需求：使用Haproxy對兩臺Nginx做負(fù)載均衡扮授，并且兩臺Haproxy之間做keepalived坟奥，Nginx代理后端tomcat

Haproxy（keepalived）主：172.16.10.102

Haproxy（keepalived）備：172.16.10.142

keepalived vip：172.16.10.188

Nginx1:172.16.10.162

Nginx2:172.16.10.167

安裝Haproxy并設(shè)置日志以及Nginx配置這里就不說了

配置Haproxy（兩臺一樣）

# vim /etc/haproxy/haproxy.cfg

global

log???????? 127.0.0.1 local2

chroot????? /var/lib/haproxy

pidfile???? /var/run/haproxy.pid

maxconn???? 4000

user??????? haproxy

group?????? haproxy

daemon

stats socket/var/lib/haproxy/stats

defaults

mode??????????????? ????tcp

log???????????????????? global

option????????????????? tcplog

option????????????????? dontlognull

option http-server-close

option forwardfor?????? except 127.0.0.0/8

option????????????????? redispatch

retries???????????????? 3

timeout http-request??? 10s

timeout queue?????????? 1m

timeout connect???????? 10s

timeout client????????? 100m

timeout http-keep-alive 10s

timeout check?????????? 10s

maxconn???????????????? 3000

listen nginx-http

bind 0.0.0.0:80

mode tcp

balance source

server s1 172.16.10.167:80check

server s2 172.16.10.162:80check

listen nginx-https

bind 0.0.0.0:443

mode tcp

balance source

server s1 172.16.10.167:443check

server s2 172.16.10.162:443check

安裝keepalived

# yum install keepalived -y

配置keepalived主

# vim /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {

interval 2

weight 2

router_id LVS_DEVEL

}

vrrp_script chk_haproxy {

script"/etc/keepalived/check_haproxy.sh"

interval 2

weight 2

}

vrrp_instance VI_1 {

state MASTER

interface eno16777736? #用來發(fā)VRRP包的網(wǎng)卡

virtual_router_id 51

priority 100

advert_int 1

authentication {

auth_type PASS

auth_pass 5555

}

track_script {

chk_haproxy ?#監(jiān)測haproxy進(jìn)程狀態(tài)

}

virtual_ipaddress {

172.16.10.188

}

}

配置keepalived備

# vim /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {

interval 2

weight 2

router_id LVS_DEVEL

}

vrrp_script chk_haproxy {

script"/etc/keepalived/check_haproxy.sh"

interval 2

weight 2

}

vrrp_instance VI_1 {

state BACKUP

interface eno16777736? #用來發(fā)VRRP包的網(wǎng)卡

virtual_router_id 51

priority 99

advert_int 1

authentication {

auth_type PASS

auth_pass 5555

}

track_script {

chk_haproxy ?#監(jiān)測haproxy進(jìn)程狀態(tài)

}

virtual_ipaddress {

172.16.10.188

}

}

Haproxy進(jìn)程狀態(tài)檢測腳本

# vim /etc/keepalived/check_haproxy.sh

#!/bin/bash

Hostname=Haproxy-102

date=`date +"%Y-%m-%d %H:%M:%S"`

mail=15001098653@163.com

if [ `ps -C haproxy --no-header | wc -l` -eq 0 ];then

systemctl start haproxy

echo "$date $Hostname Haproxy started by keepalived" | mail -s"$Hostname Haproxy started by keepalived" $mail

fi

Keepalived主從切換狀態(tài)檢測腳本

因?yàn)閗eepalived在vip切換時哩都，在haproxy日志中會有輸出绽诚，所以檢測haproxy日志就可以

# vim /usr/local/shell/check_keepalived.sh

#!/bin/bash

#主機(jī)名

Hostname=Haproxy-102

#收件人

mail=********@163.com

#記錄上一次的行數(shù)

Last_num_d=/tmp/keepalived/lastnum

#日志目錄

Log_directory=/var/log/haproxy

#目錄判斷

d_judge(){

[ ! -d $1 ] && mkdir -p $1

}

d_judge $Last_num_d

for logfile in `ls $Log_directory | grep haproxy.log`; do

#先判斷當(dāng)前日志目錄是否為空监署，為空直接退出循環(huán)

[ ! -s $Log_directory/$logfile ]&& echo "`date` $logfile is empty" && continue

#判斷記錄上一次檢查的行數(shù)的文件是否存在日麸，不存在則給一個初始值

[ ! -f"$Last_num_d/$logfile" ] && echo 1 > $Last_num_d/$logfile

#將上一次值賦給變量

last_count=`cat$Last_num_d/$logfile`

new_last_count=`expr $last_count+ 1`

#將當(dāng)前的行數(shù)值賦給變量

current_count=`grep -Fc"" $Log_directory/$logfile`

#判斷當(dāng)前行數(shù)跟上一次行數(shù)是否相等寄啼，相等則退出當(dāng)前循環(huán)

[ $last_count -eq $current_count] && echo "`date` $logfile no change" && continue

#由于日志文件每天都會截斷，因此會出現(xiàn)當(dāng)前行數(shù)小于上一次行數(shù)的情況代箭，此種情況出現(xiàn)則將上一次行數(shù)置1

[ $last_count -gt $current_count] && last_count=1 && echo $last_count > $Last_num_d/$logfile&& continue

#截取上一次檢查到的行數(shù)至當(dāng)前行數(shù)的日志并檢索出含有" removed "字段的日志墩划，并重定向到相應(yīng)的ERROR日志文件

sed -n"$new_last_count,$current_count p" $Log_directory/$logfile | grep 'IP172.16.10.188 removed' > $Error_log/$logfile && echo "`date`$logfile error " || echo "`date` $logfile changed but no error"

#判斷ERROR日志是否存在且不為空，不為空則說明有錯誤日志梢卸，繼而發(fā)送報警信息

[ -s $Error_log/$logfile ] && echo -e"$HOSTNAME \n `cat $Error_log/$logfile`" | mail -s "$HostnameKeepalived VIP Removed" $mail

#截取上一次檢查到的行數(shù)至當(dāng)前行數(shù)的日志并檢索出含有" added "字段的日志走诞，并重定向到相應(yīng)的ERROR日志文件

sed -n"$new_last_count,$current_count p" $Log_directory/$logfile | grep 'IP172.16.10.188 added' > $Error_log/$logfile && echo "`date`$logfile error " || echo "`date` $logfile changed but no error"

#判斷ERROR日志是否存在且不為空，不為空則說明有錯誤日志蛤高，繼而發(fā)送報警信息

[ -s $Error_log/$logfile ]&& echo -e "$HOSTNAME \n `cat $Error_log/$logfile`" | mail -s"$Hostname Keepalived VIP Added" $mail

#結(jié)束本次操作之后把當(dāng)前的行號作為下一次檢索的last number

echo $current_count >$Last_num_d/$logfile

done

添加計劃任務(wù)每分鐘執(zhí)行

# crontab -e

* * * * * /usr/local/shell/check_keepalived.sh