博客分类：

（一）Keepalived

（1）安装

# cd /usr/local/src
# wget http://www.keepalived.org/software/keepalived-1.2.15.tar.gz
# tar zxvf keepalived-1.2.15.tar.gz
# cd keepalived-1.2.15
# ./configure
# make && make install

（2）配置

# cp /usr/local/etc/rc.d/init.d/keepalived /etc/rc.d/init.d/
# cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/
# mkdir /etc/keepalived
# cp /usr/local/etc/keepalived/keepalived.conf /etc/keepalived/
# cp /usr/local/sbin/keepalived /usr/sbin/
# mv /etc/keepalived/keepalived.cfg /etc/keepalived/keepalived.cfg.org
# vi /etc/keepalived/keepalived.conf
    ! Configuration File for keepalived

    global_defs {
       notification_email {
         cluster-admin@example.org
       }
       notification_email_from noreply@example.org
       smtp_server smtp.example.org
       smtp_connect_timeout 30
       router_id act
    }

    include haproxy_servers.conf  #设置HAProxy
    include lvs_*_servers.conf      #设置LVS
# /etc/init.d/keepalived start

（二）HAProxy

（1）安装

# cd /usr/local/src
# wget http://www.haproxy.org/download/1.5/src/haproxy-1.5.11.tar.gz
# tar zxvf haproxy-1.5.11.tar.gz
# cd haproxy-1.5.11
# make TARGET=linux2628 CPU=x86_64 USE_OPENSSL=1 USE_ZLIB=1 USE_PCRE=1
# make install

（2）添加用户

# useradd -s /usr/sbin/nologin -r haproxy

（3）SSL证书

# mkdir -p /etc/rensn/certs
# openssl req -x509 -nodes -newkey rsa:2048 -keyout /etc/rensn/certs/haproxy.pem -out /etc/rensn/certs/haproxy.pem -days 365
# cd /etc/rensn/certs
# chmod 600 haproxy.pem

（4）配置

# cp /usr/local/sbin/haproxy* /usr/sbin/
# cp /usr/local/src/haproxy-1.5.11/examples/haproxy.init /etc/init.d/haproxy
# chmod +x /etc/init.d/haproxy
# mkdir -p /etc/haproxy
# cp /usr/local/src/haproxy-1.5.11/examples/examples.cfg /etc/haproxy/haproxy.cfg
# mkdir -p /var/lib/haproxy
# touch /var/lib/haproxy/stats
# vi /etc/haproxy/haproxy.cfg
    global
        # 设置日志
        log         127.0.0.1 local2 info
        chroot    /var/lib/haproxy
        pidfile     /var/run/haproxy.pid
        # 最大链接数
        maxconn     256
        # 运行的用户
        user        haproxy
        group       haproxy
        # 启动服务
        daemon
        # 最大SSL链接数
        maxsslconn     256
        # Diffie-Hellman
        tune.ssl.default-dh-param 2048
        # 运行HAProxy的线程数（建议为1）
        nbproc  1

    defaults
        # Layer4负载均衡
        mode              tcp
        # 日志设置继承global
        log                global
        # 获取HTTP请求日志
        option             httplog
        # 后端未响应的超时时间
        timeout connect    10s
        # 后端的超时时间
        timeout client     30s
        # 服务器超时时间
        timeout server     30s

    # 前端定义 ( http-in 为任意字符 )
    frontend http-in
        # 监听80端口
        bind *:80
        # 默认的后端定义
        default_backend    backend_servers
        # 传递X-Forwarded-For
        option             forwardfor
        # 监听443端口
        bind *:443 ssl crt /etc/rensn/certs/haproxy.pem

    # 后端定义
    backend backend_servers
        # 负载均衡方式
        balance            roundrobin
        # 后端服务器的定义
        server             www01 192.168.21.100:80 check
        server             www02 192.168.21.110:80 check
        server             www02 192.168.21.120:80 check disabled
# service haproxy start

（5）keepalived设置

# vi /etc/keepalived/haproxy_servers.conf
   vrrp_script chk_haproxy {
      script "killall -0 haproxy"   # verify the pid existance
      interval 2                    # check every 2 seconds
      weight 2                      # add 2 points of prio if OK
   }

   vrrp_instance VI_1 {
      state MASTER              # MASTER on master, BACKUP on backup
      interface eth1                # interface to monitor
      virtual_router_id 51          # Assign one ID for this route (tcpdump vrrp)
      priority 101                  # 101 on master, 100 on backup
      virtual_ipaddress {
          192.168.21.100            # the virtual IP
      }
      track_script {
          chk_haproxy
      }
   }
# /etc/init.d/keepalived restart

（三）LVS

（1）安装

Linux内核里已经包含了ip_vs模块，只需要安装管理工具

# yum -y install ipvsadm

（2）网络设置

# vi /etc/sysctl.conf
    net.ipv4.ip_forward = 1
    net.ipv4.conf.default.rp_filter = 0
# sysctl -p
# cat /proc/sys/net/ipv4/ip_forward
    1
# sevice network restart

（3）LB设置

# ipvsadm -C
# ipvsadm -A -t 192.168.21.100:80
# ipvsadm -ln
# service ipvsadm save

（4）keepalived设置

Shell代码  

      # vi /etc/keepalived/lvs_http_servers.conf
    virtual_server <lvs_srv_ip> 80 {
      delay_loop   20
      lvs_sched    lc
      lvs_method   NAT
      protocol     TCP

      real_server  <web1_srv_ip> 80 {
        weight 1
        inhibit_on_failure
        HTTP_GET {
          url {
            path /
            status_code 200
          }
          connect_timeout 5
          nb_get_retry 3
          delay_before_retry 20
        }
      }
     real_server  <web2_srv_ip> 80 {
        weight 1
        inhibit_on_failure
        HTTP_GET {
          url {
            path /
            status_code 200
          }
          connect_timeout 5
          nb_get_retry 3
          delay_before_retry 20
        }
    }
# /etc/init.d/keepalived restart