Я настраиваю прокси HA в активном / пассивном режиме.
haproxy-a : 172.29.240.172
haproxy-b : 172.29.240.173
Floating IP (VIP) : 172.29.240.188
Перед любой конфигурацией:
[root@haproxy-a/b ~]# cat /etc/redhat-release
Red Hat Enterprise Linux Server release 7.3 (Maipo)
[root@haproxy-a ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
link/ether 00:50:56:9b:22:86 brd ff:ff:ff:ff:ff:ff
inet 172.29.240.172/26 brd 172.29.240.191 scope global ens160
valid_lft forever preferred_lft forever
[root@haproxy-b keepalived]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
link/ether 00:50:56:9b:2b:a6 brd ff:ff:ff:ff:ff:ff
inet 172.29.240.173/26 brd 172.29.240.191 scope global ens160
valid_lft forever preferred_lft forever
Шаги, которые я сделал.
Настройте keepalived на обоих серверах
haproxy-a/b # yum install -y keepalived
[root@haproxy-a ~]# cat /etc/keepalived/keepalived.conf
vrrp_script chk_haproxy {
script "killall -0 haproxy"
interval 1
weight -90
}
vrrp_instance VI_1 {
interface ens160 #interface to monitor
state MASTER
virtual_router_id 51
priority 100 # highest priority wins the election of master
virtual_ipaddress {
172.29.240.188
}
track_script {
chk_haproxy
}
}
[root@haproxy-b ~]# cat /etc/keepalived/keepalived.conf
vrrp_script chk_haproxy {
script "killall -0 haproxy"
interval 1
weight -10
}
vrrp_instance VI_1 {
interface ens160 #interface to monitor
state BACKUP
virtual_router_id 51
priority 50 # highest priority wins the election of master
virtual_ipaddress {
172.29.240.188
}
track_script {
chk_haproxy
}
}
Затем я начинаю keepalived
сервис на обоих узлах. firewalld
& iptables
остановлен, и никакие другие конфигурации не были изменены на уровне ОС.
однажды keepalived
работает, я не вижу плавающих IP-адресов, назначенных какой-либо системе. Системные журналы на обоих узлах говорят:
Jul 6 13:26:51 haproxy-a Keepalived_vrrp[1862]: ip address associated with VRID not present in received packet : 172.29.240.188
Jul 6 13:26:51 haproxy-a Keepalived_vrrp[1862]: one or more VIP associated with VRID mismatch actual MASTER advert
Jul 6 13:26:51 haproxy-a Keepalived_vrrp[1862]: bogus VRRP packet received on ens160 !!!
Jul 6 13:26:51 haproxy-a Keepalived_vrrp[1862]: VRRP_Instance(VI_1) Dropping received VRRP packet...
Каждый логический узел в keepalived должен иметь свой уникальный virtual_router_id
в широковещательном домене.