转自 https://www.jianshu.com/p/95cc6e875456 Keepalived+haproxy实现高可用负载均衡 Master 192.168.0.69 haproxy、keepalived Centos7.
backup 192.168.0.70 haproxy、keepalived Centos7.
vip(虚拟IP)
192.168.0.180 192.168.0.181 、两台都安装haproxy,参照安装haproxy文档 、 两台都安装Keepalived yum -y install gcc automake autoconf libtool gcc-c++ gd zlib zlib-devel openssl openssl-devel libxml2 libxml2-devel libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel libmcrypt libmcrypt-devel pcre pcre-devel yum install -y libnl libnl-devel libnfnetlink-devel popt-devel cd /usr/local/src/ tar -zxvf keepalived-1.2..tar.gz cd keepalived-1.2. ./configure --prefix=/usr/local/keepalived make && make install 、将keepalived安装成Linux系统服务 mkdir /etc/keepalived
cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/
cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/
cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
chmod +x /etc/init.d/keepalived
ln -s /usr/local/sbin/keepalived /usr/sbin/
ln -s /usr/local/keepalived/sbin/keepalived /usr/sbin/
ln -s /usr/local/keepalived/sbin/keepalived /usr/local/sbin/
chkconfig keepalived on 、修改keepalived配置文件 接下来就是配置了,很简单,之前的删除,直接复制下面配置文件 先是主服务器: vi /etc/keepalived/keepalived.conf global_defs
{
notification_email #通知email,根据实际情况配置
{
admin@example.com
}
notification_email_from admin@example.com
smtp_server 127.0.0.1
stmp_connect_timeout
router_id node1 #节点名标识,主要用于通知中
} vrrp_script chk_http_port {
script "/etc/keepalived/chk_haproxy.sh" #在这里添加脚本链接
interval #脚本执行间隔
weight #脚本结果导致的优先级变更
} vrrp_script chk_http_port {
script "/etc/keepalived/chk_haproxy.sh" #在这里添加脚本链接
interval #脚本执行间隔
weight #脚本结果导致的优先级变更
} vrrp_instance VI_NODE_1 {
state MASTER #配置为主服务器
interface ens33 #通讯网卡
virtual_router_id #路由标识
priority #优先级,-
advert_int #通知间隔,实际部署时可以设置小一点,减少延时 authentication {
auth_type PASS
auth_pass #验证密码,用于通讯主机间验证
} track_script {
chk_http_port #添加脚本执行
} virtual_ipaddress {
192.168.0.180 #虚拟ip,可以定义多个
}
} vrrp_instance VI_NODE_2 {
state MASTER #配置为主服务器
interface ens33 #通讯网卡
virtual_router_id #路由标识
priority #优先级,-
advert_int #通知间隔,实际部署时可以设置小一点,减少延时 authentication {
auth_type PASS
auth_pass #验证密码,用于通讯主机间验证
} track_script {
chk_http_port #添加脚本执行
} virtual_ipaddress {
192.168.0.181 #虚拟ip,可以定义多个
}
} 接下是从服务器设置: vi /etc/keepalived/keepalived.conf global_defs {
notification_email {
admin@example.com
}
notification_email_from admin@example.com
smtp_server 127.0.0.1
stmp_connect_timeout router_id node2
} vrrp_script chk_http_port {
script "/etc/keepalived/chk_haproxy.sh" #在这里添加脚本链接
interval #脚本执行间隔
weight #脚本结果导致的优先级变更
} vrrp_script chk_http_port {
script "/etc/keepalived/chk_haproxy.sh" #在这里添加脚本链接
interval #脚本执行间隔
weight #脚本结果导致的优先级变更
} vrrp_instance VI_NODE_1 {
state BACKUP #与主服务器对应
interface ens33 #从服务器的通信网卡
virtual_router_id #路由标识,和主服务器相同
priority #优先级,小于主服务器即可
advert_int #这里是接受通知间隔,与主服务器要设置相同 authentication {
auth_type PASS
auth_pass #验证密码,与主服务器相同
} track_script {
chk_http_port #添加脚本执行
} virtual_ipaddress {
192.168.0.180 #虚拟IP,也要和主服务器相同
}
} vrrp_instance VI_NODE_2 {
state BACKUP #与主服务器对应
interface ens33 #从服务器的通信网卡
virtual_router_id #路由标识,和主服务器相同
priority #优先级,小于主服务器即可
advert_int #这里是接受通知间隔,与主服务器要设置相同 authentication {
auth_type PASS
auth_pass #验证密码,与主服务器相同
} track_script {
chk_http_port #添加脚本执行
} virtual_ipaddress {
192.168.0.181 #虚拟IP,也要和主服务器相同
}
} 两个节点配置check_ngixn脚本 当脚本检测到haproxy没有运行的时候会尝试去启动haproxy以此,如果失败则停掉keepalived进程 vi /usr/local/keepalived/haproxy.sh tatus=$(ps aux|grep haproxy | grep -v grep | grep -v bash | wc -l)
if [ "${status}" = "" ]; then
/usr/local/haproxy/sbin -f /usr/local/haproxy/conf/haproxy.cfg status2=$(ps aux|grep haproxy | grep -v grep | grep -v bash |wc -l) if [ "${status2}" = "" ]; then
/etc/init.d/keepalived stop
fi
fi 、启动keepalived
[root@bogon ~]# service keepalived start
Starting keepalived (via systemctl): [ OK ] 、查看虚拟ip在哪台上, 注意过两分钟才出现vip [root@bogon ~]# ip a
[root@bogon ~]# ip a
: lo: <LOOPBACK,UP,LOWER_UP> mtu qdisc noqueue state UNKNOWN group default qlen
link/loopback ::::: brd :::::
inet 127.0.0.1/ scope host lo
valid_lft forever preferred_lft forever
inet6 ::/ scope host
valid_lft forever preferred_lft forever
: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu qdisc pfifo_fast state UP group default qlen
link/ether :0c::::c4 brd ff:ff:ff:ff:ff:ff
inet 192.168.0.69/ brd 192.168.0.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet 192.168.0.180/ scope global ens33
valid_lft forever preferred_lft forever
inet 192.168.0.181/ scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::d675:3ae7::ad71/ scope link noprefixroute
valid_lft forever preferred_lft forever 、访问:http://192.168.0.181:1080/stats http://192.168.0.181:1080/stats 账号密码: admin/admin 、高可用切换 在192.168.0.69停止keepalived , 查看192.168.0.180飘到了192.168.0.70上 service keepalived stop : lo: <LOOPBACK,UP,LOWER_UP> mtu qdisc noqueue state UNKNOWN group default qlen
link/loopback ::::: brd :::::
inet 127.0.0.1/ scope host lo
valid_lft forever preferred_lft forever
inet6 ::/ scope host
valid_lft forever preferred_lft forever
: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu qdisc pfifo_fast state UP group default qlen
link/ether :0c::ba:: brd ff:ff:ff:ff:ff:ff
inet 192.168.0.70/ brd 192.168.0.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet 192.168.0.180/ scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::6c33:a5d6:2ea9:d781/ scope link noprefixroute
valid_lft forever preferred_lft forever
inet6 fe80::d675:3ae7::ad71/ scope link tentative noprefixroute dadfailed
valid_lft forever preferred_lft forever