Mycat+keepalived+haporxy 高可用群集配置

来源：互联网发布：轩辕剑腰甲进阶数据编辑：程序博客网时间：2024/05/18 14:12

部署图：

HaProxy安装

181和179两台服务器安装haproxy的步骤一致

--创建haproxy用户useradd haproxy--解压完后进入haproxy目录cd haproxy-1.4.25/--编译安装make TARGET=linux26 PREFIX=/usr/local/haproxy ARCH=x86_64make install PREFIX=/usr/local/haproxy

HaProxy配置

cd /usr/local/haproxytouch haproxy.cfgvim haproxy.cfg

 global    log 127.0.0.1   local0  ##记日志的功能    maxconn 4096    chroot /usr/local/haproxy    user haproxy    group haproxy    daemondefaultslog globaloption dontlognullretries 3option redispatchmaxconn 2000contimeout 5000clitimeout 50000srvtimeout 50000listen  admin_stats 192.168.57.180:48800       stats uri /admin-status        ##统计页面      stats auth  admin:admin      mode    http      option  httploglisten allmycat_service 192.168.57.180:8098      mode tcp      option tcplog  option httpchk OPTIONS * HTTP/1.1\r\nHost:\ www      balance roundrobin  server mycat_181 192.168.57.181:8066 check port 48700 inter 5s rise 2 fall 3  server mycat_179 192.168.57.179:8066 check port 48700 inter 5s rise 2 fall 3      srvtimeout 20000

配置haproxy记录日志功能

yum –y install rsyslogmkdir /etc/rsyslog.dcd /etc/rsyslog.d/touch haproxy.confvim haproxy.conf

$ModLoad imudp$UDPServerRun 514local0.* /var/log/haproxy.log

vim /etc/rsyslog.conf

在#### RULES #### 上面一行加入以下内容

# Include all config files in /etc/rsyslog.d/$IncludeConfig /etc/rsyslog.d/*.conf

在local7.* /var/log/boot.log下面加入以下内容

local0.* /var/log/haproxy.log

重启rsyslog服务

service rsyslog restart

将rsyslog加入自动启动服务

chkconfig --add rsyslogchkconfig --level 2345 rsyslog on

配置监听mycat是否存活

安装xinetd插件

yum install xinetd -y

cd /etc/xinetd.dtouch mycat_statusvim mycat_status

service mycat_status{flags = REUSEsocket_type = streamport = 48700wait = nouser = nobodyserver =/usr/local/bin/mycat_statuslog_on_failure += USERIDdisable = no}

创建xinetd启动服务脚本

vim /usr/local/bin/mycat_status

#!/bin/bash#/usr/local/bin/mycat_status.sh# This script checks if a mycat server is healthy running on localhost. It will# return:## "HTTP/1.x 200 OK\r" (if mycat is running smoothly)## "HTTP/1.x 503 Internal Server Error\r" (else)mycat=`/usr/local/mycat/bin/mycat status |grep 'not running'| wc -l`if [ "$mycat" = "0" ];then/bin/echo -e "HTTP/1.1 200 OK\r\n"else/bin/echo -e "HTTP/1.1 503 Service Unavailable\r\n"fi

修改脚本文件权限

我就是在这里被坑了很久,根据权威指南上面mycat_status这个脚本里面的内容也有很多问题，好几个地方没有空格.

chmod 777 /usr/local/bin/mycat_statuschmod 777 /etc/xinetd.d/mycat_status

将启动脚本加入服务

vim /etc/services

在末尾加入

mycat_status 48700/tcp # mycat_status

重启xinetd服务

service xinetd restart

将xinetd加入自启动服务

chkconfig --add xinetdchkconfig --level 2345 xinetd on

创建haproxy启停脚本

启动脚本

touch /usr/local/haproxy/sbin/startchmod +x /usr/local/haproxy/sbin/startvim  /usr/local/haproxy/sbin/start

