Haproxy搭建http负载均衡
环境说明:
主机名 | IP地址 | 需要安装应用 | 系统版本 |
---|---|---|---|
DR(负载均衡服务器) | 192.168.174.168 | haproxy | centos8 |
RS1(web服务器) | 192.168.174.175 | httpd | centos8 |
RS2(web服务器) | 192.168.174.170 | httpd | centos8 |
client(客户端) | 192.168.174.173 | 无需安装应用 | centos8 |
RS1配置:
//关闭selinux和防火墙
[root@RS1 ~]# sed -ri 's/^(SELINUX=).*/\1disabled/g' /etc/selinux/config
[root@RS1 ~]# setenforce 0
[root@RS1 ~]# systemctl disable --now firewalld.service
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
//部署web站点
[root@RS1 ~]# dnf -y install httpd
[root@RS1 ~]# echo "RS1" > /var/www/html/index.html
[root@RS1 ~]# systemctl enable --now httpd
RS2配置:
//关闭selinux和防火墙
[root@RS2 ~]# sed -ri 's/^(SELINUX=).*/\1disabled/g' /etc/selinux/config
[root@RS2 ~]# setenforce 0
[root@RS2 ~]# systemctl disable --now firewalld.service
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
//部署web站点
[root@RS2 ~]# dnf -y install httpd
[root@RS2 ~]# echo "RS2" > /var/www/html/index.html
[root@RS2 ~]# systemctl enable --now httpd
负载均衡服务器配置
//关闭selinux和防火墙
[root@DR ~]# sed -ri 's/^(SELINUX=).*/\1disabled/g' /etc/selinux/config
[root@DR ~]# setenforce 0
[root@DR ~]# systemctl disable --now firewalld.service
//创建用户
[root@DR ~]# useradd -rMs /sbin/nologin haproxy
//下载依赖包
[root@DR ~]# dnf -y install make gcc pcre-devel bzip2-devel openssl-devel systemd-devel
//下载haproxy压缩包,这里我下载好了
[root@DR ~]# ls
anaconda-ks.cfg haproxy-2.6.6.tar.gz
//解压并安装
[root@DR ~]# tar -xf haproxy-2.6.0.tar.gz
[root@DR ~]# cd haproxy-2.6.0/
[root@DR haproxy-2.6.0]# make -j $(grep 'processor' /proc/cpuinfo |wc -l) \
> TARGET=linux-glibc \
> USE_OPENSSL=1 \
> USE_ZLIB=1 \
> USE_PCRE=1 \
> USE_SYSTEMD=1
[root@DR haproxy-2.6.0]# make install PREFIX=/usr/local/haproxy
//复制命令到/usr/sbin目录下
[root@DR haproxy-2.6.6]# ls
addons CONTRIBUTING haproxy MAINTAINERS scripts VERDATE
admin dev include Makefile src VERSION
BRANCHES doc INSTALL README SUBVERS
CHANGELOG examples LICENSE reg-tests tests
[root@DR haproxy-2.6.6]# cp haproxy /usr/sbin/
//修改内核参数
[root@DR ~]# vim /etc/sysctl.conf
net.ipv4.ip_nonlocal_bind = 1
net.ipv4.ip_forward = 1
[root@DR ~]# sysctl -p
net.ipv4.ip_nonlocal_bind = 1
net.ipv4.ip_forward = 1
//修改配置文件
[root@DR ~]# mkdir /etc/haproxy
[root@DR ~]# vim /etc/haproxy/haproxy.cfg
[root@DR ~]# cat /etc/haproxy/haproxy.cfg
global
daemon
maxconn 256
defaults
mode http
timeout connect 5000ms
timeout client 50000ms
timeout server 50000ms
frontend http-in
bind *:80
default_backend servers
backend servers
server web01 192.168.174.175:80
server web02 192.168.174.170:80
[root@DR ~]# systemctl daemon-reload
[root@DR ~]# systemctl enable --now haproxy.service
[root@DR ~]# ss -anlt
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 0.0.0.0:80 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
客户端进行访问
[root@client ~]# curl 192.168.174.168
RS1
[root@client ~]# curl 192.168.174.168
RS2
[root@client ~]# curl 192.168.174.168
RS1
[root@client ~]# curl 192.168.174.168
RS2
[root@DR ~]# vim /etc/haproxy/haproxy.cfg
global
log 127.0.0.1 local0 info
maxconn 20480
pidfile /var/run/haproxy.pid
user haproxy
group haproxy
daemon
defaults
mode http
log global
option dontlognull
option httpclose
option httplog
option redispatch
balance roundrobin
timeout connect 10s
timeout client 10s
timeout server 10s
timeout check 10s
maxconn 60000
retries 3
#--------------统计页面配置------------------
listen admin_stats
bind 0.0.0.0:8189
stats enable
mode http
log global
stats uri /admin //访问网页后缀URL
stats realm Haproxy\ Statistics
stats auth yy:123456 //用户名和密码
stats admin if TRUE
stats refresh 30s
#---------------web设置-----------------------
listen webcluster
bind 0.0.0.0:80
mode http
log global
maxconn 3000
balance roundrobin
cookie SESSION_COOKIE insert indirect nocache
server web01 192.168.174.175:80
server web02 192.168.174.170:80
[root@DR ~]# vim /etc/rsyslog.conf
local0.* /var/log/haproxy.log
[root@DR ~]# systemctl restart rsyslog.service
[root@DR ~]# systemctl restart haproxy.service
进行访问:
-
/var/log/haproxy.log
[root@DR ~]# systemctl restart rsyslog.service
[root@DR ~]# systemctl restart haproxy.service
进行访问:
[外链图片转存中...(img-lGd4gcED-1664294781998)]