haproxy 与 keepalived 高可用
keepalived安装配置############安装略############
1. 更改防火墙规则、并关闭selinux
firewall-cmd --direct --permanent --add-rule ipv4 filter INPUT 0 -d 224.0.0.0/8 -p vrrp -j ACCEPT
firwall-cmd --reload
2. 修改内核配置:
a. cat >> /etc/sysctl.conf <<EOF
net.ipv4.ip_forward = 1
net.ipv4.ip_nonlocal_bind = 1
EOF
b. sysctl -p
3. keepalived.conf主节点配置如下:
! Configuration File for keepalived
global_defs {
notification_email {
docker_lab@126.com
}
notification_email_from docker_lab@126.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script chk_haproxy {
script "killall -0 haproxy"
interval 2
weight-2
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
# 172.16.2.7
192.168.34.99/20 brd 192.168.47.255 dev eth0 label eth0:vip
}
track_script {
chk_haproxy
}
}
注:从节点只需修改为以下两项即可:
state BACKUP
priority 99
haproxy 的相关配置:
############安装略############
1. 配置文件如下:
global
log 127.0.0.1 local2
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 5000
user haproxy
group haproxy
daemon
# turn on stats unix socket
stats socket /var/lib/haproxy/stats
defaults
mode http
log global
option httplog
option dontlognull
option http-server-close
option forwardfor except 127.0.0.0/8
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 30000
frontend http-in
bind *:8080
acl homepage path_reg ^/$
acl status path_beg /haproxyadmin
redirect location /hds/ if homepage
use_backend status if status
default_backend app
backend status
stats enable
stats hide-version
stats uri /haproxyadmin?stats
stats realm Haproxy\ Statistics
stats auth admin:admin
stats admin if TRUE
backend app
balance source
option httpclose
option forwardfor
server app1 172.16.1.45:8080 check maxconn 1000
server app2 172.16.0.204:8080 check maxconn 1000
不错额不错
页:
[1]