haproxy反向代理服务器支持双机热备支持虚拟主机,其配置简单,拥有非常不错的服务器健康检查功能。当其代理的后端服务器出现故障,haproxy会自动将该服务器摘除,故障恢复后再自动将该服务器加入。这里有两台haproxy机器,分别安装keepalived,组成热备形式。作用:当一台有问题,另一台可以在1秒内接管。
xinetd服务的作用是检测端口,本文中使用8890端口。haproxy用http协议检测这个端口是否正常。
mysql同步状态脚本,是放在从库本地,由xinetd服务来激活脚本,正常就会输出200状态码给haproxy,证明从库正常;否则,就剔除。(这里就可以加上短信报警了)
系统架构图
使用软件
haproxy 1.4.16 keepalived 1.1.20 xinetd 2.3.14 mysql 同步状态脚本 0.2 一、系统约定
系统环境
os:centos 5.6 x86_64 master:192.168.1.65 backup:192.168.1.66 vip:192.168.1.67 serivce port:3306 工作流程
准备工作:应用配置好slave的vip 192.168.1.67 端口3306
(1)应用服务器
(2)连接haproxy的vip 192.168.1.67:3306,根据算法,分配到一台slave。
(3)检测slave的8890端口是否返回http 200状态码。
(4)返回200 状态码,haproxy 返回正常,继续服务。
(5)返回503,剔除该slave,并将mysql请求转发到另外一台slave。
(6)有问题的slave,发送短信报警,相关人员检查。
二、keepalived 1.1.20的安装于配置
#cd /var/tmp/#wget http://www.keepalived.org/software/keepalived-1.1.20.tar.gz#tar zxvf keepalived-1.1.20.tar.gz#cd keepalived-1.1.20#./configure –prefix=/usr#make && make install#cp /usr/etc/rc.d/init.d/keepalived /etc/rc.d/init.d/#cp /usr/etc/sysconfig/keepalived /etc/sysconfig/#mkdir /etc/keepalivedvim /etc/keepalived/keepalived.conf! configuration file for keepalivedglobal_defs { notification_email { coralzd@gmail.com } notification_email_from coralzd@gmail.com smtp_server 192.168.1.1 smtp_connect_timeout 30 router_id lvs_devel}vrrp_script chk_haproxy { script killall -0 haproxy interval 2 weight 2 }vrrp_instance vi_1 { state master interface eth0 virtual_router_id 50 priority 150 advert_int 1 authentication { auth_type pass auth_pass 1111 } track_interface { eth0 } virtual_ipaddress { 192.168.1.67 } track_script { chk_haproxy } }
三、haproxy 1.4.16的安装与配置
#cd /var/tmp/#wget http://haproxy.1wt.eu/download/1.4/src/haproxy-1.4.16.tar.gz#tar -zxvf haproxy-1.4.16.tar.gz#cd haproxy-1.4.16#make install#mkdir -p /usr/local/haproxy/etc#mkdir -p /usr/local/haproxy/sbin#cp examples/haproxy.cfg /usr/local/haproxy/etc#ln -s /usr/local/sbin/haproxy /usr/local/haproxy/sbin/haproxy#mkdir /usr/share/haproxy/etc/haproxy/haproxy.cfgglobal log 127.0.0.1 local1 notice maxconn 4096 chroot /usr/share/haproxy uid 99 gid 99 daemon #debug #quietdefaults log global mode http #option httplog option dontlognull retries 3 option redispatch maxconn 2000 contimeout 5000 clitimeout 50000 srvtimeout 50000listen dzw_mysql_slave 192.168.1.67:3306 #cookie serverid rewrite mode tcp maxconn 200 balance roundrobin option httpchk options * http/1.1\r\nhost:\ www server mysql_192_168_1_23 192.168.1.23:3306 check port 8890 inter 5s rise 2 fall 3 server mysql_192_168_1_24 192.168.1.24:3306 check port 8890 inter 5s rise 2 fall 3 srvtimeout 20000 listen admin_status mode http bind 192.168.1.65:8899 option httplog log global stats enable stats refresh 10s stats hide-version stats realm haproxy\ statistics stats uri /admin-status stats auth admin:123456 stats admin if true
haproxy 启动脚本
/etc/init.d/haproxy#!/bin/sh## chkconfig: - 85 15# description: ha-proxy is a tcp/http reverse proxy which is particularly suited \# for high availability environments.# processname: haproxy# config: /etc/haproxy/haproxy.cfg# pidfile: /var/run/haproxy.pid# script author: simon matter # version: 2004060600# source function library.if [ -f /etc/init.d/functions ]; then . /etc/init.d/functionselif [ -f /etc/rc.d/init.d/functions ] ; then . /etc/rc.d/init.d/functionselse exit 0fi# source networking configuration.. /etc/sysconfig/network# check that networking is up.