keepalived高可用(haporxy)

  • keepalived高可用(haporxy)已关闭评论
  • 18 次浏览
  • A+
所属分类:linux技术
摘要

keepalived高可用的介绍可以参考keepalived高可用(nginx)
环境RS1访问:

RS2访问:


keepalived高可用(haporxy)


keepalived高可用的介绍可以参考keepalived高可用(nginx)
环境

系统信息 主机名 IP 服务
centos8 master 192.168.222.250 haproxy,keepalived
centos8 backup 192.168.222.137 haproxy,keepalived
centos8 RS1 192.168.222.138 httpd
centos8 RS2 192.168.222.139 nginx

部署httpd,nginx

RS1

[root@localhost ~]# hostnamectl set-hostname RS1 [root@localhost ~]# bash [root@RS1 ~]# systemctl stop firewalld.service //关闭防火墙 [root@RS1 ~]# vim /etc/selinux/config  SELINUX=disabled [root@RS1 ~]# setenforce 0 [root@RS1 ~]# systemctl disable --now firewalld.service  Removed /etc/systemd/system/multi-user.target.wants/firewalld.service. Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service. [root@RS1 ~]# dnf -y install wget [root@RS1 ~]# cd /etc/yum.repos.d/ [root@RS1 yum.repos.d]# wget -O /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-vault-8.5.2111.repo //配置阿里源 [root@RS1 yum.repos.d]#sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo [root@RS1 yum.repos.d]# ls CentOS-Base.repo [root@RS1 yum.repos.d]# cd [root@RS1 ~]# dnf -y install httpd [root@RS1 ~]# echo "RS1" > /var/www/html/index.html [root@RS1 ~]# cat  /var/www/html/index.html RS1 [root@RS1 ~]# systemctl enable --now httpd Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service. [root@RS1 ~]# ss -antl  //查看80端口 State      Recv-Q     Send-Q          Local Address:Port           Peer Address:Port     Process      LISTEN     0          128                   0.0.0.0:111                 0.0.0.0:*                     LISTEN     0          32              192.168.122.1:53                  0.0.0.0:*                     LISTEN     0          128                   0.0.0.0:22                  0.0.0.0:*                     LISTEN     0          128                      [::]:111                    [::]:*                     LISTEN     0          128                         *:80                        *:*                     LISTEN     0          128                      [::]:22                     [::]:*                    

访问:
keepalived高可用(haporxy)
RS2

[root@localhost ~]# hostnamectl set-hostname RS2 [root@localhost ~]# bash [root@RS2 ~]# systemctl stop firewalld.service  //关闭防火墙 [root@RS2 ~]# vim /etc/selinux/config  SELINUX=disabled [root@RS2 ~]# setenforce 0 [root@RS2 ~]# systemctl disable --now firewalld.service  Removed /etc/systemd/system/multi-user.target.wants/firewalld.service. Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service. [root@RS2 ~]# dnf -y install wget [root@RS2 ~]# cd /etc/yum.repos.d/ [root@RS2 yum.repos.d]# wget -O /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-vault-8.5.2111.repo //配置阿里源 [root@RS2 yum.repos.d]#sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo [root@RS2 yum.repos.d]# ls CentOS-Base.repo [root@RS2 yum.repos.d]# cd [root@RS2 ~]# dnf -y install nginx [root@RS2 ~]# echo "RS2" > /usr/share/nginx/html/index.html  [root@RS2 ~]# cat /usr/share/nginx/html/index.html  RS2 [root@RS2 ~]# systemctl enable --now nginx Created symlink /etc/systemd/system/multi-user.target.wants/nginx.service → /usr/lib/systemd/system/nginx.service. [root@RS2 ~]# ss -antl     //查看80端口 State      Recv-Q     Send-Q          Local Address:Port           Peer Address:Port     Process      LISTEN     0          128                   0.0.0.0:22                  0.0.0.0:*                     LISTEN     0          128                   0.0.0.0:80                  0.0.0.0:*                     LISTEN     0          128                      [::]:22                     [::]:*                     LISTEN     0          128                      [::]:80                     [::]:*                    

访问:
keepalived高可用(haporxy)

