方案拓扑图
1。
mater 192.168.2.2
backup 192.168.2.3
virtual ip 10.0.0.10
HAProxy 在mater,backup上配置相同
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | |
#--------------------------------------------------------------------- | #
Global settings | #--------------------------------------------------------------------- | global |
log 127.0.0.1
local2 |
chroot /var/lib/haproxy |
pidfile /var/run/haproxy.pid |
maxconn 4000 |
user haproxy |
group
haproxy |
daemon | | #--------------------------------------------------------------------- | #
common defaults that all the 'listen' and 'backend' sections will | #
use if not designated in their block | #--------------------------------------------------------------------- | defaults |
mode http |
log global |
option dontlognull |
option httpclose |
option httplog |
option forwardfor |
option redispatch |
timeout connect 10000 #
default 10 second time out if a backend is not found |
timeout client 300000 |
timeout server 300000 |
maxconn 60000 |
retries 3 | |
stats enable |
stats refresh 30s |
stats realm www.iiwoo.com |
stats uri /st
#haproxy
监控页面的访问地址 |
stats auth admin:admin
#查看监控页,输入的用户名和密码 | | ##开始 | frontend
web1 |
bind 0.0.0.0:80 |
default_backend app1 | backend
app1 |
balance roundrobin | |
option httpchk GET /robots.txt |
option forwardfor |
cookie app1 insert nocache |
server w_1_4 192.168.2.21:80
weight 1
maxconn 5000
cookie w_1_4 check |
server w_1_5 192.168.2.22:80
weight 1
maxconn 5000
cookie w_1_5 check | ##结束 | |
2。
keepalived 的配置
mater
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | |
global_defs { |
notification_email { |
xx@qq.com |
} |
notification_email_from root@abc.com |
smtp_server ngts6009.krypt.com |
smtp_connect_timeout 30 |
router_id LVS_DEVEL | } | | vrrp_instance
VI_1 { |
state MASTER |
interface
eth1 |
virtual_router_id 77 |
priority 100 |
advert_int 1 | |
authentication |
{ |
auth_type PASS |
auth_pass qiwenadmin |
} | |
virtual_ipaddress { |
192.168.1.9 |
} | } | | virtual_server 192.168.1.9 80 { |
delay_loop 6
#
每隔 6 秒查询 realserver 状态 |
lb_algo rr |
lb_kind NAT |
nat_mask 255.255.255.0 |
persistence_timeout 50
#
同一IP 的连接50秒内被分配到同一台realserver |
protocol TCP #
用TCP监测realserver的状态 | |
real_server 192.168.1.3 80 { |
weight 3
#
权重 |
TCP_CHECK { |
connect_timeout 10
#
10秒无响应超时 |
nb_get_retry 3 |
delay_before_retry 3 |
connect_port 80 |
} |
} | |
real_server 192.168.1.4 80 { |
weight 3 |
TCP_CHECK { |
connect_timeout 3 |
delay_before_retry 3 |
connect_port 80 |
} |
} | } | |
backup
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | |
global_defs { |
notification_email { |
34214399@qq.com |
} |
notification_email_from root@ngts6009.krypt.com |
smtp_server ngts6009.krypt.com |
smtp_connect_timeout 30 |
router_id LVS_DEVEL | } | | vrrp_instance
VI_1 { |
state BACKUP |
interface
eth0 |
virtual_router_id 77 |
priority 99 |
advert_int 1 | |
authentication { |
auth_type PASS |
auth_pass qiwenadmin |
} | |
virtual_ipaddress { |
192.168.1.9 |
} | } | | virtual_server 192.168.1.9 80 { |
delay_loop 6
#
每隔 6 秒查询 realserver 状态 |
lb_algo rr |
lb_kind NAT |
nat_mask 255.255.255.0 |
persistence_timeout 50
#
同一IP 的连接50秒内被分配到同一台realserver |
protocol TCP #
用TCP监测realserver的状态 | |
real_server 192.168.1.3 80 { |
weight 3
#
权重 |
TCP_CHECK { |
connect_timeout 10
#
10秒无响应超时 |
nb_get_retry 3 |
delay_before_retry 3 |
connect_port 80 |
} |
} | |
real_server 192.168.1.4 80 { |
weight 3 |
TCP_CHECK { |
connect_timeout 3 |
delay_before_retry 3 |
connect_port 80 |
} |
} | } | |