Haproxy+Keepalived+MariaDB(Galera集群)
1. 环境
1.1 操作系统:CentOS 7.*
1.2 机器:
- 192.16.16.108 haproxy01(haproxy+keepalived)
- 192.16.16.109 haproxy02(haproxy+keepalived)
- 192.16.16.100 mysql01(mariadb)
- 192.16.16.101 mysql02(mariadb)
2. 准备工作
2.1 关闭防火墙(所有服务器)
# systemctl stop firewalld.service
# systemctl disable firewalld.service
# setenforce 0
# sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config
2.2 修改/etc/hosts文件
# cat <<END >>/etc/hosts
192.16.16.108 haproxy01
192.16.16.109 haproxy02
192.16.16.100 mysql01
192.16.16.101 mysql02
END
3. 配置MariaDB(Galera集群)
3.1 运行在mysql01和mysql02
# yum install epel-release -y
# yum install centos-release-openstack-newton -y
# yum makecache
# yum install mariadb mariadb-server-galera galera rsync -y
# cd /etc/my.cnf.d
# cp galera.cnf galera.cnf.bak
# cp mariadb-server.cnf mariadb-server.cnf.bak
# cat <<END >mariadb-server.cnf
[mysqld]
###默认配置###
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
log-error=/var/log/mariadb/mariadb.log
pid-file=/var/run/mariadb/mariadb.pid
###新增配置###
bind-address = 192.16.16.100 or 192.16.16.101
default-storage-engine = innodb
innodb_file_per_table
max_connections = 4096
collation-server = utf8_general_ci
character-set-server = utf8
END
# cat <<END >galera.cnf
[mysqld]
###新增配置###
wsrep_on=ON
binlog_format=ROW
default-storage-engine=innodb
bind-address=192.16.16.100 or 192.16.16.101
wsrep_provider=/usr/lib64/galera/libgalera_smm.so
wsrep_cluster_name="my_wsrep_cluster"
wsrep_cluster_address="gcomm://mysql01,mysql02"
wsrep_node_name=mysql01 or mysql02
wsrep_node_address=192.16.16.100 or 192.16.16.101
wsrep_sst_method=rsync
wsrep_sst_auth=root:
###默认配置###
wsrep_slave_threads=1
innodb_autoinc_lock_mode=2
wsrep_certify_nonPK=1
wsrep_max_ws_rows=131072
wsrep_max_ws_size=1073741824
wsrep_debug=0
wsrep_convert_LOCK_to_trx=0
wsrep_retry_autocommit=1
wsrep_auto_increment_control=1
wsrep_drupal_282555_workaround=0
wsrep_causal_reads=0
wsrep_notify_cmd=
END
3.2 运行在mysql01上
# galera_new_cluster
# mysql_secure_installation
3.3 运行在mysql02上
# systemctl start mariadb.service
# mysql_secure_installation
3.4 验证Galera集群
- 登录mysql01
- 创建数据库test_galera
- 登录mysql02,查看是否存在test_galera数据库
- 如果存在,则创建成功
- 如果不存在,则检查日志/var/log/mariadb/mariadb.log
4. 安装配置keepalived
4.1 运行在haproxy01和haproxy02上
# yum install keepalived -y
# cd /etc/keepalived
# cp keepalived.conf keepalived.conf.bak
# cat <<END >notify.sh
#!/bin/bash
case "$1" in
master)
systemctl start haproxy.service
exit 0
;;
backup)
systemctl stop haproxy.service
exit 0
;;
fault)
systemctl stop haproxy.service
exit 0
;;
*)
echo "Usage: `basename $0` {master|backup|fault}"
exit 1
;;
esac
END
4.2 运行在haproxy01上
# cat <<END >keepalived.conf
global_defs {
router_id haproxy01
}
vrrp_instance VI_1 {
state MASTER
virtual_router_id 51
interface ens33
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass e6895c34dc6b711d
}
virtual_ipaddress {
192.16.16.10/24
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
END
# systemctl restart keepalived.service
4.3 运行在haproxy02上
# cat <<END >keepalived.conf
global_defs {
router_id haproxy02
}
vrrp_instance VI_1 {
state BACKUP
virtual_router_id 51
interface ens33
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass e6895c34dc6b711d
}
virtual_ipaddress {
192.16.16.10/24
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
END
# systemctl restart keepalived.service
4.4 查看VIP
- 可以在haproxy01上查看到secondary ip(VIP)
- 在haproxy01上,执行
# systemctl stop keepalived.service,可以查看到haproxy01上VIP消失 - 登录haproxy02上,可以查看到secondary ip(VIP)
- 重新启动haproxy01上的keepalived服务,VIP回到haproxy01上
5. 安装配置HAproxy
5.1 运行在haproxy01和haproxy02上
# yum install haproxy -y
# cd /etc/haproxy
# cp haproxy.cfg haproxy.cfg.bak
5.2 运行在haproxy01上
# cat <<END >haproxy.cfg
global
log 127.0.0.1 local2
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy
daemon
stats socket /var/lib/haproxy/stats
defaults
mode http
log global
# option httplog
option dontlognull
option http-server-close
# option forwardfor except 127.0.0.0/8
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 3000
listen stats
bind 192.16.16.10:1080
mode http
option httplog
maxconn 10
stats refresh 30s
stats uri /stats
stats realm XingCloud\ Haproxy
stats auth admin:admin
stats hide-version
stats admin if TRUE
#listen webserver
# bind 192.16.16.10:8080
# balance roundrobin
# mode http
# option httplog
# server mysql01 192.16.16.100:80 check inter 1500 rise 3 fall 3 weight 1
# server mysql02 192.16.16.101:80 check inter 1500 rise 3 fall 3 weight 1
listen mysqldb
bind 192.16.16.10:3307
balance roundrobin
mode tcp
option tcpka
option httpchk
server mysql01 192.16.16.100:3306 weight 1
server mysql02 192.16.16.101:3306 weight 1
END
# systemctl restart haproxy.service
5.6 运行在haproxy02上
# cat <<END >haproxy.cfg
global
log 127.0.0.1 local2
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy
daemon
stats socket /var/lib/haproxy/stats
defaults
mode http
log global
# option httplog
option dontlognull
option http-server-close
# option forwardfor except 127.0.0.0/8
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 3000
listen stats
bind 192.16.16.10:1080
mode http
option httplog
maxconn 10
stats refresh 30s
stats uri /stats
stats realm XingCloud\ Haproxy
stats auth admin:admin
stats hide-version
stats admin if TRUE
#listen webserver
# bind 192.16.16.10:8080
# balance roundrobin
# mode http
# option httplog
# server mysql01 192.16.16.100:80 check inter 1500 rise 3 fall 3 weight 1
# server mysql02 192.16.16.101:80 check inter 1500 rise 3 fall 3 weight 1
listen mysqldb
bind 192.16.16.10:3307
balance roundrobin
mode tcp
option tcpka
option httpchk
server mysql01 192.16.16.100:3306 weight 1
server mysql02 192.16.16.101:3306 weight 1
END
6. 验证haproxy是否生效
- 首先访问192.16.16.10::1080/stats,admin/admin认证
- 可以看到mysqldb中的session处,两个都为0
- 现在通过客户端,访问192.16.16.10:3307,root/123456,访问4次
- 此时,可以看到mysql01和mysql02都有2个session,总共是4次,即表示两个节点都访问了2次,符合haproxy的roundrobin策略
7. 验证keepalived是否生效
- 在上个验证的基础上,在haproxy01上执行
# systemctl stop keepalived.service命令 - 再次访问192.16.16.10:1080/stats,admin/admin认证,能成功访问