Redis Sentinel - HAProxy을 이용한 Client 통신

Redis Sentinel – HAProxy을 이용한 Client 통신

Redis Master에게 장애 발생시 Redis Sentinel에 의해 Redis Slave가 Master 역활을 할 수 있도록 하여
Failver에 대한 장애처리를 할 수있는 방법을 알아보았습니다.

HAProxy 는 사실 redis 랑은 무관하며. 이것은 L4/L7 의 기능을 제공하는 소프트웨어 로드 밸런서입니다.

Redis salve Master가 되었을 때 Client는 여전히 기존의 장애가 발생한 Redis Master참조할 것 입니다.
이러한 부분을 HAProxy를 활용하여 Client가 변경된 Redis Master을 정상적으로 참조할 수 있도록 구성하는 방법을 알아보겠습니다.

Client는 HAProxy를 통해 Redis와 통신을 합니다.
HAProxy는 Redis Master 와 5000 Port로 통신을 하고
Redis Slave와 5001 Port로 통신을 하게 구성합니다.

Redis Master에 장애가 발생하여 Redis Slave가 새로운 Redis Master로 승격되어도
HAProxy는 승격된 Redis Master와 5000 Port를 통해 통신할 수 있으므로 Client 또한 승격된 Redis Master와 통신할 수 있습니다.

HAProxy 설치전 Redis Replication , Redis Sentinel 참조하여 설치후에 진행하시기 바랍니다.

그럼 HAProxy 설치 및 설정방법에 대해 설명하겠습니다.

1. HAProxy Install

http://www.haproxy.org/ 에서 버전을 확인하실 수 있으며, 1.8.19 버전기준으로 작성합니다.

wget http://www.haproxy.org/download/1.8/src/haproxy-1.8.19.tar.gz
tar -xvf haproxy-1.8.19.tar.gz
cd haproxy-1.8.19

wget http://www.haproxy.org/download/1.8/src/haproxy-1.8.19.tar.gz

tar -xvf haproxy-1.8.19.tar.gz

cd haproxy-1.8.19

README 파일의 내용을 확인후 커널에 맞는 컴파일을 해야합니다.

cat README

1	cat README

README 파일의 내용중 중간쯤에 보시면 아래와 같은 내용을 참조하시면 됩니다.

   To build haproxy, you have to choose your target OS amongst the following ones
   and assign it to the TARGET variable :

     - linux22     for Linux 2.2
     - linux24     for Linux 2.4 and above (default)
     - linux24e    for Linux 2.4 with support for a working epoll (> 0.21)
     - linux26     for Linux 2.6 and above
     - linux2628   for Linux 2.6.28, 3.x, and above (enables splice and tproxy)
     - solaris     for Solaris 8 or 10 (others untested)
     - freebsd     for FreeBSD 5 to 10 (others untested)
     - netbsd      for NetBSD
     - osx         for Mac OS/X
     - openbsd     for OpenBSD 5.7 and above
     - aix51       for AIX 5.1
     - aix52       for AIX 5.2
     - cygwin      for Cygwin
     - haiku       for Haiku
     - generic     for any other OS or version.
     - custom      to manually adjust every setting

To build haproxy, you have to choose your target OS amongst the following ones

and assign it to the TARGET variable :

- linux22 for Linux 2.2

- linux24 for Linux 2.4 and above (default)

- linux24e for Linux 2.4 with support for a working epoll (> 0.21)

- linux26 for Linux 2.6 and above

- linux2628 for Linux 2.6.28, 3.x, and above (enables splice and tproxy)

- solaris for Solaris 8 or 10 (others untested)

- freebsd for FreeBSD 5 to 10 (others untested)

- netbsd for NetBSD

- osx for Mac OS/X

- openbsd for OpenBSD 5.7 and above

- aix51 for AIX 5.1

- aix52 for AIX 5.2

- cygwin for Cygwin

- haiku for Haiku

- generic for any other OS or version.

- custom to manually adjust every setting

HAProxy을 컴파일합니다.

make TARGET=linux2628

1	make TARGET=linux2628

   HAPROXY_VERSION=\"1.8.19\" -DCONFIG_HAPROXY_DATE=\"2019/02/11\" -c -o src/hash.o src/hash.c
   .....
   -lcrypt -ldl -lpthread

HAPROXY_VERSION=\"1.8.19\" -DCONFIG_HAPROXY_DATE=\"2019/02/11\" -c -o src/hash.o src/hash.c

.....

