1. Install the required service process first:
#yum ‐y Install Haproxy keepalived
2. Edit the keeoalived configuration file
[[email protected] ~]# cat /etc/keepalived/keepalived.conf global_defs { notification_email { keepalived } notification_email_from [email protected] smtp _server 192.168.1.200 smtp_connect_timeout 30 router_ id 10.10.1.222}vrrp_script chk_haproxy {script "Killall -0 haproxy" interval 1 # Monitor if Haproxy is alive in this machine weight 2 }vrrp_instance vi_1 {interface eth0 #虚拟ip绑定在本机的eth0网卡上state MASTERsmtp_alertvirtual_router_id 51priority 101 # 101 is master priority, 100 is slaves priority advert_int 1 authentication { auth_type pass auth_pass 1111 }virtual_ipaddress { 10.10.1.222 #虚拟IP}track_script {chk_haproxy}}
3. Allow keepalied virtual IP bindings, edit/etc/sysctl.conf configuration file
Net.ipv4.ip_nonlocal_bind = 1
4. Configure the Firewall
Accept packages for VRRP broadcast domains
Iptables‐i input‐d 224.0.0.0/8‐j ACCEPT
Adding rules for the VRRP protocol
Iptables‐i input‐p 112‐j ACCEPT
Open 80 and 443 ports
Iptables‐i input‐p tcp‐‐dport 80‐j acceptiptables‐i input‐p tcp‐‐dport 443‐j acceptservice iptables Save
5. Edit the Haproxy configuration file:
---------------------------------------------------------------# global settings#------------------- --------------------------------------------------Global # to have these messages end up in /var/log/haproxy.log you will #  NEED TO:    #    # 1) configure syslog to accept network log events. this is done # by adding the '-R ' option to the syslogd_options in # /etc/sysconfig/syslog #    # 2) configure local2 events to go to the /var/ log/haproxy.log # file. a line like the Following can be added to # /etc/sysconfig/syslog # # local2.* /var/log/ haproxy.log # log 127.0.0.1 local2 chroot /var/lib/ haproxy pidfile /var/run/haproxy.pid maxconn 4000 user haproxy group haproxy daemon # turn on stats unix socket stats socket /var/lib/haproxy/stats#---------------------------------------------------------------------# common defaults that all the ' Listen ' and ' backend ' sections will# use if not designated in their block#---------------------------------------------- -----------------------defaults mode http log global option httplog option dontlognull option httP-server-close option forwardfor except 127.0.0.0/8 option redispatch retries 3 timeout http-request 10s timeout queue 1m timeout connect 10s timeout client 1m timeout server 1m timeout http-keep-alive 10s timeout&nbsP;check 10s maxconn 3000 stats refresh 30s stats uri /stats stats realm welcome stats auth admin:dragon123 stats hide-version #-------------------------------------------------------------- -------# main frontend which proxys to the backends#----------------------- ----------------------------------------------#frontend main *:5000# Acl url_static &nbsP; path_beg -i /static /images /javascript /stylesh# acl url_static path_end -i .jpg .gif .png .css .js# # use_backend static if url_static # default_backend app#---------------------------------------------------------------------# static backend for serving up images, stylesheets and such#----- ----------------------------------------------------------------#backend static# balance roundrobin# server static 127.0.0.1:4331 check#---------------------------------------------------------------------# round robin balancing between the various backends#--------------------------------------------- ------------------------#backend app # balance roundrobin # server app1 127.0.0.1:5001 check# server app2 127.0.0.1:5002 check# server app3 127.0.0.1:5003 check# server app4 127.0.0.1:5004 check# frontend unsecuredbind 10.10.1.222:80redirect location https://view.domain.local#--------- ------------------------------------------------------------# frontend secured#--------------------- ------------------------------------------------frontend securedbind 10.10.1.222:443 #ssl Crt ./haproxy-cert.pemmode tcpdefault_backend view#-------------------------------------------------------------------- -# balancing between the various backends#------------------------------------------- --------------------------backend viewmode tcpbalance sourceserver view01 10.10.1.38:443 weight 1 check port 443 inter 2000 rise 2 Fall 5server view02 10.10.1.36:443 weight 1 check port 443 inter 2000 rise 2 fall 5
6. Open the service:
Chkconfig haproxy onchkconfig keepalived onservice haproxy startservice keepalived start
View Virtual IP
IP addr sh eth0
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/6F/4B/wKioL1WX32ezsqahAAEW_6Fg5d0163.jpg "title=" Xuniip.png "alt=" Wkiol1wx32ezsqahaaew_6fg5d0163.jpg "/>
Connecting Virtual IP
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/6F/4B/wKioL1WX4GmjtOIgAACDSq4cIrw378.jpg "title=" 111. PNG "alt=" wkiol1wx4gmjtoigaacdsq4cirw378.jpg "/>
Verify Password
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/6F/4E/wKiom1WX3rrT4bhxAADVnbO12Mc826.jpg "title=" 222. PNG "alt=" wkiom1wx3rrt4bhxaadvnbo12mc826.jpg "/>
To view scheduling conditions:
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/6F/4E/wKiom1WX3j2iIgkQAAGTaRv2KS8920.jpg "title=" Check.png "alt=" Wkiom1wx3j2iigkqaagtarv2ks8920.jpg "/>
Using Haproxy to implement view connction load balancing