目的构建haproxy双机高可用环境
Haproxy+keepalived(master)ip:192.168.137.21
Haproxy+keepalived(backup)ip:192.168.137.22
VIP:192.168.137.20



一、安装,配置haproxy(两台机器都安装)
 
tar xzvf haproxy-1.4.9.tar.gz
cd haproxy-1.4.9
make TARGET=linux26 prefix=/usr/local/haproxy
cd /usr/local/haproxy
mkdir conf

配置文件/usr/local/haproxy/conf/haproxy.conf如下:
#####全局设置
     global
                daemon                                                 #守护进程运行
                log 127.0.0.1 local3                                 #日志输出配置所有的日志记录在本机通过local0输出
                maxconn 20480                                      #默认最大连接数
                pidfile /var/run/haproxy.pid                       #进程号文件路径
                ulimit-n 65535                                        #设置每个进程的可用的最大文件描述符
                nbproc 1                                                #创建的进程数量2个进入deamon模式运行,此参数要                                                                            #求将运行模式设置为deamon
     defaults
                log global
                mode    http                                            #默认采用http模式,可配置成tcp作4层消息转发                                                                                 #mode {tcp|http|health},tcp是4层,
                                                                             http是7层,health只会返回OK
                maxconn    20480                                     #最大连接数
                option    httplog                                 #日志类别,采用httplog
                option    httpclose                             #每次请求完毕后主动关闭http通道,haproxy不支持keep-                                                                       #alive,只能模拟这种模式的实现
                option    dontlognull                           #来防止记录 Alteo(4层负载均衡)发出的健康检测,如果一个                                                                      #session 交互没有数据,这个 session就不会被记录
                option    redispatch                            #当serverid对应的服务器挂掉后,强制定向到其他健康服                                                                       #务器
                option    abortonclose                        #当服务器负载很高的时候,自动结束掉当前队列处理比较久                                                                     #的连接
                stats     refresh 30                            #页面自动刷新时间
                balance roundrobin                            #负载均衡算法轮询连接后端服务器
                timeout connect 5000ms                    #连接超时时间
                timeout client 50000ms                    #客户端连接超时时间
                timeout server 50000ms                    #服务器端连接超时时间
                timeout check 1000ms                        #心跳检测超时
                option forwardfor                                #如果后端服务器需要获得客户端真实ip需要配置的参数,                                                                        #可以从Http Header中获得客户端ip
                retries 4                                                #4次连接失败就认为服务器不可用,主要通过后面的                                                                            #check检查

             #errorfile 502 /usr/local/haproxy/html/maintain.html
             #errorfile 503 /usr/local/haproxy/html/maintain.html
             #errorfile 504 /usr/local/haproxy/html/maintain.html

        listen admin_status
                bind 0.0.0.0:65532
                mode http
                log 127.0.0.1 local3 err
                stats refresh     5s
                stats uri /admin?status                    #统计页面URL
                stats realm Haproxy\ Statistics          #统计页面密码框上提示文本
                stats auth admin:admin                    #统计页面用户名和密码
                stats hide-version                            #隐藏统计页面上HAProxy的版本信息
                stats admin if TRUE                         #手工启用/禁用,后端服务器(haproxy-1.4.9以后版本)
        listen site_status                                      #监控页面,主要监控后端服务器的状况
                bind 0.0.0.0:1081
                mode http
                log 127.0.0.1 local3 err
                monitor-uri /site_status                #网站健康检测URL,用来检测HAProxy管理的网站是否可以用,                                                                #正常返回200,不正常返回503
                acl site_dead nbsrv(server_web) lt 2 #定义后端down时的策略当挂在负载均衡上的指定backend的                                                                    #中有效机器数小于1台时返回 true
                monitor fail if site_dead                        #当满足策略的时候返回503
                monitor-net 192.168.137.2/32                    #来自192.168.137.2的日志信息不会被记录和转发

        frontend http_80_in
                bind 0.0.0.0:80
                mode http
                log global
                option httplog
                #######日志记录内容配置########
                capture request    header Host                     len 40
                capture request    header Content-Length len 10
                capture request    header Referer                len 200
                capture response header Server                 len 40
                capture response header Content-Length len 10
                capture response header Cache-Control    len 8
                #################################
                option httpclose
                option forwardfor

