转自 https://www.jianshu.com/p/95cc6e875456 Keepalived+haproxy实现高可用负载均衡 Master 192.168.0.69 haproxy、keepalived Centos7.4 backup 192.168.0.70 haproxy、keepalived Centos7.4 vip(虚拟IP) 192.168.0.180 192.168.0.181 1、两台都安装haproxy,参照安装haproxy文档 2、 两台都安装Keepalived yum -y install gcc automake autoconf libtool gcc-c++ gd zlib zlib-devel openssl openssl-devel libxml2 libxml2-devel libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel libmcrypt libmcrypt-devel pcre pcre-devel yum install -y libnl libnl-devel libnfnetlink-devel popt-devel cd /usr/local/src/ tar -zxvf keepalived-1.2.18.tar.gz cd keepalived-1.2.18 ./configure --prefix=/usr/local/keepalived make && make install 3、将keepalived安装成Linux系统服务 mkdir /etc/keepalived cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/ cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/ cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/ chmod +x /etc/init.d/keepalived ln -s /usr/local/sbin/keepalived /usr/sbin/ ln -s /usr/local/keepalived/sbin/keepalived /usr/sbin/ ln -s /usr/local/keepalived/sbin/keepalived /usr/local/sbin/ chkconfig keepalived on 4、修改keepalived配置文件 接下来就是配置了,很简单,之前的删除,直接复制下面配置文件 先是主服务器: vi /etc/keepalived/keepalived.conf global_defs { notification_email #通知email,根据实际情况配置 { admin@example.com } notification_email_from admin@example.com smtp_server 127.0.0.1 stmp_connect_timeout 30 router_id node1 #节点名标识,主要用于通知中 } vrrp_script chk_http_port { script "/etc/keepalived/chk_haproxy.sh" #在这里添加脚本链接 interval 3 #脚本执行间隔 weight 2 #脚本结果导致的优先级变更 } vrrp_script chk_http_port { script "/etc/keepalived/chk_haproxy.sh" #在这里添加脚本链接 interval 3 #脚本执行间隔 weight 2 #脚本结果导致的优先级变更 } vrrp_instance VI_NODE_1 { state MASTER #配置为主服务器 interface ens33 #通讯网卡 virtual_router_id 100 #路由标识 priority 200 #优先级,0-254 advert_int 5 #通知间隔,实际部署时可以设置小一点,减少延时 authentication { auth_type PASS auth_pass 123456 #验证密码,用于通讯主机间验证 } track_script { chk_http_port #添加脚本执行 } virtual_ipaddress { 192.168.0.180 #虚拟ip,可以定义多个 } } vrrp_instance VI_NODE_2 { state MASTER #配置为主服务器 interface ens33 #通讯网卡 virtual_router_id 101 #路由标识 priority 100 #优先级,0-254 advert_int 5 #通知间隔,实际部署时可以设置小一点,减少延时 authentication { auth_type PASS auth_pass 123456 #验证密码,用于通讯主机间验证 } track_script { chk_http_port #添加脚本执行 } virtual_ipaddress { 192.168.0.181 #虚拟ip,可以定义多个 } } 接下是从服务器设置: vi /etc/keepalived/keepalived.conf global_defs { notification_email { admin@example.com } notification_email_from admin@example.com smtp_server 127.0.0.1 stmp_connect_timeout 30 router_id node2 } vrrp_script chk_http_port { script "/etc/keepalived/chk_haproxy.sh" #在这里添加脚本链接 interval 3 #脚本执行间隔 weight 2 #脚本结果导致的优先级变更 } vrrp_script chk_http_port { script "/etc/keepalived/chk_haproxy.sh" #在这里添加脚本链接 interval 3 #脚本执行间隔 weight 2 #脚本结果导致的优先级变更 } vrrp_instance VI_NODE_1 { state BACKUP #与主服务器对应 interface ens33 #从服务器的通信网卡 virtual_router_id 100 #路由标识,和主服务器相同 priority 100 #优先级,小于主服务器即可 advert_int 5 #这里是接受通知间隔,与主服务器要设置相同 authentication { auth_type PASS auth_pass 123456 #验证密码,与主服务器相同 } track_script { chk_http_port #添加脚本执行 } virtual_ipaddress { 192.168.0.180 #虚拟IP,也要和主服务器相同 } } vrrp_instance VI_NODE_2 { state BACKUP #与主服务器对应 interface ens33 #从服务器的通信网卡 virtual_router_id 101 #路由标识,和主服务器相同 priority 100 #优先级,小于主服务器即可 advert_int 5 #这里是接受通知间隔,与主服务器要设置相同 authentication { auth_type PASS auth_pass 123456 #验证密码,与主服务器相同 } track_script { chk_http_port #添加脚本执行 } virtual_ipaddress { 192.168.0.181 #虚拟IP,也要和主服务器相同 } } 5 两个节点配置check_ngixn脚本 当脚本检测到haproxy没有运行的时候会尝试去启动haproxy以此,如果失败则停掉keepalived进程 vi /usr/local/keepalived/haproxy.sh tatus=$(ps aux|grep haproxy | grep -v grep | grep -v bash | wc -l) if [ "${status}" = "0" ]; then /usr/local/haproxy/sbin -f /usr/local/haproxy/conf/haproxy.cfg status2=$(ps aux|grep haproxy | grep -v grep | grep -v bash |wc -l) if [ "${status2}" = "0" ]; then /etc/init.d/keepalived stop fi fi 6、启动keepalived [root@bogon ~]# service keepalived start Starting keepalived (via systemctl): [ OK ] 7、查看虚拟ip在哪台上, 注意过两分钟才出现vip [root@bogon ~]# ip a [root@bogon ~]# ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 00:0c:29:24:21:c4 brd ff:ff:ff:ff:ff:ff inet 192.168.0.69/24 brd 192.168.0.255 scope global noprefixroute ens33 valid_lft forever preferred_lft forever inet 192.168.0.180/32 scope global ens33 valid_lft forever preferred_lft forever inet 192.168.0.181/32 scope global ens33 valid_lft forever preferred_lft forever inet6 fe80::d675:3ae7:5113:ad71/64 scope link noprefixroute valid_lft forever preferred_lft forever 9、访问:http://192.168.0.181:1080/stats http://192.168.0.181:1080/stats 账号密码: admin/admin 10、高可用切换 在192.168.0.69停止keepalived , 查看192.168.0.180飘到了192.168.0.70上 service keepalived stop 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 00:0c:29:ba:67:74 brd ff:ff:ff:ff:ff:ff inet 192.168.0.70/24 brd 192.168.0.255 scope global noprefixroute ens33 valid_lft forever preferred_lft forever inet 192.168.0.180/32 scope global ens33 valid_lft forever preferred_lft forever inet6 fe80::6c33:a5d6:2ea9:d781/64 scope link noprefixroute valid_lft forever preferred_lft forever inet6 fe80::d675:3ae7:5113:ad71/64 scope link tentative noprefixroute dadfailed valid_lft forever preferred_lft forever