1

2

3

4

5

6

7

8

9

10

vrrp_script { #定义一个检测脚本，在global_defs之外配置

script | # shell命令或脚本路径

interval # 间隔时间，单位为秒，默认1秒

timeout # 超时时间

weight # 权重，监测失败后会执行权重+操作

fall #脚本几次失败转换为失败

rise # 脚本连续检测成果后，把服务器从失败标记为成功的次数

user USERNAME [GROUPNAME] # 执行监测的用户或组

init_fail # 设置默认标记为失败状态，监测成功之后再转换为成功状态

}

1

2

3

4

5

6

7

#!/bin/bash

ping -c 192.168.37.2 &> /dev/null

if [ $? -eq 0 ];then

exit 0

else

exit 2

fi

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

global_defs {

notification_email {

root@localhost.com

}

notification_email_from root@localhost.com

smtp_server 127.0.0.1

smtp_connect_timeout 30

router_id ka2

vrrp_skip_check_adv_addr

vrrp_iptables

vrrp_garp_interval 0

vrrp_gna_interval 0

}

vrrp_script linux_ping { 调用脚本时起名

script /etc/keepalived/ping.sh 调用脚本路径

interval 2 时间间隔2秒

weight -50 权重减50

fall 3 连续失败3次转为失败

rise 5 连续检测成功5次后，标记为成功

timeout 2 时间超时2秒

}

vrrp_instance VIP_1 {

state MASTER

interface ens33

virtual_router_id 50

priority 100

unicast_src_ip 192.168.37.7

unicast_peer {

192.168.37.17

}

advert_int 2

authentication {

auth_type PASS

auth_pass 123456

}

virtual_ipaddress {

192.168.37.100 dev ens33 label ens33:1

}

track_script {

linux_ping 检查脚本，将上面命名的名称进行调用

}

}

1

2

3

4

5

6

7

#!/bin/bash

ping -c 192.168.37.2 &> /dev/null

if [ $? -eq 0 ];then

exit 0

else

exit 2

fi

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

global_defs {

notification_email {

root@localhost

}

notification_email_from root@localhost

smtp_server 127.0.0.1

smtp_connect_timeout 30

router_id ka1

vrrp_skip_check_adv_addr

vrrp_iptables

vrrp_garp_interval 0

vrrp_gna_interval 0

}

vrrp_script linux_ping {

script /etc/keepalived/ping.sh 也调用ping脚本，当从服务器Ping网关不通时也将权重减50，此时优先级变低，当主服务器恢复时，VIP地址就又会漂移到主服务器上。

