Haproxy
具有故障轉移功能的 Softlayer HAProxy
我在 Softlayer 上有 2 個虛擬伺服器,都執行 HAProxy。我正在嘗試使用 keepalived 設置故障轉移。每台伺服器都有一個私有 IP 和一個公共 IP,它們在同一個 VLAN 上。我為keepalived嘗試了許多不同的設置,但是在master上停止HAProxy,它不會故障轉移到BACKUP。
我讀到不支持多播,因此我將設置更改為單播。現在,備份/主伺服器上的設置基本上是這樣的:
vrrp_script chk_haproxy { script "pidof haproxy" interval 2 } vrrp_instance VI_1 { debug 2 interface eth1 state MASTER virtual_router_id 51 priority 101 unicast_src_ip 1.2.3.4 # My IP unicast_peer { 5.6.7.8 # peer IP } track_script { chk_haproxy } }
其中 MYIP 是 conf 文件所在伺服器的公共 IP 地址,PEERIP 是對等方的公共 IP 地址。仍然無法正常工作。停止主伺服器上的 HAProxy,它不會故障轉移到備份。
我想知道是否有人在 Softlayer 上設置了帶有故障轉移的 HAProxy,以及他們是如何完成它的?
我設法完成了這個設置,我是這樣做的:
- 我使用 SoftLayer 的控制面板創建了一個全域 IP 地址。
- 我在兩個 HAProxy 虛擬伺服器上都有 Debian 7。我將全域 IP 地址添加到兩台伺服器上的 eth1 介面。
- 這是兩台伺服器上使用的 HAProxy 設置:
global log 127.0.0.1 local0 log 127.0.0.1 local1 notice maxconn 4096 user haproxy group haproxy defaults log global mode http option httplog option dontlognull retries 3 maxconn 2000 option redispatch timeout connect 5000 timeout client 50000 timeout server 50000 stats uri / haproxy listen webfarm 0.0.0.0:80 mode http stats enable stats uri /haproxy?stats stats realm Haproxy\ Statistics stats auth haproxy:stats balance roundrobin cookie LBN insert indirect nocache option httpclose option forwardfor server app1-west <public_ip>:8080 cookie node1 check server app2-west <public_ip>:8080 cookie node2 check
- 這是 MASTER 伺服器上的 Keepalived 設置:
global_defs { notification_email { admin@mydomain.com } notification_email_from me@me.com smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id LB_MASTER_ACTIVE } # Define the script used to check if haproxy is still working vrrp_script chk_haproxy { script "killall -0 haproxy" # verify the pid existance interval 2 # check every 2 seconds weight 2 # add 2 points of prio if OK } # Virtual interface. vrrp_instance VI_1 { state MASTER interface eth1 virtual_router_id 51 priority 101 smtp_alert authentication { auth_type PASS auth_pass 1111 #replace with random string } vrrp_unicast_bind <my_private_ip> vrrp_unicast_peer <peers_private_ip> # Check if HAProxy is running or not. track_script { chk_haproxy } notify_master /usr/bin/reroute_global }
- 這是 BACKUP 伺服器上的 Keepalived 設置:
global_defs { notification_email { admin@mydomain.com } notification_email_from me@me.com smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id LB_BACKUP_PASSIVE } # Define the script used to check if haproxy is still working vrrp_script chk_haproxy { script "killall -0 haproxy" # verify the pid existance interval 2 # check every 2 seconds weight 2 # add 2 points of prio if OK } # Virtual interface. vrrp_instance VI_1 { state BACKUP interface eth1 virtual_router_id 51 priority 100 smtp_alert advert_int 1 authentication { auth_type PASS auth_pass 1111 #replace with random string } vrrp_unicast_bind <my_private_ip> vrrp_unicast_peer <peers_private_ip> # Check if HAProxy is running or not. track_script { chk_haproxy } notify_master /usr/bin/reroute_global }
- 如上所述,我正在執行 Debian 7。從 keepalived 設置中可以看出,我有一個 notify_master 腳本。這是使腳本執行所需的一切:
apt-get install cpanminus libssl-dev build-essential libxml2-dev libexpat1-dev cpanm SOAP::Lite XML::Hash::LX IO::Interface git clone https://github.com/softlayer/softlayer-api-perl-client.git mv softlayer-api-perl-client/SoftLayer /usr/share/perl5
- 現在所有依賴項都已到位,腳本應該可以工作。這是我保存為的腳本
/usr/bin/reroute_global
:#!/usr/bin/env perl use strict; use warnings; use SoftLayer::API::SOAP; use IO::Interface::Simple; # SoftLayer API Information my $api_user = 'YOUR_API_USERNAME'; my $api_key = 'YOUR_API_KEY'; # Get the IP address associated with eth1 my $if = IO::Interface::Simple->new('eth1'); # Create client object to SoftLayer_Account my $client = SoftLayer::API::SOAP->new('SoftLayer_Account', undef, $api_user, $api_key); # Get global IP address ID of first global IP address. my $global_ip_id = $client->getGlobalIpRecords()->result->[0]->{id}; # Create client object to SoftLayer_Network_Subnet_IpAddress_Global $client = SoftLayer::API::SOAP->new('SoftLayer_Network_Subnet_IpAddress_Global', $global_ip_id, $api_user, $api_key); # Reroute global IP address to this systems public IP $client->route($if->address);
您需要更改 API_USERNAME/KEY 以匹配您的 API 憑據。該腳本從您的 SoftLayer 全域 IP 地址中獲取第一個全域 IP,然後將全域 IP 重新路由到系統。在故障轉移的情況下,BACKUP 變為 MASTER 並執行腳本,該腳本將全域 IP 地址路由到自身。
測試
curl http://<global_IP>
- 在主伺服器上,
service haproxy stop
- 備份時:
tail -f /var/log/syslog
. 您應該看到如下內容:Feb 12 01:11:55 proxy2-west Keepalived_vrrp[11816]: VRRP_Script(chk_haproxy) succeeded Feb 12 01:11:55 proxy2-west Keepalived_vrrp[11816]: SMTP alert successfully sent. Feb 12 01:12:29 proxy2-west Keepalived_vrrp[11816]: VRRP_Instance(VI_1) forcing a new MASTER election Feb 12 01:12:29 proxy2-west Keepalived_vrrp[11816]: VRRP_Instance(VI_1) forcing a new MASTER election Feb 12 01:12:30 proxy2-west Keepalived_vrrp[11816]: VRRP_Instance(VI_1) Transition to MASTER STATE Feb 12 01:12:31 proxy2-west Keepalived_vrrp[11816]: VRRP_Instance(VI_1) Entering MASTER STATE Feb 12 01:12:31 proxy2-west Keepalived_vrrp[11816]: Opening script file /usr/bin/reroute_global
curl http://<global_IP>
(如果故障轉移有效,它應該可以工作)