使用HAproxy实现view connction负载均衡

1.先安装所需要的服务进程：

#yum ‐y install haproxy keepalived

2.编辑keeoalived的配置文件

[root@dragon ~]# cat /etc/keepalived/keepalived.conf
global_defs {
notification_email {
keepalived
}
notification_email_from keepalived@domain.local
smtp_server 192.168.1.200
smtp_connect_timeout 30
router_id 10.10.1.222
}
vrrp_script chk_haproxy {
script "killall -0 haproxy"
interval 1                     # 监控HAproxy在本机是否存活
weight 2
}
vrrp_instance VI_1 {
interface eth0                    #虚拟ip绑定在本机的eth0网卡上
state MASTER
smtp_alert
virtual_router_id 51
priority 101                   # 101 是 master优先级, 100 是 slaves的优先级
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.10.1.222        #虚拟IP
}
track_script {
chk_haproxy
}
}

3.允许keepalied的虚拟IP绑定，编辑/etc/sysctl.conf配置文件

net.ipv4.ip_nonlocal_bind = 1

4.配置防火墙

接受VRRP广播域的包

iptables ‐I INPUT ‐d 224.0.0.0/8 ‐j ACCEPT

为vrrp协议添加规则

iptables ‐I INPUT ‐p 112 ‐j ACCEPT

开放80和443端口

iptables ‐I INPUT ‐p tcp ‐‐dport 80 ‐j ACCEPT
iptables ‐I INPUT ‐p tcp ‐‐dport 443 ‐j ACCEPT
service iptables save

5.编辑haproxy的配置文件：

---------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------
global
# to have these messages end up in /var/log/haproxy.log you will
# need to:
#
# 1) configure syslog to accept network log events.  This is done
#    by adding the '-r' option to the SYSLOGD_OPTIONS in
#    /etc/sysconfig/syslog
#
# 2) configure local2 events to go to the /var/log/haproxy.log
#   file. A line like the following can be added to
#   /etc/sysconfig/syslog
#
#    local2.*                       /var/log/haproxy.log
#
log         127.0.0.1 local2
chroot      /var/lib/haproxy
pidfile     /var/run/haproxy.pid
maxconn     4000
user        haproxy
group       haproxy
daemon
# turn on stats unix socket
stats socket /var/lib/haproxy/stats
#---------------------------------------------------------------------
# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
#---------------------------------------------------------------------
defaults
mode                    http
log                     global
option                  httplog
option                  dontlognull
option http-server-close
option forwardfor       except 127.0.0.0/8
option                  redispatch
retries                 3
timeout http-request    10s
timeout queue           1m
timeout connect         10s
timeout client          1m
timeout server          1m
timeout http-keep-alive 10s
timeout check           10s
maxconn                 3000
stats refresh 30s
stats uri  /stats
stats realm welcome
stats auth admin:dragon123
stats hide-version
#---------------------------------------------------------------------
# main frontend which proxys to the backends
#---------------------------------------------------------------------
#frontend  main *:5000
#    acl url_static       path_beg       -i /static /images /javascript /stylesh
#    acl url_static       path_end       -i .jpg .gif .png .css .js
#
#   use_backend static          if url_static
#  default_backend             app
#---------------------------------------------------------------------
# static backend for serving up images, stylesheets and such
#---------------------------------------------------------------------
#backend static
#    balance     roundrobin
#    server      static 127.0.0.1:4331 check
#---------------------------------------------------------------------
# round robin balancing between the various backends
#---------------------------------------------------------------------
#backend app
#   balance     roundrobin
#   server  app1 127.0.0.1:5001 check
#    server  app2 127.0.0.1:5002 check
#    server  app3 127.0.0.1:5003 check
#    server  app4 127.0.0.1:5004 check
#
frontend unsecured
bind 10.10.1.222:80
redirect location https://view.domain.local #---------------------------------------------------------------------
# frontend secured
#---------------------------------------------------------------------
frontend secured
bind 10.10.1.222:443 #ssl crt ./haproxy-cert.pem
mode tcp
default_backend view
#---------------------------------------------------------------------
# balancing between the various backends
#---------------------------------------------------------------------
backend view
mode tcp
balance source
server view01 10.10.1.38:443 weight 1 check port 443 inter 2000 rise 2 fall 5
server view02 10.10.1.36:443 weight 1 check port 443 inter 2000 rise 2 fall 5

6.开启服务：

chkconfig haproxy on
chkconfig keepalived on
service haproxy start
service keepalived start

查看虚拟ip

ip addr sh eth0

连接虚拟IP



验证密码




查看调度情况：