一、实验规划

　　node1：haproxy+keepalived  IP地址：192.168.200.111(主)

　　node2：haproxy+keepalived  IP地址：192.168.200.111(从)

　　nginx1：nginx IP地址：192.168.200.113

　　nginx2：nginx IP地址：192.168.200.114

　　VIP地址：192.168.200.200

二、前期准备工作

　　1. 修改主机名　

#node1
hostname node1
bash
#node2
hostname node2
bash
#nginx1
hostname nginx1
bash
#nginx2
hostname nginx2

　　2. 配置主机名与IP地址的映射关系(修改hosts文件)

192.168.200.111 node1
192.168.200.112 node2
192.168.200.113 nginx1
192.168.200.114 nginx2

　　3. 关闭防火墙与安全机制

systemctl stop firewalld
setenforce 0
iptables -F

 　　4. 配置yum源及epel源(不再介绍)

三、node1的操作

 　　1. 安装haproxy

#安装haproxyyum -y install haproxy
#配置haproxy
vim /etc/haproxy/haproxy.cfg# 配置说明：本配置基于yum安装后默认的配置文件上修改而来的
# 其中 `listen admin_stats` 的配置是启用haproxy的监控web界面，
# 跟本次实验无关，是可选的
# 修改 `backend app`，转到nginx1与nginx2
global
log 127.0.0.1 local2chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy
daemon# turn on stats unix socket
stats socket /var/lib/haproxy/stats#---------------------------------------------------------------------
# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
#---------------------------------------------------------------------
defaults
mode http
log global
option httplog
option dontlognull
option http-server-close
option forwardfor except 127.0.0.0/8
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 3000#---------------------------------------------------------------
listen admin_stats
bind 0.0.0.0:48800
bind-process 1
stats enable
mode http
log global
stats hide-version
stats uri /haproxy #访问的uri ip:8888/haproxy
stats realm Haproxy\ Statistics
stats auth admin:admin #访问帐密
stats admin if TRUE # 管理界面，如果认证成功，是否可通过WebUI操作节点
stats refresh 30s #监控状态刷新频率
#---------------------------------------------------------------------
# main frontend which proxys to the backends
#---------------------------------------------------------------------
frontend main *:5000  #本次采用5000端口访问
acl url_static path_beg -i /static /images /javascript /stylesheets
acl url_static path_end -i .jpg .gif .png .css .jsuse_backend static if url_static
default_backend app#---------------------------------------------------------------------
# static backend for serving up images, stylesheets and such
#---------------------------------------------------------------------
backend static
balance roundrobin
server static 127.0.0.1:4331 check#---------------------------------------------------------------------
# round robin balancing between the various backends
#---------------------------------------------------------------------
backend app
balance roundrobin
server app1 192.168.200.113:80 check
server app2 192.168.200.114:80 check

　　2. 安装keepalived

#安装keepalived
yum -y install keepalived 
#配置keepalived
vim  /etc/keepalived/keepalived.conf 
vrrp_script chk_http_port {script "/etc/keepalived/check_haproxy.sh"interval 2weight 2
}
vrrp_instance VI_1 {state MASTERinterface eno16777728virtual_router_id 51 priority 100     advert_int 1authentication {auth_type PASSauth_pass 1111}track_script {chk_http_port}virtual_ipaddress {192.168.200.200 }
}
#准备检查脚本
vim /etc/keepalived/check_haproxy.sh 
#!/bin/bash
A=`ps -C haproxy --no-header |wc -l`if [ $A -eq 0 ];thensystemctl restart haproxy &> /dev/nullsleep 3if [ `ps -C haproxy --no-header |wc -l` -eq 0 ];thensystemctl stop keepalived fi
fi
#给脚本加执行权限
chmod 755 /etc/keepalived/check_haproxy,sh复制代码

四、node2的操作

　　1. 安装haproxy

#安装haproxyyum -y install haproxy
#配置haproxy
vim /etc/haproxy/haproxy.cfg# 配置说明：本配置基于yum安装后默认的配置文件上修改而来的
# 其中 `listen admin_stats` 的配置是启用haproxy的监控web界面，
# 跟本次实验无关，是可选的
# 修改 `backend app`，转到nginx1与nginx2
global
log 127.0.0.1 local2chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy
daemon# turn on stats unix socket
stats socket /var/lib/haproxy/stats#---------------------------------------------------------------------
# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
#---------------------------------------------------------------------
defaults
mode http
log global
option httplog
option dontlognull
option http-server-close
option forwardfor except 127.0.0.0/8
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 3000#---------------------------------------------------------------
listen admin_stats
bind 0.0.0.0:48800
bind-process 1
stats enable
mode http
log global
stats hide-version
stats uri /haproxy #访问的uri ip:8888/haproxy
stats realm Haproxy\ Statistics
stats auth admin:admin #访问帐密
stats admin if TRUE # 管理界面，如果认证成功，是否可通过WebUI操作节点
stats refresh 30s #监控状态刷新频率
#---------------------------------------------------------------------
# main frontend which proxys to the backends
#---------------------------------------------------------------------
frontend main *:5000  #本次采用5000端口访问
acl url_static path_beg -i /static /images /javascript /stylesheets
acl url_static path_end -i .jpg .gif .png .css .jsuse_backend static if url_static
default_backend app#---------------------------------------------------------------------
# static backend for serving up images, stylesheets and such
#---------------------------------------------------------------------
backend static
balance roundrobin
server static 127.0.0.1:4331 check#---------------------------------------------------------------------
# round robin balancing between the various backends
#---------------------------------------------------------------------
backend app
balance roundrobin
server app1 192.168.200.113:80 check
server app2 192.168.200.114:80 check

　　2. 安装keepalived

#安装keepalived
yum -y install keepalived 
#配置keepalived
vim  /etc/keepalived/keepalived.conf 
global_defs {  #全局设置，可以不用加script_user root  #这里指定脚本运行用户，小编这里不指定用户脚本不启动所以加上enable_script_security }
vrrp_script chk_http_port {script "/etc/keepalived/check_haproxy.sh"interval 2weight 2
}
vrrp_instance VI_1 {state BACKUPinterface eno16777736virtual_router_id 51 priority 99     advert_int 1authentication {auth_type PASSauth_pass 1111}track_script {chk_http_port}virtual_ipaddress {192.168.200.200 }
}
#准备检查脚本
vim /etc/keepalived/check_haproxy.sh 
#!/bin/bash
A=`ps -C haproxy --no-header |wc -l`if [ $A -eq 0 ];thensystemctl restart haproxy &> /dev/nullsleep 3if [ `ps -C haproxy --no-header |wc -l` -eq 0 ];thensystemctl stop keepalived fi
fi
#给脚本加执行权限
chmod 755 /etc/keepalived/check_haproxy,sh

五、nginx1与nginx2的操作

#两台机器相同操作
yum -y install nginx
#nginx1准备访问网页
cat >> /usr/share/nginx/html/index.html << EOF
113
EOF
#nginx2准备访问网页
cat >> /usr/share/nginx/html/index.html << EOF
114
EOF
#启动nginx
systemctl restart nginx

六、测试

#启动haproxy与keepalived
systemctl start haproxy
systemctl enable haproxy
systemctl start keepalived
systemctl enable keepalived

1.网页访问测试

 

2. 服务停止测试

haproxy服务停止

 keepalive停止