高可用集群keepalive

原创已于 2024-08-18 09:14:02 修改 · 860 阅读

CC 4.0 BY-SA版权

文章标签：

于 2024-08-17 23:47:10 首次发布

Keepalived 是一种广泛使用的高可用性 (High Availability, HA) 解决方案，主要用于监控和维护集群系统的健康状况，特别适用于负载均衡环境。Keepalived 最初是为 LVS (Linux Virtual Server) 设计的，但随着发展，它已经成为了许多其他服务的高可用性解决方案，包括 Nginx、HAProxy 和 MySQL 等。

Keepalived 的主要功能

节点监控：监控集群中的各个服务节点的状态。
故障检测与恢复：通过 VRRP (Virtual Router Redundancy Protocol) 协议检测节点故障，并在主节点出现问题时自动进行故障转移。
负载均衡：虽然最初为 LVS 设计，但现在也可以与其他负载均衡器配合使用。
资源管理：管理虚拟 IP 地址 (VIPs)，确保客户端连接始终指向集群中可用的节点。

Keepalived 的架构

主节点 (Master)：负责处理所有客户端请求，并持有虚拟 IP 地址。
备份节点 (Backup)：监视主节点的状态，一旦主节点发生故障，备份节点接管虚拟 IP 并成为新的主节点。

工作原理

VRRP 协议：主节点和备份节点通过 VRRP 相互发送心跳包来检测对方的状态。
虚拟 IP 地址：主节点拥有虚拟 IP 地址，客户端通过此 VIP 连接到集群。
故障转移：如果主节点失效，备份节点通过 VRRP 协议检测到这一变化后，会提升自己的优先级并接管虚拟 IP 地址，成为新的主节点。
恢复：当原主节点恢复后，它可以重新成为主节点或回到备份状态，这取决于配置。

使用场景

LVS 集群：Keepalived 用于监控 LVS 调度器的健康状况，并在调度器发生故障时进行切换。
Web 服务器：与 Nginx 或 HAProxy 结合使用，为 Web 应用程序提供高可用性和负载均衡。
数据库集群：为 MySQL 等数据库提供故障转移和高可用性支持。

一、keepalived部署

1.1keepalived架构

用户空间核心组件：

vrrp stack：VIP消息通告

checkers：监测real server

system call：实现 vrrp 协议状态转换时调用脚本的功能

SMTP：邮件组件

IPVS wrapper：生成IPVS规则

Netlink Reflector：网络接口

WatchDog：监控进程

控制组件：提供keepalived.conf 的解析器，完成Keepalived配置

IO复用器：针对网络目的而优化的自己的线程抽象

内存管理组件：为某些通用的内存管理功能（例如分配，重新分配，发布等）提供访问权限

1.2 Keepalived 相关文件

软件包名：keepalived

主程序文件：/usr/sbin/keepalived

主配置文件：/etc/keepalived/keepalived.conf

配置文件示例：/usr/share/doc/keepalived/

Unit File：/lib/systemd/system/keepalived.service

安装keepalived：yum install keepalived -y

1.2 配置文件组成部分

配置文件： /etc/keepalived/keepalived.conf
配置文件组成
GLOBAL CONFIGURATION
Global definitions ：定义邮件配置， route_id ， vrrp 配置，多播地址等
VRRP CONFIGURATION
VRRP instance(s) ：定义每个vrrp 虚拟路由器
LVS CONFIGURATION
Virtual server group(s)
Virtual server(s) ： LVS集群的 VS 和 RS

1.3 全局配置

! Configuration File for keepalived

global_defs {
notification_email {
594233887@qq.com #keepalived 发生故障切换时邮件发送的目标邮箱，可以按行区分写多个
timiniglee-zln@163.com
}
notification_email_from keepalived@KA1.timinglee.org #发邮件的地址
smtp_server 127.0.0.1 #邮件服务器地址
smtp_connect_timeout 30 #邮件服务器连接timeout
router_id KA1.timinglee.org #每个keepalived主机唯一标识
#建议使用当前主机名，但多节点重名不影响

vrrp_skip_check_adv_addr #对所有通告报文都检查，会比较消耗性能
#启用此配置后，如果收到的通告报文和上一个报文是同一
#个路由器，则跳过检查，默认值为全检查

vrrp_strict #严格遵循vrrp协议
#启用此项后以下状况将无法启动服务:
#1.无VIP地址
#2.配置了单播邻居
#3.在VRRP版本2中有IPv6地址
#建议不加此项配置
vrrp_garp_interval 0 #报文发送延迟，0表示不延迟
vrrp_gna_interval 0 #消息发送延迟
vrrp_mcast_group4 224.0.0.18 #指定组播IP地址范围：

