Haproxy代理服务（小白的“升级打怪”成长之路）

目录

一、实现Haproxy代理真实服务器

1、Haproxy服务器配置

2、编写配置网页内容

3、检验结果

二、实现Haproxy + Keepalived的两层架构（代理+双机热备）

1、Haproxy服务器配置

2、Keepalived 服务配置

3、检验结果

---

一、实现Haproxy代理真实服务器

通过 192.168.100.100的HAProxy (192.168.100.100) 代理访问 192.168.100.1(192.168.100.2的服务

1、Haproxy服务器配置

####192.168.100.100
##下载haproxy
[root@lvs1 ~]# yum install -y haproxy
[root@lvs1 ~]# cd /etc/haproxy/
[root@lvs1 haproxy]# ls
conf.d  haproxy.cfg
##编写配置文件
[root@lvs1 haproxy]# vim haproxy.cfg 
global  #全局配置log         127.0.0.1 local2chroot      /var/lib/haproxypidfile     /var/run/haproxy.piduser        haproxygroup       haproxydaemonmaxconn     4000
​
defaults    #默认配置mode                    httplog                     globaloption                  httplogoption                  dontlognullretries                 3timeout http-request    5stimeout queue           1mtimeout connect         5stimeout client          1mtimeout server          1mtimeout http-keep-alive 5stimeout check           5smaxconn                 3000
​
frontend main   #前端（虚拟server）bind *:80default_backend         http_back
​
backend http_back   （后端真实server）balance     roundrobin      #轮询server  node1 192.168.100.1:80 check    #真实服务端server  node2 192.168.100.2:80 check
listen stats #定义监控页面    mode httpoption httplogbind *:1080                   #绑定端口1080    stats refresh 30s             #每30秒更新监控数据    stats uri /stats              #访问监控页面的uri    stats realm HAProxy\ Stats    #监控页面的认证提示    stats auth admin:admin        #监控页面的用户名和密码
​
[root@lvs1 haproxy]# systemctl start haproxy.service 
[root@lvs1 haproxy]# netstat -anptu | grep 80
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      541243/haproxy      
tcp        0      0 0.0.0.0:1080            0.0.0.0:*               LISTEN      541243/haproxy    

2、编写配置网页内容

####192.168.100.1
##安装nginx
[root@web1 ~]# yum install -y nginx
[root@web1 ~]# systemctl start nginx
[root@web1 ~]# echo web1 > /usr/share/nginx/html/index.html

####192.168.100.2
[root@web2 ~]# yum install -y nginx
[root@web2 ~]# systemctl start nginx
[root@web2 ~]# echo web2 > /usr/share/nginx/html/index.html
​

3、检验结果

网站访问192.168.100.100，实现轮询

网站访问192.168.100.100;1080/stats，输入配置文件写入的账号密码，可以看到统计状态

二、实现Haproxy + Keepalived的两层架构（代理+双机热备）

设计思路：

通过 192.168.100.100的HAProxy (192.168.100.100) 代理到 192.168.100.1(192.168.100.2)的Keepalived VIP (192.168.100.103)，再由 Keepalived 访问到真实服务器192.168.100.1 (192.168.100.2)，最终实现两层架构

1、Haproxy服务器配置

实现代理功能

####192.168.100.100
##下载haproxy
##编写配置文件
[root@lvs1 haproxy]# vim haproxy.cfg 
global  #全局配置log         127.0.0.1 local2chroot      /var/lib/haproxypidfile     /var/run/haproxy.piduser        haproxygroup       haproxydaemonmaxconn     4000
​
defaults    #默认配置mode                    httplog                     globaloption                  httplogoption                  dontlognullretries                 3timeout http-request    5stimeout queue           1mtimeout connect         5stimeout client          1mtimeout server          1mtimeout http-keep-alive 5stimeout check           5smaxconn                 3000
​
frontend main   #前端（虚拟server）bind 192.168.100.100:80default_backend         http_back
​
backend http_back   （后端真实server）balance     roundrobinserver  node1 192.168.100.103:80 check  #真实服务端
listen stats #定义监控页面    mode httpoption httplogbind 192.168.100.100:1080                   #绑定端口1080    stats refresh 30s             #每30秒更新监控数据    stats uri /stats              #访问监控页面的uri    stats realm HAProxy\ Stats    #监控页面的认证提示    stats auth admin:admin        #监控页面的用户名和密码
[root@lvs1 ~]# systemctl restart haproxy.service 

