keeplived + haproxy 高可用网络代理-安装配置 centos-7.6

1. 安装keeplived

yum安装
yum -y install keepalived
源码包下载地址
https://src.fedoraproject.org/repo/pkgs/keepalived/
可自行选择版本，本次使用yum安装

2. 配置对应配置文件

主节点配置

[root@ol13 ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
   notification_email {
    *@*.com       #邮件报警及相关配置
   }
   notification_email_from noreply@hxshop.com
   smtp_server smtp.qq.com
   smtp_connect_timeout 30
   router_id LVS_DEVEL
}
vrrp_script chk_http_port {
                script "/etc/keepalived/check_haproxy.sh"   #检测ha是否存活的脚本
                interval 2
                weight 2
        	fall 2		
                rise 1
}
vrrp_instance VI_1 {
    state MASTER  #标识为主
    interface eth0 #绑定网卡
    virtual_router_id 55 #主备节点应一致
    priority 110       #优先级主节点应高于备节点
    advert_int 1
    authentication {   #验证信息主备节点应一致
        auth_type PASS   
        auth_pass 123456 
    }
track_script { 
        chk_http_port    #测试脚本 在上文中定义
        }
    virtual_ipaddress {
       172.16.0.248/24 dev eth0 label eth0:0  #绑定的对应Ip
    }
}

备节点配置

[root@ol23 ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
   notification_email {
*@*.com
   }
   notification_email_from noreply@hxshop.com
   smtp_server smtp.qq.com
   smtp_connect_timeout 30
   router_id LVS_DEVEL
}
vrrp_script chk_http_port {
                script "/etc/keepalived/check_haproxy.sh"
                interval 2
                weight 2
        	fall 2		
                rise 1
}
vrrp_instance VI_1 {
    state BACKUP
    interface eth0          #对应网卡设备名
    virtual_router_id 55    #与主节点相同
    priority 90             #低于主节点
    advert_int 1
    #nopreempt
    authentication {
        auth_type PASS
        auth_pass 123456 
    }
track_script { 
        chk_http_port 
        }
    virtual_ipaddress {
       172.16.0.248/24 dev eth0 label eth0:0
    }
}

3.测试脚本内容

[root@ol13 ~]# cat /etc/keepalived/check_haproxy.sh 
#!/bin/bash
A=`ps -C haproxy --no-header |wc -l`
if [ $A -eq 0  ];then
    systemctl start haproxy
#   /usr/local/haproxy/sbin/haproxy -f /usr/local/haproxy/conf/haproxy.cfg
    echo "`date`:HaProxy start" >> /etc/keepalived/check_ha.log
fi
sleep 2 
if [ `ps -C haproxy --no-header |wc -l` -eq 0 ];then
	systemctl stop keepalived
     #   /etc/init.d/keepalived stop
         echo "`date`:keepalived stop" >> /etc/keepalived/check_ha.log
fi

测试脚本在主备节点均存在
需要加上执行权限
[root@ol13 ~]# chmod +x /etc/keepalived/check_haproxy.sh

4.调试命令

查看日志
[root@ol23 ~]# journalctl -u keepalived
开启防火墙
注意修改对应网卡设备名

firewall-cmd --direct --permanent --add-rule ipv4 filter INPUT 0 --in-interface ens33 --destination 224.0.0.18 --protocol vrrp -j ACCEPT
firewall-cmd --reload

5.启动服务

主备同时
systemctl start keepalived
验证
ip a

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 52:54:00:fb:5c:5f brd ff:ff:ff:ff:ff:ff
    inet 172.16.0.13/24 brd 172.16.0.255 scope global noprefixroute eth0
       valid_lft forever preferred_lft forever
    inet 172.16.0.248/24 scope global secondary eth0:0
       valid_lft forever preferred_lft forever

会出现多个ip