主机名 | IP地址 |
VIP | 192.168.200.254 |
Haproxy-1 | 192.168.200.113 |
Haproxy-2 | 192.168.200.115 |
Nginx1 | 192.168.200.111 |
Nginx2 | 192.168.200.112 |
一、在Nginx1/2上编译安装nginx
1、第一台
[root@localhost ~]# yum -y install pcre-devel zlib-devel openssl-devel [root@localhost ~]# yum -y install gcc gcc-c++ make [root@localhost ~]# useradd -M -s /sbin/nologin nginx [root@localhost ~]# tar -xf nginx-1.15.9.tar.gz -C /usr/src/ [root@localhost ~]# cd /usr/src/nginx-1.15.9/ [root@localhost ~]# ./configure --prefix=/usr/local/nginx --user=nginx --group=nginx && make && make install [root@localhost ~]# ln -s /usr/local/nginx/sbin/nginx /usr/local/sbin/ [root@localhost ~]# nginx [root@localhost ~]# netstat -lnpt | grep :80 tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 13144/nginx: master
[root@localhost ~]# echo "aaaaa" > /usr/local/nginx/html/index.html
2、第二台
安装跟第一台一样
[root@localhost ~]# echo "bbbbbb" > /usr/local/nginx/html/index.html
二、安装Haproxy,两台配置一样
1、安装Haproxy依赖包及源码编译安装
[root@localhost ~]# yum -y install gcc gcc-c++ make pcre-devel bzip2-devel [root@localhost ~]# tar -xf haproxy-1.4.24.tar.gz -C /usr/src/ [root@localhost ~]# cd /usr/src/haproxy-1.4.24/ [root@localhost haproxy-1.4.24]# make TARGET=linux26 && make install
2、建立haproxy的配置目录及文件
[root@localhost haproxy-1.4.24]# mkdir /etc/haproxy [root@localhost haproxy-1.4.24]# cp examples/haproxy.cfg /etc/haproxy
3、haproxy 配置文件修改
[root@localhost ~]# vim /etc/haproxy/haproxy.cfg 9 # this config needs haproxy-1.1.28 or haproxy-1.2.1 10 11 global 12 # log 127.0.0.1 local0 13 # log 127.0.0.1 local1 notice 14 log /dev/log local0 info 15 log /dev/log local0 notice 16 maxconn 4096 17 uid 99 18 gid 99 19 daemon 20 21 defaults 22 log global 23 mode http 24 option httplog 25 retries 3 26 maxconn 4096 27 contimeout 5000 //连接超时时间 28 clitimeout 50000 //客户端超时时间 29 srvtimeout 50000 //服务器超时时间 30 31 listen webcluster 0.0.0.0:80 32 option httpchk GET /index.html 33 balance roundrobin 34 server inst1 192.168.200.111:80 check inter 2000 fall 3 35 server inst1 192.168.200.112:80 check inter 2000 fall 3 36 37 listen admin_stats 38 bind 0.0.0.0:8000 39 mode http 40 option httplog 41 maxconn 100 42 stats refresh 1s 43 stats uri /stats 44 stats realm Crushlinux\ Haproxy 45 stats auth admin:admin 46 stats hide-version
4、创建自启动脚本
[root@localhost ~]# cp /usr/src/haproxy-1.4.24/examples/haproxy.init /etc/init.d/haproxy [root@localhost ~]# ln -s /usr/local/sbin/haproxy /usr/sbin/haproxy [root@localhost ~]# chmod +x /etc/init.d/haproxy [root@localhost ~]# /etc/init.d/haproxy start
5、访问测试
三、编译安装Keepalived服务
1、安装keepalived
[root@localhost ~]# yum -y install keepalived
2.1、修改第一台keepalived配置文件(192.168.200.113)
! Configuration File for keepalived global_defs { notification_email { acassen@firewall.loc failover@firewall.loc sysadmin@firewall.loc } notification_email_from Alexandre.Cassen@firewall.loc smtp_server 192.168.200.1 smtp_connect_timeout 30 router_id LVS_DEVEL } vrrp_script chk_http_port { script "/etc/keepalived/check_haproxy.sh" interval 2 weight 3 } global_defs { router_id LVS_DEVEL } vrrp_instance VI_1 { state MASTER interface eno16777728 virtual_router_id 51 priority 100 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.200.254 } track_script { chk_http_port } }
2.2、修改第二台主机的keepalived配置文件
! Configuration File for keepalived global_defs { notification_email { acassen@firewall.loc failover@firewall.loc sysadmin@firewall.loc } notification_email_from Alexandre.Cassen@firewall.loc smtp_server 192.168.200.1 smtp_connect_timeout 30 router_id LVS_DEVEL } vrrp_script chk_http_port { script "/etc/keepalived/check_haproxy.sh" interval 2 weight 2 } global_defs { router_id LVS_DEVEL } vrrp_instance VI_1 { state MASTER interface eno16777736 virtual_router_id 51 priority 100 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.200.254 } track_script { chk_http_port } }
3、两台主机上配置haproxy检测脚本
[root@localhost ~]# cat /etc/keepalived/check_haproxy.sh #!/bin/bash count="$(ps -C haproxy --no-header | wc -l)" if [ $count -eq 0 ] then /usr/local/haproxy/sbin/haproxy -f /usr/local/haproxy/conf/haproxy.cfg sleep 3 if [ 'ps -C haproxy --no-header | wc -l' -eq 0 ] then /etc/init.d/keepalived stop fi fi
4、将脚本添加权限,启动服务
[root@localhost ~]# chmod +x /etc/keepalived/check_haproxy.sh [root@localhost ~]# systemctl restart keepalived
四、所有配置完成后进行测试
[root@haproxy-1 ~]# ip a2: eno16777728: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:16:11:9e brd ff:ff:ff:ff:ff:ff inet 192.168.200.113/24 brd 192.168.200.255 scope global eno16777728 valid_lft forever preferred_lft forever inet 192.168.200.254/32 scope global eno16777728 valid_lft forever preferred_lft forever inet6 fe80::20c:29ff:fe16:119e/64 scope link valid_lft forever preferred_lft forever
[root@haproxy-1 ~]# systemctl stop keepalived //关闭第一台的keepalived服务
VIP会跑到第二台主机上[root@haproxy-2 ~]# ip a 2: eno16777736: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:fa:9e:1d brd ff:ff:ff:ff:ff:ff inet 192.168.200.115/24 brd 192.168.200.255 scope global eno16777736 valid_lft forever preferred_lft forever inet 192.168.200.254/32 scope global eno16777736 valid_lft forever preferred_lft forever inet6 fe80::20c:29ff:fefa:9e1d/64 scope link valid_lft forever preferred_lft forever
测试脚本
[root@localhost ~]# while : > do > curl 192.168.200.254 > sleep 3 > done aaaaa bbbbbb aaaaa bbbbbb ^C