-lcrypt -ldl -lpthread

make install

1	make install

   install -d "/usr/local/sbin"
   install haproxy  "/usr/local/sbin"
   install -d "/usr/local/share/man"/man1
   install -m 644 doc/haproxy.1 "/usr/local/share/man"/man1
   install -d "/usr/local/doc/haproxy"
   for x in configuration management proxy-protocol architecture peers-v2.0 cookie-options lua WURFL-device-detection linux-syn-cookies network-namespaces DeviceAtlas-device-detection 51Degrees-device-detection netscaler-client-ip-insertion-protocol peers close-options SPOE intro; do \
         install -m 644 doc/$x.txt "/usr/local/doc/haproxy" ; \
   done

install -d "/usr/local/sbin"

install haproxy "/usr/local/sbin"

install -d "/usr/local/share/man"/man1

install -m 644 doc/haproxy.1 "/usr/local/share/man"/man1

install -d "/usr/local/doc/haproxy"

for x in configuration management proxy-protocol architecture peers-v2.0 cookie-options lua WURFL-device-detection linux-syn-cookies network-namespaces DeviceAtlas-device-detection 51Degrees-device-detection netscaler-client-ip-insertion-protocol peers close-options SPOE intro; do \

install -m 644 doc/$x.txt "/usr/local/doc/haproxy" ; \

done

/etc 에 haproxy 디렉토리 생성 및 haproxy start shell script를 복사합니다.

mkdir /etc/haproxy
cp ./examples/haproxy.init /etc/init.d/haproxy
chmod 755 /etc/init.d/haproxy
cp /usr/local/sbin/haproxy /usr/sbin/haproxy

mkdir /etc/haproxy

cp ./examples/haproxy.init /etc/init.d/haproxy

chmod 755 /etc/init.d/haproxy

cp /usr/local/sbin/haproxy /usr/sbin/haproxy

2.haproxy config 설정

/etc/haproxy/haproxy.cfg 에 파일을 생성합니다.

touch /etc/haproxy/haproxy.cfg
vi /etc/haproxy/haproxy.cfg

1 2	touch /etc/haproxy/haproxy.cfg vi /etc/haproxy/haproxy.cfg

아래의 내용을 Copy & Paste 합니다.

   #########################################################################################################
   global
    daemon
    maxconn 1000000

   defaults REDIS
    mode tcp
    timeout connect  4s
    timeout server  15s
    timeout client  15s
    timeout tunnel 365d

   frontend ft_redis_master
    bind *:5000 name redis
    default_backend bk_redis_master

   backend bk_redis_master
    #tcp-check를 통해 접근가능한 서버 필터링
    option tcp-check						
    #Redis password
    tcp-check send AUTH\ mypassword\r\n
    tcp-check expect string +OK
    tcp-check send PING\r\n
    tcp-check expect string +PONG
    #info replication 명령을 날려 Redis에 대한 정보를 받아옵니다
    tcp-check send info\ replication\r\n
    #role이 master인지 확인 합니다.
    tcp-check expect string role:master
    #repl_backlog_active의 값이 1인지 확인합니다 
    #이 조건을 추가한 이유는 Failover간 잠시의 시간동안 Master가 2대가 되는데 그것을 방지 하기 위함입니다.
    #[Master Redis에만 1, slave는 0]
    tcp-check expect string repl_backlog_active:1 
    tcp-check send QUIT\r\n
    tcp-check expect string +OK
    
    # Redis Master And Redis Slave List
    #1초 단위로 해당 ip의 port로 체크합니다.
    server R1 10.0.0.201:6379 check inter 1s
    server R2 10.0.0.211:6379 check inter 1s
    server R3 10.0.0.212:6379 check inter 1s
    server R4 10.0.0.213:6379 check inter 1s

   frontend ft_redis_slave
    bind *:5001 name redis
    default_backend bk_redis_slave

   backend bk_redis_slave
    #라운드 로빈 방식으로 분배
    balance roundrobin
    option tcp-check
    #Redis password
    tcp-check send AUTH\ mypassword\r\n
    tcp-check expect string +OK
    tcp-check send PING\r\n
    tcp-check expect string +PONG
    tcp-check send info\ replication\r\n
    tcp-check expect string role:slave
    tcp-check send QUIT\r\n
    tcp-check expect string +OK
    
    # Redis Master And Redis Slave List
    server R1 10.0.0.201:6379 check inter 1s
    server R2 10.0.0.211:6379 check inter 1s
    server R3 10.0.0.212:6379 check inter 1s
    server R4 10.0.0.213:6379 check inter 1s

   #listen 은 haproxy 의 모니터링
   #Listen on all IP's on port 9000
   listen stats 
    bind 0.0.0.0:9000
    mode http
    balance
    timeout client 5000
    timeout connect 4000
    timeout server 30000

    #This is the virtual URL to access the stats page
    stats uri /stats

    #Authentication realm. This can be set to anything. Escape space characters with a backslash.
    stats realm HAProxy\ Statistics

    #The user/pass you want to use. Change this password!
    #WebUI userId / password
    stats auth haproxy:password

    #This allows you to take down and bring up back end servers.
    #This will produce an error on older versions of HAProxy.
    stats admin if TRUE

   #########################################################################################################

#########################################################################################################

global

daemon

maxconn 1000000

defaults REDIS

mode tcp

timeout connect 4s

timeout server 15s

timeout client 15s

timeout tunnel 365d

frontend ft_redis_master

bind *:5000 name redis

default_backend bk_redis_master

backend bk_redis_master

#tcp-check를 통해 접근가능한 서버 필터링

option tcp-check

#Redis password

tcp-check send AUTH\ mypassword\r\n

tcp-check expect string +OK

tcp-check send PING\r\n

tcp-check expect string +PONG

#info replication 명령을 날려 Redis에 대한 정보를 받아옵니다

tcp-check send info\ replication\r\n

#role이 master인지 확인 합니다.

tcp-check expect string role:master

#repl_backlog_active의 값이 1인지 확인합니다

#이 조건을 추가한 이유는 Failover간 잠시의 시간동안 Master가 2대가 되는데 그것을 방지 하기 위함입니다.

