall 3 backup            server node3 172.16.8.62:3306 check port 9200 inter 20s fastinter 2s downinter 2s rise 3 fall 3 backuplisten mq-cloud    bind 172.16.8.50:5672 tcp-ut 5s    mode tcp    option tcpka    balance roundrobin            server node1 172.16.8.60:5672 check inter 10s fastinter 2s downinter 2s rise 3 fall 3            server node2 172.16.8.61:5672 check inter 10s fastinter 2s downinter 2s rise 3 fall 3            server node3 172.16.8.62:5672 check inter 10s fastinter 2s downinter 2s rise 3 fall 3listen keystone-admin-cloud    bind 172.16.8.50:35357    http-request  set-header X-Forwarded-Proto https if { ssl_fc }    option  httplog    option  httpclose    option  forwardfor            server node1 172.16.8.60:35357 check inter 10s fastinter 2s downinter 2s rise 3 fall 3            server node2 172.16.8.61:35357 check inter 10s fastinter 2s downinter 2s rise 3 fall 3            server node3 172.16.8.62:35357 check inter 10s fastinter 2s downinter 2s rise 3 fall 3listen keystone-cloud    bind 172.16.8.50:5000    http-request  set-header X-Forwarded-Proto https if { ssl_fc }    option  httplog    option  httpclose    option  forwardfor            server node1 172.16.8.60:5000 check inter 10s fastinter 2s downinter 2s rise 3 fall 3            server node2 172.16.8.61:5000 check inter 10s fastinter 2s downinter 2s rise 3 fall 3            server node3 172.16.8.62:5000 check inter 10s fastinter 2s downinter 2s rise 3 fall 3listen glance-registry-cloud    bind 172.16.8.50:9191    timeout server          30m            server node1 172.16.8.60:9191 check inter 10s fastinter 2s downinter 3s rise 3 fall 3            server node2 172.16.8.61:9191 check inter 10s fastinter 2s downinter 3s rise 3 fall 3            server node3 172.16.8.62:9191 check inter 10s fastinter 2s downinter 3s rise 3 fall 3listen glance-api-cloud    bind 172.16.8.50:9292    http-request  set-header X-Forwarded-Proto https if { ssl_fc }    option  httpchk /versions    option  httplog    option  httpclose    timeout server  30m            server node1 172.16.8.60:9292 check inter 10s fastinter 2s downinter 3s rise 3 fall 3            server node2 172.16.8.61:9292 check inter 10s fastinter 2s downinter 3s rise 3 fall 3            server node3 172.16.8.62:9292 check inter 10s fastinter 2s downinter 3s rise 3 fall 3listen nova-api-cloud    bind 172.16.8.50:8774    http-request  set-header X-Forwarded-Proto https if { ssl_fc }    option  httpchk    option  httplog    option  httpclose    timeout server  600s            server node1 172.16.8.60:8774 check inter 10s fastinter 2s downinter 3s rise 3 fall 3            server node2 172.16.8.61:8774 check inter 10s fastinter 2s downinter 3s rise 3 fall 3            server node3 172.16.8.62:8774 check inter 10s fastinter 2s downinter 3s rise 3 fall 3listen nova-metadata-api-cloud    bind 172.16.8.50:8775    option  httpchk    option  httplog    option  httpclose            server node1 172.16.8.60:8775 check inter 10s fastinter 2s downinter 3s rise 3 fall 3            server node2 172.16.8.61:8775 check inter 10s fastinter 2s downinter 3s rise 3 fall 3            server node3 172.16.8.62:8775 check inter 10s fastinter 2s downinter 3s rise 3 fall 3listen vnc-cloud    bind 172.16.8.50:6080    http-request set-header X-Forwarded-Proto https if { ssl_fc }            server node1 172.16.8.60:6080 check inter 10s fastinter 2s downinter 3s rise 3 fall 3            server node2 172.16.8.61:6080 check inter 10s fastinter 2s downinter 3s rise 3 fall 3            server node3 172.16.8.62:6080 check inter 10s fastinter 2s downinter 3s rise 3 fall 3listen nova-placement-api-cloud    bind 172.16.8.50:8778    http-request set-header X-Forwarded-Proto https if { ssl_fc }            server node1 172.16.8.60:8778 check inter 10s fastinter 2s downinter 3s rise 3 fall 3            server node2 172.16.8.61:8778 check inter 10s fastinter 2s downinter 3s rise 3 fall 3            server node3 172.16.8.62:8778 check inter 10s fastinter 2s downinter 3s rise 3 fall 3listen neutron-api-cloud    bind 172.16.8.50:9696    http-request set-header X-Forwarded-Proto https if { ssl_fc }    option  httpchk    option  httplog    option  httpclose            server node1 172.16.8.60:9696 check inter 10s fastinter 2s downinter 3s rise 3 fall 3            server node2 172.16.8.61:9696 check inter 10s fastinter 2s downinter 3s rise 3 fall 3            server node3 172.16.8.62:9696 check inter 10s fastinter 2s downinter 3s rise 3 fall 3listen dashboard_cloud    bind 172.16.8.50:80    balance  source    option  tcpka    option  httpchk    option  tcplog    server node1 172.16.8.60:80 check inter 2000 rise 2 fall 5    server node3 172.16.8.61:80 check inter 2000 rise 2 fall 5    server node3 172.16.8.62:80 check inter 2000 rise 2 fall 5listen cinder-api-cloud    bind 172.16.8.50:8776    http-request set-header X-Forwarded-Proto https if { ssl_fc }    option  httpchk    option  httplog    option  httpclose            server node1 172.16.8.60:8776 check inter 10s fastinter 2s downinter 3s rise 3 fall 3            server node2 172.16.8.61:8776 check inter 10s fastinter 2s downinter 3s rise 3 fall 3            server node3 172.16.8.62:8776 check inter 10s fastinter 2s downinter 3s rise 3 fall 3

4、修改三个节点的内核参数使haproxy正常启动

# echo "net.ipv4.ip_nonlocal_bind = 1" >>/etc/sysctl.conf# echo "net.ipv4.ip_forward = 1" >>/etc/sysctl.conf# sysctl -p 

5、三个节点启动haproxy服务

# systemctl restart haproxy# systemctl status haproxy

6、访问haproxy前端web界面
http://172.16.8.60:8888/

admin/Changeme_123