部署haproxy负载均衡

master

[root@localhost ~]# hostnamectl set-hostname master [root@localhost ~]# bash [root@master ~]# systemctl stop firewalld.service //关闭防火墙 [root@master ~]# vim /etc/selinux/config SELINUX=disabled  [root@master ~]# setenforce 0 [root@master ~]# systemctl disable --now firewalld.service  Removed /etc/systemd/system/multi-user.target.wants/firewalld.service. Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service. [root@master ~]# dnf -y install wget [root@master ~]# cd /etc/yum.repos.d/ [root@master yum.repos.d]# wget -O /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-vault-8.5.2111.repo //配置阿里源 [root@master yum.repos.d]#sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo [root@master yum.repos.d]# ls CentOS-Base.repo [root@master yum.repos.d]# cd [root@master ~]# useradd -rMs /sbin/nologin haproxy //创建用户 [root@master ~]# dnf -y install make gcc pcre-devel bzip2-devel openssl-devel systemd-devel  vim //安装依赖包 [root@master ~]# wget https://src.fedoraproject.org/repo/pkgs/haproxy/haproxy-2.6.0.tar.gz/sha512/7bb70bfb5606bbdac61d712bc510c5e8d5a5126ed8827d699b14a2f4562b3bd57f8f21344d955041cee0812c661350cca8082078afe2f277ff1399e461ddb7bb/haproxy-2.6.0.tar.gz //下载haproxy压缩包 [root@master ~]# ls anaconda-ks.cfg  haproxy-2.6.0.tar.gz [root@master ~]# tar -xf haproxy-2.6.0.tar.gz  //解压 [root@master ~]# cd haproxy-2.6.0/ [root@master haproxy-2.6.0]#  make -j $(grep 'processor' /proc/cpuinfo |wc -l)   > TARGET=linux-glibc   > USE_OPENSSL=1   > USE_ZLIB=1   > USE_PCRE=1   > USE_SYSTEMD=1 [root@master haproxy-2.6.0]# make install PREFIX=/usr/local/haproxy //安装 [root@master haproxy-2.6.0]# cp haproxy  /usr/sbin/ //复制命令到/usr/sbin目录下 [root@master haproxy-2.6.0]# cd [root@master ~]# vim /etc/sysctl.conf net.ipv4.ip_nonlocal_bind = 1 net.ipv4.ip_forward = 1 [root@master ~]# sysctl -p net.ipv4.ip_nonlocal_bind = 1 net.ipv4.ip_forward = 1 //修改内核参数,等于号前后有空格 [root@master ~]# mkdir /etc/haproxy [root@master ~]# vim /etc/haproxy/haproxy.cfg //修改配置文件 [root@master ~]# cat /etc/haproxy/haproxy.cfg  global     daemon     maxconn 256   defaults     mode http     timeout connect 5000ms     timeout client 50000ms     timeout server 50000ms   frontend http-in     bind *:80     default_backend servers   backend servers     server web01 192.168.222.138:80     server web02 192.168.222.139:80 [root@master ~]# vim /usr/lib/systemd/system/haproxy.service //编写service文件 [root@master ~]# cat /usr/lib/systemd/system/haproxy.service [Unit] Description=HAProxy Load Balancer After=syslog.target network.target   [Service] ExecStartPre=/usr/local/haproxy/sbin/haproxy -f /etc/haproxy/haproxy.cfg   -c -q ExecStart=/usr/local/haproxy/sbin/haproxy -Ws -f /etc/haproxy/haproxy.cfg  -p /var/run/haproxy.pid ExecReload=/bin/kill -USR2 $MAINPID   [Install] WantedBy=multi-user.target [root@master ~]# systemctl daemon-reload  [root@master ~]# systemctl start haproxy.service  //启动服务 [root@master ~]# ss -antl State      Recv-Q     Send-Q          Local Address:Port           Peer Address:Port     Process      LISTEN     0          128                   0.0.0.0:80                  0.0.0.0:*                     LISTEN     0          128                   0.0.0.0:22                  0.0.0.0:*                     LISTEN     0          128                      [::]:22                     [::]:* [root@master ~]# curl 192.168.222.250 RS1 [root@master ~]# curl 192.168.222.250 RS2 [root@master ~]# curl 192.168.222.250 RS1 [root@master ~]# curl 192.168.222.250 RS2         //测试负载均衡效果             

