haproxy实现基于内容的健康检测

最新推荐文章于 2022-04-21 10:10:15 发布

weixin_33737134

最新推荐文章于 2022-04-21 10:10:15 发布

阅读量308

点赞数

文章标签：网络开发工具后端

原文链接：http://blog.51cto.com/13136984/2049147

版权

实验要求：

实现haproxy的跨网段访问，要求172.17为公网网段，后端server为192.168的私网网段，haproxy检测后端的realserver是基于index.html的内容，“OK”字段代表服务正常，并能够实现在haproxy停止时切换VIP

1.keepalived配置文件

vim /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {
   notification_email {
     root@localhost 
   }
   notification_email_from root_keepalived
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id LVS_DEVEL
} 

**vrrp_script chk_haproxy {
        script "killall -0 haproxy" 
        interval 2 
        weight -150 
        fall 2 
        rise 2 **
}

vrrp_instance VI_1 {
    state BACKUP
    interface eth2
    virtual_router_id 14
    priority 200
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 2121
    }
    virtual_ipaddress {
        172.17.17.1
    }

    track_script {
    chk_haproxy
        } 
}
vrrp_instance VI_2 {
    state BACKUP
    interface eth1
    virtual_router_id 15
    priority 200
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 2121
    }
    virtual_ipaddress {
        192.168.17.1
    }
    track_script {
    chk_haproxy
    } 
}

2.HAproxy文件配置

vim /etc/haproxy/haproxy.cfg

global
    log         127.0.0.1 local2
    nbproc      1
    chroot      /var/lib/haproxy
    pidfile     /var/run/haproxy.pid
    maxconn     4000
    user        haproxy
    group       haproxy
    daemon

    stats socket /var/lib/haproxy/stats

defaults
    mode                    http
    log                     global
    option                  httplog
    option                  dontlognull
    option http-server-close
    option forwardfor       except 127.0.0.0/8
    option                  redispatch
    retries                 3
    timeout http-request    10s
    timeout queue           1m
    timeout connect         10s
    timeout client          1m
    timeout server          1m
    timeout http-keep-alive 10s
    timeout check           10s
    maxconn                 3000
frontend static
        mode http 
        bind *:80
        acl url_static path_beg -i /static /images /javascript /stylesheets
        acl url_static path_end -i .img .jpg .gif .jpeg .png .css .js
        use_backend  server_static if url_static
        use_backend  cook if ! url_static
frontend ip_acl
        bind *:80
        acl src_ip src 172.17.0.0
        block if ! src_ip
backend cook
        mode http
       ** option  httpchk  GET /index.html
        http-check expect string ok **
        cookie SERVERID insert indirect nocache
        server  cook_175  192.168.17.175:80 check cookie 175

backend server_static
        balance     roundrobin
        option  httpchk  GET /index.html
        http-check expect string ok   
        server  static_175  192.168.17.175:80 check
        server  static_176  192.168.17.176:80 check

listen stats #定义一个统计报告服务
        mode http       #基于http协议
        bind *:1900          #监听1080端口
        stats enable          #开启统计报告服务
        stats hide-version          #隐藏统计报告版本信息
        stats uri /haproxy?111           #统计报告访问url
        stats realm Haproxy\ Statistics             #页面登陆信息
        stats auth admin:admin           #验证账号信息
        stats admin if TRUE            #验证模式

转载于:https://blog.51cto.com/13136984/2049147