centos7haproxy+keepalive

1部署keepalived

1.1下载keepalived源码包，并解压
# wget http://www.keepalived.org/software/keepalived-1.4.2.tar.gz
# tar xf keepalived-1.4.2.tar.gz
# cd keepalived-1.4.2

1.2安装包
# ./configure --prefix=/usr/local/keepalived --disable-fwmark && make && make install
# cp /usr/local/src/keepalived-1.4.2/keepalived/etc/init.d/keepalived.rh.init /etc/sysconfig/keepalived.sysconfig
# cp -f /usr/local/src/keepalived-1.4.2/keepalived/keepalived.service /usr/lib/systemd/system/
# cp /usr/local/src/keepalived-1.4.2/bin/keepalived /usr/sbin/

1.3配置keepalived
分别在两台负载服务器同时执行以下操作安装keepalived：

1.3.1master服务器：
# mkdir /etc/keepalived
# mkdir /etc/keepalived/vip
# cat /etc/keepalived/keepalived.conf
vrrp_instance VI_1 {
state MASTER
interface eth0 # 实例绑定的网卡
virtual_router_id 80 # router_id必改
priority 50 # 优先级
advert_int 1 # 检查间隔，默认为1秒
unicast_src_ip 10.10.21.197 # 本机ip
unicast_peer {
10.10.21.198 # 备机ip
}

authentication {
auth_type PASS # 负载同步验证方式
auth_pass 123456

}

virtual_ipaddress {
10.10.21.250/24 dev eth0 label eth0:0 # vip配置
}

}

include /etc/keepalived/vip/*.conf # 配置文件导入

1.3.2backup服务器：
# mkdir /etc/keepalived
# mkdir /etc/keepalived/vip
# cat /etc/keepalived/keepalived.conf
vrrp_instance VI_1 {
state backup
interface eth0 # 实例绑定的网卡
virtual_router_id 81 # router_id必改
priority 50 # 优先级
advert_int 1 # 检查间隔，默认为1秒
unicast_src_ip 10.10.21.198 # 本机ip
unicast_peer {
10.10.21.197 # 备机ip
}

authentication {
auth_type PASS # 负载同步验证方式
auth_pass 123456

}

virtual_ipaddress {
10.10.21.250/24 dev eth0 label eth0:0 # vip配置
}

}

include /etc/keepalived/vip/*.conf # 配置文件导入

1.3.3 验证
# 启动keepalived
# systemctl start keepalived
# systemctl enable keepalived
# ifconfig

2haproxy安装

# yum -y install haproxy
# mkdir /etc/haproxy/conf
# vim /usr/lib/systemd/system/haproxy.service
[Unit]
Description=HAProxy Load Balancer
After=syslog.target network.target

[Service]
EnvironmentFile=/etc/sysconfig/haproxy
ExecStartPre=/usr/sbin/haproxy -f /etc/haproxy/haproxy.cfg -f /etc/haproxy/conf -c -q
ExecStart=/usr/sbin/haproxy-systemd-wrapper -f /etc/haproxy/haproxy.cfg -f /etc/haproxy/conf -p /run/haproxy.pid $OPTIONS
ExecReload=/bin/kill -USR2 $MAINPID
KillMode=mixed

[Install]
WantedBy=multi-user.target

# vim /etc/haproxy/haproxy.cfg
global
log 127.0.0.1 local2
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 100000
user haproxy
group haproxy
daemon

stats socket /var/lib/haproxy/stats

defaults
mode http
option http-keep-alive
option forwardfor except 127.0.0.0/8
maxconn 100000
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s

listen stats
mode http
bind 0.0.0.0:9999
stats enable
log global
stats uri /haproxy-status # 页面访问路径
stats auth haadmin:q1w2e3r4ys

#####################分文件conf/*.cfg 配置实例###############

frontend openstack_mysql

    bind 192.168.10.100:3306

    mode tcp

    default_backend  openstack_mysql_node

backend  openstack_mysql_node

    mode tcp

    balance source

    server 192.168.10.201  192.168.10.201:3306   check inter 2000 fall 3 rise 5

# vim /etc/sysconfig/syslog
local2.* /var/log/haproxy.log

# vim /etc/sysctl.conf
# 开启允许绑定非本机的IP，haporxy启动忽视VIP存在
net.ipv4.ip_nonlocal_bind = 1
# 内核是否转发数据包
net.ipv4.ip_forward = 1
# sysctl -p

验证：
# systemctl reload haproxy
# systemctl start haproxy
# systemctl enable haproxy

http://<IP>:9999/haproxy-status

3keepalived与haproxy配置

# cat /etc/keepalived/check_haproxy.sh
#!/bin/bash
if [ $(ps -C haproxy --no-header | wc -l) -eq 0 ];then
systemctl start haproxy
fi
sleep 2
if [ $(ps -C haproxy --no-header | wc -l) -eq 0 ];then
systemctl stop keepalived
fi

主：
vrrp_script chk_haproxy { #Haproxy服务启动
script "/etc/keepalived/check_haproxy.sh" #监控haproxy进程的脚本, 根据自己的实际路径放置
interval 2
weight -4
}

vrrp_instance VI_1 {
state MASTER
interface eth0 # 实例绑定的网卡
virtual_router_id 80 # router_id必改
priority 50 # 优先级
advert_int 1 # 检查间隔，默认为1秒
unicast_src_ip 10.10.21.197 # 本机ip
unicast_peer {
10.10.21.198 # 备机ip
}

authentication {
auth_type PASS # 负载同步验证方式
auth_pass 123456

}

track_script { #调用haproxy进程检测脚本
chk_haproxy
}

virtual_ipaddress {
10.10.21.250/24 dev eth0 label eth0:0 # vip配置
}

}

include /etc/keepalived/vip/*.conf # 配置文件导入

从：
# cat /etc/keepalived/keepalived.conf
vrrp_script chk_haproxy { #Haproxy服务启动
script "/etc/keepalived/check_haproxy.sh" #监控haproxy进程的脚本, 根据自己的实际路径放置
interval 2
weight -4
}

vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 81 # router_id必改
priority 50 # 优先级
advert_int 1 # 检查间隔，默认为1秒
unicast_src_ip 10.10.21.198 # 本机ip
unicast_peer {
10.10.21.197 # 备机ip
}

authentication {
auth_type PASS # 负载同步验证方式
auth_pass 123456

}

track_script { #调用haproxy进程检测脚本
chk_haproxy
}

virtual_ipaddress {
10.10.21.250/24 dev eth0 label eth0:0 # vip配置
}

}

include /etc/keepalived/vip/*.conf # 配置文件导入