BlueXIII's Blog

热爱技术,持续学习

0%

haproxy+keepalived配置

Posted on

防火墙配置

1
2
3
4
firewall-cmd --direct --permanent --add-rule ipv4 filter INPUT 0 --in-interface ens33 --destination 224.0.0.18 --protocol vrrp -j ACCEPT
firewall-cmd --zone=public --add-port=8080/tcp --permanent
firewall-cmd --zone=public --add-port=18010/tcp --permanent
firewall-cmd --reload

1
2
systemctl disable firewalld 
systemctl stop firewalld

关闭selinux

1
2
3
4
vi /etc/sysconfig/selinux
SELINUX=disabled
setenforce 0
getenforce

启动测试WEB服务

1
yum install nc

vi index.html

1
2
3
4
5
6
7
8
9
10
<!doctype html>
<html>
    <head>
      <meta charset="utf-8">
      <title>Test Page</title>
    </head>
    <body>
      <h1>It Works!</h1>
    </body>
</html>
1
while true;do { printf '%b\r\n' 'HTTP/1.1 200 OK' '%b\r\n';cat index.html; }|nc -l 8080;done

安装haproxy

1
yum install -y haproxy

配置haproxy

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
vi /etc/haproxy/haproxy.cfg 

global
        user haproxy
        group haproxy
        daemon
        maxconn 4096
defaults
        mode    tcp
        balance roundrobin #leastconn
        timeout client      30000ms
        timeout server      30000ms
        timeout connect      3000ms
        retries 3
frontend fr_server1
        bind 0.0.0.0:18010
        default_backend bk_server1
backend bk_server1
    server  srv1 10.211.55.11:8080
    server  srv2 10.211.55.12:8080
listen stats
    mode http
    bind *:9090
    stats enable
    stats refresh 3s
    stats uri     /
    stats auth    admin:123456
    stats admin if TRUE

启动haproxy

1
2
systemctl enable haproxy
systemctl start haproxy

安装keepalived

1
yum install keepalived ipset-libs libnl3-devel psmisc

配置keepalived

vi /etc/keepalived/keepalived.conf

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
vrrp_script chk_proc {
  script "killall -0 haproxy" # check the haproxy process
  interval 2 # every 2 seconds
  weight 2 # add 2 points if OK
}

vrrp_instance VI_1 {
  interface eth0 # interface to monitor
  state MASTER # MASTER on haproxy1, BACKUP on haproxy2
  virtual_router_id 51
  priority 101 # 101 on haproxy1, 100 on haproxy2
  virtual_ipaddress {
    10.211.55.100/24 # virtual ip address 
  }
  track_script {
    chk_proc
  }
}

启动keepalived

1
2
systemctl enable keepalived
systemctl start keepalived

查看日志

1
tail -f /var/log/messages

参考文档