backup

[root@localhost ~]# hostnamectl set-hostname backup [root@localhost ~]# bash [root@backup ~]# vim /etc/selinux/config  //关闭防火墙 SELINUX=disabled [root@backup ~]# setenforce 0 [root@backup ~]# systemctl disable --now firewalld.service  Removed /etc/systemd/system/multi-user.target.wants/firewalld.service. Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service. [root@backup ~]# dnf -y install wget [root@backup ~]# cd /etc/yum.repos.d/ [root@backup yum.repos.d]# wget -O /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-vault-8.5.2111.repo //配置阿里源 [root@backup yum.repos.d]#sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo [root@backup yum.repos.d]# ls CentOS-Base.repo [root@backup yum.repos.d]# cd [root@backup ~]# useradd -rMs /sbin/nologin haproxy //创建用户 [root@backup ~]# dnf -y install make gcc pcre-devel bzip2-devel openssl-devel systemd-devel  vim //下载依赖包 [root@backup ~]# wget https://src.fedoraproject.org/repo/pkgs/haproxy/haproxy-2.6.0.tar.gz/sha512/7bb70bfb5606bbdac61d712bc510c5e8d5a5126ed8827d699b14a2f4562b3bd57f8f21344d955041cee0812c661350cca8082078afe2f277ff1399e461ddb7bb/haproxy-2.6.0.tar.gz //下载haproxy压缩包 [root@backup ~]# ls anaconda-ks.cfg  haproxy-2.6.0.tar.gz [root@backup ~]# tar -xf haproxy-2.6.0.tar.gz  //解压 [root@backup ~]# cd haproxy-2.6.0/ [root@backup haproxy-2.6.0]# make -j $(grep 'processor' /proc/cpuinfo |wc -l)   > TARGET=linux-glibc   > USE_OPENSSL=1   >  USE_ZLIB=1   > USE_PCRE=1   > USE_SYSTEMD=1 [root@backup haproxy-2.6.0]# make install PREFIX=/usr/local/haproxy //安装 [root@backup haproxy-2.6.0]# cp haproxy /usr/sbin/ //复制命令到/usr/sbin目录下 [root@backup haproxy-2.6.0]# cd [root@backup ~]# vim /etc/sysctl.conf net.ipv4.ip_nonlocal_bind = 1 net.ipv4.ip_forward = 1 [root@backup ~]# sysctl -p net.ipv4.ip_nonlocal_bind = 1 net.ipv4.ip_forward = 1 //修改内核参数,等于号前后都要空格 [root@backup ~]# vim /etc/haproxy/haproxy.cfg //修改配置文件 [root@backup ~]# cat /etc/haproxy/haproxy.cfg global     daemon     maxconn 256   defaults     mode http     timeout connect 5000ms     timeout client 50000ms     timeout server 50000ms   frontend http-in     bind *:80     default_backend servers   backend servers     server web01 192.168.222.138:80     server web02 192.168.222.139:80 [root@backup ~]# vim /usr/lib/systemd/system/haproxy.service [root@backup ~]# cat /usr/lib/systemd/system/haproxy.service [Unit] Description=HAProxy Load Balancer After=syslog.target network.target   [Service] ExecStartPre=/usr/local/haproxy/sbin/haproxy -f /etc/haproxy/haproxy.cfg   -c -q ExecStart=/usr/local/haproxy/sbin/haproxy -Ws -f /etc/haproxy/haproxy.cfg  -p /var/run/haproxy.pid ExecReload=/bin/kill -USR2 $MAINPID   [Install] WantedBy=multi-user.target //编写service文件 [root@backup ~]# systemctl daemon-reload  [root@backup ~]# systemctl start haproxy.service  //启动服务 [root@backup ~]# ss -antl State      Recv-Q     Send-Q          Local Address:Port           Peer Address:Port     Process      LISTEN     0          128                   0.0.0.0:22                  0.0.0.0:*                     LISTEN     0          128                   0.0.0.0:80                  0.0.0.0:*                     LISTEN     0          128                      [::]:22                     [::]:*   [root@backup ~]# curl 192.168.222.137 RS1 [root@backup ~]# curl 192.168.222.137 RS2 [root@backup ~]# curl 192.168.222.137 RS1 [root@backup ~]# curl 192.168.222.137 RS2 //测试负载均衡效果 [root@backup ~]# systemctl stop haproxy.service  //关闭backup上面的haproxy                   

