实验:实现单主模式 keepalived+Haproxy 高可用

 

 

一、前期规则设置
CIP:192.168.80.50 gateway:192.168.10.2

CIP:192.168.80.50 gateway:192.168.10.2
KA1+Ha:DIP:192.168.80.100 gateway:192.168.80.2 VIP: 192.168.80.222/24
KA2+Ha: RIP:192.168.80.110 gateway:192.168.80.2 VIP: 192.168.80.222/24
RS1: RIP:192.168.80.120 gateway:192.168.80.2
RS2: RIP:192.168.80.130 gateway:192.168.80.2

 

二、KA HA服务器软件安装
KA服务器安装 yum  install  keepalived  Haproxy
RS服务器安装 yum  install  apache/nginx


表示允许服务绑定一个本机不存在的 ipv4 的 IP地址,适用于服务需要绑定 vip 的场景。
net.ipv4.ip_nonlocal_bind=1


三、KA 服务器配置文件
[root@localhost7A ~]# cat /etc/keepalived/check_haproxy.sh
#!/bin/bash
/usr/bin/killall -0 haproxy
[root@localhost7A ~]# chmod a+x /etc/keepalived/check_haproxy.sh


global_defs {
   notification_email {
     root@localhost
   }
   notification_email_from 6m1@localhost
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id ka1
   vrrp_mcast_group4 224.100.100.43
}

vrrp_script chk_haproxy {
    script "/etc/haproxy/check_haproxy.sh"
    interval 1
    weight -20
    fall 2
    rise 1
}
vrrp_instance zzhz {
    state MASTER
    interface eth0
    virtual_router_id 51
    priority 95
    advert_int 2
    authentication {
        auth_type PASS
        auth_pass centos
    }
    virtual_ipaddress {
       192.168.80.222/24 dev eth0 label eth0:1
    }

    track_script {
        chk_haproxy
    }
}

四:另一台设置变化部分
router_id ka2
state BACKUP:
priority 85   要小于MASTER。

五、Ha服务器配置文件(另一台配置不变)
    log         127.0.0.1 local2
    chroot      /var/lib/haproxy
    pidfile     /var/run/haproxy.pid
    maxconn     4000
    user        haproxy
    group       haproxy
    daemon

    # turn on stats unix socket
    stats socket /var/lib/haproxy/stats

defaults
    mode                    http
    log                     global
    option                  httplog
    option                  dontlognull
    option http-server-close
    option forwardfor       except 127.0.0.0/8
    option                  redispatch
    retries                 3
    timeout http-request    10s
    timeout queue           1m
    timeout connect         10s
    timeout client          1m
    timeout server          1m
    timeout http-keep-alive 10s
    timeout check           10s
    maxconn                 3000

listen web_host
    bind 192.168.80.222:80
    mode http
    log global
    server web1 192.168.80.120:80 check inter 2000 fall 3 rise 5
    server web1 192.168.80.130:80 check inter 2000 fall 3 rise 5



六、测试:KA故障
tcpdump -i eth0 -nn host 224.0.100.100
09:29:59.958633 IP 192.168.80.100 > 224.100.100.43: VRRPv2, Advertisement, vrid 51, prio 95, authtype simple, intvl 2s, length 20 
09:30:01.962139 IP 192.168.80.100 > 224.100.100.43: VRRPv2, Advertisement, vrid 51, prio 95, authtype simple, intvl 2s, length 20
09:30:03.963178 IP 192.168.80.100 > 224.100.100.43: VRRPv2, Advertisement, vrid 51, prio 95, authtype simple, intvl 2s, length 20
#关KA服务
09:30:05.740964 IP 192.168.80.100 > 224.100.100.43: VRRPv2, Advertisement, vrid 51, prio 0, authtype simple, intvl 2s, length 20
09:30:06.413059 IP 192.168.80.110 > 224.100.100.43: VRRPv2, Advertisement, vrid 51, prio 85, authtype simple, intvl 2s, length 20
09:30:26.433930 IP 192.168.80.110 > 224.100.100.43: VRRPv2, Advertisement, vrid 51, prio 85, authtype simple, intvl 2s, length 20
09:30:28.435864 IP 192.168.80.110 > 224.100.100.43: VRRPv2, Advertisement, vrid 51, prio 85, authtype simple, intvl 2s, length 20
#重启KA服务
09:30:28.436130 IP 192.168.80.100 > 224.100.100.43: VRRPv2, Advertisement, vrid 51, prio 95, authtype simple, intvl 2s, length 20
09:30:30.438019 IP 192.168.80.100 > 224.100.100.43: VRRPv2, Advertisement, vrid 51, prio 95, authtype simple, intvl 2s, length 20


六、测试:HA故障
[root@localhost7D ~]# tcpdump -i eth0 -nn host 224.100.100.43
09:34:04.700354 IP 192.168.80.100 > 224.100.100.43: VRRPv2, Advertisement, vrid 51, prio 95, authtype simple, intvl 2s, length 20
09:34:28.723716 IP 192.168.80.100 > 224.100.100.43: VRRPv2, Advertisement, vrid 51, prio 95, authtype simple, intvl 2s, length 20
#关HA服务
09:34:06.702936 IP 192.168.80.100 > 224.100.100.43: VRRPv2, Advertisement, vrid 51, prio 75, authtype simple, intvl 2s, length 20
09:34:06.703122 IP 192.168.80.110 > 224.100.100.43: VRRPv2, Advertisement, vrid 51, prio 85, authtype simple, intvl 2s, length 20
09:34:08.704244 IP 192.168.80.110 > 224.100.100.43: VRRPv2, Advertisement, vrid 51, prio 85, authtype simple, intvl 2s, length 20
#重启Ha服务
09:34:24.720613 IP 192.168.80.110 > 224.100.100.43: VRRPv2, Advertisement, vrid 51, prio 85, authtype simple, intvl 2s, length 20
09:34:24.720782 IP 192.168.80.100 > 224.100.100.43: VRRPv2, Advertisement, vrid 51, prio 95, authtype simple, intvl 2s, length 20
09:34:26.721669 IP 192.168.80.100 > 224.100.100.43: VRRPv2, Advertisement, vrid 51, prio 95, authtype simple, intvl 2s, length 20

  

posted @ 2022-08-05 09:37  yuanbangchen  阅读(56)  评论(0编辑  收藏  举报