keepalived+haproxy+nginx

keepalived+haproxy+nginx_style

vm1-keepalived+haproxy
        eth0 172.16.3.2/16 up
        eth1 192.168.1.2/24 up
vm2-keepalived+haproxy
        eth0 172.16.3.3/16 up
        eth1 192.168.1.3/24 up   
vm3-web:
        eth0 192.168.1.1/24 up
vm4-web:
        ech0 192.168.1.10/24 up
VRRP: 172.16.3.88/16

测试机本机:

vm1-keepalived+haproxy配置
    # ifconfig eth0 172.16.3.2/16 up
    # ifconfig eth1 192.168.1.2/24 up
    # yum install keepalived haproxy -y
haproxy配置文件:
    # vim /etc/haproxy/haproxy.cfg
    #---------------------------------------------------------------------
    # Example configuration for a possible web application.  See the
    # full configuration options online.
    #
    #   http://haproxy.1wt.eu/download/1.4/doc/configuration.txt
    #
    #---------------------------------------------------------------------

    #---------------------------------------------------------------------
    # Global settings
    #---------------------------------------------------------------------
    global
        # to have these messages end up in /var/log/haproxy.log you will
        # need to:
        #
        # 1) configure syslog to accept network log events.  This is done
        #    by adding the '-r' option to the SYSLOGD_OPTIONS in
        #    /etc/sysconfig/syslog
        #
        # 2) configure local2 events to go to the /var/log/haproxy.log
        #   file. A line like the following can be added to
        #   /etc/sysconfig/syslog
        #
        #    local2.*                       /var/log/haproxy.log
        #
        log         127.0.0.1 local2

        chroot      /var/lib/haproxy
        pidfile     /var/run/haproxy.pid
        maxconn     4000
        user        haproxy
        group       haproxy
        daemon

        # turn on stats unix socket
        stats socket /var/lib/haproxy/stats

    #---------------------------------------------------------------------
    # common defaults that all the 'listen' and 'backend' sections will
    # use if not designated in their block
    #---------------------------------------------------------------------
    defaults
        mode                    http
        log                     global
        option                  httplog
        option                  dontlognull
        option http-server-close
        option forwardfor       except 127.0.0.0/8
        option                  redispatch
        retries                 3
        timeout http-request    10s
        timeout queue           1m
        timeout connect         10s
        timeout client          1m
        timeout server          1m
        timeout http-keep-alive 10s
        timeout check           10s
        maxconn                 3000

    frontend main
        bind :80
        bind :8088
    #    acl clear dst_port 8088
        #acl login path_beg /login
        #redirect location http://www.baidu.com if login
        #redirect prefix / if clear
    #    reqadd X-Proto:\ SSL if clear
        #rspadd X-Via:\ haproxy if clear
        #option forwardfor except 127.0.0.0/8
        #acl url_static path_beg -i /images /stylesheets /vedios /javascript
        #acl url_static path_end -i .jpg .html .css .js .png .gif
        #use_backend static if url_static
        default_backend webservers

    #backend static
    #    balance roundrobin
    #    server s1 192.168.1.10:80  check port 80
    #    server b1 127.0.01:8080 backup check port 8080
    backend webservers
        balance roundrobin
        #cookie ninghongliang insert nocache
        server s2 192.168.1.1:80 check port 80 
        server s1 192.168.1.10:80  check port 80
        server b1 127.0.01:8080 backup check port 8080
        stats enable
        stats hide-version
        stats uri /haha?stats
        stats scope .
        stats realm  HAPorx\ boy
    stats auth   admin1:admin
    stats admin if TRUE
keepalived配置文件
    ! Configuration File for keepalived

    global_defs {
       notification_email {
        root@localhost
       }
       notification_email_from ning@qq.com
       smtp_server 127.0.0.1
       smtp_connect_timeout 30
    }
    vrrp_script chk_sched_down {
        script "[ -e /etc/keepalived/down ] && exit 1 || exit 0"   
        interval 2
        weight -50
        fall 2
        rise 1
    }
    vrrp_script chk_haproxy {
        script "/etc/keepalived/check_haproxy.sh"
        interval 2
        weight -50
        fall 2
        rise 1
    }

