728x90
HAProxy (High Availability Proxy)를 사용하여 고가용성 (High Availability) 구성을 구현하는 방법
- haproxy(로드밸런싱) : TCP/HTTP proxy and load balancer for high availability environments
- keepalived(이중화) : Load balancer and high availability service
구성 환경
서버 | 운영체제 | 아이피 | 패키지 | 비고 |
VIP | 192.168.0.100 | |||
master | CentOS 7.9 | 192.168.0.8 | haproxy, keepalived | |
backup | CentOS 7.9 | 192.168.0.9 | haproxy, keepalived | |
web | CentOS 7.9 | 192.168.0.7 | nginx - docker container |
keepalived 설정
MASTER 설정 변경
- keepalived.conf 편집
vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
}
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_script chk_haproxy {
script "killall -0 haproxy"
interval 2
weight 2
}
vrrp_instance VI_1 {
state MASTER
interface enp0s3
virtual_router_id 51
priority 200
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
unicast_src_ip 192.168.0.8
unicast_peer {
192.168.0.9
}
virtual_ipaddress {
192.168.0.100/24
}
track_script {
chk_haproxy
}
}
- IP 확인 결과
ip -brief address show
root@master:~$ ip -brief address show
lo UNKNOWN 127.0.0.1/8 ::1/128
enp0s3 UP 192.168.0.8/24 192.168.0.100/24 fe80::c81c:fb28:a0f6:eecc/64
enp0s8 UP
enp0s9 UP
728x90
BACKUP 설정 변경
- keepalived.conf 편집
vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
}
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_script chk_haproxy {
script "killall -0 haproxy"
interval 2
weight 2
}
vrrp_instance VI_1 {
state BACKUP
interface enp0s3
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
unicast_src_ip 192.168.0.9
unicast_peer {
192.168.0.8
}
virtual_ipaddress {
192.168.0.100/24
}
track_script {
chk_haproxy
}
}
IP 확인 결과
ip -brief address show
root@backup:~$ ip -brief address show
lo UNKNOWN 127.0.0.1/8 ::1/128
enp0s3 UP 192.168.0.9/24 fe80::3677:2cd:819d:bffc/64
enp0s8 UP
enp0s9 UP
haproxy 설정
- MASTER/BACKUP haproxy.cfg 편집
vim /etc/haproxy/haproxy.cfg
global
log 127.0.0.1 local2
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy
daemon
# turn on stats unix socket
stats socket /var/lib/haproxy/stats
#---------------------------------------------------------------------
# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
#---------------------------------------------------------------------
defaults
mode http
log global
option httplog
option dontlognull
option http-server-close
option forwardfor except 127.0.0.0/8
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 3000
#---------------------------------------------------------------------
# frontend which proxys to the backends
#---------------------------------------------------------------------
frontend FE-WEB-LB
bind *:80
mode http
default_backend BE-WEB-LB
#---------------------------------------------------------------------
# round robin balancing between the various backends
#---------------------------------------------------------------------
backend BE-WEB-LB
mode http
option httpchk GET /
http-check expect status 200
#default-server inter 10s downinter 5s rise 2 fall 2 slowstart 60s maxconn 250 maxqueue 256 weight 100
balance roundrobin
server app1_80 192.168.0.7:80 check
server app2_81 192.168.0.7:81 check
server app3_82 192.168.0.7:82 check
#---------------------------------------------------------------------
# round robin balancing between the various backends
#---------------------------------------------------------------------
listen stats *:9000
mode http
stats enable
stats hide-version
stats refresh 30s
stats show-node
stats realm HAProxy Statistics
stats uri /monitor
stats auth admin:admin
- 통계보고서 페이지 확인
http://192.168.0.8:9000/monitor
728x90
'리눅스' 카테고리의 다른 글
[draft] 시스템의 CPU 아키텍처를 확인하는 방법 (0) | 2023.06.05 |
---|---|
[리눅스] ftp 명령어 목록 (0) | 2023.06.04 |
우분투에서 Go 언어를 설치하는 방법 (0) | 2023.06.02 |
Nginx에서 POST 데이터를 Nginx 로그에 기록하는 방법 (0) | 2023.06.02 |
[draft] Hashicorp Vault를 사용하여 SSH CA를 구성하고 SSH 서버와 SSH 클라이언트를 연동하는 방법 (0) | 2023.06.01 |