haproxy

1.haproxy

基本配置
[root@server1 haproxy]# vim /etc/haproxy/haproxy.cfg
******************************************************************
global
        maxconn         10000
        stats socket    /var/run/haproxy.stat mode 600 level admin
        log             127.0.0.1 local0
        uid             200
        gid             200
        chroot          /var/empty
        daemon

defaults
        mode            http
        log             global
        option          httplog
        option          dontlognull
        monitor-uri     /monitoruri
        maxconn         8000
        timeout client  30s

        option prefer-last-server
        retries         2
        option redispatch
        timeout connect 5s
        timeout server  5s

        stats uri       /admin/stats
    stats auth admin:westos

# The public 'www' address in the DMZ
frontend public
        bind            172.25.18.1:80

    acl blacklist src   172.25.18.250       ##建立黑名单列表

    http-request deny if blacklist          ##http拒绝（如果在黑名单中）

    errorloc 403 http://172.25.18.1:8080        ##报403错误后重定向

    redirect        location http://172.25.18.1:8080 if blacklist
        #bind            192.168.1.10:443 ssl crt /etc/haproxy/haproxy.pem
        #use_backend     static if { hdr_beg(host) -i img }
        #use_backend     static if { path_beg /img /css   }
        default_backend static

# The static backend backend for 'Host: img', /img and /css.
backend static
        balance         roundrobin
        server          statsrv1 172.25.18.2:80 check inter 1000
        server          statsrv2 172.25.18.3:80 check inter 1000
    server      backup   172.25.18.1:8080 backup    ##添加备用主机
***************************************************************************

2.haproxy的几种负载均衡算法

3.haproxy方法配置

1）黑名单

[root@server1 haproxy]# vim /etc/haproxy/haproxy.cfg
frontend public
        bind            172.25.18.1:80

    acl blacklist src   172.25.18.250       ##建立黑名单列表

    http-request deny if blacklist          ##http拒绝（如果在黑名单中）

    errorloc 403 http://172.25.18.1:8080        ##报403错误后重定向

        #bind            192.168.1.10:443 ssl crt /etc/haproxy/haproxy.pem
        #use_backend     static if { hdr_beg(host) -i img }
        #use_backend     static if { path_beg /img /css   }
        default_backend static

2）重定向

[root@server1 haproxy]# vim /etc/haproxy/haproxy.cfg
frontend public
        bind            172.25.18.1:80

    acl blacklist src   172.25.18.250       ##建立黑名单列表

    redirect       location http://172.25.18.1:8080 if blacklist    ##重定向

        #bind            192.168.1.10:443 ssl crt /etc/haproxy/haproxy.pem
        #use_backend     static if { hdr_beg(host) -i img }
        #use_backend     static if { path_beg /img /css   }
        default_backend static

3）动静分离

[root@server1 haproxy]# vim /etc/haproxy/haproxy.cfg
frontend public
        bind            172.25.18.1:80

        #bind            192.168.1.10:443 ssl crt /etc/haproxy/haproxy.pem
        #use_backend     static if { hdr_beg(host) -i img }
        #use_backend     static if { path_beg /img /css   }

        use_backend    static if { path_beg /images   }
        default_backend dynamic

# The static backend backend for 'Host: img', /img and /css.
backend static
        balance         roundrobin
        server          statsrv1 172.25.18.2:80 check inter 1000
        server          backup   172.25.18.1:8080 backup

backend dynamic
        balance         roundrobin
        server          statsrv2 172.25.18.3:80 check inter 1000

[root@server3 html]# yum install php -y
[root@server3 html]# vim index.php
<?php
phpinfo()
?>

测试：
curl 172.25.18.1/images

4）读写分离

[root@server1 haproxy]# vim /etc/haproxy/haproxy.cfg
frontend public
        bind            172.25.18.1:80

        acl blacklist src       172.25.18.250

        acl read method GET
        acl read method HEAD
        acl write method PUT
        acl write method POST
        #http-request deny if blacklist

        #errorloc 403 http://172.25.18.1:8080
        #redirect       location http://172.25.18.1:8080 if blacklist
        #bind            192.168.1.10:443 ssl crt /etc/haproxy/haproxy.pem
        #use_backend     static if { hdr_beg(host) -i img }
        #use_backend     static if { path_beg /img /css   }
        #use_backend    static if { path_beg /images   }
        use_backend    static if write
        default_backend dynamic

# The static backend backend for 'Host: img', /img and /css.
backend static
        balance         roundrobin
        server          statsrv1 172.25.18.2:80 check inter 1000
        server          backup   172.25.18.1:8080 backup

backend dynamic
        balance         roundrobin
        server          statsrv2 172.25.18.3:80 check inter 1000

[root@server2 ~]# yum install php -y
[root@server3 ~]# yum install php -y
下载upload包
[root@server2 ~]# mv /var/www/html/upload/* /var/www/html/
[root@server2 ~]# [root@server2 html]# ls
images  index.html  index.php  upload  upload_file.php
[root@server2 ~]# chmod 777 /var/www/html/upload/

[root@server3 ~]# mv /var/www/html/upload/* /var/www/html/
[root@server3 ~]# [root@server2 html]# ls
images  index.html  index.php  upload  upload_file.php
[root@server3 ~]# chmod 777 /var/www/html/upload/

[root@server2 html]# vim upload_file.php
<?php
if ((($_FILES["file"]["type"] == "image/gif")
|| ($_FILES["file"]["type"] == "image/jpeg")
|| ($_FILES["file"]["type"] == "image/pjpeg"))
&& ($_FILES["file"]["size"] < 2000000))        ##文件大小改为2M，server3同样

测试：
curl 172.25.18.1
上传一个图片，结果显示传在server2/var/www/html/upload/中


*******************************************************
yum install strace -y       ##可以动态监听进程
strace -p pid
*******************************************************