docker安装
ubuntu2004 apt命令安装docker
[root@ubuntu110 ~]#apt -y install docker.io
docker镜像加速
sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<-'EOF'
{
"registry-mirrors": ["https://4fmhe2v1.mirror.aliyuncs.com"]
}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker
镜像加速
准备配置文件
#mkdir /data/haproxy/ -p
vim /data/haproxy/haproxy.cfg
global
maxconn 100000
stats socket /var/lib/haproxy/haproxy.sock mode 600 level admin
uid 99
gid 99
daemon
pidfile /var/lib/haproxy/haproxy.pid
log 127.0.0.1 local3 info
defaults
option http-keep-alive
option forwardfor
maxconn 100000
mode http
timeout connect 300000ms
timeout client 300000ms
timeout server 300000ms
listen stats
mode http
bind 0.0.0.0:9999
stats enable
log global
stats uri /haproxy-status
stats auth admin:123456
运行haproxy
docker run -d -p 9999:9999 --name myhaproxy --restart=always \
-v /data/haproxy/haproxy.cfg:/usr/local/etc/haproxy/haproxy.cfg:ro \
--sysctl net.ipv4.ip_unprivileged_port_start=0 \
haproxy:2.8.0-alpine3.18
运行结果
9999端口已经开启
访问状态页
一键脚本安装
官网下载安装包
https://www.lua.org/
https://www.lua.org/ftp/lua-5.4.6.tar.gz
https://www.haproxy.org/
https://www.haproxy.org/download/2.8/src/haproxy-2.8.5.tar.gz
vim install_haproxy.sh
#!/bin/bash
#将下载的安装包文件与版本放一起,记得修改版本
#HAPROXY_VERSION=2.6.6
HAPROXY_VERSION=2.8.0
HAPROXY_FILE=haproxy-${HAPROXY_VERSION}.tar.gz
#HAPROXY_FILE=haproxy-2.2.12.tar.gz
#LUA_VERSION=5.4.4
LUA_VERSION=5.4.6
LUA_FILE=lua-${LUA_VERSION}.tar.gz
#LUA_FILE=lua-5.4.3.tar.gz
HAPROXY_INSTALL_DIR=/apps/haproxy
SRC_DIR=/usr/local/src
CWD=`pwd`
CPUS=`lscpu |awk '/^CPU\(s\)/{print $2}'`
LOCAL_IP=$(hostname -I|awk '{print $1}')
STATS_AUTH_USER=admin
STATS_AUTH_PASSWORD=123456
. /etc/os-release
color () {
RES_COL=60
MOVE_TO_COL="echo -en \\033[${RES_COL}G"
SETCOLOR_SUCCESS="echo -en \\033[1;32m"
SETCOLOR_FAILURE="echo -en \\033[1;31m"
SETCOLOR_WARNING="echo -en \\033[1;33m"
SETCOLOR_NORMAL="echo -en \E[0m"
echo -n "$1" && $MOVE_TO_COL
echo -n "["
if [ $2 = "success" -o $2 = "0" ] ;then
${SETCOLOR_SUCCESS}
echo -n $" OK "
elif [ $2 = "failure" -o $2 = "1" ] ;then
${SETCOLOR_FAILURE}
echo -n $"FAILED"
else
${SETCOLOR_WARNING}
echo -n $"WARNING"
fi
${SETCOLOR_NORMAL}
echo -n "]"
echo
}
check_file (){
if [ ! -e ${LUA_FILE} ];then
color "缺少${LUA_FILE}文件!" 1
exit
elif [ ! -e ${HAPROXY_FILE} ];then
color "缺少${HAPROXY_FILE}文件!" 1
exit
else
color "相关文件已准备!" 0
fi
}
install_packs () {
if [ $ID = "centos" -o $ID = "rocky" ];then
yum -y install gcc make gcc-c++ glibc glibc-devel pcre pcre-devel openssl openssl-devel systemd-devel libtermcap-devel ncurses-devel libevent-devel readline-devel
elif [ $ID = "ubuntu" ];then
apt update
apt -y install gcc make openssl libssl-dev libpcre3 libpcre3-dev zlib1g-dev libreadline-dev libsystemd-dev
else
color "不支持此操作系统!" 1
fi
[ $? -eq 0 ] || { color '安装软件包失败,退出!' 1; exit; }
}
install_lua () {
tar xf ${LUA_FILE} -C ${SRC_DIR}
LUA_DIR=${LUA_FILE%.tar*}
cd ${SRC_DIR}/${LUA_DIR}
make all test
}
install_haproxy(){
cd ${CWD}
tar xf ${HAPROXY_FILE} -C ${SRC_DIR}
HAPROXY_DIR=${HAPROXY_FILE%.tar*}
cd ${SRC_DIR}/${HAPROXY_DIR}
make -j ${CPUS} ARCH=x86_64 TARGET=linux-glibc USE_PROMEX=1 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 USE_SYSTEMD=1 USE_CPU_AFFINITY=1 USE_LUA=1 LUA_INC=${SRC_DIR}/${LUA_DIR}/src/ LUA_LIB=${SRC_DIR}/${LUA_DIR}/src/ PREFIX=${HAPROXY_INSTALL_DIR}
make install PREFIX=${HAPROXY_INSTALL_DIR}
[ $? -eq 0 ] && color "HAPROXY编译安装成功" 0 || { color "HAPROXY编译安装失败,退出!" 1;exit; }
[ -L /usr/sbin/haproxy ] || ln -s ${HAPROXY_INSTALL_DIR}/sbin/haproxy /usr/sbin/
[ -d /etc/haproxy ] || mkdir /etc/haproxy
[ -d /var/lib/haproxy/ ] || mkdir -p /var/lib/haproxy/
cat > /etc/haproxy/haproxy.cfg <<-EOF
global
maxconn 100000
stats socket /var/lib/haproxy/haproxy.sock mode 600 level admin