部署keepalived高可用

master

[root@master ~]# dnf -y install keepalived //安装keepalived [root@master ~]# cd /etc/keepalived/ [root@master keepalived]# ls keepalived.conf [root@master keepalived]# mv keepalived.conf{,-bak} //备份一下配置文件 [root@master keepalived]# ls keepalived.conf-bak [root@master keepalived]# vim keepalived.conf  //编写新的配置文件 [root@master keepalived]# cat keepalived.conf ! Configuration File for keepalived  global_defs {    router_id lb01 }  vrrp_instance VI_1 {        //这里主备节点需要一致     state BACKUP     interface ens33      //网卡     virtual_router_id 51     priority 100     //这里比备节点的高     advert_int 1     authentication {         auth_type PASS         auth_pass tushanbu   //密码(可以随机生成)     }     virtual_ipaddress {         192.168.222.133    //高可用虚拟IP(VIP)地址     } }  virtual_server 192.168.222.133 80 {     delay_loop 6     lb_algo rr     lb_kind DR     persistence_timeout 50     protocol TCP      real_server 192.168.222.250 80 {         weight 1         TCP_CHECK {             connect_port 80             connect_timeout 3             nb_get_retry 3             delay_before_retry 3         }     }      real_server 192.168.222.137 80 {         weight 1         TCP_CHECK {             connect_port 80             connect_timeout 3             nb_get_retry 3             delay_before_retry 3         }     } } [root@master keepalived]# ls keepalived.conf  keepalived.conf-bak [root@master keepalived]# systemctl enable --now keepalived.service  Created symlink /etc/systemd/system/multi-user.target.wants/keepalived.service → /usr/lib/systemd/system/keepalived.service. [root@master keepalived]# ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000     link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00     inet 127.0.0.1/8 scope host lo        valid_lft forever preferred_lft forever     inet6 ::1/128 scope host         valid_lft forever preferred_lft forever 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000     link/ether 00:0c:29:05:f4:28 brd ff:ff:ff:ff:ff:ff     inet 192.168.222.250/24 brd 192.168.222.255 scope global noprefixroute ens33        valid_lft forever preferred_lft forever     inet 192.168.222.133/32 scope global ens33        valid_lft forever preferred_lft forever     inet6 fe80::20c:29ff:fe05:f428/64 scope link         valid_lft forever preferred_lft forever //此时备节点的keepalived还没有启动 测试:(访问vip) [root@master ~]# curl 192.168.222.133 RS1 [root@master ~]# curl 192.168.222.133 RS2 [root@master ~]# curl 192.168.222.133 RS1 [root@master ~]# curl 192.168.222.133 RS2 

backup

[root@backup ~]# dnf -y install keepalived //安装keepalived [root@backup ~]# cd /etc/keepalived/ [root@backup keepalived]# ls keepalived.conf [root@backup keepalived]# mv keepalived.conf{,-bak} [root@backup keepalived]# ls keepalived.conf-bak //备份一下配置文件 [root@backup keepalived]# vim keepalived.conf //编写新的配置文件 [root@backup keepalived]# cat keepalived.conf ! Configuration File for keepalived  global_defs {    router_id lb02     }  vrrp_instance VI_1 {       //这里主备节点需要一致     state BACKUP     interface ens33      //网卡     virtual_router_id 51     priority 90     //这里比主节点的小     advert_int 1     authentication {         auth_type PASS         auth_pass tushanbu   //密码(可以随机生成)     }     virtual_ipaddress {         192.168.222.133    //高可用虚拟IP(VIP)地址     } }  virtual_server 192.168.222.133 80 {     delay_loop 6     lb_algo rr     lb_kind DR     persistence_timeout 50     protocol TCP      real_server 192.168.222.250 80 {         weight 1         TCP_CHECK {             connect_port 80             connect_timeout 3             nb_get_retry 3             delay_before_retry 3         }     }      real_server 192.168.222.137 80 {         weight 1         TCP_CHECK {             connect_port 80             connect_timeout 3             nb_get_retry 3             delay_before_retry 3         }     } } [root@backup keepalived]# systemctl enable --now keepalived.service  Created symlink /etc/systemd/system/multi-user.target.wants/keepalived.service → /usr/lib/systemd/system/keepalived.service. 

