- A+
所属分类:linux技术
keepalived高可用(haporxy)
keepalived高可用的介绍可以参考keepalived高可用(nginx)
环境
| 系统信息 | 主机名 | IP | 服务 |
|---|---|---|---|
| centos8 | master | 192.168.222.250 | haproxy,keepalived |
| centos8 | backup | 192.168.222.137 | haproxy,keepalived |
| centos8 | RS1 | 192.168.222.138 | httpd |
| centos8 | RS2 | 192.168.222.139 | nginx |
部署httpd,nginx
RS1
[root@localhost ~]# hostnamectl set-hostname RS1 [root@localhost ~]# bash [root@RS1 ~]# systemctl stop firewalld.service //关闭防火墙 [root@RS1 ~]# vim /etc/selinux/config SELINUX=disabled [root@RS1 ~]# setenforce 0 [root@RS1 ~]# systemctl disable --now firewalld.service Removed /etc/systemd/system/multi-user.target.wants/firewalld.service. Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service. [root@RS1 ~]# dnf -y install wget [root@RS1 ~]# cd /etc/yum.repos.d/ [root@RS1 yum.repos.d]# wget -O /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-vault-8.5.2111.repo //配置阿里源 [root@RS1 yum.repos.d]#sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo [root@RS1 yum.repos.d]# ls CentOS-Base.repo [root@RS1 yum.repos.d]# cd [root@RS1 ~]# dnf -y install httpd [root@RS1 ~]# echo "RS1" > /var/www/html/index.html [root@RS1 ~]# cat /var/www/html/index.html RS1 [root@RS1 ~]# systemctl enable --now httpd Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service. [root@RS1 ~]# ss -antl //查看80端口 State Recv-Q Send-Q Local Address:Port Peer Address:Port Process LISTEN 0 128 0.0.0.0:111 0.0.0.0:* LISTEN 0 32 192.168.122.1:53 0.0.0.0:* LISTEN 0 128 0.0.0.0:22 0.0.0.0:* LISTEN 0 128 [::]:111 [::]:* LISTEN 0 128 *:80 *:* LISTEN 0 128 [::]:22 [::]:* 访问:
RS2
[root@localhost ~]# hostnamectl set-hostname RS2 [root@localhost ~]# bash [root@RS2 ~]# systemctl stop firewalld.service //关闭防火墙 [root@RS2 ~]# vim /etc/selinux/config SELINUX=disabled [root@RS2 ~]# setenforce 0 [root@RS2 ~]# systemctl disable --now firewalld.service Removed /etc/systemd/system/multi-user.target.wants/firewalld.service. Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service. [root@RS2 ~]# dnf -y install wget [root@RS2 ~]# cd /etc/yum.repos.d/ [root@RS2 yum.repos.d]# wget -O /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-vault-8.5.2111.repo //配置阿里源 [root@RS2 yum.repos.d]#sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo [root@RS2 yum.repos.d]# ls CentOS-Base.repo [root@RS2 yum.repos.d]# cd [root@RS2 ~]# dnf -y install nginx [root@RS2 ~]# echo "RS2" > /usr/share/nginx/html/index.html [root@RS2 ~]# cat /usr/share/nginx/html/index.html RS2 [root@RS2 ~]# systemctl enable --now nginx Created symlink /etc/systemd/system/multi-user.target.wants/nginx.service → /usr/lib/systemd/system/nginx.service. [root@RS2 ~]# ss -antl //查看80端口 State Recv-Q Send-Q Local Address:Port Peer Address:Port Process LISTEN 0 128 0.0.0.0:22 0.0.0.0:* LISTEN 0 128 0.0.0.0:80 0.0.0.0:* LISTEN 0 128 [::]:22 [::]:* LISTEN 0 128 [::]:80 [::]:* 访问:
部署haproxy负载均衡
master