}

1.4配置虚拟路由

vrrp_instance VI_1 {
state MASTER
interface eth0 #绑定为当前虚拟路由器使用的物理接口，如：eth0,可以和VIP不在一个网卡

virtual_router_id 51 #每个虚拟路由器惟一标识,范围：0-255，每个虚拟路由器此值必须唯一
#否则服务无法启动
#同属一个虚拟路由器的多个keepalived节点必须相同
#务必要确认在同一网络中此值必须唯一

priority 100 #当前物理节点在此虚拟路由器的优先级，范围：1-254
#值越大优先级越高,每个keepalived主机节点此值不同

advert_int 1 #vrrp通告的时间间隔，默认1s
authentication { #认证机制
auth_type AH|PASS #AH为IPSEC认证(不推荐),PASS为简单密码(建议使用)
uth_pass 1111 #预共享密钥，仅前8位有效
#同一个虚拟路由器的多个keepalived节点必须一样
}
virtual_ipaddress { #虚拟IP,生产环境可能指定上百个IP地址

<IPADDR>/<MASK> brd <IPADDR> dev <STRING> scope <SCOPE> label <LABEL>
172.25.254.100 #指定VIP，不指定网卡，默认为eth0,注意：不指定/prefix,默认32
172.25.254.101/24 dev eth1
172.25.254.102/24 dev eth2 label eth2:1
}
}

配置和效果：

#配置master端
[root@KA1 ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived

global_defs {
notification_email {
2123526885@qq.com
}
notification_email_from keepalived@KA1.timinglee.org
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id KA1.timinglee.org
vrrp_skip_check_adv_addr
#vrrp_strict #nft list ruleset
vrrp_garp_interval 0
vrrp_gna_interval 0
vrrp_mcast_group4 224.0.0.18
}

vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 20
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.178.100/24 dev eth0 label eth0:0
}
}

配置slave端
[root@KA2 ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived

global_defs {
notification_email {
2123526885@qq.com
}
notification_email_from keepalived@timinglee.org
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id KA2.timinglee.org
vrrp_skip_check_adv_addr
#vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
vrrp_mcast_group4 224.0.0.18
}

vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 20 #相同id管理同一个虚拟路由
priority 80 #低优先级
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.178.100/24 dev eth0 label eth0:0
}
}

测试
[root@KA2 ~]# tcpdump -i eth0 -nn host 224.0.0.18
dropped privs to tcpdump
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), snapshot length 262144 bytes
22:48:23.294894 IP 192.168.178.20 > 224.0.0.18: VRRPv2, Advertisement, vrid 20,prio 100, authtype none, intvl 1s, length 20
22:48:24.084793 IP 192.168.178.30 > 224.0.0.18: VRRPv2, Advertisement, vrid 30,prio 80, authtype none, intvl 1s, length 20
22:48:24.295075 IP 192.168.178.20 > 224.0.0.18: VRRPv2, Advertisement, vrid 20,prio 100, authtype none, intvl 1s, length 20
22:48:25.085256 IP 192.168.178.30 > 224.0.0.18: VRRPv2, Advertisement, vrid 30,prio 80, authtype none, intvl 1s, length 20
22:48:25.296296 IP 192.168.178.20 > 224.0.0.18: VRRPv2, Advertisement, vrid 20,prio 100, authtype none, intvl 1s, length 20
22:48:26.085843 IP 192.168.178.30 > 224.0.0.18: VRRPv2, Advertisement, vrid 30,prio 80, authtype none, intvl 1s, length 20
关闭KA1后再看组播信息

1.5 Keepalived日志功能

[root@ka1 ~]# cat /etc/sysconfig/keepalived
KEEPALIVED_OPTIONS="-D -S 6"