interval 2

weight -50

fall 3

rise 5

timeout 2

}

vrrp_instance VIP_1 {

state BACKUP

interface ens33

virtual_router_id 50

priority 80

unicast_src_ip 192.168.37.17

unicast_peer {

192.168.37.7

}

advert_int 2

authentication {

auth_type PASS

auth_pass 123456

}

virtual_ipaddress {

192.168.37.100 dev ens33 label ens33:1

}

track_script {

linux_ping

}

}

1

2

3

4

5

6

7

8

#!/bin/bash

#ping -c 192.168.37.2 &> /dev/null

ping -c 192.168.77.2 &> /dev/null

if [ $? -eq 0 ];then

exit 0

else

exit 2

fi

1

2

3

4

5

6

7

8

9

10

11

12

#!/bin/bash

#

#********************************************************************

#Author: liu

#QQ: 29308620

#Date: 2019-12-26

#FileName： /etc/keepalived/chk_haproxy.sh

#URL: http://www.struggle.com

#Description： The test script

#Copyright (C): 2019 All rights reserved

#********************************************************************

killall -0 haproxy

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

global_defs {

notification_email {

root@localhost.com

}

notification_email_from root@localhost.com

smtp_server 127.0.0.1

smtp_connect_timeout 30

router_id ka2

vrrp_skip_check_adv_addr

vrrp_iptables

vrrp_garp_interval 0

vrrp_gna_interval 0

}

vrrp_script chk_haproxy {

script /etc/keepalived/chk_haproxy.sh # 调用chk_haproxy.sh脚本，发现haproxy宕机后就降级

interval 2

weight -50

fall 3

rise 5

timeout 2

}

vrrp_instance VIP_1 {

state MASTER

interface ens33

virtual_router_id 50

priority 100

unicast_src_ip 192.168.37.7

unicast_peer {

192.168.37.17

}

advert_int 2

authentication {

auth_type PASS

auth_pass 123456

}

virtual_ipaddress {

192.168.37.100 dev ens33 label ens33:1

}

track_script {

chk_haproxy 调用上面调用脚本的名称

}

}

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

global

maxconn 100000

chroot /usr/local/haproxy

stats socket /var/lib/haproxy/haproxy.sock1 mode 600 level admin process 1

stats socket /var/lib/haproxy/haproxy.sock2 mode 600 level admin process 2

user haproxy

group haproxy

daemon

nbproc 2

cpu-map 1 0

cpu-map 2 1

#cpu-map 3 2

#cpu-map 4 3

pidfile /run/haproxy.pid

log 127.0.0.1 local3 info

defaults

option http-keep-alive

option forwardfor

maxconn 100000

mode http

timeout connect 300000ms

timeout client 300000ms

timeout server 300000ms

listen stats

bind :9527

stats enable

stats hide-version

stats uri /haproxy-status

stats realm HAPorxy\Stats\Page

stats auth haadmin:123456

stats auth admin:123456

stats refresh 30s

stats admin if TRUE

listen web_port

bind 0.0.0.0:80

mode http

log global

server web1 192.168.7.102:80 check inter 3000 fall 2 rise 5 # 用户访问VIP地址之后，转发到后端服务器上

1

2

3

4

5

6

7

8

9

10

11

12

#!/bin/bash

#

#********************************************************************

#Author: liu

#QQ: 29308620

#Date: 2019-12-26

#FileName： /etc/keepalived/chk_haproxy.sh

#URL: http://www.struggle.com

#Description： The test script

#Copyright (C): 2019 All rights reserved

#********************************************************************

killall -0 haproxy 对haproxy发信号，确定haproxy的状态信息。

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

global_defs {

notification_email {

root@localhost.com

}

notification_email_from root@localhost.com

smtp_server 127.0.0.1

smtp_connect_timeout 30

router_id ka2

vrrp_skip_check_adv_addr

vrrp_iptables

vrrp_garp_interval 0

vrrp_gna_interval 0

}

vrrp_script chk_haproxy {

script /etc/keepalived/chk_haproxy.sh # 调用chk_haproxy.sh脚本，发现haproxy宕机之后就降级

interval 2

weight -50

fall 3

rise 5

timeout 2

}

vrrp_instance VIP_1 {

state BACKUP

interface ens33

virtual_router_id 50

priority 100

unicast_src_ip 192.168.37.17

unicast_peer {

192.168.37.7

}

advert_int 2

authentication {

auth_type PASS

auth_pass 123456

}

virtual_ipaddress {

192.168.37.100 dev ens33 label ens33:1

}

track_script {

chk_haproxy 调用上面调用脚本的名称

}

}

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

global

maxconn 100000

chroot /usr/local/haproxy

stats socket /var/lib/haproxy/haproxy.sock1 mode 600 level admin process 1

stats socket /var/lib/haproxy/haproxy.sock2 mode 600 level admin process 2

user haproxy

group haproxy

daemon

nbproc 2

cpu-map 1 0

cpu-map 2 1

#cpu-map 3 2

#cpu-map 4 3

pidfile /run/haproxy.pid

log 127.0.0.1 local3 info

defaults

option http-keep-alive

option forwardfor

maxconn 100000

mode http

timeout connect 300000ms

timeout client 300000ms

timeout server 300000ms

listen stats

bind :9527

stats enable

stats hide-version

stats uri /haproxy-status

stats realm HAPorxy\Stats\Page

stats auth haadmin:123456

stats auth admin:123456

stats refresh 30s

stats admin if TRUE

listen web_port

bind 0.0.0.0:80

mode http

log global

server web1 192.168.7.102:80 check inter 3000 fall 2 rise 5 # 用户访问VIP地址之后，转发到后端服务器上