[root@localhost ~]# hostnamectl set-hostname master [root@localhost ~]# bash [root@master ~]# systemctl stop firewalld.service //关闭防火墙 [root@master ~]# vim /etc/selinux/config SELINUX=disabled [root@master ~]# setenforce 0 [root@master ~]# systemctl disable --now firewalld.service Removed /etc/systemd/system/multi-user.target.wants/firewalld.service. Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service. [root@master ~]# dnf -y install wget [root@master ~]# cd /etc/yum.repos.d/ [root@master yum.repos.d]# wget -O /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-vault-8.5.2111.repo //配置阿里源 [root@master yum.repos.d]#sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo [root@master yum.repos.d]# ls CentOS-Base.repo [root@master yum.repos.d]# cd [root@master ~]# useradd -rMs /sbin/nologin haproxy //创建用户 [root@master ~]# dnf -y install make gcc pcre-devel bzip2-devel openssl-devel systemd-devel vim //安装依赖包 [root@master ~]# wget https://src.fedoraproject.org/repo/pkgs/haproxy/haproxy-2.6.0.tar.gz/sha512/7bb70bfb5606bbdac61d712bc510c5e8d5a5126ed8827d699b14a2f4562b3bd57f8f21344d955041cee0812c661350cca8082078afe2f277ff1399e461ddb7bb/haproxy-2.6.0.tar.gz //下载haproxy压缩包 [root@master ~]# ls anaconda-ks.cfg haproxy-2.6.0.tar.gz [root@master ~]# tar -xf haproxy-2.6.0.tar.gz //解压 [root@master ~]# cd haproxy-2.6.0/ [root@master haproxy-2.6.0]# make -j $(grep 'processor' /proc/cpuinfo |wc -l) > TARGET=linux-glibc > USE_OPENSSL=1 > USE_ZLIB=1 > USE_PCRE=1 > USE_SYSTEMD=1 [root@master haproxy-2.6.0]# make install PREFIX=/usr/local/haproxy //安装 [root@master haproxy-2.6.0]# cp haproxy /usr/sbin/ //复制命令到/usr/sbin目录下 [root@master haproxy-2.6.0]# cd [root@master ~]# vim /etc/sysctl.conf net.ipv4.ip_nonlocal_bind = 1 net.ipv4.ip_forward = 1 [root@master ~]# sysctl -p net.ipv4.ip_nonlocal_bind = 1 net.ipv4.ip_forward = 1 //修改内核参数,等于号前后有空格 [root@master ~]# mkdir /etc/haproxy [root@master ~]# vim /etc/haproxy/haproxy.cfg //修改配置文件 [root@master ~]# cat /etc/haproxy/haproxy.cfg global daemon maxconn 256 defaults mode http timeout connect 5000ms timeout client 50000ms timeout server 50000ms frontend http-in bind *:80 default_backend servers backend servers server web01 192.168.222.138:80 server web02 192.168.222.139:80 [root@master ~]# vim /usr/lib/systemd/system/haproxy.service //编写service文件 [root@master ~]# cat /usr/lib/systemd/system/haproxy.service [Unit] Description=HAProxy Load Balancer After=syslog.target network.target [Service] ExecStartPre=/usr/local/haproxy/sbin/haproxy -f /etc/haproxy/haproxy.cfg -c -q ExecStart=/usr/local/haproxy/sbin/haproxy -Ws -f /etc/haproxy/haproxy.cfg -p /var/run/haproxy.pid ExecReload=/bin/kill -USR2 $MAINPID [Install] WantedBy=multi-user.target [root@master ~]# systemctl daemon-reload [root@master ~]# systemctl start haproxy.service //启动服务 [root@master ~]# ss -antl State Recv-Q Send-Q Local Address:Port Peer Address:Port Process LISTEN 0 128 0.0.0.0:80 0.0.0.0:* LISTEN 0 128 0.0.0.0:22 0.0.0.0:* LISTEN 0 128 [::]:22 [::]:* [root@master ~]# curl 192.168.222.250 RS1 [root@master ~]# curl 192.168.222.250 RS2 [root@master ~]# curl 192.168.222.250 RS1 [root@master ~]# curl 192.168.222.250 RS2 //测试负载均衡效果 backup