[ ${networking} = no ] && exit 0# this is our service namebasename=haproxyif [ -l ___fckpd___2 ]; then basename=`find ___fckpd___2 -name $basename -printf %l` basename=`basename $basename`fi[ -f /etc/$basename/$basename.cfg ] || exit 1retval=0start() { /usr/sbin/$basename -c -q -f /etc/$basename/$basename.cfg if [ $? -ne 0 ]; then echo errors found in configuration file, check it with '$basename check'. return 1 fi echo -n starting $basename: daemon /usr/sbin/$basename -d -f /etc/$basename/$basename.cfg -p /var/run/$basename.pid retval=$? echo [ $retval -eq 0 ] && touch /var/lock/subsys/$basename return $retval}stop() { echo -n shutting down $basename: killproc $basename -usr1 retval=$? echo [ $retval -eq 0 ] && rm -f /var/lock/subsys/$basename [ $retval -eq 0 ] && rm -f /var/run/$basename.pid return $retval}restart() { /usr/sbin/$basename -c -q -f /etc/$basename/$basename.cfg if [ $? -ne 0 ]; then echo errors found in configuration file, check it with '$basename check'. return 1 fi stop start}reload() { /usr/sbin/$basename -c -q -f /etc/$basename/$basename.cfg if [ $? -ne 0 ]; then echo errors found in configuration file, check it with '$basename check'. return 1 fi /usr/sbin/$basename -d -f /etc/$basename/$basename.cfg -p /var/run/$basename.pid -sf $(cat /var/run/$basename.pid)}check() { /usr/sbin/$basename -c -q -v -f /etc/$basename/$basename.cfg}rhstatus() { status $basename}condrestart() { [ -e /var/lock/subsys/$basename ] && restart || :}# see how we were called.case $1 in start) start ;; stop) stop ;; restart) restart ;; reload) reload ;; condrestart) condrestart ;; status) rhstatus ;; check) check ;; *) echo ___fckpd___2quot;usage: $basename {start|stop|restart|reload|condrestart|status|check} exit 1esac exit $?chkconfig –add haproxy chkconfig haproxy onservice haproxy start
四、xinetd安装和配置
yum install -y xinetdvim /etc/xinetd.d/mysql_status.shservice mysqlrep_status{ flags = reuse socket_type = stream port = 8890 wait = no user = nobody server = /usr/local/bin/mysqlrep_status.sh log_on_failure += userid disable = no }
重启xinetd
service xinetd restart
mysql同步检测脚本(脚本检测同步sql和io进程是否都为真,以及select是否达到20个进程以上)
#!/bin/bash # # /usr/local/bin/mysqlchk_status.sh # # this script checks if a mysql server is healthy running on localhost. it will # return: # # http/1.x 200 ok\r (if mysql is running smoothly) # # – or – # # http/1.x 503 internal server error\r (else) # mysql_host=localhostmysql_port=3306mysql_username=repdb63mysql_password=mylqs9eyex7s# # we perform a simple query that should return a few results #/usr/local/mysql/bin/mysql -hlocalhost –urepdb63 –pmylqs9eyex7s -e show slave status\g; > /tmp/rep.txtmysql -urepdb63 -pmylqs9eyex7s -e show full processlist; >/tmp/processlist.txtmysql -urepdb63 -pmylqs9eyex7s -e show slave status\g; >/tmp/rep.txtiostat=`grep slave_io_running /tmp/rep.txt |awk '{print $2}'` sqlstat=`grep slave_sql_running /tmp/rep.txt |awk '{print $2}'` result=$(cat /tmp/processlist.txt|wc -l)#echo iostat:$iostat and sqlstat:$sqlstat # if slave_io_running and slave_sql_running ok,then return 200 code if [ $result -lt 20 ] && [ $iostat = yes ] && [ $sqlstat = yes ];then # mysql is fine, return http 200 /bin/echo -e http/1.1 200 ok\r\n else # mysql is down, return http 503 /bin/echo -e http/1.1 503 service unavailable\r\n fi
注意:在mysql slave另行建立一个具有process和slave_client权限的账号。
作者简介:崔晓辉,网名coralzd,大众网系统管理员,精通网站系统架构、unix技术。gtalk:coralzd@gmail.com