Haproxy搭建http负载均衡

Haproxy搭建http负载均衡

---

环境说明:

主机名	IP地址	需要安装应用	系统版本
DR(负载均衡服务器)	192.168.174.168	haproxy	centos8
RS1(web服务器)	192.168.174.175	httpd	centos8
RS2(web服务器)	192.168.174.170	httpd	centos8
client(客户端)	192.168.174.173	无需安装应用	centos8

RS1配置：

//关闭selinux和防火墙
[root@RS1 ~]# sed -ri 's/^(SELINUX=).*/\1disabled/g' /etc/selinux/config
[root@RS1 ~]# setenforce 0
[root@RS1 ~]# systemctl disable --now firewalld.service 
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.

//部署web站点
[root@RS1 ~]# dnf -y install httpd
[root@RS1 ~]# echo "RS1" > /var/www/html/index.html
[root@RS1 ~]# systemctl enable --now httpd

RS2配置：

//关闭selinux和防火墙
[root@RS2 ~]# sed -ri 's/^(SELINUX=).*/\1disabled/g' /etc/selinux/config
[root@RS2 ~]# setenforce 0
[root@RS2 ~]# systemctl disable --now firewalld.service 
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.

//部署web站点
[root@RS2 ~]# dnf -y install httpd
[root@RS2 ~]# echo "RS2" > /var/www/html/index.html
[root@RS2 ~]# systemctl enable --now httpd

负载均衡服务器配置

//关闭selinux和防火墙
[root@DR ~]# sed -ri 's/^(SELINUX=).*/\1disabled/g' /etc/selinux/config
[root@DR ~]# setenforce 0
[root@DR ~]# systemctl disable --now firewalld.service

//创建用户
[root@DR ~]# useradd -rMs /sbin/nologin haproxy

//下载依赖包
[root@DR ~]# dnf -y install make gcc pcre-devel bzip2-devel openssl-devel systemd-devel

//下载haproxy压缩包,这里我下载好了
[root@DR ~]# ls
anaconda-ks.cfg  haproxy-2.6.6.tar.gz

//解压并安装
[root@DR ~]# tar -xf haproxy-2.6.0.tar.gz 
[root@DR ~]# cd haproxy-2.6.0/
[root@DR haproxy-2.6.0]# make -j $(grep 'processor' /proc/cpuinfo |wc -l)  \
> TARGET=linux-glibc  \
> USE_OPENSSL=1  \
> USE_ZLIB=1  \
> USE_PCRE=1  \
> USE_SYSTEMD=1

[root@DR haproxy-2.6.0]# make install PREFIX=/usr/local/haproxy

//复制命令到/usr/sbin目录下
[root@DR haproxy-2.6.6]# ls
addons     CONTRIBUTING  haproxy  MAINTAINERS  scripts  VERDATE
admin      dev           include  Makefile     src      VERSION
BRANCHES   doc           INSTALL  README       SUBVERS
CHANGELOG  examples      LICENSE  reg-tests    tests
[root@DR haproxy-2.6.6]# cp haproxy /usr/sbin/

//修改内核参数
[root@DR ~]# vim /etc/sysctl.conf 
net.ipv4.ip_nonlocal_bind = 1
net.ipv4.ip_forward = 1

[root@DR ~]# sysctl -p
net.ipv4.ip_nonlocal_bind = 1
net.ipv4.ip_forward = 1

//修改配置文件
[root@DR ~]# mkdir /etc/haproxy
[root@DR ~]# vim /etc/haproxy/haproxy.cfg
[root@DR ~]# cat /etc/haproxy/haproxy.cfg
global
    daemon
    maxconn 256
 
defaults
    mode http
    timeout connect 5000ms
    timeout client 50000ms
    timeout server 50000ms
 
frontend http-in
    bind *:80
    default_backend servers
 
backend servers
    server web01 192.168.174.175:80
    server web02 192.168.174.170:80


[root@DR ~]# systemctl daemon-reload 
[root@DR ~]# systemctl enable --now haproxy.service
 
[root@DR ~]# ss -anlt
State   Recv-Q  Send-Q   Local Address:Port     Peer Address:Port  Process  
LISTEN  0       128            0.0.0.0:22            0.0.0.0:*                      
LISTEN  0       128            0.0.0.0:80            0.0.0.0:*              
LISTEN  0       128               [::]:22               [::]:* 

客户端进行访问

[root@client ~]# curl 192.168.174.168
RS1
[root@client ~]# curl 192.168.174.168
RS2
[root@client ~]# curl 192.168.174.168
RS1
[root@client ~]# curl 192.168.174.168
RS2

---

[root@DR ~]# vim /etc/haproxy/haproxy.cfg 
global
    log 127.0.0.1 local0  info
    maxconn 20480
    pidfile /var/run/haproxy.pid
    user haproxy
    group haproxy
    daemon
 
defaults
    mode http
    log global
    option dontlognull
    option httpclose
    option httplog
    option redispatch
    balance roundrobin
    timeout connect 10s
    timeout client 10s
    timeout server 10s
    timeout check 10s
    maxconn 60000
    retries 3
#--------------统计页面配置------------------
listen admin_stats
    bind 0.0.0.0:8189
    stats enable
    mode http
    log global
    stats uri /admin        //访问网页后缀URL
    stats realm Haproxy\ Statistics
    stats auth yy:123456              //用户名和密码
    stats admin if TRUE
    stats refresh 30s
#---------------web设置-----------------------
listen webcluster
    bind 0.0.0.0:80
    mode http
    log global
    maxconn 3000
    balance roundrobin
    cookie SESSION_COOKIE insert indirect nocache
    server web01 192.168.174.175:80
    server web02 192.168.174.170:80
    
[root@DR ~]# vim /etc/rsyslog.conf 
local0.*        /var/log/haproxy.log
[root@DR ~]# systemctl restart rsyslog.service 
[root@DR ~]# systemctl restart haproxy.service 

进行访问:

•    /var/log/haproxy.log
  

[root@DR ~]# systemctl restart rsyslog.service
[root@DR ~]# systemctl restart haproxy.service

进行访问:
[外链图片转存中...(img-lGd4gcED-1664294781998)]