#[Master Redis에만 1, slave는 0]

tcp-check expect string repl_backlog_active:1

tcp-check send QUIT\r\n

tcp-check expect string +OK

# Redis Master And Redis Slave List

#1초 단위로 해당 ip의 port로 체크합니다.

server R1 10.0.0.201:6379 check inter 1s

server R2 10.0.0.211:6379 check inter 1s

server R3 10.0.0.212:6379 check inter 1s

server R4 10.0.0.213:6379 check inter 1s

frontend ft_redis_slave

bind *:5001 name redis

default_backend bk_redis_slave

backend bk_redis_slave

#라운드 로빈 방식으로 분배

balance roundrobin

option tcp-check

#Redis password

tcp-check send AUTH\ mypassword\r\n

tcp-check expect string +OK

tcp-check send PING\r\n

tcp-check expect string +PONG

tcp-check send info\ replication\r\n

tcp-check expect string role:slave

tcp-check send QUIT\r\n

tcp-check expect string +OK

# Redis Master And Redis Slave List

server R1 10.0.0.201:6379 check inter 1s

server R2 10.0.0.211:6379 check inter 1s

server R3 10.0.0.212:6379 check inter 1s

server R4 10.0.0.213:6379 check inter 1s

#listen 은 haproxy 의 모니터링

#Listen on all IP's on port 9000

listen stats

bind 0.0.0.0:9000

mode http

balance

timeout client 5000

timeout connect 4000

timeout server 30000

#This is the virtual URL to access the stats page

stats uri /stats

#Authentication realm. This can be set to anything. Escape space characters with a backslash.

stats realm HAProxy\ Statistics

#The user/pass you want to use. Change this password!

#WebUI userId / password

stats auth haproxy:password

#This allows you to take down and bring up back end servers.

#This will produce an error on older versions of HAProxy.

stats admin if TRUE

#########################################################################################################

3.커널 수정

# 패킷 포워딩 활성화	
sed -i 's/net.ipv4.ip_forward = 0/net.ipv4.ip_forward = 1/g' /etc/sysctl.conf
echo "net.ipv4.ip_nonlocal_bind = 1" >> /etc/sysctl.conf
echo "fs.file-max = 10000000" >> /etc/sysctl.conf 
echo "fs.nr_open = 10000000" >> /etc/sysctl.conf 
echo "net.ipv4.tcp_mem = 786432 1697152 1945728" >> /etc/sysctl.conf 
echo "net.ipv4.tcp_rmem = 4096 4096 16777216" >> /etc/sysctl.conf 
echo "net.ipv4.tcp_wmem = 4096 4096 16777216" >> /etc/sysctl.conf 
echo "net.ipv4.ip_local_port_range = 1000 65535" >> /etc/sysctl.conf 

sysctl -p

echo "* soft nofile 10000000" >> /etc/security/limits.conf
echo "* hard nofile 10000000" >> /etc/security/limits.conf
echo "root hard nofile 10000000" >> /etc/security/limits.conf
echo "root soft nofile 10000000" >> /etc/security/limits.conf

# 패킷 포워딩 활성화

sed -i 's/net.ipv4.ip_forward = 0/net.ipv4.ip_forward = 1/g' /etc/sysctl.conf

echo "net.ipv4.ip_nonlocal_bind = 1" >> /etc/sysctl.conf

echo "fs.file-max = 10000000" >> /etc/sysctl.conf

echo "fs.nr_open = 10000000" >> /etc/sysctl.conf

echo "net.ipv4.tcp_mem = 786432 1697152 1945728" >> /etc/sysctl.conf

echo "net.ipv4.tcp_rmem = 4096 4096 16777216" >> /etc/sysctl.conf

echo "net.ipv4.tcp_wmem = 4096 4096 16777216" >> /etc/sysctl.conf

echo "net.ipv4.ip_local_port_range = 1000 65535" >> /etc/sysctl.conf

sysctl -p

echo "* soft nofile 10000000" >> /etc/security/limits.conf

echo "* hard nofile 10000000" >> /etc/security/limits.conf

echo "root hard nofile 10000000" >> /etc/security/limits.conf

echo "root soft nofile 10000000" >> /etc/security/limits.conf

4.서비스등록

chkconfig --add haproxy
chkconfig --level 345 haproxy on
/etc/init.d/haproxy start

chkconfig --add haproxy

chkconfig --level 345 haproxy on

/etc/init.d/haproxy start

5.WebUI 접속

http://haproxyIP:9000/stats

Redis Sentinel – HAProxy을 이용한 Client 통신