2、Keepalived 服务配置

Keepalived服务器配置双机热备，当一台服务器故障，另外一台提供服务

####192.168.100.1
##安装keepalived服务，并编写配置文件
[root@web1 ~]# yum install -y keepalived
[root@web1 ~]# cd /etc/keepalived/
[root@web1 ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
​
global_defs {router_id web1
}
vrrp_script check_nginx {script /etc/keepalived/check_nginx.sh    #检测脚本interval 2   #执行间隔时间
}
vrrp_instance VI_1 {state MASTERinterface ens160virtual_router_id 51priority 100advert_int 3authentication {auth_type PASSauth_pass 1111}virtual_ipaddress {192.168.100.103}
track_script {          #在实例中引用脚本    check_nginx}
}
##加入检测脚本是为了保障nginx无故障时可以提供服务，一旦无法故障，同时关掉该服务器的keepalived服务
[root@web1 ~]# systemctl start keepalived.service
[root@web1 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00inet 127.0.0.1/8 scope host lovalid_lft forever preferred_lft foreverinet6 ::1/128 scope host proto kernel_lo valid_lft forever preferred_lft forever
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000link/ether 00:0c:29:66:09:cd brd ff:ff:ff:ff:ff:ffinet 192.168.100.1/24 brd 192.168.100.255 scope global noprefixroute ens160valid_lft forever preferred_lft foreverinet 192.168.100.103/32 scope global ens160valid_lft forever preferred_lft foreverinet6 fe80::20c:29ff:fe66:9cd/64 scope link noprefixroute valid_lft forever preferred_lft forever
7: ens224: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000link/ether 00:0c:29:66:09:d7 brd ff:ff:ff:ff:ff:ffinet 192.168.58.182/24 brd 192.168.58.255 scope global noprefixroute ens224valid_lft forever preferred_lft foreverinet6 fe80::20c:29ff:fe66:9d7/64 scope link noprefixroute 
​
[root@web1 ~]# cd /etc/keepalived/
[root@web1 keepalived]# vim check_nginx.sh 
Count1=`netstat -antp |grep -v grep |grep nginx |wc -l`
if [ $Count1 -eq 0 ]; then systemctl restart nginxsleep 2  Count2=`netstat -antp |grep -v grep |grep nginx |wc -l`if [ $Count2 -eq 0 ]; then service keepalived stop      else      exit 0  fi
else   exit 0  
fi 
​
[root@web1 keepalived]# chmod +x check_nginx.sh 
[root@web1 keepalived]# systemctl restart keepalived.service 

####192.168.100.2
[root@web2 ~]# yum install -y keepalived
[root@web2 ~]# cd /etc/keepalived/
[root@web2 ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
​
global_defs {router_id web2
}
vrrp_script check_nginx {script /etc/keepalived/check_nginx.sh    #检测脚本interval 2   #执行间隔时间
}
vrrp_instance VI_1 {state BACKUPinterface ens160virtual_router_id 51priority 90advert_int 3authentication {auth_type PASSauth_pass 1111}virtual_ipaddress {192.168.100.103}
track_script {          #在实例中引用脚本    check_nginx}
}
[root@web2 ~]# systemctl start keepalived.service
[root@web2 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00inet 127.0.0.1/8 scope host lovalid_lft forever preferred_lft foreverinet6 ::1/128 scope host proto kernel_lo valid_lft forever preferred_lft forever
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000link/ether 00:0c:29:80:88:5d brd ff:ff:ff:ff:ff:ffinet 192.168.100.2/24 brd 192.168.100.255 scope global noprefixroute ens160valid_lft forever preferred_lft foreverinet6 fe80::20c:29ff:fe80:885d/64 scope link noprefixroute valid_lft forever preferred_lft forever
5: ens224: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000link/ether 00:0c:29:80:88:67 brd ff:ff:ff:ff:ff:ffinet 192.168.58.181/24 brd 192.168.58.255 scope global noprefixroute ens224valid_lft forever preferred_lft foreverinet6 fe80::20c:29ff:fe80:8867/64 scope link noprefixroute valid_lft forever preferred_lft forever
​
[root@web2 ~]# cd /etc/keepalived/
[root@web2 keepalived]# vim check_nginx.sh 
Count1=`netstat -antp |grep -v grep |grep nginx |wc -l`
if [ $Count1 -eq 0 ]; then systemctl restart nginxsleep 2  Count2=`netstat -antp |grep -v grep |grep nginx |wc -l`if [ $Count2 -eq 0 ]; then service keepalived stop      else      exit 0  fi
else   exit 0  
fi 
​
[root@web2 keepalived]# chmod +x check_nginx.sh 
[root@web2 keepalived]# systemctl restart keepalived.service 

3、检验结果

网站访问192.168.100.100和192.168.100.100:1080/stats

当192.168.100.1故障时

####192.168.100.1
[root@web1 ~]# systemctl start keepalived.service 

网站访问192.168.100.100

看到感觉有帮助的朋友，劳烦动动发财的小手给博主点个赞