编写脚本

master

[root@master ~]# mkdir /scripts [root@master ~]# cd /scripts/ [root@master scripts]# vim check_haproxy.sh [root@master scripts]# cat check_haproxy.sh #!/bin/bash  haproxy_status=$(ps -ef|grep -Ev "grep|$0"|grep 'bhaproxyb'|wc -l) if [ $haproxy_status -lt 1 ];then     systemctl stop keepalived fi [root@master scripts]# chmod +x check_haproxy.sh  [root@master scripts]# ll total 4 -rwxr-xr-x. 1 root root 149 Oct 10 02:50 check_haproxy.sh [root@master scripts]# vim notify.sh [root@master scripts]# cat notify.sh #!/bin/bash VIP=$2 case "$1" in     master)         haproxy_status=$(ps -ef|grep -Ev "grep|$0"|grep 'bhaproxyb'|wc -l)         if [ $haproxy_status -lt 1 ];then             systemctl start haproxy         fi     ;;     backup)         haproxy_status=$(ps -ef|grep -Ev "grep|$0"|grep 'bhaproxyb'|wc -l)         if [ $haproxy_status -gt 0 ];then             systemctl stop haproxy         fi     ;;     *)         echo "Usage:$0 master|backup VIP"     ;; esac [root@master scripts]# chmod +x notify.sh  [root@master scripts]# ll total 8 -rwxr-xr-x. 1 root root 149 Oct 10 02:50 check_haproxy.sh -rwxr-xr-x. 1 root root 413 Oct 10 02:56 notify.sh 

backup

[root@backup keepalived]# cd [root@backup ~]# mkdir /scripts [root@backup ~]# cd /scripts/ [root@backup scripts]# scp root@192.168.222.250:/scripts/notify.sh . The authenticity of host '192.168.222.250 (192.168.222.250)' can't be established. ECDSA key fingerprint is SHA256:y11UDaNXs3AnvVUnZQfAim2VHAplF09YOvQp2NemHyk. Are you sure you want to continue connecting (yes/no/[fingerprint])? yes Warning: Permanently added '192.168.222.250' (ECDSA) to the list of known hosts. root@192.168.222.250's password:  notify.sh                                                          100%  413   429.2KB/s   00:00     [root@backup scripts]# ll total 4 -rwxr-xr-x. 1 root root 413 Oct 10 02:58 notify.sh 

配置keepalived加入监控脚本的配置

master

[root@master scripts]# cd [root@master ~]# vim /etc/keepalived/keepalived.conf [root@master ~]# cat /etc/keepalived/keepalived.conf ! Configuration File for keepalived  global_defs {    router_id lb01 }  vrrp_script haproxy_check {                             //添加     script "/scripts/check_haproxy.sh"     interval 1     weight -20 }  vrrp_instance VI_1 {        //这里主备节点需要一致     state BACKUP     interface ens33      //网卡     virtual_router_id 51     priority 100     //这里比备节点的高     advert_int 5     authentication {         auth_type PASS         auth_pass tushanbu   //密码(可以随机生成)     }     virtual_ipaddress {         192.168.222.133    //高可用虚拟IP(VIP)地址     }     track_script {                      //添加         haproxy_check                   //添加     }                                   //添加     notify_master "/scripts/notify.sh master 192.168.222.133"  //添加 }  virtual_server 192.168.222.133 80 {     delay_loop 6     lb_algo rr     lb_kind DR     persistence_timeout 50     protocol TCP      real_server 192.168.222.250 80 {         weight 1         TCP_CHECK {             connect_port 80             connect_timeout 3             nb_get_retry 3             delay_before_retry 3         }     }      real_server 192.168.222.137 80 {         weight 1         TCP_CHECK {             connect_port 80             connect_timeout 3             nb_get_retry 3             delay_before_retry 3         }     } } [root@master ~]# systemctl restart keepalived.service 

backup

[root@backup ~]# vim /etc/keepalived/keepalived.conf [root@backup ~]# cat /etc/keepalived/keepalived.conf ! Configuration File for keepalived  global_defs {    router_id lb02     }  vrrp_instance VI_1 {       //这里主备节点需要一致     state BACKUP     interface ens33      //网卡     virtual_router_id 51     priority 90     //这里比主节点的小     advert_int 5     authentication {         auth_type PASS         auth_pass tushanbu   //密码(可以随机生成)     }     virtual_ipaddress {         192.168.222.133    //高可用虚拟IP(VIP)地址     }     notify_master "/scripts/notify.sh master 192.168.222.133"           //添加     notify_backup "/scripts/notify.sh backup 192.168.222.133"           //添加 }  virtual_server 192.168.222.133 80 {     delay_loop 6     lb_algo rr     lb_kind DR     persistence_timeout 50     protocol TCP      real_server 192.168.222.250 80 {         weight 1         TCP_CHECK {             connect_port 80             connect_timeout 3             nb_get_retry 3             delay_before_retry 3         }     }      real_server 192.168.222.137 80 {         weight 1         TCP_CHECK {             connect_port 80             connect_timeout 3             nb_get_retry 3             delay_before_retry 3         }     } } [root@backup ~]# systemctl restart keepalived.service  