[root@localhost ~]# hostnamectl set-hostname backup [root@localhost ~]# bash [root@backup ~]# vim /etc/selinux/config //关闭防火墙 SELINUX=disabled [root@backup ~]# setenforce 0 [root@backup ~]# systemctl disable --now firewalld.service Removed /etc/systemd/system/multi-user.target.wants/firewalld.service. Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service. [root@backup ~]# dnf -y install wget [root@backup ~]# cd /etc/yum.repos.d/ [root@backup yum.repos.d]# wget -O /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-vault-8.5.2111.repo //配置阿里源 [root@backup yum.repos.d]#sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo [root@backup yum.repos.d]# ls CentOS-Base.repo [root@backup yum.repos.d]# cd [root@backup ~]# useradd -rMs /sbin/nologin haproxy //创建用户 [root@backup ~]# dnf -y install make gcc pcre-devel bzip2-devel openssl-devel systemd-devel vim //下载依赖包 [root@backup ~]# wget https://src.fedoraproject.org/repo/pkgs/haproxy/haproxy-2.6.0.tar.gz/sha512/7bb70bfb5606bbdac61d712bc510c5e8d5a5126ed8827d699b14a2f4562b3bd57f8f21344d955041cee0812c661350cca8082078afe2f277ff1399e461ddb7bb/haproxy-2.6.0.tar.gz //下载haproxy压缩包 [root@backup ~]# ls anaconda-ks.cfg haproxy-2.6.0.tar.gz [root@backup ~]# tar -xf haproxy-2.6.0.tar.gz //解压 [root@backup ~]# cd haproxy-2.6.0/ [root@backup haproxy-2.6.0]# make -j $(grep 'processor' /proc/cpuinfo |wc -l) > TARGET=linux-glibc > USE_OPENSSL=1 > USE_ZLIB=1 > USE_PCRE=1 > USE_SYSTEMD=1 [root@backup haproxy-2.6.0]# make install PREFIX=/usr/local/haproxy //安装 [root@backup haproxy-2.6.0]# cp haproxy /usr/sbin/ //复制命令到/usr/sbin目录下 [root@backup haproxy-2.6.0]# cd [root@backup ~]# vim /etc/sysctl.conf net.ipv4.ip_nonlocal_bind = 1 net.ipv4.ip_forward = 1 [root@backup ~]# sysctl -p net.ipv4.ip_nonlocal_bind = 1 net.ipv4.ip_forward = 1 //修改内核参数,等于号前后都要空格 [root@backup ~]# vim /etc/haproxy/haproxy.cfg //修改配置文件 [root@backup ~]# cat /etc/haproxy/haproxy.cfg global daemon maxconn 256 defaults mode http timeout connect 5000ms timeout client 50000ms timeout server 50000ms frontend http-in bind *:80 default_backend servers backend servers server web01 192.168.222.138:80 server web02 192.168.222.139:80 [root@backup ~]# vim /usr/lib/systemd/system/haproxy.service [root@backup ~]# cat /usr/lib/systemd/system/haproxy.service [Unit] Description=HAProxy Load Balancer After=syslog.target network.target [Service] ExecStartPre=/usr/local/haproxy/sbin/haproxy -f /etc/haproxy/haproxy.cfg -c -q ExecStart=/usr/local/haproxy/sbin/haproxy -Ws -f /etc/haproxy/haproxy.cfg -p /var/run/haproxy.pid ExecReload=/bin/kill -USR2 $MAINPID [Install] WantedBy=multi-user.target //编写service文件 [root@backup ~]# systemctl daemon-reload [root@backup ~]# systemctl start haproxy.service //启动服务 [root@backup ~]# ss -antl State Recv-Q Send-Q Local Address:Port Peer Address:Port Process LISTEN 0 128 0.0.0.0:22 0.0.0.0:* LISTEN 0 128 0.0.0.0:80 0.0.0.0:* LISTEN 0 128 [::]:22 [::]:* [root@backup ~]# curl 192.168.222.137 RS1 [root@backup ~]# curl 192.168.222.137 RS2 [root@backup ~]# curl 192.168.222.137 RS1 [root@backup ~]# curl 192.168.222.137 RS2 //测试负载均衡效果 [root@backup ~]# systemctl stop haproxy.service //关闭backup上面的haproxy 部署keepalived高可用
master