                ############acl策略配置############

                #当请求中header中Content-length等于0阻止请求返回403
                #acl missing_cl hdr_cnt(Content-length) eq 0
                #block if missing_cl

                #当访问wangqiao.cn的时候,用http的301挑转到http: //www.wangqiao.cn
                acl wangqiao hdr(host) -i wangqiao.cn
                redirect prefix http: //www.wangqiao.cn code 301 if wangqiao

                acl wangqiao_web hdr_reg(host) -i ^(www.wangqiao.cn|ww1.wangqiao.cn)$
                use_backend    server_web     if wangqiao_web

                acl wangqiao_blog hdr_dom(host) -i blog.wangqiao.cn
                use_backend    server_blog if wangqiao_blog
                default_backend server_web               #以上条件都不满足时默认默认使用server_web的backend
                                                                  
                 mode http
                 #每个后端只能设置一种balance模式,默认为roundrobin模式。
                 #balance roundrobin                                #轮询模式
                 #balance source                                        #会话保持模式即同一IP地址的所有请求都发送到同                                                                              #一服务器类似nginx的ip_hash机制
                 cookie SERVERID                             #允许插入serverid到cookie中,serverid后面可以定义

                 #########网站健康检查URL,用来检查HAproxy的网站是否可用,
                 #########它是依靠检查后端web服务器是否存在check.html
                 #########来判断后端主机是否挂掉。如果所有后端服务器上没有check.html文件则浏览器返回503                  ##########Service UnavailableNo server is available to handle this request.
                 #########如果后端某台服务器上检测不到check.html文件那能判断这台主机down掉
                 option httpchk GET /check.html
                 #########服务器定义,cookie we1表示serverid为web1,
                 #########check inter 1500是检测心跳频率rise 3是3次正确
                 ########认为服务器可用,fall 3是3次失败认为服务器不可用,weight代表权重
                 server web1 192.168.137.179:80 cookie web1 check inter 1500 rise 3 fall 3 weight 1
                 server web2 192.168.137.180:80 cookie web2 check inter 1500 rise 3 fall 3 weight 2

    backend server_blog
                 mode http
                 balance leastconn                #leastconn根据服务器当前的请求书,取当前请求数最少的服务器
                 cookie SERVERID
                 option httpchk GET /check.html
                 #心跳检测url,指定心跳检测的http版本,以及请求服务器的request中的域名是什么。
                 #option httpchk GET /check.html HTTP/1.1\r\nHost:blog.wangqiao.cn
                 server blog1 192.168.137.179:81 cookie blog1 check inter 1500 rise 3 fall 3
                 server blog2 192.168.137.180:81 cookie blog2 check inter 1500 rise 3 fall 3


 编辑/etc/syslog.conf
 local3.*                    /var/log/haproxy.log
 编辑/etc/sysconfig/syslog文件,修改内容如下
 SYSLOGD_OPTIONS="-r -m 0"
 重启syslog
 service syslog restart

 启动haproxy
 /usr/local/haproxy/sbin/haproxy -f /usr/local/haproxy/conf/haproxy.conf

二、keepalived安装配置
   安装在此不再说明

master 配置文件如下
! Configuration File for keepalived
global_defs {
     router_id LVS_MASTER
}


vrrp_instance VI_1 {
        state MASTER
        interface eth0
        lvs_sync_daemon_inteface eth0
        virtual_router_id 51
        priority 180
        advert_int 5
        authentication {
                auth_type PASS
                auth_pass 1111
        }

        virtual_ipaddress {
                192.168.137.20
        }
    }

 BACKUP配置文件
! Configuration File for keepalived
global_defs {
     router_id LVS_MASTER
}


vrrp_instance VI_1 {
        state BACKUP
        interface eth0
        lvs_sync_daemon_inteface eth0
        virtual_router_id 51
        priority 150
        advert_int 5
        authentication {
                auth_type PASS
                auth_pass 1111
        }

        virtual_ipaddress {
                192.168.137.20
        }
    }