1、实现haproxy+keepalived集群高可用集群转发

1.1 在另外一个博客第2点基础上完成

https://blog.51cto.com/rickzhu/2513415

1.2 在c5虚拟机安装另外一个haproxy

[root@c5 ~]# yum install haproxy.x86_64 -y
[root@c5 haproxy]# grep -v "#" haproxy.cfg 

global
    log         127.0.0.1 local2

    chroot      /var/lib/haproxy
    pidfile     /var/run/haproxy.pid
    maxconn     4000
    user        haproxy
    group       haproxy
    daemon

    stats socket /var/lib/haproxy/stats

defaults
    mode                    http
    log                     global
    option                  httplog
    option                  dontlognull
    option http-server-close
    option forwardfor       except 127.0.0.0/8
    option                  redispatch
    retries                 3
    timeout http-request    10s
    timeout queue           1m
    timeout connect         10s
    timeout client          1m
    timeout server          1m
    timeout http-keep-alive 10s
    timeout check           10s
    maxconn                 3000

listen statistics 
bind *:9090
stats enable
stats auth admin:admin
stats uri /admin?stats
stats hide-version
stats refresh 30s
stats admin if TRUE
stats realm Hapadmin

listen web_host
    bind 10.0.1.246:80
    mode http
    balance roundrobin
    log global
    option httplog
    acl static_path1 path_beg -i /a
    use_backend static_path_host1 if static_path1
    acl static_path2 path_beg -i /b
    use_backend static_path_host2 if static_path2

backend static_path_host1
    mode http
    server web1 10.0.1.242:80 check inter 2000 fall 3 rise 5
backend static_path_host2
    mode http
    server web2 10.0.1.243:80 check inter 2000 fall 3 rise 5
[root@c5 haproxy]# systemctl start haproxy.service

1.3 分别在安装有haproxy的虚拟机安装keeplived

[root@localhost ~]#yum install keepalived.x86_64 -y
[root@localhost keepalived]# cat keepalived.conf
global_defs {
   notification_email {
     root@localhost
   }
   notification_email_from keepalived@localhost
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id node1
   vrrp_mcast_group4 224.0.100.100
}

vrrp_instance VI_1 {
    state MASTER
    interface eth0
    virtual_router_id 5
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 123456
    }
    virtual_ipaddress {
        10.0.1.100/24 dev eth0 label eth0:0
    }
}
#修改haproxy配置文件上的绑定ip
[root@localhost keepalived]# grep bind /etc/haproxy/haproxy.cfg 
bind *:9090
    bind 10.0.1.100:80
#启动keepalived和haproxy服务
[root@localhost keepalived]# systemctl start keepalived.service
[root@localhost keepalived]# systemctl reload haproxy.service

1.4 在c5虚拟机上重复1.3的操作

1.5 测试

1.5.1 浏览器访问测试

实现haproxy高可用_第1张图片
实现haproxy高可用_第2张图片

1.5.2 停掉keepalved测试

[root@localhost keepalived]# systemctl stop keepalived.service
#vip飘到c5上
root@localhost keepalived]# ip a
1: lo:  mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0:  mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:05:32:f0 brd ff:ff:ff:ff:ff:ff
    inet 10.0.1.245/24 brd 10.0.1.255 scope global noprefixroute dynamic eth0
       valid_lft 20627sec preferred_lft 20627sec
    inet 10.0.1.100/24 scope global secondary eth0:0
       valid_lft forever preferred_lft forever
    inet6 fe80::96c3:3cc3:b39e:dee3/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever

实现haproxy高可用_第3张图片
实现haproxy高可用_第4张图片

1.6 keepalve结合脚本实现细粒度的haproxy高可用

1.6.1 安装killall命令

[root@localhost keepalived]# yum install psmisc.x86_64 -y

1.6.2 编写脚本

[root@localhost keepalived]# pwd
/etc/keepalived
[root@localhost keepalived]# echo "/usr/bin/killall -0 haproxy" > check.sh
[root@localhost keepalived]# cat check.sh
/usr/bin/killall -0 haproxy
[root@localhost keepalived]# chmod +x check.sh

1.6.3 修改keepalive配置文件

[root@localhost keepalived]# cat keepalived.conf
global_defs {
   notification_email {
     root@localhost
   }
   notification_email_from keepalived@localhost
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id node1
   vrrp_mcast_group4 224.0.100.100
}

vrrp_script chk_haproxy {    #需增加的配置
    script "/etc/keepalived/check.sh"
    interval 2
    weight -50
    fall 3
    rise 5 
    timeout 3
}

vrrp_instance VI_1 {
    state MASTER
    interface eth0
    virtual_router_id 5
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 123456
    }
    virtual_ipaddress {
        10.0.1.100/24 dev eth0 label eth0:0
    }
   track_script {    #需增加的配置
    chk_haproxy
    }
}

注:在c5上也需要修改

1.6.4 重新加载keepalived配置文件

[root@localhost keepalived]# systemctl reload keepalived.service
[root@c5 keepalived]# systemctl reload keepalived.service

1.6.5 停掉haproxy测试

[root@localhost keepalived]# systemctl start haproxy.service

#vip转移到c5虚拟机上了

[root@c5 keepalived]# ip a
1: lo:  mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0:  mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:63:0e:a2 brd ff:ff:ff:ff:ff:ff
    inet 10.0.1.246/24 brd 10.0.1.255 scope global noprefixroute dynamic eth0
       valid_lft 19862sec preferred_lft 19862sec
    inet 10.0.1.100/24 scope global secondary eth0:0
       valid_lft forever preferred_lft forever
    inet6 fe80::1a2f:6d30:57cc:7d3a/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever

2、实现LVS+keepalived高可用集群

参考https://blog.51cto.com/rickzhu/2498439