服务器 Gind.cn
  1. 服务器 Gind.cn
  3. Softlayer HAProxy故障转移
Intereting Posts
KVM-qemu libvirt vms中的多个接口 – 如何控制? 有没有办法让我在SBS 2011上安全地安装PowerShell 4? 为什么这3条规则在iptables中对我造成问题? (COMMIT行错误) 在Windows 2012上安装Powershell v4(NOT 2012R2) 硬重启后,ESXi 4.1虚拟机不见了 什么时候IPsec隧道是NAT-T的真正候选者(什么时候是绝对需要的?)? 复制文件夹/文件而不修改属性? 如何为KVM虚拟化设置Ubuntu服务器? 在ejabberd中将MUSIA的MUC(多用户会议)数据迁移到MySQL 只转发邮件到不同的SMTP服务器 如何继续将RAID 1磁盘从辅助到主要? IIS和Apache在同一台机器上? Nginx的 – redirect老.php?id = …到SEO友好的url不会按预期redirect 我如何在CentOS上安装守护进程? 亚马逊EC2上的Remus:如果和什么时候?

Softlayer HAProxy故障转移

我在Softlayer上有两个虚拟服务器,都运行HAProxy。 我正在尝试与keepalivedbuild立故障转移。 每个服务器都有一个私有IP和公共IP,并且它们在同一个VLAN中。 我已经为keepalived尝试了许多不同的设置,但是在master上停止HAProxy,它不会故障转移到BACKUP。

我读了多播不被支持,所以我已经改变了我的设置为单播。 现在,在备份/主设备上的设置基本上是这样的: 

vrrp_script chk_haproxy { script "pidof haproxy" interval 2 } vrrp_instance VI_1 { debug 2 interface eth1 state MASTER virtual_router_id 51 priority 101 unicast_src_ip 1.2.3.4 # My IP unicast_peer { 5.6.7.8 # peer IP } track_script { chk_haproxy } }

其中MYIP是conf文件所在服务器的公网IP地址,PEERIP是对端的公网IP地址。 仍然不工作。 在主站上停止HAProxy,它不会故障切换到备份。

我想知道是否有人在Softlayer上设置了HAProxy故障转移,以及他们如何去完成它?

我设法得到这个设置,以下是我做的:

  1. 我使用SoftLayer的控制面板创build了一个全球IP地址。

  2. 我在两个HAProxy虚拟服务器上都安装了Debian 7。 我在两台服务器上都添加了全局IP地址到eth1接口。

  3. 以下是两台服务器上使用的HAProxy设置: 

     global log 127.0.0.1 local0 log 127.0.0.1 local1 notice maxconn 4096 user haproxy group haproxy defaults log global mode http option httplog option dontlognull retries 3 maxconn 2000 option redispatch timeout connect 5000 timeout client 50000 timeout server 50000 stats uri / haproxy listen webfarm 0.0.0.0:80 mode http stats enable stats uri /haproxy?stats stats realm Haproxy\ Statistics stats auth haproxy:stats balance roundrobin cookie LBN insert indirect nocache option httpclose option forwardfor server app1-west <public_ip>:8080 cookie node1 check server app2-west <public_ip>:8080 cookie node2 check

  4. 以下是MASTER服务器上的Keepalived设置: 

     global_defs { notification_email { [email protected] } notification_email_from [email protected] smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id LB_MASTER_ACTIVE } # Define the script used to check if haproxy is still working vrrp_script chk_haproxy { script "killall -0 haproxy" # verify the pid existance interval 2 # check every 2 seconds weight 2 # add 2 points of prio if OK } # Virtual interface. vrrp_instance VI_1 { state MASTER interface eth1 virtual_router_id 51 priority 101 smtp_alert authentication { auth_type PASS auth_pass 1111 #replace with random string } vrrp_unicast_bind <my_private_ip> vrrp_unicast_peer <peers_private_ip> # Check if HAProxy is running or not. track_script { chk_haproxy } notify_master /usr/bin/reroute_global }

