keeplived + haproxy 高可用网络代理-安装配置 centos-7.6
1. 安装keeplived
yum安装
yum -y install keepalived
源码包下载地址
https://src.fedoraproject.org/repo/pkgs/keepalived/
可自行选择版本,本次使用yum安装
2. 配置对应配置文件
主节点配置
[root@ol13 ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
*@*.com #邮件报警及相关配置
}
notification_email_from noreply@hxshop.com
smtp_server smtp.qq.com
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script chk_http_port {
script "/etc/keepalived/check_haproxy.sh" #检测ha是否存活的脚本
interval 2
weight 2
fall 2
rise 1
}
vrrp_instance VI_1 {
state MASTER #标识为主
interface eth0 #绑定网卡
virtual_router_id 55 #主备节点应一致
priority 110 #优先级主节点应高于备节点
advert_int 1
authentication { #验证信息主备节点应一致
auth_type PASS
auth_pass 123456
}
track_script {
chk_http_port #测试脚本 在上文中定义
}
virtual_ipaddress {
172.16.0.248/24 dev eth0 label eth0:0 #绑定的对应Ip
}
}
备节点配置
[root@ol23 ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
*@*.com
}
notification_email_from noreply@hxshop.com
smtp_server smtp.qq.com
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script chk_http_port {
script "/etc/keepalived/check_haproxy.sh"
interval 2
weight 2
fall 2
rise 1
}
vrrp_instance VI_1 {
state BACKUP
interface eth0 #对应网卡设备名
virtual_router_id 55 #与主节点相同
priority 90 #低于主节点
advert_int 1
#nopreempt
authentication {
auth_type PASS
auth_pass 123456
}
track_script {
chk_http_port
}
virtual_ipaddress {
172.16.0.248/24 dev eth0 label eth0:0
}
}
3.测试脚本内容
[root@ol13 ~]# cat /etc/keepalived/check_haproxy.sh
#!/bin/bash
A=`ps -C haproxy --no-header |wc -l`
if [ $A -eq 0 ];then
systemctl start haproxy
# /usr/local/haproxy/sbin/haproxy -f /usr/local/haproxy/conf/haproxy.cfg
echo "`date`:HaProxy start" >> /etc/keepalived/check_ha.log
fi
sleep 2
if [ `ps -C haproxy --no-header |wc -l` -eq 0 ];then
systemctl stop keepalived
# /etc/init.d/keepalived stop
echo "`date`:keepalived stop" >> /etc/keepalived/check_ha.log
fi
测试脚本在主备节点均存在
需要加上执行权限
[root@ol13 ~]# chmod +x /etc/keepalived/check_haproxy.sh
4.调试命令
查看日志
[root@ol23 ~]# journalctl -u keepalived
开启防火墙
注意修改对应网卡设备名
firewall-cmd --direct --permanent --add-rule ipv4 filter INPUT 0 --in-interface ens33 --destination 224.0.0.18 --protocol vrrp -j ACCEPT
firewall-cmd --reload
5.启动服务
主备同时
systemctl start keepalived
验证
ip a
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 52:54:00:fb:5c:5f brd ff:ff:ff:ff:ff:ff
inet 172.16.0.13/24 brd 172.16.0.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
inet 172.16.0.248/24 scope global secondary eth0:0
valid_lft forever preferred_lft forever
会出现多个ip