[root@master ~]# dnf -y install keepalived //安装keepalived [root@master ~]# cd /etc/keepalived/ [root@master keepalived]# ls keepalived.conf [root@master keepalived]# mv keepalived.conf{,-bak} //备份一下配置文件 [root@master keepalived]# ls keepalived.conf-bak [root@master keepalived]# vim keepalived.conf //编写新的配置文件 [root@master keepalived]# cat keepalived.conf ! Configuration File for keepalived global_defs { router_id lb01 } vrrp_instance VI_1 { //这里主备节点需要一致 state BACKUP interface ens33 //网卡 virtual_router_id 51 priority 100 //这里比备节点的高 advert_int 1 authentication { auth_type PASS auth_pass tushanbu //密码(可以随机生成) } virtual_ipaddress { 192.168.222.133 //高可用虚拟IP(VIP)地址 } } virtual_server 192.168.222.133 80 { delay_loop 6 lb_algo rr lb_kind DR persistence_timeout 50 protocol TCP real_server 192.168.222.250 80 { weight 1 TCP_CHECK { connect_port 80 connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } real_server 192.168.222.137 80 { weight 1 TCP_CHECK { connect_port 80 connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } } [root@master keepalived]# ls keepalived.conf keepalived.conf-bak [root@master keepalived]# systemctl enable --now keepalived.service Created symlink /etc/systemd/system/multi-user.target.wants/keepalived.service → /usr/lib/systemd/system/keepalived.service. [root@master keepalived]# ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 00:0c:29:05:f4:28 brd ff:ff:ff:ff:ff:ff inet 192.168.222.250/24 brd 192.168.222.255 scope global noprefixroute ens33 valid_lft forever preferred_lft forever inet 192.168.222.133/32 scope global ens33 valid_lft forever preferred_lft forever inet6 fe80::20c:29ff:fe05:f428/64 scope link valid_lft forever preferred_lft forever //此时备节点的keepalived还没有启动 测试:(访问vip) [root@master ~]# curl 192.168.222.133 RS1 [root@master ~]# curl 192.168.222.133 RS2 [root@master ~]# curl 192.168.222.133 RS1 [root@master ~]# curl 192.168.222.133 RS2 backup
[root@backup ~]# dnf -y install keepalived //安装keepalived [root@backup ~]# cd /etc/keepalived/ [root@backup keepalived]# ls keepalived.conf [root@backup keepalived]# mv keepalived.conf{,-bak} [root@backup keepalived]# ls keepalived.conf-bak //备份一下配置文件 [root@backup keepalived]# vim keepalived.conf //编写新的配置文件 [root@backup keepalived]# cat keepalived.conf ! Configuration File for keepalived global_defs { router_id lb02 } vrrp_instance VI_1 { //这里主备节点需要一致 state BACKUP interface ens33 //网卡 virtual_router_id 51 priority 90 //这里比主节点的小 advert_int 1 authentication { auth_type PASS auth_pass tushanbu //密码(可以随机生成) } virtual_ipaddress { 192.168.222.133 //高可用虚拟IP(VIP)地址 } } virtual_server 192.168.222.133 80 { delay_loop 6 lb_algo rr lb_kind DR persistence_timeout 50 protocol TCP real_server 192.168.222.250 80 { weight 1 TCP_CHECK { connect_port 80 connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } real_server 192.168.222.137 80 { weight 1 TCP_CHECK { connect_port 80 connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } } [root@backup keepalived]# systemctl enable --now keepalived.service Created symlink /etc/systemd/system/multi-user.target.wants/keepalived.service → /usr/lib/systemd/system/keepalived.service. 编写脚本
master