  5. 以下是BACKUP服务器上的Keepalived设置: 

     global_defs { notification_email { [email protected] } notification_email_from [email protected] smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id LB_BACKUP_PASSIVE } # Define the script used to check if haproxy is still working vrrp_script chk_haproxy { script "killall -0 haproxy" # verify the pid existance interval 2 # check every 2 seconds weight 2 # add 2 points of prio if OK } # Virtual interface. vrrp_instance VI_1 { state BACKUP interface eth1 virtual_router_id 51 priority 100 smtp_alert advert_int 1 authentication { auth_type PASS auth_pass 1111 #replace with random string } vrrp_unicast_bind <my_private_ip> vrrp_unicast_peer <peers_private_ip> # Check if HAProxy is running or not. track_script { chk_haproxy } notify_master /usr/bin/reroute_global }

  6. 如上所述,我正在运行Debian 7.在keepalived设置中可以看到,我有一个notify_master脚本。 以下是运行脚本所需的一切: 

     apt-get install cpanminus libssl-dev build-essential libxml2-dev libexpat1-dev cpanm SOAP::Lite XML::Hash::LX IO::Interface git clone https://github.com/softlayer/softlayer-api-perl-client.git mv softlayer-api-perl-client/SoftLayer /usr/share/perl5

  7. 现在所有的依赖关系都已经到位了,脚本应该可以工作了。 这是我保存为/usr/bin/reroute_global

     #!/usr/bin/env perl use strict; use warnings; use SoftLayer::API::SOAP; use IO::Interface::Simple; # SoftLayer API Information my $api_user = 'YOUR_API_USERNAME'; my $api_key = 'YOUR_API_KEY'; # Get the IP address associated with eth1 my $if = IO::Interface::Simple->new('eth1'); # Create client object to SoftLayer_Account my $client = SoftLayer::API::SOAP->new('SoftLayer_Account', undef, $api_user, $api_key); # Get global IP address ID of first global IP address. my $global_ip_id = $client->getGlobalIpRecords()->result->[0]->{id}; # Create client object to SoftLayer_Network_Subnet_IpAddress_Global $client = SoftLayer::API::SOAP->new('SoftLayer_Network_Subnet_IpAddress_Global', $global_ip_id, $api_user, $api_key); # Reroute global IP address to this systems public IP $client->route($if->address);

您需要更改API_USERNAME / KEY以匹配您的API凭证。 该脚本从SoftLayer全局IP地址获取第一个全局IP,然后将全局IP重新路由到系统。 在故障转移的情况下,BACKUP变成MASTER并运行将全球IP地址路由到自身的脚本。

testing

  1. curl http://<global_IP>
  2. 在主服务器上, service haproxy stop

  3. 在备份上: tail -f /var/log/syslog 。 你应该看到这样的东西: 

     Feb 12 01:11:55 proxy2-west Keepalived_vrrp[11816]: VRRP_Script(chk_haproxy) succeeded Feb 12 01:11:55 proxy2-west Keepalived_vrrp[11816]: SMTP alert successfully sent. Feb 12 01:12:29 proxy2-west Keepalived_vrrp[11816]: VRRP_Instance(VI_1) forcing a new MASTER election Feb 12 01:12:29 proxy2-west Keepalived_vrrp[11816]: VRRP_Instance(VI_1) forcing a new MASTER election Feb 12 01:12:30 proxy2-west Keepalived_vrrp[11816]: VRRP_Instance(VI_1) Transition to MASTER STATE Feb 12 01:12:31 proxy2-west Keepalived_vrrp[11816]: VRRP_Instance(VI_1) Entering MASTER STATE Feb 12 01:12:31 proxy2-west Keepalived_vrrp[11816]: Opening script file /usr/bin/reroute_global
  4. curl http://<global_IP> (它应该工作,如果故障转移工作)