前言

安装方式：yum
服务器环境：Centos7.5
haproxy版本：1.5.18
目标：实现两台haproxy服务器双机热备，以解决haproxy服务器单点故障问题，实现服务器的高可用；

1、准备工作

1.1 服务器准备

• haproxy11：192.168.45.11
• haproxy12：192.168.45.12
• 虚拟ip地址：192.168.145.10

1.2 关闭防火墙

# 查看防火墙状态，如果状态是“running”，那么关闭！
firewall-cmd --state
# 关闭防火墙
systemctl stop firewalld

1.3 设置selinux

setenforce 0

2、haproxy安装与配置

haproxy11与haproxy12安装与配置完全一致

2.1 安装

yum -y install haproxy
cp /etc/haproxy/haproxy.cfg /etc/haproxy/haproxy.cfg.bak
vi /etc/haproxy/haproxy.cfg

2.2 haproxy.cfg配置

#---------------------------------------------------------------------
# Example configuration for a possible web application. See the
# full configuration options online.
#
# http://haproxy.1wt.eu/download/1.4/doc/configuration.txt
#
#---------------------------------------------------------------------

#---------------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------
global
    log         127.0.0.1 local1
    chroot      /var/lib/haproxy
    pidfile     /var/run/haproxy.pid
    maxconn     4000
    user        haproxy
    group       haproxy
    daemon
    stats socket /var/lib/haproxy/stats

defaults
    mode                    http
    log                     global
    option                  httplog
    option                  dontlognull
    option http-server-close
    option forwardfor       except 127.0.0.0/8
    option                  redispatch
    retries                 3
    timeout http-request    10s
    timeout queue           1m
    timeout connect         10s
    timeout client          1m
    timeout server          1m
    timeout http-keep-alive 10s
    timeout check           10s
    maxconn                 3000
listen stats
        bind          0.0.0.0:8888
        mode          http
        stats         enable
        stats         hide-version
        stats uri     /haproxystats
        stats realm   Haproxy\ stats
        stats auth    admin:admin
        stats admin   if TRUE

frontend http-in
        bind 0.0.0.0:5672
        mode tcp
        log global
        option httplog
        option httpclose
        default_backend rabbitmq-server

backend rabbitmq-server
        mode tcp
        balance roundrobin
        server  node1 192.168.45.201:5672 maxconn 2000 weight 1  check inter 5s rise 2 fall 2
        server  node2 192.168.45.202:5672 maxconn 2000 weight 1  check inter 5s rise 2 fall 2
        server  node3 192.168.45.203:5672 maxconn 2000 weight 1  check inter 5s rise 2 fall 2

2.3 rsyslog 日志配置

vi /etc/rsyslog.conf

# Provides UDP syslog reception
# 打开下面的配置
$ModLoad imudp
$UDPServerRun 514

# Provides TCP syslog reception
# 打开下面的配置
$ModLoad imtcp
$InputTCPServerRun 514

# Save boot messages also to boot.log
# 添加下面的配置
local1.*                          /var/log/haproxy/haproxy.log

2.4 启动服务

# 创建日志文件夹
mkidr /var/log/haproxy
# 启动日志服务
systemctl restart rsyslog.service
# 启动haproxy
systemctl start haproxy
# 查看haproxy 启动日志
cat /var/log/haproxy/haproxy.log
# 实时查看haproxy 日志
tail -f /var/log/haproxy.log

2.5 登录并验证

haproxy11管理后台地址：192.168.45.11:8888/haproxystats
haproxy12管理后台地址：192.168.45.12:8888/haproxystats
账号：admin
密码：admin

3、安装与配置keepalived

在haproxy11与haproxy12中分别安装keepalived

3.1 安装keepalived

yum -y install keepalived

3.2 配置keepalived（haproxy11）

cp /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak
vi /etc/keepalived/keepalived.conf

keepalived.conf配置内容

! Configuration File for keepalived

global_defs {
    
   router_id director1
}
vrrp_script check_haproxy {
    
   script "/etc/keepalived/haproxy_chk.sh"
   interval 5
}

vrrp_instance VI_1 {
    
    state MASTER
    interface ens33
    virtual_router_id 80
    priority 100
    advert_int 1
    authentication {
    
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
    
        192.168.45.10
    }
    track_script {
    
        check_haproxy
    }
}

3.3 配置keepalived（haproxy12）

cp /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak
vi /etc/keepalived/keepalived.conf

keepalived.conf配置内容

! Configuration File for keepalived

global_defs {
    
   router_id director2
}
vrrp_script check_haproxy {
    
   script "/etc/keepalived/haproxy_chk.sh"
   interval 5
}

vrrp_instance VI_1 {
    
    state BACKUP
    interface ens33
    virtual_router_id 80
    priority 50
    advert_int 1
    authentication {
    
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
    
        192.168.45.10
    }
    track_script {
    
        check_haproxy
    }
}

3.4 配置健康检测脚本haproxy_chk.sh

haproxy11 与 haproxy12 中的配置一样！

#!/usr/bin/env bash
# test haproxy server running
systemctl status haproxy.service &>/dev/null
if [ $? -ne 0 ];then
    systemctl start haproxy.service &>/dev/null
    sleep 5
    systemctl status haproxy.service &>/dev/null
    if [ $? -ne 0 ];then
        systemctl stop keepalived
    fi
fi

3.5 验证虚拟IP

systemctl start keepalived
# 在haproxy11 和haproxy12 都成功启动的情况下，分别在haproxy11 和haproxy12中运行下列命令
ip addr

停掉 haproxy11 服务器 在 haproxy12 中查看ip地址：

4、相关启动命令

firewall-cmd --state
systemctl stop firewalld && setenforce 0
systemctl restart rsyslog.service
systemctl start haproxy
systemctl start keepalived
systemctl status haproxy

5、遇到的问题

5.1 网卡问题

当搭建好 haproxy + keepalived 双活热备服务器后，在测试过程中发现，当完全关闭其中某一台haproxy服务器后，发现：IP 地址无法正常显示，即：ip addr 等相关命令中，没有之前配置的IP地址信息，且使用命令：systemctl restart network.service 会报错：

解决方案：

# 查看NetworkManager状态
systemctl status NetworkManager
# NetworkManager和network是两个不同的服务,它们是互相冲突的。最根本的解决办法就是把NetworkManager服务停掉
# 暂停, 服务器重启后还是会启动
systemctl stop NetworkManager
# 永久停止
systemctl disable NetworkManager
# 启动网络服务
systemctl start network.service
# 查看IP地址, 看是否正常。如果还是不行，那就重启服务器吧！
ip  addr

5.2 keepalived服务问题

当搭建好 haproxy + keepalived 双活热备服务器后，在测试过程中发现，有时候keepalived服务即使是运行状态，还是无法使用vip访问haproxy服务器的地址。那么可能需要重启keepalived服务：

systemctl restart keepalived