haproxy+keepalived实现高可用负载均衡

工作原理：
Keepalived检测HAproxy主备服务器，利用Keepalived的VIP漂移技术，若HAprox主备都工作正常，则VIP与优先级别高的服务器（主服务器）绑定，当主服务器当掉时，则与备服务器绑定，而VIP则是暴露给外部访问的ip；HAproxy利用Keepalived生产的VIP对web服务器集群进行读负载，当某台we服务器当掉，则将其移除，恢复后再将其加入集群。

说明：
haproxy+keepalived 主：172.16.0.111
haproxy+keepalived 备：172.16.0.112
web-1：172.16.0.113
web-2：172.16.0.114
VIP:172.16.0.110
haproxy-1.5.19.tar.gz
keepalived-1.2.23
1、web服务器上

[root@web-1 ~]# vim  /var/www/html/index.php<h1>web-1 172.16.0.113</h1><?php phpinfo(); ?>

2、安装haproxy，主备配置一样

[root@haproxy-master ~]# tar -zxvf haproxy-1.5.19.tar.gz [root@haproxy-master ~]# cd haproxy-1.5.19[root@haproxy-master haproxy-1.5.19]# make TARGET=linux2628 ARCH=x86_64 PREFIX=/usr/local/haproxy[root@haproxy-master haproxy-1.5.19]# make install PREFIX=/usr/local/haproxy

编辑配置文件（自己创建，examples目录下有模板）

[root@haproxy-master haproxy-1.5.19]# mkdir -p /usr/local/haproxy/etc[root@haproxy-master haproxy-1.5.19]# cp ~/haproxy-1.5.19/examples/haproxy.cfg /usr/local/haproxy/etc/[root@haproxy-master haproxy-1.5.19]# vim /usr/local/haproxy/etc/haproxy.cfg# this config needs haproxy-1.1.28 or haproxy-1.2.1  global      log 127.0.0.1   local0      log 127.0.0.1   local1 notice      #log loghost    local0 info        maxconn 4096                    #最大连接数        chroot /usr/local/haproxy      uid 99                       #所属运行的用户UID        gid 99                       #所属运行的用户组        daemon                       #以后台形式运行HAProxy        #debug        #quieti        nbproc    1    #启动1个实例,可以启多个来提高效率            pidfile /var/run/haproxy.pid  defaults      log global      mode    http      option httpclose               #每次请求完毕后主动关闭http通道        option  redispatch               #当serverId对应的服务器挂掉后,强制定向到其他健康的服务器        option forwardfor      option abortonclose             #当服务器负载很高的时候,自动结束掉当前队列处理比较久的链接        option dontlognull                #保证HAProxy不记录上级负载均衡发送过来的用于检测状态没有数据的心跳包        retries 2                    #重试次数        maxconn 2000                   #最大连接数        balance source                #如果想让HAProxy按照客户端的IP地址进行负载均衡策略,即同一IP地址的所有请求都发送到同一服务器时需要配置此选项        timeout connect 5000      timeout client 50000      timeout server 50000  listen admin_stats      bind *:8888              #监听端口，后面打开网页时要用到，不要和已打开的端口冲突      mode http               #http的7层模式        option httplog            #采用http日志格式        log 127.0.0.1 local0 err      maxconn 10      stats refresh 30s           #统计页面自动刷新时间        stats uri /stats          #统计页面url        stats auth admin:admin      #统计页面用户名和密码设置        stats hide-version         #隐藏统计页面上HAProxy的版本信息  #关键设置，添加负载均衡服务器只需设置这里   listen  web_cluster 0.0.0.0:8090      mode http       balance roundrobin       server web1 172.16.0.113:80 cookie app1inst1 check inter 2000 rise 2 fall 5       server web2 172.16.0.114:80 cookie app1inst2 check inter 2000 rise 2 fall 5

启动

[root@localhost sbin]# /usr/local/haproxy/sbin/haproxy  -f  /usr/local/haproxy/etc/haproxy.cfg 

