一、准备Web服务器(docker+httpd)
# 准备好httpd容器作为备用web服务器,使用httpd或tomcat程序也可以:
1 [root@k8s-master1 ~]# docker images 2 REPOSITORY TAG IMAGE ID CREATED SIZE 3 httpd latest 683a7aad17d3 4 months ago 138MB
# 查看8080和8081端口是否被占用:
[root@k8s-master1 ~]# ss -apn | grep "8080\|8081"
# 运行2个httpd容器,使用宿主机的8080和8081端口:
[root@k8s-master1 ~]# docker run -itd -p 8080:80 --name http80 httpd
[root@k8s-master1 ~]# docker run -itd -p 8081:80 --name http81 httpd
# 测试运行是否正常:
1 [root@k8s-master1 ~]# curl 127.0.0.1:8080 2 <html><body><h1>It works!</h1></body></html> 3 [root@k8s-master1 ~]# curl 127.0.0.1:8081 4 <html><body><h1>It works!</h1></body></html>
# 进入容器中,修改页面文件:
[root@k8s-master1 ~]# docker exec -it http80 /bin/bash ……apache2# echo "This is 201:8080">/usr/local/apache2/htdocs/index.html ……apache2# exit
# 测试修改结果:
[root@k8s-master1 ~]# curl 127.0.0.1:8080 This is 201:8080 [root@k8s-master1 ~]# curl 127.0.0.1:8081 This is 201:8081
# 确认防火墙已关闭,或已放行端口:
[root@k8s-master1 ~]# firewall-cmd --list-all FirewallD is not running
# 到客户机测试能否正常连接http页面:
[root@CeOS7-64-1 ~]# curl 172.31.0.201:8080 This is 201:8080 [root@CeOS7-64-1 ~]# curl 172.31.0.201:8081 This is 201:8081
1.1 配置主用web服务器(httpd程序)
# 确认httpd运行正常:
[root@OutGUI-Httpd-1 ~]# systemctl status httpd ● httpd.service - The Apache HTTP Server Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset: disabled) Active: active (running) since Thu 2021-05-20 00:21:15 CST; 3 days ago
# 确认端口号:
[root@OutGUI-Httpd-1 ~]# ss -apn | grep httpd tcp LISTEN 0 128 *:80
# HTTP测试:
[root@OutGUI-Httpd-1 ~]# curl 127.0.0.1 <h1 style="text-align:center;">Httpd,This is 135!</h1>
二、配置haproxy
# 在LB服务器上放行LB监听的端口:
[root@GUI-HAporxy-1 ~]# firewall-cmd --add-port=8090/tcp success [root@GUI-HAporxy-1 ~]# firewall-cmd --add-port=8090/tcp --permanent success
# 配置文件中frontend和backend配置如下:
frontend 20210424-test bind 172.31.0.137:8090 #监听端口已放行; # acl url_static path_beg -i /static /images /javascript /stylesheets # acl url_static path_end -i .jpg .gif .png .css .js use_backend 20210424-test # if url_static # default_backend app #--------------------------------------------------------------------- # static backend for serving up images, stylesheets and such #--------------------------------------------------------------------- backend 20210424-test balance roundrobin cookie ServID insert nocache # stick-table type ip size 5k expire 1m #取消粘滞会话保持; # stick on src # 2台主用服务器: server web135 172.31.0.135:80 cookie Serv135 weight 4 check inter 3s server web136 172.31.0.136:80 cookie Serv136 weight 2 check inter 3s # 以下是2台备用服务器: server web8080 172.31.0.201:8080 cookie Serv8080 weight 4 check inter 3s backup #备用服务器1; server web8081 172.31.0.201:8081 cookie Serv8081 weight 2 check inter 3s backup #备用服务器2;
# 重载haproxy配置:
[root@GUI-HAporxy-1 ~]# systemctl reload haproxy.service
# 确认后端服务器状态正常,通过web查看更直观:
# 测试正常情况下的负载均衡状态,符合权重设置的4:2:
[root@CeOS7-64-1 ~]# for i in {1..6};do curl 172.31.0.137:8090;done <h1 style="text-align:center;">Httpd,This is 135!</h1> <h1 style="text-align:center;">Httpd,This is 135!</h1> <h1 style="text-align:center;">Httpd,This is 136!</h1> <h1 style="text-align:center;">Httpd,This is 135!</h1> <h1 style="text-align:center;">Httpd,This is 135!</h1> <h1 style="text-align:center;">Httpd,This is 136!</h1>
三、分组切换测试
# 强制下线2台主用服务器:
# 再次测试负载均衡,发现仅有一台备用服务器在工作:
[root@CeOS7-64-1 ~]# for i in {1..6};do curl 172.31.0.137:8090;done This is 201:8080 This is 201:8080 This is 201:8080 This is 201:8080 This is 201:8080 This is 201:8080
# 下边在backend中增加一条配置:
backend 20210424-test balance roundrobin cookie ServID insert nocache option allbackups #同时启用所有的备用服务器; # stick-table type ip size 5k expire 1m # stick on src server web135 172.31.0.135:80 cookie Serv135 weight 4 check inter 3s server web136 172.31.0.136:80 cookie Serv136 weight 2 check inter 3s server web8080 172.31.0.201:8080 cookie Serv8080 weight 4 check inter 3s backup server web8081 172.31.0.201:8081 cookie Serv8081 weight 2 check inter 3s backup
# 重载haproxy配置,之后记得下线主服务器:
[root@GUI-HAporxy-1 ~]# systemctl reload haproxy.service
# 再次测试,发现备用服务器均正常工作,实现了分组负载的效果:
[root@CeOS7-64-1 ~]# for i in {1..6};do curl 172.31.0.137:8090;done This is 201:8080 This is 201:8080 This is 201:8081 This is 201:8080 This is 201:8080 This is 201:8081