haproxy

最新推荐文章于 2022-11-09 15:50:39 发布

cy大马猴

最新推荐文章于 2022-11-09 15:50:39 发布

阅读量157

点赞数

文章标签： linux centos 服务器

本文链接：https://blog.csdn.net/m0_62469712/article/details/127084854

版权

源码安装

haproxy官方帮助文档：https://cbonte.github.io/haproxy-dconv/

下载安装包
haproxy源码包下载网站地址：https://src.fedoraproject.org/repo/pkgs/haproxy/

先挂在

[root@localhost ~]# mount /dev/cdrom /mnt/
mount: /mnt: WARNING: device write-protected, mounted read-only.

下载软件包,这种软件包可以进行图文件传输

[root@localhost ~]# dnf -y install lrzsz

在这里插入图片描述
安装编译环境

[root@localhost ~]# yum -y install make gcc pcre-devel bzip2-devel openssl-devel systemd-devel

创建haproxy用户

[root@localhost ~]# useradd -rMs /sbin/nologin haproxy

解压和安装

[root@localhost ~]# tar -xzf haproxy-2.1.3.tar.gz 
[root@localhost ~]# cd haproxy-2.1.3/
[root@localhost haproxy-2.1.3]# make clean 
[root@localhost haproxy-2.1.3]# make -j $(grep 'processor' /proc/cpuinfo |wc -l)  \
> TARGET=linux-glibc  \
> USE_OPENSSL=1  \
> USE_ZLIB=1  \
> USE_PCRE=1  \
> USE_SYSTEMD=1
[root@localhost haproxy-2.1.3]# make install PREFIX=/usr/local/haproxy
[root@localhost haproxy-2.1.3]# cp haproxy /usr/sbin

设置Linux内核参数

[root@localhost haproxy-2.1.3]# vim /etc/sysctl.conf
[root@localhost haproxy-2.1.3]# sysctl -p
net.ipv4.ip_nonlocal_bind = 1
net.ipv4.ip_forward = 1

配置haproxy服务

[root@localhost haproxy-2.1.3]# vim /etc/haproxy/haproxy.cfg
global
    log 127.0.0.1 local0  info
    #log loghost local0 info
    maxconn 20480
#chroot /usr/local/haproxy
    pidfile /var/run/haproxy.pid
    #maxconn 4000
    user haproxy
    group haproxy
    daemon
#---------------------------------------------------------------------
#common defaults that all the 'listen' and 'backend' sections will
#use if not designated in their block
#---------------------------------------------------------------------
defaults
    mode http
    log global
    option dontlognull
    option httpclose
    option httplog
    #option forwardfor
    option redispatch
    balance roundrobin
    timeout connect 10s
    timeout client 10s
    timeout server 10s
    timeout check 10s
    maxconn 60000
    retries 3
#--------------统计页面配置------------------
listen admin_stats
    bind 0.0.0.0:8189
    stats enable
    mode http
    log global
    stats uri /haproxy_stats
    stats realm Haproxy\ Statistics
    stats auth admin:admin
    #stats hide-version
    stats admin if TRUE
    stats refresh 30s
#---------------web设置-----------------------
listen webcluster
    bind 0.0.0.0:80
    mode http
    #option httpchk GET /index.html
    log global
    maxconn 3000
    balance roundrobin
    cookie SESSION_COOKIE insert indirect nocache
    server web01 172.16.103.130:80 check inter 2000 fall 5
    #server web01 192.168.80.102:80 cookie web01 check inter 2000 fall 5

启动haproxy，配置haproxy.service服务单元文件

[root@localhost haproxy]# vim /usr/lib/systemd/system/haproxy.service
[root@localhost haproxy]# cat /usr/lib/systemd/system/haproxy.service 
[Unit]
Description=HAProxy Load Balancer
After=syslog.target network.target

[Service]
ExecStartPre=/usr/local/haproxy/sbin/haproxy -f /etc/haproxy/haproxy.cfg   -c -q
ExecStart=/usr/local/haproxy/sbin/haproxy -Ws -f /etc/haproxy/haproxy.cfg  -p /var/run/haproxy.pid
ExecReload=/bin/kill -USR2 $MAINPID

[Install]
WantedBy=multi-user.target
[root@localhost haproxy]#

配置日志信息

#kern.*                                                 /dev/console

# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
*.info;mail.none;authpriv.none;cron.none                /var/log/messages
local0.info                                             /var/log/haproxy.log		//添加这个
# The authpriv file has restricted access.
authpriv.*                                              /var/log/secu
re