停止

[root@localhost sbin]# killall haproxy          或者kill -9 端口

监控页面
http://172.16.0.111:8888/stats

负载均衡测试

3、安装keepalived

[root@haproxy-master ~]# tar zxvf keepalived-1.2.7.tar.gz -C /usr/local/keepalived[root@haproxy-master ~]# cd /usr/local/keepalived[root@haproxy-master ~]# ./configure[root@haproxy-master ~]# make && make install

编辑配置文件

[root@haproxy-master keepalived-1.2.23]# vim /usr/local/keepalived/etc/keepalived/keepalived.conf ! Configuration File for keepalivedglobal_defs {   notification_email {     acassen@firewall.loc     failover@firewall.loc     sysadmin@firewall.loc   }   notification_email_from Alexandre.Cassen@firewall.loc   smtp_server 192.168.200.1   smtp_connect_timeout 30   router_id LVS_DEVEL   vrrp_skip_check_adv_addr   vrrp_strict   vrrp_garp_interval 0   vrrp_gna_interval 0}vrrp_instance VI_1 {    state MASTER         #备服务器上改为BACKUP    interface eth0    virtual_router_id 51    priority 100         #被服务器上改为小于100的数字，如99    advert_int 1    authentication {        auth_type PASS        auth_pass 1111    }    virtual_ipaddress {        172.16.0.110          #虚拟ip，自己设定    }}

指定配置文件路径

[root@haproxy-master keepalived]# vim /usr/local/keepalived/etc/sysconfig/keepalived KEEPALIVED_OPTIONS="-D -f /usr/local/keepalived/etc/keepalived/keepalived.conf"

因为我们使用非默认路径（/usr/local）安装keepalived，需要设置一些软链接以保证keepalived能正常启动

[root@haproxy-master keepalived]# ln -s /usr/local/keepalived/sbin/keepalived  /usr/bin[root@haproxy-master keepalived]# ln -s /usr/local/keepalived/etc/rc.d/init.d/keepalived  /etc/init.d/[root@haproxy-master keepalived]# ln -s /usr/local/keepalived/etc/sysconfig/keepalived  /etc/sysconfig/

启动

[root@haproxy-master keepalived]# service keepalived startStarting keepalived:                                       [  OK  ][root@haproxy-master keepalived]# chkconfig keepalived on

查看主服务器虚拟ip

[root@haproxy-master keepalived]# ip a1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN     link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00    inet 127.0.0.1/8 scope host lo    inet6 ::1/128 scope host        valid_lft forever preferred_lft forever2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000    link/ether 00:0c:29:ef:78:76 brd ff:ff:ff:ff:ff:ff    inet 172.16.0.111/23 brd 172.16.1.255 scope global eth0    inet 172.16.0.110/32 scope global eth0    inet6 fe80::20c:29ff:feef:7876/64 scope link        valid_lft forever preferred_lft forever

测试vip是否正常提供服务，可以看到与master的监控界面一致

测试keepalived是否实现故障转移功能
停止master上的keepalived服务

[root@haproxy-master ~]# service keepalived stopStopping keepalived:                                       [  OK  ]

在backup上查看是否接管vip

[root@haproxy-backup sbin]# ip a1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN     link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00    inet 127.0.0.1/8 scope host lo    inet6 ::1/128 scope host        valid_lft forever preferred_lft forever2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000    link/ether 00:0c:29:6d:1a:b7 brd ff:ff:ff:ff:ff:ff    inet 172.16.0.112/23 brd 172.16.1.255 scope global eth0    inet 172.16.0.110/32 scope global eth0    inet6 fe80::20c:29ff:fe6d:1ab7/64 scope link        valid_lft forever preferred_lft forever

再访问监控页面，可以看到

参考链接：
http://www.cnblogs.com/MacoLee/p/5853356.html
http://blog.csdn.net/aa168b/article/details/50372649
http://7424593.blog.51cto.com/7414593/1764640