测试

模拟haproxy服务故障
master端

[root@master ~]# ip a   //有vip 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000     link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00     inet 127.0.0.1/8 scope host lo        valid_lft forever preferred_lft forever     inet6 ::1/128 scope host         valid_lft forever preferred_lft forever 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000     link/ether 00:0c:29:05:f4:28 brd ff:ff:ff:ff:ff:ff     inet 192.168.222.250/24 brd 192.168.222.255 scope global noprefixroute ens33        valid_lft forever preferred_lft forever     inet 192.168.222.133/32 scope global ens33        valid_lft forever preferred_lft forever     inet6 fe80::20c:29ff:fe05:f428/64 scope link         valid_lft forever preferred_lft forever [root@master ~]# curl 192.168.222.133 RS1 [root@master ~]# curl 192.168.222.133 RS2 [root@master ~]# systemctl stop haproxy.service  [root@master ~]# systemctl restart keepalived.service  [root@master ~]# ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000     link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00     inet 127.0.0.1/8 scope host lo        valid_lft forever preferred_lft forever     inet6 ::1/128 scope host         valid_lft forever preferred_lft forever 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000     link/ether 00:0c:29:05:f4:28 brd ff:ff:ff:ff:ff:ff     inet 192.168.222.250/24 brd 192.168.222.255 scope global noprefixroute ens33        valid_lft forever preferred_lft forever     inet6 fe80::20c:29ff:fe05:f428/64 scope link         valid_lft forever preferred_lft forever 

backup
backup变成主

[root@backup ~]# systemctl start haproxy.service  [root@backup ~]# systemctl restart keepalived.service  [root@backup ~]# ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000     link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00     inet 127.0.0.1/8 scope host lo        valid_lft forever preferred_lft forever     inet6 ::1/128 scope host         valid_lft forever preferred_lft forever 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000     link/ether 00:0c:29:c7:0e:b2 brd ff:ff:ff:ff:ff:ff     inet 192.168.222.137/24 brd 192.168.222.255 scope global noprefixroute ens33        valid_lft forever preferred_lft forever     inet 192.168.222.133/32 scope global ens33        valid_lft forever preferred_lft forever     inet6 fe80::20c:29ff:fec7:eb2/64 scope link         valid_lft forever preferred_lft forever [root@backup ~]# curl 192.168.222.133 RS1 [root@backup ~]# curl 192.168.222.133 RS2 [root@backup ~]# curl 192.168.222.133 RS1 [root@backup ~]# curl 192.168.222.133 RS2 

启动master端的haproxy服务
master
master变回主

[root@master ~]# systemctl start haproxy.service  [root@master ~]# systemctl restart keepalived.service  [root@master ~]# ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000     link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00     inet 127.0.0.1/8 scope host lo        valid_lft forever preferred_lft forever     inet6 ::1/128 scope host         valid_lft forever preferred_lft forever 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000     link/ether 00:0c:29:05:f4:28 brd ff:ff:ff:ff:ff:ff     inet 192.168.222.250/24 brd 192.168.222.255 scope global noprefixroute ens33        valid_lft forever preferred_lft forever     inet 192.168.222.133/32 scope global ens33        valid_lft forever preferred_lft forever     inet6 fe80::20c:29ff:fe05:f428/64 scope link         valid_lft forever preferred_lft forever [root@master ~]# curl 192.168.222.133 RS1 [root@master ~]# curl 192.168.222.133 RS2 [root@master ~]# curl 192.168.222.133 RS1 [root@master ~]# curl 192.168.222.133 RS2 

backup

[root@backup ~]# ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000     link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00     inet 127.0.0.1/8 scope host lo        valid_lft forever preferred_lft forever     inet6 ::1/128 scope host         valid_lft forever preferred_lft forever 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000     link/ether 00:0c:29:c7:0e:b2 brd ff:ff:ff:ff:ff:ff     inet 192.168.222.137/24 brd 192.168.222.255 scope global noprefixroute ens33        valid_lft forever preferred_lft forever     inet6 fe80::20c:29ff:fec7:eb2/64 scope link         valid_lft forever preferred_lft forever