[root@master ~]# mkdir /scripts [root@master ~]# cd /scripts/ [root@master scripts]# vim check_haproxy.sh [root@master scripts]# cat check_haproxy.sh #!/bin/bash haproxy_status=$(ps -ef|grep -Ev "grep|$0"|grep 'bhaproxyb'|wc -l) if [ $haproxy_status -lt 1 ];then systemctl stop keepalived fi [root@master scripts]# chmod +x check_haproxy.sh [root@master scripts]# ll total 4 -rwxr-xr-x. 1 root root 149 Oct 10 02:50 check_haproxy.sh [root@master scripts]# vim notify.sh [root@master scripts]# cat notify.sh #!/bin/bash VIP=$2 case "$1" in master) haproxy_status=$(ps -ef|grep -Ev "grep|$0"|grep 'bhaproxyb'|wc -l) if [ $haproxy_status -lt 1 ];then systemctl start haproxy fi ;; backup) haproxy_status=$(ps -ef|grep -Ev "grep|$0"|grep 'bhaproxyb'|wc -l) if [ $haproxy_status -gt 0 ];then systemctl stop haproxy fi ;; *) echo "Usage:$0 master|backup VIP" ;; esac [root@master scripts]# chmod +x notify.sh [root@master scripts]# ll total 8 -rwxr-xr-x. 1 root root 149 Oct 10 02:50 check_haproxy.sh -rwxr-xr-x. 1 root root 413 Oct 10 02:56 notify.sh backup
[root@backup keepalived]# cd [root@backup ~]# mkdir /scripts [root@backup ~]# cd /scripts/ [root@backup scripts]# scp root@192.168.222.250:/scripts/notify.sh . The authenticity of host '192.168.222.250 (192.168.222.250)' can't be established. ECDSA key fingerprint is SHA256:y11UDaNXs3AnvVUnZQfAim2VHAplF09YOvQp2NemHyk. Are you sure you want to continue connecting (yes/no/[fingerprint])? yes Warning: Permanently added '192.168.222.250' (ECDSA) to the list of known hosts. root@192.168.222.250's password: notify.sh 100% 413 429.2KB/s 00:00 [root@backup scripts]# ll total 4 -rwxr-xr-x. 1 root root 413 Oct 10 02:58 notify.sh 配置keepalived加入监控脚本的配置
master
[root@master scripts]# cd [root@master ~]# vim /etc/keepalived/keepalived.conf [root@master ~]# cat /etc/keepalived/keepalived.conf ! Configuration File for keepalived global_defs { router_id lb01 } vrrp_script haproxy_check { //添加 script "/scripts/check_haproxy.sh" interval 1 weight -20 } vrrp_instance VI_1 { //这里主备节点需要一致 state BACKUP interface ens33 //网卡 virtual_router_id 51 priority 100 //这里比备节点的高 advert_int 5 authentication { auth_type PASS auth_pass tushanbu //密码(可以随机生成) } virtual_ipaddress { 192.168.222.133 //高可用虚拟IP(VIP)地址 } track_script { //添加 haproxy_check //添加 } //添加 notify_master "/scripts/notify.sh master 192.168.222.133" //添加 } virtual_server 192.168.222.133 80 { delay_loop 6 lb_algo rr lb_kind DR persistence_timeout 50 protocol TCP real_server 192.168.222.250 80 { weight 1 TCP_CHECK { connect_port 80 connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } real_server 192.168.222.137 80 { weight 1 TCP_CHECK { connect_port 80 connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } } [root@master ~]# systemctl restart keepalived.service backup
[root@backup ~]# vim /etc/keepalived/keepalived.conf [root@backup ~]# cat /etc/keepalived/keepalived.conf ! Configuration File for keepalived global_defs { router_id lb02 } vrrp_instance VI_1 { //这里主备节点需要一致 state BACKUP interface ens33 //网卡 virtual_router_id 51 priority 90 //这里比主节点的小 advert_int 5 authentication { auth_type PASS auth_pass tushanbu //密码(可以随机生成) } virtual_ipaddress { 192.168.222.133 //高可用虚拟IP(VIP)地址 } notify_master "/scripts/notify.sh master 