Haproxy+Keepalived实现双机高可用

时间:2020-12-20 04:47:43

安装keepalived前需要安装的包

[root@dns2 /]# yum -y install kernel kernel-devel


安装keepalived

wget  http://www.keepalived.org/software/keepalived-1.1.19.tar.gz

# tar zxvf keepalived-1.1.19.tar.gz


# cd keepalived-1.1.19


# ./configure --prefix=/usr/local/keepalived --with-kernel-dir=/usr/src/kernels/2.6.18-164.el5xen-i686/


# make&&make install


# cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/rc.d/init.d/
# cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
# mkdir /etc/keepalived
# cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/
# cp /usr/local/keepalived/sbin/keepalived /usr/sbin/



# vi /etc/keepalived/keepalived.conf


 


global_defs {


       notification_email {


              longmu@taobao.com


       }


       notification_email_from lb@proxy


       smtp_server localhost


       smtp_connect_timeout 30


       router_id haproxy_wf


}


  1. vrrp_script chk_haproxy {                  #用来检测该服务器上haproxy服务的健康状态

  2.     script "killall -0 haproxy"  

  3.     interval 2  

  4.     weight 2  

  5. }


vrrp_instance VI_9 {   #这里的VI_1最好重新命名,且跟备机一直,并确保同段网络内没有相同的命名


    state MASTER    #主为MASTER


    interface eth0


    virtual_router_id 59    #主备配置要一样,这个值是路由的配对,不能跟其他机器一样


    priority 100           #优先级,主配置必须比备机上值大


    advert_int 1


    authentication {


        auth_typePASS


        auth_pass haproxy_wf    #加密串,主和备上定义必须相同


    }


track_script {

        chk_haproxy

    }


    virtual_ipaddress {


        10.13.23.83             #定义虚IP


    }


}


 


以下为备机配置,注意几个值不同:


global_defs {


       notification_email{


              longmu@taobao.com


       }


       notification_email_from lb@proxy


       smtp_server localhost


       smtp_connect_timeout 30


       router_id haproxy_wf


}



  1. vrrp_script chk_haproxy {                  #用来检测该服务器上haproxy服务的健康状态

  2.     script "killall -0 haproxy"  

  3.     interval 2  

  4.     weight 2  

  5. }


vrrp_instance VI_9 {


    state BACKUP


    interface eth0


    virtual_router_id 59


    priority 99


    advert_int 1


    authentication {


        auth_typePASS


        auth_pass haproxy_wf


    }


track_script {

        chk_haproxy

    }



    virtual_ipaddress {


        10.13.23.83


    }


}


 


# service keepalived start


#tail –f /var/log/message   监听日志,查看状态,测试负载均衡及高可用性是否有效。


haproxy安装配置请参考http://johnsz.blog.51cto.com/525379/715922



备注:

   keepalived 两个主机不能正常通信,除了配置错误之外,通常是由于防火墙的原因,很多资料都没有提及这点,难道让服务器裸奔不成。请检查防火墙规则符合下面的条件:

   1、keepalived 默认需要使用D类多播地址224.0.0.18 进行心跳通信

   2、keepalived 使用vrp协议进行通信(协议号码为112)

   防火墙添加规则:

   iptables -A INPUT -i eth1 -d 224.0.0.0/8 -j ACCEPT 
   iptables -A INPUT -i eth1 -p 112 -j ACCEPT 



 

参考文献:


http://rfyimcool.blog.51cto.com/1030776/680666

http://www.cnblogs.com/davidwang456/p/3718865.html

http://blog.chinaunix.net/uid-25266990-id-3989321.html


标签:

相关文章