HAproxy&keepalived 實現tcp負載均衡

haproxy 安裝 (安裝到兩臺Server)
#untar the tar package to /usr/local/
tar -zxvf haproxy-1.7.3.tar.gz -C /usr/local/
to check the Linux Kernel version
uname -a
change directory to the haproxy-1.7.3
cd /usr/local/haproxy-1.7.3
make install, TARGET is the Linux Kernel version
make TARGET=linux26 ARCH=x86_64 PREFIX=/usr/local/haproxy
make install PREFIX=/usr/local/haproxy
cd /usr/local/haproxy
mkdir conf
mkdir logs

1. haproxy 配置（兩臺Server配置相同）
   vi /usr/local/haproxy/conf/haproxy.cfg ##global config##
   global
   chroot /usr/local/haproxy
   daemon
   nbproc 1
   group root
   user root
   pidfile /usr/local/haproxy/logs/haproxy.pid
   ulimit-n 65536
   #spread-checks 5m
   #stats timeout 5m
   #stats maxconn 100
   ##defalt config##
   defaults
   mode tcp # mode{tcp|http|health}, tcp is for 4th layer, http is for 7th layer
   retries 3 # retry 3 times fail, the server is supposed to be unavailable
   option redispatch # while the server download, enforce re-direct to other health server
   option abortonclose # while the load is high, close the more logger connection automatically
   maxconn 32000 # max connection
   timeout connect 5000ms # connect timeout
   timeout client 30000ms # client connect timeout
   timeout server 30000ms # server connect timeout
   #timeout check 2000 # heart check
   log 127.0.0.1 local0 err #[err warning info debug]
   ##google mail##
   listen google_mail
   bind 10.103.219.60:8006
   mode tcp
   balance roundrobin
   server s-67 10.103.219.67:41414 weight 1 maxconn 10000 check inter 10s
   server s-68 10.103.219.68:41414 weight 1 maxconn 10000 check inter 10s
   server s-69 10.103.219.69:41414 weight 1 maxconn 10000 check inter 10s
   ##google drive##
   listen google_drive
   bind 10.103.219.60:8007
   mode tcp
   balance roundrobin
   server s-67 10.103.219.67:41424 weight 1 maxconn 10000 check inter 10s
   server s-68 10.103.219.68:41424 weight 1 maxconn 10000 check inter 10s
   server s-69 10.103.219.69:41424 weight 1 maxconn 10000 check inter 10s
   ##dropbox##
   listen dropbox
   bind 10.103.219.60:8008
   mode tcp
   balance roundrobin
   server s-67 10.103.219.67:41434 weight 1 maxconn 10000 check inter 10s
   server s-68 10.103.219.68:41434 weight 1 maxconn 10000 check inter 10s
   server s-69 10.103.219.69:41434 weight 1 maxconn 10000 check inter 10s
   ##statistics##
   listen proxy_stats
   bind 0.0.0.0:8099 # listen port
   mode http
   option httplog # http log
   #log 127.0.0.1 local0 err
   maxconn 10
   stats refresh 30s #
   stats uri /proxy_stats # url of the statistics page
   stats realm CASB Haproxy Statistics # prompt message
   stats auth admin:admin #user and password
   stats auth molly:molly #can set several user and password
   #stats hide-version # hide version of haproxy
   stats admin if TRUE
2. 服務開啟
   vi /usr/local/haproxy/sbin/haproxy.sh
   #!/bin/sh
   /usr/local/haproxy/sbin/haproxy -f /usr/local/haproxy/conf/haproxy.cfg &
   chmod +x /usr/local/haproxy/sbin/haproxy.sh
   # start the haproxy
   ./usr/local/haproxy/sbin/haproxy.sh # check haproxy is running
   ps -ef| grep haproxy

Keepalived 安裝（兩臺Server均安裝）
# prerequisites
apt-get install libssl-dev
#untar the tar package to /usr/local/
tar zxvf /home/molly/keepalived-1.3.5.tar.gz -C /usr/local/
# change directory to the keepalived-1.3.5
cd /usr/local/keepalived-1.3.5
# make install,
./configure --prefix=/usr/local/keepalived
make && make install

1. keepalived配置（master Server）
   vi /usr/local/keepalived/etc/keepalived/keepalived.conf
   global_defs {
   notification_email {
   mywang@xxx.com
   }
   notification_email_from keepalived@domain.com
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id LVS_DEVEL
   }
   vrrp_script chk_http_port {
   script "/usr/local/keepalived/check_haproxy.sh"
   interval 2
   weight 2
   }
   vrrp_instance VI_1 {
   state MASTER ## the other server is BACKUP
   interface eth0
   virtual_router_id 51
   mcast_src_ip 10.103.219.71
   priority 100 ##value is bigger than backup
   advert_int 1
   authentication {
   auth_type PASS
   auth_pass 1111
   }
   track_script {
   chk_http_port ### monitoring service
   }
   virtual_ipaddress {
   10.103.219.60
   }
   }
   #check haproxy
   vi /usr/local/keepalived/check_haproxy.sh
   #!/bin/bash
   if [ $(ps -C haproxy --no-header | wc -l) -eq 0 ]; then
   ./usr/local/haproxy/sbin/haproxy.sh
   fi
   sleep 2
   if [ $(ps -C haproxy --no-header | wc -l) -eq 0 ]; then
   service keepalived stop
   fi
   vi /usr/local/keepalived/sbin/keepalived.sh
   #!/bin/sh
   /usr/local/keepalived/sbin/keepalived -f /usr/local/keepalived/etc/keepalived/keepalived.conf &
   chmod +x /usr/local/keepalived/sbin/keepalived.sh
   # start keepalived
   ./usr/local/keepalived/sbin/keepalived.sh
   # check virtual IP
   ip addr

2. keepalived配置（backup Server）
   global_defs {
   notification_email {
   mywang@xxxx.com
   }
   notification_email_from keepalived@domain.com
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id LVS_DEVEL
   }
   vrrp_script chk_http_port {
   script "/usr/local/keepalived/check_haproxy.sh"
   interval 2
   weight 2
   }
   vrrp_instance VI_1 {
   state BACKUP ## BACKUP
   interface eth0
   virtual_router_id 51
   mcast_src_ip 10.103.219.72
   priority 99 ##value is smaller than master
   advert_int 1
   authentication {
   auth_type PASS
   auth_pass 1111
   }
   #track_script {
   # chk_http_port ### monitoring service
   # }
   virtual_ipaddress {
   10.103.219.60
   }
   }
   vi /usr/local/keepalived/check_haproxy.sh
   #!/bin/bash
   if [ $(ps -C haproxy --no-header | wc -l) -eq 0 ]; then
   ./usr/local/haproxy/sbin/haproxy.sh
   fi
   sleep 2
   if [ $(ps -C haproxy --no-header | wc -l) -eq 0 ]; then
   service keepalived stop
   fi
   vi /usr/local/keepalived/sbin/keepalived.sh
   #!/bin/sh
   /usr/local/keepalived/sbin/keepalived -f /usr/local/keepalived/etc/keepalived/keepalived.conf &
   chmod +x /usr/local/keepalived/sbin/keepalived.sh
   # start keepalived
   ./usr/local/keepalived/sbin/keepalived.sh
   # check virtual IP
   ip addr