重庆分公司,新征程启航
为企业提供网站建设、域名注册、服务器等服务
最小化安装centos7
一、 环境说明
mkdir /media/cdrom
mount /dev/cdrom /media/cdrom
vi /etc/fstab
/dev/cdrom /media/cdrom iso9660 defaults 0 0
cd /media/cdrom/Packages
rpm -ivh net-tools-….[tab]
rpm -ivh lrzsz…[tab]
3.关闭没必要的服务,禁止开机启动
[root@localhost ~]# systemctl disable postfix.service
[root@localhost ~]# systemctl disable firewalld.service
[root@localhost ~]# iptables -F
[root@localhost ~]# iptables -t nat –F
4.关闭selinux
[root@localhost sbin]# cat /etc/sysconfig/selinux
SELINUX=disabled
SELINUXTYPE=targeted
[root@localhost sbin]# getenforce
Enforcing
[root@localhost sbin]# setenforce 0
[root@localhost sbin]# getenforce
Permissive
5.关闭IPv6
[root@localhost keepalived]# cat /etc/default/grub
GRUB_TIMEOUT=5
GRUB_DISTRIBUTOR="$(sed 's, release .*$,,g' /etc/system-release)"
GRUB_DEFAULT=saved
GRUB_DISABLE_SUBMENU=true
GRUB_TERMINAL_OUTPUT="console"
GRUB_CMDLINE_LINUX="ipv6.disable=1 crashkernel=auto rhgb quiet"
GRUB_DISABLE_RECOVERY="true"
运行grub2-mkconfig -o /boot/grub2/grub.cfg重新生成grub.cfg文件
注:此操作需要重启才能生效
二、安装keepalived
下载地址http://www.keepalived.org/download.html
2.下载最新版本keepalived并将keepalived-2.0.7.tar.gz放在/usr/local/src/目录下,安装会用到openssl openssl-devel
[root@localhost src]# tar -zxvf keepalived-2.0.7.tar.gz
[root@localhost src]#cd /usr/local/src/keepalived-2.0.7
3.安装并配置keepalived
[root@localhost keepalived-2.0.7]# mkdir /usr/local/keepalived
[root@localhost keepalived-2.0.7]# ./configure --prefix=/usr/local/keepalived/
[root@localhost keepalived-2.0.7]# make && make install
[root@localhost ~]#mkdir /etc/keepalived
[root@localhost ~]#cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived
Killall需要安装psmisc
yum install –y psmisc
负载主配置:
[root@localhost keepalived]# cat keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {acassen@firewall.loc
br/>acassen@firewall.loc
br/>sysadmin@firewall.loc
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server localhost
smtp_connect_timeout 30
router_id NodeA
}
vrrp_script chk_haproxy {
script "killall -0 haproxy"
interval 2
weight -2
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
track_script{
chk_haproxy
}
virtual_ipaddress {
虚拟IP地址
}
}
负载备配置:
[root@localhost keepalived]# vim keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {acassen@firewall.loc
br/>acassen@firewall.loc
br/>sysadmin@firewall.loc
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server localhost
smtp_connect_timeout 30
router_id NodeA
}
vrrp_script chk_haproxy {
script "killall -0 haproxy"
interval 2
weight -2
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
track_script{
chk_haproxy
}
virtual_ipaddress {
虚拟IP地址(同主)
}
}
4.分别启动两个keepalive
[root@localhost /]# /usr/local/keepalived/sbin/keepalived -D
5.查看进程:ps aux | grep keepalived
[root@localhost ~]# ps aux | grep keepalived
root 828 0.0 0.0 40848 676 ? Ss 09:45 0:00 /usr/local/keepalived/sbin/keepalived -D
root 829 0.0 0.0 40848 1200 ? S 09:45 0:00 /usr/local/keepalived/sbin/keepalived -D
root 1101 0.0 0.0 112704 972 pts/0 S+ 09:46 0:00 grep --color=auto keepalived
测试:
Win7 ping 10.10.10.110 -t
将负载1网卡down掉10.10.10.110还能通
Win7 arp –a mac地址和负载1相同
将负载1网卡down掉 mac地址和负载2相同
至此HA测试成功
三、安装Haproxy
下载地址 http://pkgs.fedoraproject.org/repo/pkgs/haproxy/
3.添加配置文件(主备配置相同)
[root@localhost haproxy-1.8.13]# vim /etc/haproxy/haproxy.cfg
global
log 127.0.0.1 local0 info
#log 127.0.0.1 local3
#log 127.0.0.1 local1 notice
#log loghost local0 info
maxconn 4096
chroot /usr/local/haproxy
uid 99
gid 99
daemon
nbproc 2
pidfile /var/run/haproxy.pid
#debug
#quiet
defaults
#log global
log 127.0.0.1 local3
mode http
option httplog
option dontlognull
option forwardfor
option httpclose
retries 3
option redispatch
maxconn 5000
contimeout 20000
clitimeout 80000
srvtimeout 80000
stats uri /haproxy-admin
stats auth admin:(管理界面的密码)
stats hide-version
frontend http-in
bind *:80
mode http
option httplog
log global
default_backend (自定义名称)
backend (自定义名称)
balance roundrobin
cookie SESSION_COOKIE insert indirect nocache
option httpchk HEAD /loginkey.aspx HTTP/1.0
server 名称01 10.10.10.20:80 cookie 名称1 weight 5 check inter 2000 rise 2 fall 3
server 名称02 10.10.10.30:80 cookie 名称2 weight 3 check inter 2000 rise 2 fall 3
4.添加开机启动
[root@localhost examples]# cp /usr/local/src/haproxy-1.8.13/examples/haproxy.init /etc/init.d/haproxy
[root@localhost examples]# chmod 755 /etc/init.d/haproxy
[root@localhost examples]# chkconfig --add haproxy
[root@localhost examples]# ln -s /usr/local/sbin/haproxy /usr/sbin/haproxy
[root@localhost examples]# service haproxy start
Starting haproxy (via systemctl): [ OK ]
[root@localhost examples]# chkconfig haproxy on
[root@localhost examples]# netstat -anpt | grep haproxy
tcp 0 0 0.0.0.0:80 0.0.0.0: LISTEN 6836/haproxy
tcp 0 1 10.10.10.111:60196...:80 SYN_SENT 6836/haproxy
tcp 0 1 10.10.10.111:60198...*:80 SYN_SENT 6837/haproxy
另外有需要云服务器可以了解下创新互联cdcxhl.cn,海内外云服务器15元起步,三天无理由+7*72小时售后在线,公司持有idc许可证,提供“云服务器、裸金属服务器、高防服务器、香港服务器、美国服务器、虚拟主机、免备案服务器”等云主机租用服务以及企业上云的综合解决方案,具有“安全稳定、简单易用、服务可用性高、性价比高”等特点与优势,专为企业上云打造定制,能够满足用户丰富、多元化的应用场景需求。