[root@localhost haproxy]# systemctl restart rsyslog.service 
[root@localhost haproxy]# systemctl enable rsyslog
[root@localhost haproxy]# systemctl restart haproxy.service 
[root@localhost haproxy]# systemctl enable haproxy.service 
Created symlink /etc/systemd/system/multi-user.target.wants/haproxy.service → /usr/lib/systemd/system/haproxy.service.
[root@localhost haproxy]#

Haproxy搭建http负载均衡

环境

主机名称	IP地址	需要安装的应用	系统版本
client	192.168.64.134	无	centos8.5
localhost	192.168.64.129	haproxy	centos8.5
RS1	192.168.64.128	httpd	centos8.5
RS2	192.168.64.130	httpd	centos8.5

LB、RS1、RS2都关闭防火墙和selinux

RS1和RS2部署httpd

[root@RS1 ~]# dnf -y install httpd
[root@RS1 ~]# echo RS1 > /var/www/html/index.html
[root@RS1 ~]# systemctl restart httpd
[root@RS1 ~]# systemctl enable httpd

[root@RS2 ~]# yum -y install httpd
[root@RS2 ~]# echo RS2 > /var/www/html/index.html
[root@RS2 ~]# systemctl restart httpd
[root@RS2 ~]# systemctl enable httpd
Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service.
[root@RS2 ~]#

修改localhost的内核参数

[root@localhost haproxy]# vim /etc/haproxy/haproxy.cfg
[root@localhost haproxy]# cat /etc/haproxy/haproxy.cfg 
global
    daemon
    maxconn 256

defaults
    mode http
    timeout connect 5000ms
    timeout client 50000ms
    timeout server 50000ms

frontend http-in
    bind *:80
    default_backend servers

backend servers
    server web01 192.168.64.130:80
    server web02 192.168.64.128:80
[root@localhost haproxy]#

启动haproxy服务
如果没有使用systemd管理，则执行

haproxy -f /etc/haproxy/haproxy.cfg -c

如果配置systemd管理haproxy服务

[root@localhost haproxy]# systemctl restart haproxy.service

客户端验证

[root@LB ~]# curl http://192.168.64.130
RS2
[root@LB ~]# curl http://192.168.64.128
RS1
[root@LB ~]#

使用WEB网页访问测试

[root@localhost haproxy]# cat /etc/haproxy/haproxy.cfg 
global
    log 127.0.0.1 local0  info
    #log loghost local0 info
    maxconn 20480
#chroot /usr/local/haproxy
    pidfile /var/run/haproxy.pid
    #maxconn 4000
    user haproxy
    group haproxy
    daemon
#---------------------------------------------------------------------
#common defaults that all the 'listen' and 'backend' sections will
#use if not designated in their block
#---------------------------------------------------------------------
defaults
    mode http
    log global
    option dontlognull
    option httpclose
    option httplog
    #option forwardfor
    option redispatch
    balance roundrobin
    timeout connect 10s
    timeout client 10s
    timeout server 10s
    timeout check 10s
    maxconn 60000
    retries 3
#--------------统计页面配置------------------
listen admin_stats
    bind 0.0.0.0:8189
    stats enable
    mode http
    log global
    stats uri /haproxy_stats            //访问网页后缀URL
    stats realm Haproxy\ Statistics
    stats auth admin:admin              //用户名和密码
    #stats hide-version
    stats admin if TRUE
    stats refresh 30s
#---------------web设置-----------------------
listen webcluster
    bind 0.0.0.0:80
    mode http
    #option httpchk GET /index.html
    log global
    maxconn 3000
    balance roundrobin
    cookie SESSION_COOKIE insert indirect nocache
    server web01 192.168.64.128:80 check inter 2000 fall 5
    server web02 192.168.64.130:80 check inter 2000 fall 5

重启服务

[root@localhost haproxy]# systemctl restart haproxy.service 
[root@localhost haproxy]# ss -antl
State  Recv-Q Send-Q  Local Address:Port   Peer Address:Port Process 
LISTEN 0      128           0.0.0.0:80          0.0.0.0:*            
LISTEN 0      128           0.0.0.0:22          0.0.0.0:*            
LISTEN 0      128           0.0.0.0:8189        0.0.0.0:*            
LISTEN 0      128              [::]:22             [::]:*            
[root@localhost haproxy]#

网页访问测试
在这里插入图片描述
http://192.168.64.129:8189/haproxy_stats
用户名和密码都为admin