192.168.222.133" //添加 notify_backup "/scripts/notify.sh backup 192.168.222.133" //添加 } virtual_server 192.168.222.133 80 { delay_loop 6 lb_algo rr lb_kind DR persistence_timeout 50 protocol TCP real_server 192.168.222.250 80 { weight 1 TCP_CHECK { connect_port 80 connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } real_server 192.168.222.137 80 { weight 1 TCP_CHECK { connect_port 80 connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } } [root@backup ~]# systemctl restart keepalived.service 测试
模拟haproxy服务故障
master端
[root@master ~]# ip a //有vip 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 00:0c:29:05:f4:28 brd ff:ff:ff:ff:ff:ff inet 192.168.222.250/24 brd 192.168.222.255 scope global noprefixroute ens33 valid_lft forever preferred_lft forever inet 192.168.222.133/32 scope global ens33 valid_lft forever preferred_lft forever inet6 fe80::20c:29ff:fe05:f428/64 scope link valid_lft forever preferred_lft forever [root@master ~]# curl 192.168.222.133 RS1 [root@master ~]# curl 192.168.222.133 RS2 [root@master ~]# systemctl stop haproxy.service [root@master ~]# systemctl restart keepalived.service [root@master ~]# ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 00:0c:29:05:f4:28 brd ff:ff:ff:ff:ff:ff inet 192.168.222.250/24 brd 192.168.222.255 scope global noprefixroute ens33 valid_lft forever preferred_lft forever inet6 fe80::20c:29ff:fe05:f428/64 scope link valid_lft forever preferred_lft forever backup
backup变成主
[root@backup ~]# systemctl start haproxy.service [root@backup ~]# systemctl restart keepalived.service [root@backup ~]# ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 00:0c:29:c7:0e:b2 brd ff:ff:ff:ff:ff:ff inet 192.168.222.137/24 brd 192.168.222.255 scope global noprefixroute ens33 valid_lft forever preferred_lft forever inet 192.168.222.133/32 scope global ens33 valid_lft forever preferred_lft forever inet6 fe80::20c:29ff:fec7:eb2/64 scope link valid_lft forever preferred_lft forever [root@backup ~]# curl 192.168.222.133 RS1 [root@backup ~]# curl 192.168.222.133 RS2 [root@backup ~]# curl 192.168.222.133 RS1 [root@backup ~]# curl 192.168.222.133 RS2 启动master端的haproxy服务
master
master变回主
[root@master ~]# systemctl start haproxy.service [root@master ~]# systemctl restart keepalived.service [root@master ~]# ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 00:0c:29:05:f4:28 brd ff:ff:ff:ff:ff:ff inet 192.168.222.250/24 brd 192.168.222.255 scope global noprefixroute ens33 valid_lft forever preferred_lft forever inet 192.168.222.133/32 scope global ens33 valid_lft forever preferred_lft forever inet6 fe80::20c:29ff:fe05:f428/64 scope link valid_lft forever preferred_lft forever [root@master ~]# curl 192.168.222.133 RS1 [root@master ~]# curl 192.168.222.133 RS2 [root@master ~]# curl 192.168.222.133 RS1 [root@master ~]# curl 192.168.222.133 RS2 backup
[root@backup ~]# ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 00:0c:29:c7:0e:b2 brd ff:ff:ff:ff:ff:ff inet 192.168.222.137/24 brd 192.168.222.255 scope global noprefixroute ens33 valid_lft forever preferred_lft forever inet6 fe80::20c:29ff:fec7:eb2/64 scope link valid_lft forever preferred_lft forever 
