安装haproxy

tar zxvf haproxy-1.5.4.tar.gz
cd haproxy-1.5.4
make TARGET=linux26 PREFIX=/usr/local/haproxy
make install PREFIX=/usr/local/haproxy



创建haproxy配置文件目录

mkdir /usr/local/haproxy/conf

haproxy安装完成后。默认没有配置文件,将源码包里面的示例配置文件复制过来

cp /software/haproxy-1.5.4/examples/haproxy.cfg   /usr/local/haproxy/conf/haproxy.conf




主节点和备用节点的haproxy.conf文件内容完全相同

vi  haproxy.conf




global
        log 127.0.0.1   local1 info
        maxconn 4096
        uid nobody
        gid nobody
        daemon
        nbproc 1
        pidfile /usr/local/haproxy/conf/haproxy.pid

defaults
        mode    http
        retries 3
        timeout connect 5s
        timeout client  30s
        timeout server  30s
        timeout check   2s



listen  admin_status
        bind 0.0.0.0:19088
        mode http
        log 127.0.0.1 local1 err
        stats refresh 30s
        stats uri /admin-status
        stats realm welcome login\ Haproxy
        stats auth admin:admin
        stats hide-version
        stats admin if TRUE


frontend www

global
        log 127.0.0.1   local1 info
        maxconn 4096
        uid nobody
        gid nobody
        daemon
        nbproc 1
        pidfile /usr/local/haproxy/conf/haproxy.pid

defaults
        mode    http
        retries 3
        timeout connect 5s
        timeout client  30s
        timeout server  30s
        timeout check   2s



listen  admin_status
        bind 0.0.0.0:19088
        mode http
        log 127.0.0.1 local1 err
        stats refresh 30s
        stats uri /admin-status
        stats realm welcome login\ Haproxy
        stats auth admin:admin
        stats hide-version
        stats admin if TRUE
        stats hide-version
        stats admin if TRUE


frontend www
        bind 172.23.146.150:80
        mode http
        option httplog
        option forwardfor
        log   global



        acl  www_jiashenzhen  hdr_dom(host)  -i www.jiashenzhen.com
        acl  www_jsz  hdr_dom(host)  -i www.jsz.com


        use_backend  jiashenzhen  if  www_jiashenzhen
        use_backend  jsz if  www_jsz



backend jiashenzhen
        mode    http
        option  redispatch
        option  abortonclose
        balance roundrobin
        option  httpchk GET /index.html
        server web1 172.23.146.147:81 weight 6 check inter 2000 rise 2 fall 3
        server web2 172.23.145.12:81 weight 6 check inter 2000 rise 2 fall 3



backend jsz
        mode    http
        option  redispatch
        option  abortonclose
        balance roundrobin
        option  httpchk GET /index.html
        server web2 172.23.145.12:82 weight 6 check inter 2000 rise 2 fall 3
        server web1 172.23.146.147:82 weight 6 check inter 2000 rise 2 fall 3


在这个haproxy配置中。通过ACL规则将两个站点分别转向web1,web2两个服务节点上



安装配置keepalived


yum install -y pcre-devel openssl-devel popt-devel #安装依赖包


wget http://www.keepalived.org/software/keepalived-1.2.7.tar.gz

tar zxvf keepalived-1.2.7.tar.gz

cd keepalived-1.2.7

./configure --prefix=/usr/local/keepalived

make

make install


优化路径

cp /usr/local/keepalived/etc/rc.d/init.d/keepalived  /etc/init.d/

cp /usr/local/keepalived/etc/sysconfig/keepalived  /etc/sysconfig/
mkdir /etc/keepalived/

cp /usr/local/keepalived/etc/keepalived/keepalived.conf  /etc/keepalived/

cp /usr/local/keepalived/sbin/keepalived  /usr/sbin/



修改keepalived的配置文件


vi /etc/keepalived/keepalived.conf




! Configuration File for keepalived
global_defs {
   router_id Mysql_HA
}

vrrp_script  chk_haproxy {
    script "killall -0 haproxy"
    interval 2
}

vrrp_instance HAProxy_HA {
    state BACKUP
    interface eth0
    garp_master_delay 10
    virtual_router_id 81
    mcast_src_ip 172.23.146.147
    priority 100
    advert_int 1
    nopreempt
    authentication {
        auth_type PASS
        auth_pass hipiao
    }





    virtual_ipaddress {
        172.23.146.150
    }

track_script {
       chk_haproxy
    }
}



修改备用节点的keepalived.conf

priority值修改为90

去掉nopreempt选项



最后先启动haproxy   

/usr/local/haproxy/sbin/haproxy -f /usr/local/haproxy/conf/haproxy.conf

再启动keepalived

/usr/sbin/keepalived start


如果启动haproxy报错  ##Starting frontend www: cannot bind socket

灰常重要的一个环节

修改内核参数: /etc/sysctl.conf

net.ipv4.ip_nonlocal_bind=1

保存结果,使结果生效

sysctl –p




设置haproxy日志

 vi /etc/rsyslog.d/haproxy.conf


$ModLoad imudp
$UDPServerRun 514

local1.* /var/log/haproxy.log


修改


在local7.*下面加local1.*   大概在62行
 local7.*                                              
 local1.*

重启服务

/etc/init.d/rsyslog  restart



设置keepalived日志


修改 /etc/sysconfig/keepalived

把KEEPALIVED_OPTIONS="-D" 修改为KEEPALIVED_OPTIONS="-D -d -S 0"

设置syslog,修改/etc/rsyslog.conf

最后添加:

# keepalived -S 0 

local0.*                                                /var/log/keepalived.log

重新启动日志

/etc/init.d/rsyslog restart

使用以下命令进行验证

 /etc/init.d/keepalived start /var/log/keepalived.log