我在 Softlayer 上有 2 个虚拟服务器,都运行 HAProxy。我正在尝试使用 keepalived 设置故障转移。每个服务器都有一个私有 IP 和公共 IP,它们位于同一个 VLAN 上。我尝试了许多不同的 keepalived 设置,但在主服务器上停止 HAProxy 后,它不会故障转移到备份服务器。
我读到不支持多播,所以我将设置更改为单播。现在,备份/主服务器上的设置基本上是这样的:
vrrp_script chk_haproxy {
script "pidof haproxy"
interval 2
}
vrrp_instance VI_1 {
debug 2
interface eth1
state MASTER
virtual_router_id 51
priority 101
unicast_src_ip 1.2.3.4 # My IP
unicast_peer {
5.6.7.8 # peer IP
}
track_script {
chk_haproxy
}
}
其中 MYIP 是配置文件所在服务器的公网 IP 地址,PEERIP 是对等服务器的公网 IP 地址。但它仍然不起作用。在主服务器上停止 HAProxy,它不会故障转移到备份服务器。
我想知道是否有人在 Softlayer 上设置了具有故障转移功能的 HAProxy,以及他们是如何实现的?
答案1
我设法完成了这个设置,下面是我设置的方法:
我使用 SoftLayer 的控制面板创建了一个全局 IP 地址。
我在两个 HAProxy 虚拟服务器上都安装了 Debian 7。我在两个服务器上的 eth1 接口上都添加了全局 IP 地址。
以下是两台服务器上使用的 HAProxy 设置:
global log 127.0.0.1 local0 log 127.0.0.1 local1 notice maxconn 4096 user haproxy group haproxy defaults log global mode http option httplog option dontlognull retries 3 maxconn 2000 option redispatch timeout connect 5000 timeout client 50000 timeout server 50000 stats uri / haproxy listen webfarm 0.0.0.0:80 mode http stats enable stats uri /haproxy?stats stats realm Haproxy\ Statistics stats auth haproxy:stats balance roundrobin cookie LBN insert indirect nocache option httpclose option forwardfor server app1-west <public_ip>:8080 cookie node1 check server app2-west <public_ip>:8080 cookie node2 check以下是 MASTER 服务器上的 Keepalived 设置:
global_defs { notification_email { [email protected] } notification_email_from [email protected] smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id LB_MASTER_ACTIVE } # Define the script used to check if haproxy is still working vrrp_script chk_haproxy { script "killall -0 haproxy" # verify the pid existance interval 2 # check every 2 seconds weight 2 # add 2 points of prio if OK } # Virtual interface. vrrp_instance VI_1 { state MASTER interface eth1 virtual_router_id 51 priority 101 smtp_alert authentication { auth_type PASS auth_pass 1111 #replace with random string } vrrp_unicast_bind <my_private_ip> vrrp_unicast_peer <peers_private_ip> # Check if HAProxy is running or not. track_script { chk_haproxy } notify_master /usr/bin/reroute_global }以下是备份服务器上的 Keepalived 设置:
global_defs { notification_email { [email protected] } notification_email_from [email protected] smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id LB_BACKUP_PASSIVE } # Define the script used to check if haproxy is still working vrrp_script chk_haproxy { script "killall -0 haproxy" # verify the pid existance interval 2 # check every 2 seconds weight 2 # add 2 points of prio if OK } # Virtual interface. vrrp_instance VI_1 { state BACKUP interface eth1 virtual_router_id 51 priority 100 smtp_alert advert_int 1 authentication { auth_type PASS auth_pass 1111 #replace with random string } vrrp_unicast_bind <my_private_ip> vrrp_unicast_peer <peers_private_ip> # Check if HAProxy is running or not. track_script { chk_haproxy } notify_master /usr/bin/reroute_global }如上所述,我正在运行 Debian 7。从 keepalived 设置中可以看到,我有一个 notify_master 脚本。以下是运行脚本所需的一切:
apt-get install cpanminus libssl-dev build-essential libxml2-dev libexpat1-dev cpanm SOAP::Lite XML::Hash::LX IO::Interface git clone https://github.com/softlayer/softlayer-api-perl-client.git mv softlayer-api-perl-client/SoftLayer /usr/share/perl5现在所有依赖项都已到位,脚本应该可以运行了。下面是脚本,我将其保存为
/usr/bin/reroute_global:#!/usr/bin/env perl use strict; use warnings; use SoftLayer::API::SOAP; use IO::Interface::Simple; # SoftLayer API Information my $api_user = 'YOUR_API_USERNAME'; my $api_key = 'YOUR_API_KEY'; # Get the IP address associated with eth1 my $if = IO::Interface::Simple->new('eth1'); # Create client object to SoftLayer_Account my $client = SoftLayer::API::SOAP->new('SoftLayer_Account', undef, $api_user, $api_key); # Get global IP address ID of first global IP address. my $global_ip_id = $client->getGlobalIpRecords()->result->[0]->{id}; # Create client object to SoftLayer_Network_Subnet_IpAddress_Global $client = SoftLayer::API::SOAP->new('SoftLayer_Network_Subnet_IpAddress_Global', $global_ip_id, $api_user, $api_key); # Reroute global IP address to this systems public IP $client->route($if->address);
您需要更改 API_USERNAME/KEY 以匹配您的 API 凭据。该脚本从您的 SoftLayer 全局 IP 地址中获取第一个全局 IP,然后将全局 IP 重新路由到系统。在发生故障转移的情况下,BACKUP 将成为 MASTER 并运行脚本,该脚本将全局 IP 地址路由到自身。
测试
curl http://<global_IP>- 在主服务器上,
service haproxy stop 备份时:
tail -f /var/log/syslog。您应该会看到类似以下内容的内容:Feb 12 01:11:55 proxy2-west Keepalived_vrrp[11816]: VRRP_Script(chk_haproxy) succeeded Feb 12 01:11:55 proxy2-west Keepalived_vrrp[11816]: SMTP alert successfully sent. Feb 12 01:12:29 proxy2-west Keepalived_vrrp[11816]: VRRP_Instance(VI_1) forcing a new MASTER election Feb 12 01:12:29 proxy2-west Keepalived_vrrp[11816]: VRRP_Instance(VI_1) forcing a new MASTER election Feb 12 01:12:30 proxy2-west Keepalived_vrrp[11816]: VRRP_Instance(VI_1) Transition to MASTER STATE Feb 12 01:12:31 proxy2-west Keepalived_vrrp[11816]: VRRP_Instance(VI_1) Entering MASTER STATE Feb 12 01:12:31 proxy2-west Keepalived_vrrp[11816]: Opening script file /usr/bin/reroute_globalcurl http://<global_IP>(如果故障转移有效,它应该可以工作)