keepalived+haproxy實現高可用
阿新 • • 發佈:2022-05-08
keepalived 配置檔案
MASTER
! Configuration File for keepalived global_defs { notification_email { [email protected] [email protected] [email protected] } router_id haproxy-1 } vrrp_script chk_haproxy { script "/etc/keepalived/check_haproxy.sh" interval 2 weight-30 } vrrp_instance VI_1 { state MASTER interface ens32 virtual_router_id 51 priority 120 nopreempt advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.64.200 } track_script { chk_haproxy } }
BACKUP
! Configuration File for keepalived global_defs { notification_email { [email protected] [email protected] [email protected] } router_id haproxy-2 } vrrp_script chk_haproxy { script "/etc/keepalived/check_haproxy.sh" interval 2 weight -30 } vrrp_instance VI_1 { state BACKUPinterface ens32 virtual_router_id 51 priority 100 nopreempt advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.64.200 } track_script { chk_haproxy } }
監控指令碼
#!/bin/sh if [ $(ps -C haproxy --no-header | wc -l) -eq 0 ]; then systemctl start haproxy fi sleep 2 if [ $(ps -C haproxy --no-header | wc -l) -eq 0 ]; then killall keepalived fi count = `netstat -ntpl |grep 80 |wc -l` if [$count -gt 0]; then exit 0 else exit 1 fi
檢視VIP
[root@master-1 keepalived]# ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: ens32: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 00:0c:29:09:cf:d7 brd ff:ff:ff:ff:ff:ff inet 192.168.64.110/24 brd 192.168.64.255 scope global noprefixroute ens32 valid_lft forever preferred_lft forever inet 192.168.64.200/32 scope global ens32 valid_lft forever preferred_lft forever
訪問
故障:
配置好VIP去訪問的時候發現一直超時,宿主機也ping不通,然後在虛機測試也是ping不通,就去跟度娘雲雨了一番,索性得到了答案:https://www.dandelioncloud.cn/article/details/1504995588356796418
大致意思是keepalived.conf中vip配置好後,通過ip addr可以看到vip已經順利掛載,但是無法ping通,並且防火牆都已關閉,原因是keepalived.conf配置中預設vrrp_strict打開了,需要把它註釋掉。重啟keepalived即可ping通。