uid 99
gid 99
daemon
pidfile /var/lib/haproxy/haproxy.pid
log 127.0.0.1 local3 info
defaults
option http-keep-alive
option forwardfor
maxconn 100000
mode http
timeout connect 300000ms
timeout client 300000ms
timeout server 300000ms
listen stats
mode http
bind 0.0.0.0:9999
stats enable
log global
stats uri /haproxy-status
stats auth ${STATS_AUTH_USER}:${STATS_AUTH_PASSWORD}
EOF
groupadd -g 99 haproxy
useradd -u 99 -g haproxy -d /var/lib/haproxy -M -r -s /sbin/nologin haproxy
}
start_haproxy () {
cat > /lib/systemd/system/haproxy.service <<-EOF
[Unit]
Description=HAProxy Load Balancer
After=syslog.target network.target
[Service]
ExecStartPre=/usr/sbin/haproxy -f /etc/haproxy/haproxy.cfg -c -q
ExecStart=/usr/sbin/haproxy -Ws -f /etc/haproxy/haproxy.cfg -p /var/lib/haproxy/haproxy.pid
ExecReload=/bin/kill -USR2 $MAINPID
[Install]
WantedBy=multi-user.target
EOF
systemctl daemon-reload
systemctl enable --now haproxy
systemctl is-active haproxy &> /dev/null && color 'HAPROXY安装完成!' 0 || { color 'HAPROXY 启动失败,退出!' 1; exit; }
echo "-------------------------------------------------------------------"
echo -e "请访问链接: \E[32;1mhttp://${LOCAL_IP}:9999/haproxy-status\E[0m"
echo -e "用户和密码: \E[32;1m${STATS_AUTH_USER}/${STATS_AUTH_PASSWORD}\E[0m"
}
check_file
install_packs
install_lua
install_haproxy
start_haproxy
bash install_haproxy.sh
安装完成
手动安装
#centos安装
yum install haproxy -y
第三方安装包
官方没有提供rpm相关的包,可以通过第三方仓库的rpm包
从第三方网站下载rpm包:https://pkgs.org/download/haproxy
官网
https://www.haproxy.org/
下载源
# apt-get -y install --no-install-recommends software-properties-common
# add-apt-repository -y ppa:vbernat/haproxy-2.8
# apt update
# apt-get -y install haproxy=2.8.\*
#验证haproxy版本
[root@haproxy ~]#haproxy -v
#systemctl status haproxy.service
#grep -Ev "^#|^$" /lib/systemd/system/haproxy.service
[Unit]
Description=HAProxy Load Balancer
Documentation=man:haproxy(1)
Documentation=file:/usr/share/doc/haproxy/configuration.txt.gz
After=network-online.target rsyslog.service
Wants=network-online.target
[Service]
EnvironmentFile=-/etc/default/haproxy
EnvironmentFile=-/etc/sysconfig/haproxy
BindReadOnlyPaths=/dev/log:/var/lib/haproxy/dev/log
Environment="CONFIG=/etc/haproxy/haproxy.cfg" "PIDFILE=/run/haproxy.pid" "EXTRAOPTS=-S /run/haproxy-master.sock"
ExecStart=/usr/sbin/haproxy -Ws -f $CONFIG -p $PIDFILE $EXTRAOPTS
ExecReload=/usr/sbin/haproxy -Ws -f $CONFIG -c -q $EXTRAOPTS
ExecReload=/bin/kill -USR2 $MAINPID
KillMode=mixed
Restart=always
SuccessExitStatus=143
Type=notify
[Install]
WantedBy=multi-user.target
查看用户与组,配置文件中指定
#id haproxy
用户id=113(haproxy) 组id=117(haproxy) 组=117(haproxy)
配置文件
#ls /etc/haproxy/haproxy.cfg
/etc/haproxy/haproxy.cfg
修改配置文件
#vim /etc/haproxy/haproxy.cfg
global
maxconn 100000
stats socket /var/lib/haproxy/haproxy.sock mode 600 level admin
uid 99
gid 99
daemon
pidfile /run/haproxy.pid
log 127.0.0.1 local3 info
defaults
option http-keep-alive
option forwardfor
maxconn 100000
mode http
timeout connect 300000ms
timeout client 300000ms
timeout server 300000ms
listen stats
mode http
bind 0.0.0.0:9999
stats enable
log global
stats uri /haproxy-status
stats auth admin:123456
重启
#systemctl restart haproxy.service
服务器ip
#hostname -I
10.0.0.110
haproxy状态页
http://10.0.0.110:9999/haproxy-status
配置文件信息:
用户名:admin
密码:123456
端口:9999
指定后端服务器
#vim /etc/haproxy/haproxy.cfg
两种方法
多对一
健康检查,伪4层
mode http #默认值,7层
实现https
修改service文件指定子配置文件夹目录
#systemctl daemon-reload
#systemctl restart haproxy.service
ls /var/lib/haproxy/haproxy.sock
HAProxy日志配置
HAproxy本身不记录客户端的访问日志.此外为减少服务器负载,一般生产中HAProxy不记录日志.
也可以配置HAProxy利用rsyslog服务记录日志到指定日志文件中
Socat 工具
对服务器动态权重和其它状态可以利用 socat工具进行调整,Socat 是 Linux 下的一个多功能的网络工
具,名字来由是Socket CAT,相当于netCAT的增强版.Socat 的主要特点就是在两个数据流之间建立双向
通道,且支持众多协议和链接方式。如 IP、TCP、 UDP、IPv6、Socket文件等