#!/bin/sh/usr/local/haproxy/sbin/haproxy -f /usr/local/haproxy/haproxy.cfg &

关闭脚本

touch /usr/local/haproxy/sbin/stopchmod +x /usr/local/haproxy/sbin/stopvim /usr/local/haproxy/sbin/stop

#!/bin/shps -ef | grep sbin/haproxy | grep -v grep |awk '{print $2}'|xargs kill -s 9

授权

chown -R haproxy.haproxy /usr/local/haproxy/*

Keepalived安装步骤

keepalived的安装步骤过程在两台服务器上除了keepalived.conf配置文件稍微有点区别外其他的地方都一致。

openssl安装

yum install openssl -y

./config --prefix=/usr/local/openssl./config -tmake dependmakemake testmake installln -s /usr/local/openssl /usr/local/sslvim /etc/ld.so.conf

在文件末尾加入以下内容

/usr/local/openssl/lib

修改环境变量

vim /etc/profile

在文件末尾加入以下内容

export OPENSSL=/usr/local/openssl/binexport PATH=$PATH:$OPENSSL

使环境变量立刻生效

source /etc/profile

安装openssl-devel

yum install openssl-devel -y

测试

ldd /usr/local/openssl/bin/openssl

linux-vdso.so.1 => (0x00007fff996b9000)libdl.so.2 =>/lib64/libdl.so.2 (0x00000030efc00000)libc.so.6 =>/lib64/libc.so.6 (0x00000030f0000000)/lib64/ld-linux-x86-64.so.2 (0x00000030ef800000)

which openssl

/usr/bin/openssl

openssl version

OpenSSL 1.0.0-fips 29 Mar 2010

keepalived安装

./configure --prefix=/usr/local/keepalivedmakemake installcp /usr/local/keepalived/sbin/keepalived /usr/sbin/cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/mkdir /etc/keepalivedcd /etc/keepalived/cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalivedmkdir -p  /usr/local/keepalived/var/log

创建配置文件和脚本

mkdir /etc/keepalived/scriptscd /etc/keepalived/scripts

vim /etc/keepalived/keepalived.conf

master

! Configuration Fileforkeepalivedvrrp_script chk_http_port {script"/etc/keepalived/scripts/check_haproxy.sh"interval 2weight 2}vrrp_instance VI_1 {state MASTER #192.168.57.179上改为BACKUPinterface eth0 #对外提供服务的网络接口virtual_router_id 51 #VRRP组名，两个节点的设置必须一样，以指明各个节点属于同一VRRP组priority 150 #数值愈大，优先级越高,backup上改为120advert_int 1 #同步通知间隔authentication { #包含验证类型和验证密码。类型主要有PASS、AH两种，通常使用的类型为PASS，据说AH使用时有问题auth_type PASSauth_pass 1111}track_script {chk_http_port #调用脚本check_haproxy.sh检查haproxy是否存活}virtual_ipaddress { #vip地址，这个ip必须与我们在lvs客户端设定的vip相一致192.168.57.180 dev eth0 scope global}notify_master /etc/keepalived/scripts/haproxy_master.shnotify_backup /etc/keepalived/scripts/haproxy_backup.shnotify_fault /etc/keepalived/scripts/haproxy_fault.shnotify_stop /etc/keepalived/scripts/haproxy_stop.sh}

backup

! Configuration Fileforkeepalivedvrrp_script chk_http_port {script"/etc/keepalived/scripts/check_haproxy.sh"interval 2weight 2}vrrp_instance VI_1 {state BACKUP #192.168.57.179上改为BACKUPinterface eth0 #对外提供服务的网络接口virtual_router_id 51 #VRRP组名，两个节点的设置必须一样，以指明各个节点属于同一VRRP组priority 120 #数值愈大，优先级越高,backup上改为120advert_int 1 #同步通知间隔authentication { #包含验证类型和验证密码。类型主要有PASS、AH两种，通常使用的类型为PASS，据说AH使用时有问题auth_type PASSauth_pass 1111}track_script {chk_http_port #调用脚本check_haproxy.sh检查haproxy是否存活}virtual_ipaddress { #vip地址，这个ip必须与我们在lvs客户端设定的vip相一致192.168.57.180 dev eth0 scope global}notify_master /etc/keepalived/scripts/haproxy_master.shnotify_backup /etc/keepalived/scripts/haproxy_backup.shnotify_fault /etc/keepalived/scripts/haproxy_fault.shnotify_stop /etc/keepalived/scripts/haproxy_stop.sh}

