转自 https://www.jianshu.com/p/95cc6e875456
Keepalived+haproxy实现高可用负载均衡
Master 192.168.0.69 haproxy、keepalived Centos7.4
backup 192.168.0.70 haproxy、keepalived Centos7.4
vip(虚拟IP)
192.168.0.180 192.168.0.181
1、两台都安装haproxy,参照安装haproxy文档
2、 两台都安装Keepalived
yum -y install gcc automake autoconf libtool gcc-c++ gd zlib zlib-devel openssl openssl-devel libxml2 libxml2-devel libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel libmcrypt libmcrypt-devel pcre pcre-devel
yum install -y libnl libnl-devel libnfnetlink-devel popt-devel
cd /usr/local/src/
tar -zxvf keepalived-1.2.18.tar.gz
cd keepalived-1.2.18
./configure --prefix=/usr/local/keepalived
make && make install
3、将keepalived安装成Linux系统服务
mkdir /etc/keepalived
cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/
cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/
cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
chmod +x /etc/init.d/keepalived
ln -s /usr/local/sbin/keepalived /usr/sbin/
ln -s /usr/local/keepalived/sbin/keepalived /usr/sbin/
ln -s /usr/local/keepalived/sbin/keepalived /usr/local/sbin/
chkconfig keepalived on
4、修改keepalived配置文件
接下来就是配置了,很简单,之前的删除,直接复制下面配置文件
先是主服务器:
vi /etc/keepalived/keepalived.conf
global_defs
{
notification_email #通知email,根据实际情况配置
{
admin@example.com
}
notification_email_from admin@example.com
smtp_server 127.0.0.1
stmp_connect_timeout 30
router_id node1 #节点名标识,主要用于通知中
}
vrrp_script chk_http_port {
script "/etc/keepalived/chk_haproxy.sh" #在这里添加脚本链接
interval 3 #脚本执行间隔
weight 2 #脚本结果导致的优先级变更
}
vrrp_script chk_http_port {
script "/etc/keepalived/chk_haproxy.sh" #在这里添加脚本链接
interval 3 #脚本执行间隔
weight 2 #脚本结果导致的优先级变更
}
vrrp_instance VI_NODE_1 {
state MASTER #配置为主服务器
interface ens33 #通讯网卡
virtual_router_id 100 #路由标识
priority 200 #优先级,0-254
advert_int 5 #通知间隔,实际部署时可以设置小一点,减少延时
authentication {
auth_type PASS
auth_pass 123456 #验证密码,用于通讯主机间验证
}
track_script {
chk_http_port #添加脚本执行
}
virtual_ipaddress {
192.168.0.180 #虚拟ip,可以定义多个
}
}
vrrp_instance VI_NODE_2 {
state MASTER #配置为主服务器
interface ens33 #通讯网卡
virtual_router_id 101 #路由标识
priority 100 #优先级,0-254
advert_int 5 #通知间隔,实际部署时可以设置小一点,减少延时
authentication {
auth_type PASS
auth_pass 123456 #验证密码,用于通讯主机间验证
}
track_script {
chk_http_port #添加脚本执行
}
virtual_ipaddress {
192.168.0.181 #虚拟ip,可以定义多个
}
}
接下是从服务器设置:
vi /etc/keepalived/keepalived.conf
global_defs {
notification_email {
admin@example.com
}
notification_email_from admin@example.com
smtp_server 127.0.0.1
stmp_connect_timeout 30
router_id node2
}
vrrp_script chk_http_port {
script "/etc/keepalived/chk_haproxy.sh" #在这里添加脚本链接
interval 3 #脚本执行间隔
weight 2 #脚本结果导致的优先级变更
}
vrrp_script chk_http_port {
script "/etc/keepalived/chk_haproxy.sh" #在这里添加脚本链接
interval 3 #脚本执行间隔
weight 2 #脚本结果导致的优先级变更
}
vrrp_instance VI_NODE_1 {
state BACKUP #与主服务器对应
interface ens33 #从服务器的通信网卡
virtual_router_id 100 #路由标识,和主服务器相同
priority 100 #优先级,小于主服务器即可
advert_int 5 #这里是接受通知间隔,与主服务器要设置相同
authentication {
auth_type PASS
auth_pass 123456 #验证密码,与主服务器相同
}
track_script {
chk_http_port #添加脚本执行
}
virtual_ipaddress {
192.168.0.180 #虚拟IP,也要和主服务器相同
}
}
vrrp_instance VI_NODE_2 {
state BACKUP #与主服务器对应
interface ens33 #从服务器的通信网卡
virtual_router_id 101 #路由标识,和主服务器相同
priority 100 #优先级,小于主服务器即可
advert_int 5 #这里是接受通知间隔,与主服务器要设置相同
authentication {
auth_type PASS
auth_pass 123456 #验证密码,与主服务器相同
}
track_script {
chk_http_port #添加脚本执行
}
virtual_ipaddress {
192.168.0.181 #虚拟IP,也要和主服务器相同
}
}
5 两个节点配置check_ngixn脚本
当脚本检测到haproxy没有运行的时候会尝试去启动haproxy以此,如果失败则停掉keepalived进程
vi /usr/local/keepalived/haproxy.sh
tatus=$(ps aux|grep haproxy | grep -v grep | grep -v bash | wc -l)
if [ "${status}" = "0" ]; then
/usr/local/haproxy/sbin -f /usr/local/haproxy/conf/haproxy.cfg
status2=$(ps aux|grep haproxy | grep -v grep | grep -v bash |wc -l)
if [ "${status2}" = "0" ]; then
/etc/init.d/keepalived stop
fi
fi
6、启动keepalived
[root@bogon ~]# service keepalived start
Starting keepalived (via systemctl): [ OK ]
7、查看虚拟ip在哪台上, 注意过两分钟才出现vip
[root@bogon ~]# ip a
[root@bogon ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:24:21:c4 brd ff:ff:ff:ff:ff:ff
inet 192.168.0.69/24 brd 192.168.0.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet 192.168.0.180/32 scope global ens33
valid_lft forever preferred_lft forever
inet 192.168.0.181/32 scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::d675:3ae7:5113:ad71/64 scope link noprefixroute
valid_lft forever preferred_lft forever
9、访问:http://192.168.0.181:1080/stats http://192.168.0.181:1080/stats 账号密码: admin/admin
10、高可用切换
在192.168.0.69停止keepalived , 查看192.168.0.180飘到了192.168.0.70上
service keepalived stop
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:ba:67:74 brd ff:ff:ff:ff:ff:ff
inet 192.168.0.70/24 brd 192.168.0.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet 192.168.0.180/32 scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::6c33:a5d6:2ea9:d781/64 scope link noprefixroute
valid_lft forever preferred_lft forever
inet6 fe80::d675:3ae7:5113:ad71/64 scope link tentative noprefixroute dadfailed
valid_lft forever preferred_lft forever
浙公网安备 33010602011771号