    vrrp_instance VI_1 {
        state MASTER
        interface eth0
        virtual_router_id 77
        priority 100
        advert_int 1
        authentication {
            auth_type PASS
            auth_pass ning
        }
        virtual_ipaddress {
        172.16.3.88
        }
    track_script {
        chk_sched_down
        chk_haproxy
    }
    }
vm2-keepalived+haproxy配置
    # ifconfig eth0 172.16.3.3/16 up
    # ifconfig eth1 192.168.1.3/24 up
    # yum install keepalived haproxy -y
haproxy配置文件:(这里的配置和上面的一样,不在此说明)
keepalived配置文件
    ! Configuration File for keepalived

    global_defs {
       notification_email {
        root@localhost
       }
       notification_email_from ning@qq.com
       smtp_server 127.0.0.1
       smtp_connect_timeout 30
    }
    vrrp_script chk_sched_down {
        script "[ -e /etc/keepalived/down ] && exit 1 || exit 0"   
        interval 2
        weight -50
        fall 2
        rise 1
    }
    vrrp_script chk_haproxy {
        script "/etc/keepalived/check_haproxy.sh"
        interval 2
        weight -50
        fall 2
        rise 1
    }

    vrrp_instance VI_1 {
        state  BACKUP
        interface eth0
        virtual_router_id 77
        priority 99
        advert_int 1
        authentication {
            auth_type PASS
            auth_pass ning
        }
        virtual_ipaddress {
        172.16.3.88
        }
    track_script {
        chk_sched_down
        chk_haproxy
    }
    }   
这里面使用的检测脚本haprxoy脚本chk_haproxy(测试检测为3秒后如果haproxy还不能上线,就关闭keepalived)
#!/bin/bash
A=`ps -C haproxy --no-header |wc -l`
if [ $A -eq 0 ];then
/usr/sbin/haproxy -f /etc/haproxy/haproxy.cfg
sleep 3
if [ `ps -C haproxy --no-header |wc -l` -eq 0 ];then
/etc/init.d/keepalived stop
fi
fi

vm3-web:配置
    # ifconfig eth0 192.168.1.1/24 up
    # yum install nginx -y
    # echo "192.168.1.1" > /usr/share/nginx/html/index.html
vm4-web:配置
    # ifconfig eth0 192.168.1.10/24 up
    # yum install nginx -y
    # echo "192.168.1.10" > /usr/share/nginx/html/index.html

测试:
    (1)主备同时执行 # ip addr show
       主: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
            link/ether 00:0c:29:d7:f7:9c brd ff:ff:ff:ff:ff:ff
            inet 172.16.3.2/16 brd 172.16.255.255 scope global eth0
            inet 172.16.3.88/32 scope global eth0
               valid_lft forever preferred_lft forever
        从: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
            link/ether 00:0c:29:0b:35:6a brd ff:ff:ff:ff:ff:ff
            inet 172.16.3.3/16 brd 172.16.255.255 scope global eth0
            inet6 fe80::20c:29ff:fe0b:356a/64 scope link
               valid_lft forever preferred_lft forever
      (2)停掉主上的haproxy,2秒后keepalived会自动将其再次启动
      (3)停掉主的keepalived,备机马上接管服务
            eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
            link/ether 00:0c:29:0b:35:6a brd ff:ff:ff:ff:ff:ff
            inet 172.16.3.3/16 brd 172.16.255.255 scope global eth0
            inet 172.16.3.88/32 scope global eth0
               valid_lft forever preferred_lft forever
      (4)本机测试:(因为上面只是简单的定义了轮训,没有定义动静分离)
http://172.16.3.88
            有图有真相

keepalived+haproxy+nginx_border_02

keepalived+haproxy+nginx_title_03