需求：使用Haproxy对两台Nginx做负载均衡，并且两台Haproxy之间做keepalived，Nginx代理后端tomcat

Haproxy（keepalived）主：172.16.10.102

Haproxy（keepalived）备：172.16.10.142

keepalived vip：172.16.10.188

Nginx1:172.16.10.162

Nginx2:172.16.10.167

安装Haproxy并设置日志以及Nginx配置这里就不说了

配置Haproxy（两台一样）

# vim /etc/haproxy/haproxy.cfg

global

log         127.0.0.1 local2

chroot      /var/lib/haproxy

pidfile     /var/run/haproxy.pid

maxconn     4000

user        haproxy

group       haproxy

daemon

stats socket/var/lib/haproxy/stats

defaults

mode                    tcp

log                     global

option                  tcplog

option                  dontlognull

option http-server-close

option forwardfor       except 127.0.0.0/8

option                  redispatch

retries                 3

timeout http-request    10s

timeout queue           1m

timeout connect         10s

timeout client          100m

timeout http-keep-alive 10s

timeout check           10s

maxconn                 3000

listen nginx-http

bind 0.0.0.0:80

mode tcp

balance source

server s1 172.16.10.167:80check

server s2 172.16.10.162:80check

listen nginx-https

bind 0.0.0.0:443

mode tcp

balance source

server s1 172.16.10.167:443check

server s2 172.16.10.162:443check

安装keepalived

# yum install keepalived -y

配置keepalived主

# vim /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {

interval 2

weight 2

router_id LVS_DEVEL

}

vrrp_script chk_haproxy {

script"/etc/keepalived/check_haproxy.sh"

interval 2

weight 2

}

vrrp_instance VI_1 {

state MASTER

interface eno16777736  #用来发VRRP包的网卡

virtual_router_id 51

priority 100

advert_int 1

authentication {

auth_type PASS

auth_pass 5555

}

track_script {

chk_haproxy  #监测haproxy进程状态

}

virtual_ipaddress {

172.16.10.188

}

}

配置keepalived备

# vim /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {

interval 2

weight 2

router_id LVS_DEVEL

}

vrrp_script chk_haproxy {

script"/etc/keepalived/check_haproxy.sh"

interval 2

weight 2

}

vrrp_instance VI_1 {

state BACKUP

interface eno16777736  #用来发VRRP包的网卡

virtual_router_id 51

priority 99

advert_int 1

authentication {

auth_type PASS

auth_pass 5555

}

track_script {

chk_haproxy  #监测haproxy进程状态

}

virtual_ipaddress {

172.16.10.188

}

}

Haproxy进程状态检测脚本

# vim /etc/keepalived/check_haproxy.sh

#!/bin/bash

Hostname=Haproxy-102

date=`date +"%Y-%m-%d %H:%M:%S"`

mail=15001098653@163.com

if [ `ps -C haproxy --no-header | wc -l` -eq 0 ];then

systemctl start haproxy

echo "$date $Hostname Haproxy started by keepalived" | mail -s"$Hostname Haproxy started by keepalived" $mail

fi

Keepalived主从切换状态检测脚本

因为keepalived在vip切换时，在haproxy日志中会有输出，所以检测haproxy日志就可以

# vim /usr/local/shell/check_keepalived.sh

#!/bin/bash

#主机名

Hostname=Haproxy-102

#收件人

mail=********@163.com

#记录上一次的行数

Last_num_d=/tmp/keepalived/lastnum

#日志目录

Log_directory=/var/log/haproxy

#目录判断

d_judge(){

[ ! -d $1 ] && mkdir -p $1

}

d_judge $Last_num_d

for logfile in `ls $Log_directory | grep haproxy.log`; do

#先判断当前日志目录是否为空，为空直接退出循环

[ ! -s $Log_directory/$logfile ]&& echo "`date` $logfile is empty" && continue

#判断记录上一次检查的行数的文件是否存在，不存在则给一个初始值

[ ! -f"$Last_num_d/$logfile" ] && echo 1 > $Last_num_d/$logfile

#将上一次值赋给变量

last_count=`cat$Last_num_d/$logfile`

new_last_count=`expr $last_count+ 1`

#将当前的行数值赋给变量

current_count=`grep -Fc"" $Log_directory/$logfile`

#判断当前行数跟上一次行数是否相等，相等则退出当前循环

[ $last_count -eq $current_count] && echo "`date` $logfile no change" && continue

#由于日志文件每天都会截断，因此会出现当前行数小于上一次行数的情况，此种情况出现则将上一次行数置1

[ $last_count -gt $current_count] && last_count=1 && echo $last_count > $Last_num_d/$logfile&& continue

#截取上一次检查到的行数至当前行数的日志并检索出含有" removed "字段的日志，并重定向到相应的ERROR日志文件

sed -n"$new_last_count,$current_count p" $Log_directory/$logfile | grep 'IP172.16.10.188 removed' > $Error_log/$logfile && echo "`date`$logfile error " || echo "`date` $logfile changed but no error"

#判断ERROR日志是否存在且不为空，不为空则说明有错误日志，继而发送报警信息

[ -s $Error_log/$logfile ] && echo -e"$HOSTNAME \n `cat $Error_log/$logfile`" | mail -s "$HostnameKeepalived VIP Removed" $mail

#截取上一次检查到的行数至当前行数的日志并检索出含有" added "字段的日志，并重定向到相应的ERROR日志文件

sed -n"$new_last_count,$current_count p" $Log_directory/$logfile | grep 'IP172.16.10.188 added' > $Error_log/$logfile && echo "`date`$logfile error " || echo "`date` $logfile changed but no error"

#判断ERROR日志是否存在且不为空，不为空则说明有错误日志，继而发送报警信息

[ -s $Error_log/$logfile ]&& echo -e "$HOSTNAME \n `cat $Error_log/$logfile`" | mail -s"$Hostname Keepalived VIP Added" $mail

#结束本次操作之后把当前的行号作为下一次检索的last number

echo $current_count >$Last_num_d/$logfile

done

添加计划任务每分钟执行

# crontab -e

* * * * * /usr/local/shell/check_keepalived.sh