vim /etc/keepalived/scripts/check_haproxy.sh

#!/bin/bashSTARTHAPROXY="/usr/local/haproxy/sbin/haproxy -f /usr/local/haproxy/haproxy.cfg"STOPKEEPALIVED="/etc/init.d/keepalived stop"LOGFILE="/usr/local/keepalived/var/log/keepalived-haproxy-state.log"echo "[check_haproxy status]" >> $LOGFILEA=`ps -C haproxy --no-header |wc -l`echo "[check_haproxy status]" >> $LOGFILEdate >> $LOGFILEif [ $A -eq 0 ];thenecho $STARTHAPROXY >> $LOGFILE$STARTHAPROXY >> $LOGFILE 2>&1sleep 5fiif [ `ps -C haproxy --no-header |wc -l` -eq 0 ];thenexit 0elseexit 1fi

vim /etc/keepalived/scripts/haproxy_master.sh

#!/bin/bashSTARTHAPROXY=`/usr/local/haproxy/sbin/haproxy -f /usr/local/haproxy/haproxy.cfg`STOPHAPROXY=`ps -ef | grep sbin/haproxy | grep -v grep | awk '{print $2}'| xargs kill -s 9`LOGFILE="/usr/local/keepalived/var/log/keepalived-haproxy-state.log"echo "[master]" >> $LOGFILEdate >> $LOGFILEecho "Being master...." >> $LOGFILE 2>&1echo "stop haproxy...." >> $LOGFILE 2>&1$STOPHAPROXY >> $LOGFILE 2>&1echo "start haproxy...." >> $LOGFILE 2>&1$STARTHAPROXY >> $LOGFILE 2>&1echo "haproxy stared ..." >> $LOGFILE

vim /etc/keepalived/scripts/haproxy_backup.sh

#!/bin/bashSTARTHAPROXY=`/usr/local/haproxy/sbin/haproxy -f /usr/local/haproxy/haproxy.cfg`STOPHAPROXY=`ps -ef | grep sbin/haproxy | grep -v grep | awk '{print $2}'| xargs kill -s 9`LOGFILE="/usr/local/keepalived/var/log/keepalived-haproxy-state.log"echo "[backup]" >> $LOGFILEdate >> $LOGFILEecho "Being backup...." >> $LOGFILE 2>&1echo "stop haproxy...." >> $LOGFILE 2>&1$STOPHAPROXY >> $LOGFILE 2>&1echo "start haproxy...." >> $LOGFILE 2>&1$STARTHAPROXY >> $LOGFILE 2>&1echo "haproxy stared ..." >> $LOGFILE

vim /etc/keepalived/scripts/haproxy_fault.sh

#!/bin/bashLOGFILE=/usr/local/keepalived/var/log/keepalived-haproxy-state.logecho "[fault]" >> $LOGFILEdate >> $LOGFILE

vim /etc/keepalived/scripts/haproxy_stop.sh

#!/bin/bashLOGFILE=/usr/local/keepalived/var/log/keepalived-haproxy-state.logecho "[stop]" >> $LOGFILEdate >> $LOGFILE

赋予脚本可执行权限

chmod 777 /etc/keepalived/scripts/*

将keepalived加入自启动服务

chkconfig --add keepalivedchkconfig --level 2345 keepalived on--启动服务service keepalived start

权威指南上面代码部分好多处都存在问题，几乎每一块代码都存在问题，有时候往往一个空格需要花很长的时间去找这个问题，所以在代码方面要细心；特别是复制别人的代码不要原本照抄最好是检查一下，除了代码本身的问题权限有时候也是容易忽略的错误，特别是可执行文件要注意是否有可执行权限。

0 0