[root@ka1 ~]#cat /etc/rsyslog.conf
local6.* /var/log/keepalived.log

[root@ka1 ~]#systemctl restart keepalived.service rsyslog.service #重启服务生效\

1.6 实现独立子配置文件

[root@KA1 ~]# mkdir /etc/keepalived/conf.d
[root@KA1 ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived

global_defs {
notification_email {
2123526885@qq.com
}
notification_email_from keepalived@KA1.timinglee.org
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id KA1.timinglee.org
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
vrrp_ipsets keepalived
vrrp_iptables
}

include /etc/keepalived/conf.d/*.conf #相关子配置文件
[root@KA1 ~]# vim /etc/keepalived/conf.d/router.conf
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 20
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.178.100/24 dev eth0 label eth0:0
}
}

二、企业应用实例

2.1 实现master/slave的 Keepalived 单主架构

ka1master主机配置：

[root@KA1 ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived

global_defs {
notification_email {
2123526885@qq.com
}
notification_email_from keepalived@KA1.timinglee.org
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id KA1.timinglee.org
vrrp_skip_check_adv_addr
#vrrp_strict #添加此选项无法访问vip，可以用nft list ruleset查看
vrrp_garp_interval 0
vrrp_gna_interval 0
vrrp_mcast_group4 224.0.0.18
}

vrrp_instance VI_1 {
state MASTER #使用master主机
interface eth0
virtual_router_id 20
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.178.100/24 dev eth0 label eth0:0
}
}

ka2BACKIP配置:

[root@KA2 ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived

global_defs {
notification_email {
2123526885@qq.com
}
notification_email_from keepalived@timinglee.org
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id KA2.timinglee.org
vrrp_skip_check_adv_addr
#vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
vrrp_mcast_group4 224.0.0.18
}

vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 20 #相同id管理同一个虚拟路由
priority 80 #低优先级
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.178.100/24 dev eth0 label eth0:0
}
}

2.2 抢占模式和非抢占模式

2.2.1 非抢占模式 nopreempt

默认为抢占模式preempt，即当高优先级的主机恢复在线后，会抢占低先级的主机的master角色，这样会使vip在KA主机中来回漂移，造成网络抖动

建议设置为非抢占模式 nopreempt ，即高优先级主机恢复后，并不会抢占低优先级主机的master角色非抢占模块下,如果原主机down机, VIP迁移至的新主机, 后续也发生down时,仍会将VIP迁移回原主机

ka1:

vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 20
priority 100 #优先级高
nopreempt #非抢占模式
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.178.100/24 dev eth0 label eth0:0
}

ka2:

vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 20
priority 80 #优先级低
advert_int 1
nopreempt #非抢占模式
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.178.100/24 dev eth0 label eth0:0
}
}

2.2.2 抢占延迟模式 preempt_delay

实例：

ka1:

#ka1主机配置
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 20
priority 100 #优先级高
preempt_delay 10s #抢占延迟10s
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.178.100/24 dev eth0 label eth0:0
}
}

ka2:

vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 20
priority 80 #优先级低
advert_int 1
preempt_delay 10s #抢占延迟10S
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.178.100/24 dev eth0 label eth0:0
}
}

2.3 组播变单播

#在所有节点vrrp_instance语句块中设置对方主机的IP，建议设置为专用于对应心跳线网络的地址，而非使
用业务网络
unicast_src_ip <IPADDR> #指定发送单播的源IP
unicast_peer {
<IPADDR> #指定接收单播的对方目标主机IP
......
}

启用单播时， vrrp_strict 需要注释

ka1：

[root@KA1 ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived

global_defs {
notification_email {
2123526885@qq.com
}
notification_email_from keepalived@KA1.timinglee.org
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id KA1.timinglee.org
vrrp_skip_check_adv_addr
#vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
vrrp_ipsets keepalived
}

vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 20
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.178.100/24 dev eth0 label eth0:0
}
unicast_src_ip 172.25.254.20 #本机IP
unicast_peer {
192.168.178.30 #指向对方主机IP
#如果有多个keepalived,再加其它节点的IP
}

ka2:

[root@KA2 ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived

global_defs {
notification_email {
88888888@qq.com
}
notification_email_from keepalived@KA1.timinglee.org
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id KA1.timinglee.org
vrrp_skip_check_adv_addr
#vrrp_strict #注释此参数，与vip单播模式冲突
vrrp_garp_interval 0
vrrp_gna_interval 0
vrrp_ipsets keepalived
}

vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 20
priority 80
advert_int 1
preempt_delay 60
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.178.100/24 dev eth0 label eth0:0
}
unicast_src_ip 192.168.178.30 #本机ip
unicast_peer {
172.25.254.20 #对端主机IP
}
}

