global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0.001
vrrp_gna_interval 0
}
vrrp_instance DR_1 {
state MASTER
interface ens33
virtual_router_id 51
lvs_sync_daemon_inteface ens33
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.2.168
}
}
vrrp_instance DR_2 {
state BACKUP
interface ens33
virtual_router_id 53
lvs_sync_daemon_inteface ens33
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.2.169
}
}
cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0.001
vrrp_gna_interval 0
}
vrrp_instance DR_1 {
state BACKUP
interface ens33
virtual_router_id 51
lvs_sync_daemon_inteface ens33
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.2.168
}
}
vrrp_instance DR_2 {
state MASTER
interface ens33
virtual_router_id 53
lvs_sync_daemon_inteface ens33
priority 110
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.2.169
}
}
make linux
make install INSTALL_TOP=/usr/local/luyum install vim iotop bc gcc gcc-c++ glibc glibc-devel pcre pcre-devel openssl openssl-devel zip unzip zlib-devel net-tools lrzsz tree ntpdate telnet lsof tcpdump wget libevent libevent-devel bc systemd-devel bash-completion traceroute -y
yum install libtermcap-devel ncurses-devel libevent-devel readline-devel -y!/bin/sh
chkconfig: - 85 15
description: HA-Proxy server
processname: haproxy
config: /usr/local/haproxy/etc/haproxy.cfg
pidfile: /usr/local/haproxy/run/haproxy.pid
Source function library.
if [ -f /etc/init.d/functions ]; then
. /etc/init.d/functions
elif [ -f /etc/rc.d/init.d/functions ] ; then
. /etc/rc.d/init.d/functions
else
exit 0
fi
Source networking configuration.
. /etc/sysconfig/network
Check that networking is up.
[ "$NETWORKING" = "no" ] && exit 0
This is our service name
BASENAME=`haproxy`
BIN=/usr/sbin/haproxy
CFG=/usr/local/haproxy/etc/haproxy.cfg
[ -f $CFG ] || exit 1
PIDFILE=/usr/local/haproxy/run/haproxy.pid
LOCKFILE=/usr/local/haproxy/run/haproxy
RETVAL=0
start() {
quiet_check
if [ $? -ne 0 ]; then
echo "Errors found in configuration file, check it with '$BASENAME check'."
return 1
fi
echo -n "Starting $BASENAME: "
daemon $BIN -D -f $CFG -p $PIDFILE
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch $LOCKFILE
return $RETVAL
}
stop() {
echo -n "Shutting down $BASENAME: "
killproc $BASENAME -USR1
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f $LOCKFILE
[ $RETVAL -eq 0 ] && rm -f $PIDFILE
return $RETVAL
}
restart() {
quiet_check
if [ $? -ne 0 ]; then
echo "Errors found in configuration file, check it with '$BASENAME check'."
return 1
fi
stop
start
}
reload() {
if ! [ -s $PIDFILE ]; then
return 0
fi
quiet_check
if [ $? -ne 0 ]; then
echo "Errors found in configuration file, check it with '$BASENAME check'."
return 1
fi
$BIN -D -f $CFG -p $PIDFILE -sf $(cat $PIDFILE)
}
check() {
$BIN -c -q -V -f $CFG
}
quiet_check() {
$BIN -c -q -f $CFG
}
rhstatus() {
status $BASENAME
}
condrestart() {
[ -e $LOCKFILE ] && restart || :
}
See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
restart
;;
reload)
reload
;;
condrestart)
condrestart
;;
status)
rhstatus
;;
check)
check
;;
*)
echo $"Usage: $BASENAME {start|stop|restart|reload|condrestart|status|check}"
exit 1
esac
exit $? 创建运行用户
useradd haproxy -Ms /sbin/nologin
mkdir /usr/local/haproxy/etc
vim /usr/local/haproxy/etc/haproxy.cfg 新创建该文件
global
log 127.0.0.1 local0
log 127.0.0.1 local1 notice
log loghost local0 info
maxconn 4096
chroot /usr/local/haproxy
uid 99
gid 99
daemon
nbproc 1
pidfile /usr/local/haproxy/run/haproxy.pid
defaults
log global
log 127.0.0.1 local3
mode http
option httplog
option httpclose
option dontlognull
option forwardfor
option redispatch
retries 2
maxconn 2000
balance roundrobin
stats uri /haproxy-stats
timeout connect 5000
timeout client 50000
timeout server 50000
mode http
option httpchk GET /index.php
frontend http
bind *:80
default_backend http_back
backend http_back
server Ngxin_html1 192.168.2.4:80 weight 3 check
server Nginx_html2 192.168.2.7:80 weight 3 check
server Nginx_php1 192.168.2.11:80 weight 3 check
server Nginx_php2 192.168.2.12:80 weight 3 check
server node1 192.168.179.131:8081 check inter 2000 rise 3 fall 3 weight 30
inter 2000 健康检查时间间隔 2 秒
rise 3 检测多少次才认为是正常的
fall 3 失败多少次才认为是不可用的
weight 30 权重
vim /usr/local/haproxy/etc/haproxy.cfg
global
log 127.0.0.1 local0
log 127.0.0.1 local1 notice
log loghost local0 info
maxconn 4096
chroot /usr/local/haproxy
uid 99
gid 99
daemon
nbproc 1
pidfile /usr/local/haproxy/run/haproxy.pid
defaults
log global
log 127.0.0.1 local3
mode http
option httplog
option httpclose
option dontlognull
option forwardfor
option redispatch
retries 2
maxconn 2000
balance roundrobin
stats uri /haproxy-stats
timeout connect 5000
timeout client 50000
timeout server 50000
mode http
frontend http
bind *:80
acl url_static path_beg -i /upload/
acl url_static path_end -i .jpg .jpeg .gif .png .css .js
acl url_php path_end -i .php
use_backend imgserver if url_static
use_backend php if url_php
default_backend static
backend static
cookie srv insert nocache
balance roundrobin
option httpchk GET /index.html
server web1 192.168.2.4:80 cookie web1 weight 3 check inter 2000 rise 2 fall 3
server web2 192.168.2.7:80 cookie web1 weight 3 check inter 2000 rise 2 fall 3
backend php
balance roundrobin
option httpchk GET /index.php
server php1 192.168.2.11:80 check inter 2000 fall 3
backend imgserver
balance roundrobin
server img1 192.168.2.12:80 check inter 2000 fall 3
重启服务
pkill haproxy
/usr/local/haproxy/sbin/haproxy -f /usr/local/haproxy/etc/haproxy.cfg
vim /etc/zabbix/scripts/check_keepalived.sh
!/bin/bash
if [[ `ip address show dev ens33 |grep -E "192.168.2.168/32|192.168.2.169/32"|wc -l` == "0" ]]; then
echo "0";
else
echo "1";
fi
chmod +x /etc/zabbix/scripts/check_keepalived.sh
cache section
cache
声明cache区域,分配一个共享缓存名称。
total-max-size
定义使用内存大小,这个块将会被分为1kb的小块,它的最大值为4095
max-object-size
定义缓存对象的大小,不能大于total-max-size的一般。如果没有定义,将会等于256个cache size。当objects的大小大于该值后将不会被缓存
max-age
定义缓存过期时间,默认60s,
网站声明:如果转载,请联系本站管理员。否则一切后果自行承担。
加入交流群
请使用微信扫一扫!