2.5 邮件传输

qq邮箱配置：

[root@KA1 ~]# vim /etc/mail.rc
#######mail set##########
set from=2123526885@qq.com
set smtp=smtp.qq.com
set smtp-auth-user=2123526885@qq.com
set smtp-auth-password=（输入自己的确认码）
set smtp-auth=login
set ssl-verify=ignore

#ka1端
[root@ka1 ~]# yum install mail* -y
#编辑邮件脚本文件内容
[root@ka1 ~]# vim /etc/keepalived/mail.sh
[root@ka1 ~]# cat /etc/keepalived/mail.sh
#!/bin/bash
mail_dst="2123526885@qq.com"
send_message()
{
mail_sub="$HOSTNAME to be $1 vip move"
mail_msg="`date +%F\ %T` : vrrp move $HOSTNAME chage $1"
echo $mail_msg | mail -s "$mail_sub" $mail_dst
}

case $1 in
master)
send_message master
;;
backup)
send_message backup
;;
fault)
send_mesage fault
;;
*)
;;
esac

[root@ka1 ~]# chmod +x /etc/keepalived/mail.sh
[root@ka1 ~]# ll /etc/keepalived/mail.sh
-rwxr-xr-x 1 root root 373 Aug 13 05:31 /etc/keepalived/mail.sh
[root@ka1 ~]# scp /etc/keepalived/mail.sh root@192.168.178.20:/etc/keepalived/mail.sh
root@172.25.254.20's password:
mail.sh 100% 373 209.0KB/s 00:00
[root@ka1 ~]# vim /etc/keepalived/keepalived.conf
#确保虚拟网卡在ka1端，如若不在进行服务的更改
[root@ka1 ~]# ifconfig
[root@ka1 ~]# systemctl restart keepalived.conf
#输入邮件内容
[root@ka1 ~]# echo hello world | mail -s test 2123526885@qq.com
You have new mail in /var/spool/mail/root
[root@ka1 ~]# ll /var/spool/mail/root
-rw------- 1 root mail 5309 Aug 13 06:49 /var/spool/mail/root
#ka2端和 ke2一样

2.6 实现 master/master 的 Keepalived 双主架构

master/master 的双主架构：

即将两个或以上VIP分别运行在不同的keepalived服务器，以实现服务器并行提供web访问的目的，提高服务器资源利用率

ka1：

#ha1主机配置
[root@rhel7-ka1 ~]# vim /etc/keepalived/keepalived.conf
vrrp_instance VI_1 {
state MASTER #主
interface ens33
virtual_router_id 50
priority 100
advert_int 1

authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192168.178.50 dev ens33 label ens33:0
}
}

vrrp_instance VI_60 {
state BACKUP #备
interface ens33
virtual_router_id 60
priority 80
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192168.178.60 dev ens33 label ens33:1
}
}

#ka2主机配置,和ka1配置只需五行不同
[root@rhel7-ka2 ~]# vim /etc/keepalived/keepalived.conf
vrrp_instance VI_1 {
state BACKUP #备
interface ens33
virtual_router_id 50
priority 80
advert_int 1

authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192168.178.50 dev ens33 label ens33:0
}
}

vrrp_instance VI_60 {
state MASTER #主
interface ens33
virtual_router_id 60
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192168.178.60 dev eth0 label eth0:1
}
}

2.7 keepalived实现lvs-DR高可用

#web服务器搭建
[root@realserver1 ~]# yum install httpd -y
[root@realserver1 ~]# echo realserver1 - 192.168.178.110 > /var/www/html/index.html
[root@realserver1 ~]# echo realserver2 - 192.168.178.120 > /var/www/html/index.html

#设置vip地址
[root@realserver1 ~]# ip a a 192.168.178.100 dev lo
[root@realserver2 ~]# ip a a 192.168.178.100 dev lo

#设置vip不对外响应，以realserver1为例，两个主机都要设置
[root@realserver1 ~]# vim /etc/sysctl.d/arp.conf
[root@realserver1 ~]# cat /etc/sysctl.d/arp.conf
net.ipv4.conf.all.arp_ignore=1
net.ipv4.conf.all.arp_announce=2
net.ipv4.conf.lo.arp_ignore=1
net.ipv4.conf.lo.arp_announce=2
#保存生效
[root@realserver1 ~]# sysctl -p
[root@realserver1 ~]# sysctl --system
#在真实主机网卡固定vip地址,两个真实主机都要
[root@realserver1 ~]# vim /etc/sysconfig/network-scripts/ifcfg-lo
[root@realserver1 ~]# systemctl restart network
[root@realserver1 ~]# systemctl restart httpd

ka1：

#修改ka1和ka2端的keepalived配置文件,以ka1为例，两个主机都要设置
[root@ka1 ~]# vim /etc/keepalived/keepalived.conf
#等待realserver服务生效后，查看ipvsadm策略,两端都要做
[root@ka1 ~]# yum install ipvsadm -y
#自动生成
[root@ka1 ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 172.25.254.100:80 wrr
-> 172.25.254.110:80 Route 1 0 0
-> 172.25.254.120:80 Route 1 0 0
TCP 10.10.10.2:1358 rr persistent 50
-> 192.168.200.200:1358 Masq 1 0 0
TCP 10.10.10.3:1358 rr persistent 50
#重启keepalived服务,两端
[root@ka1 ~]# systemctl restart keepalived.service

检测：

[root@ka2 ~]# for i in {1..10}; do curl 192.168.178.100; done
realserver1 - 192.168.178.110
realserver2 - 192.168.178.120
realserver1 - 192.168.178.110
realserver2 - 192.168.178.120
realserver1 - 192.168.178.110
realserver2 - 192.168.178.120
realserver1 - 192.168.178.110
realserver2 - 192.168.178.120
realserver1 - 192.168.178.110
realserver2 - 192.168.178.120

2.8 keepalived实现HAProxy高可用

#在两个ka1和ka2先实现haproxy的配置
[root@rhel7-ka1 & ka2 ~]# vim /etc/haproxy/haproxy.cfg
listen webserver
bind 192.168.178.100:80
server web1 192.168.178.101:80 check
server web2 192.168.178.102:80 check

#在两个ka1和ka2两个节点启用内核参数
[root@rhel7-ka1 & ka2 ~]# vim /etc/sysctl.conf
net.ipv4.ip_nonlocal_bind = 1
[root@rhel7-ka1 & ka2 ~]# sysctl -p

#在ka1中编写检测脚本
[root@rhel7-ka1 ~]# vim /etc/keepalived/scripts/haproxy.sh
#!/bin/bash
/usr/bin/killall -0 haproxy

[root@rhel7-ka1 ~]# chmod +X /etc/keepalived/scripts/haproxy.sh

#在ka1中配置keepalived
[root@ka1 ~]#cat /etc/keepalived/keepalived.conf
vrrp_script check_haproxy {
script "/etc/keepalived/scripts/haproxy.sh"
interval 1
weight -30
fall 2
rise 2
timeout 2
}
vrrp_instance web {
state MASTER
interface ens33
virtual_router_id 50
priority 100
advert_int 1

authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
#在两个ka1和ka2先实现haproxy的配置
[root@rhel7-ka1 & ka2 ~]# vim /etc/haproxy/haproxy.cfg
listen webserver
bind 192.168.178.100:80
server web1 192.168.178.101:80 check
server web2 192.168.178.102:80 check

#在两个ka1和ka2两个节点启用内核参数
[root@rhel7-ka1 & ka2 ~]# vim /etc/sysctl.conf
net.ipv4.ip_nonlocal_bind = 1
[root@rhel7-ka1 & ka2 ~]# sysctl -p

#在ka1中编写检测脚本
[root@rhel7-ka1 ~]# vim /etc/keepalived/scripts/haproxy.sh
#!/bin/bash
/usr/bin/killall -0 haproxy

[root@rhel7-ka1 ~]# chmod +X /etc/keepalived/scripts/haproxy.sh

#在ka1中配置keepalived
[root@ka1-centos8 ~]#cat /etc/keepalived/keepalived.conf
vrrp_script check_haproxy {
script "/etc/keepalived/scripts/haproxy.sh"
interval 1
weight -30
fall 2
rise 2
timeout 2
}
vrrp_instance web {
state MASTER
interface ens33
virtual_router_id 50
priority 100
advert_int 1

authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.178.100 dev ens33 label ens33:0
}
track_script {
check_haproxy
}
}

#测试
root@rhel7-ka1 ~]# systemctl stop haproxy.service.100 dev ens33 label ens33:0
}
track_script {
check_haproxy
}
}