haproxy

最新推荐文章于 2023-10-12 10:17:48 发布

慕霜ヾ

最新推荐文章于 2023-10-12 10:17:48 发布

阅读量876

点赞数 1

文章标签：服务器负载均衡运维

本文链接：https://blog.csdn.net/mushuangpanny/article/details/126354803

版权

haproxy

文章目录

- haproxy

1. 集群

1.1 负载均衡集群

lvs 四层负载，到传输层
nginx 七层负载到应用层
haproxy 可四层，可七层负载
slb 云主机服务，付费
F5 硬件设备，付费

1.2 高可用集群

keepalived

1.3 高性能集群

2. haproxy安装

HAProxy是一个使用C语言编写的自由及开放源代码软件
HAProxy是一个使用C语言编写的自由及开放源代码软件，其提供高可用性、负载均衡，以及基于TCP和HTTP的应用程序代理。
HAProxy是一个免费的负载均衡软件，可以运行于大部分主流的Linux操作系统上。
HAProxy提供了L4(TCP)和L7(HTTP)两种负载均衡能力，具备丰富的功能。HAProxy的社区非常活跃，版本更新快速。最关键的是，HAProxy具备媲美商用负载均衡器的性能和稳定性。

2.1 环境

主机	IP
haproxy	192.168.232.132
RS1	192.168.232.134
RS2	192.168.232.128

关闭三台主机防火墙，安装httpd，配置网站内容

[root@haproxy ~]# systemctl disable --now firewalld
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@haproxy ~]# vim /etc/selinux/config 
[root@haproxy ~]# setenforce 0
[root@haproxy ~]# 


[root@RS1 ~]# systemctl disable --now firewalld
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@RS1 ~]# vim /etc/selinux/config
[root@RS1 ~]# setenforce 0
[root@RS1 ~]# dnf -y install httpd
[root@RS1 ~]# systemctl enable --now httpd
Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service 鈫� /usr/lib/systemd/system/httpd.service.
[root@RS1 ~]# echo '120120120 RS1' > /var/www/html/index.html
[root@RS1 ~]# cat /var/www/html/index.html
120120120 RS1
[root@RS1 ~]# ss -antl
State  Recv-Q Send-Q  Local Address:Port   Peer Address:Port Process                                                      
LISTEN 0      128           0.0.0.0:22          0.0.0.0:*                                                                 
LISTEN 0      128              [::]:22             [::]:*                                                                 
LISTEN 0      128                 *:80                *:*                                                                 
[root@RS1 ~]# 




[root@RS2 ~]# systemctl disable --now firewalld
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@RS2 ~]# vim /etc/selinux/config
[root@RS2 ~]# setenforce 0
[root@RS2 ~]# dnf -y install httpd
[root@RS2 ~]# systemctl enable --now httpd
Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service.
[root@RS2 ~]# echo '9999999 RS2' > /var/www/html/index.html[root@RS2 ~]# cat /var/www/html/index.html
9999999 RS2
[root@RS2 ~]# ss -antl
State  Recv-Q Send-Q  Local Address:Port   Peer Address:Port Process                                                      
LISTEN 0      128           0.0.0.0:22          0.0.0.0:*                                                                 
LISTEN 0      128              [::]:22             [::]:*                                                                 
LISTEN 0      128                 *:80                *:*                                                                 
[root@RS2 ~]#

2.2 软件网址

下载软件

[root@haproxy ~]# wget https://github.com/haproxy/haproxy/archive/refs/tags/v2.7-dev0.tar.gz

安装软件

[root@haproxy ~]# ls
anaconda-ks.cfg  v2.7-dev0.tar.gz
[root@haproxy ~]# yum -y install make gcc pcre-devel bzip2-devel openssl-devel systemd-devel

创建用户和解压

[root@haproxy ~]# tar xf v2.7-dev0.tar.gz 
[root@haproxy ~]# useradd -r -M -s /sbin/nologin haproxy

编译安装软件

注意：
make clean
make -j $(grep 'processor' /proc/cpuinfo |wc -l)  \
TARGET=linux-glibc  \
USE_OPENSSL=1  \
USE_ZLIB=1  \
USE_PCRE=1  \
USE_SYSTEMD=1
make install PREFIX=/usr/local/haproxy

正式编译：
[root@haproxy ~]# ls
anaconda-ks.cfg  haproxy-2.7-dev0  v2.7-dev0.tar.gz
[root@haproxy ~]# cd haproxy-2.7-dev0/
[root@haproxy haproxy-2.7-dev0]# ls
BRANCHES      MAINTAINERS  VERSION  examples   tests
CHANGELOG     Makefile     addons   include
CONTRIBUTING  README       admin    reg-tests
INSTALL       SUBVERS      dev      scripts
LICENSE       VERDATE      doc      src
[root@haproxy haproxy-2.7-dev0]# make clean
[root@haproxy haproxy-2.7-dev0]# make -j $(grep 'processor' /proc/cpuinfo |wc -l)  \
> TARGET=linux-glibc  \目标
> USE_OPENSSL=1  \
> USE_ZLIB=1  \
> USE_PCRE=1  \
> USE_SYSTEMD=1

[root@haproxy haproxy-2.7-dev0]# make install PREFIX=/usr/local/haproxy

编译的过程不清楚的话查看

[root@haproxy ~]# cd haproxy-2.7-dev0/
[root@haproxy haproxy-2.7-dev0]# ls
BRANCHES      MAINTAINERS  VERSION  examples   tests
CHANGELOG     Makefile     addons   include
CONTRIBUTING  README       admin    reg-tests
INSTALL       SUBVERS      dev      scripts
LICENSE       VERDATE      doc      src
[root@haproxy haproxy-2.7-dev0]# 
[root@haproxy haproxy-2.7-dev0]# ls INSTALL 
INSTALL
[root@haproxy haproxy-2.7-dev0]# ls README 
README
[root@haproxy haproxy-2.7-dev0]#

2.3 安装完成，设置

[root@haproxy ~]# cd /usr/local/
[root@haproxy local]# ls
bin  games    include  lib64    sbin   src
etc  haproxy  lib      libexec  share
[root@haproxy local]# cd haproxy/
[root@haproxy haproxy]# ls
doc  sbin  share
[root@haproxy haproxy]# ls sbin/
haproxy
[root@haproxy haproxy]# 

[root@haproxy haproxy]# which haproxy
/usr/bin/which: no haproxy in (/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin)
[root@haproxy haproxy]# ln -s /usr/local/haproxy/sbin/haproxy  /usr/sbin/
[root@haproxy haproxy]# which haproxy/usr/sbin/haproxy
[root@haproxy haproxy]#

3. 配置各个负载的内核参数

[root@haproxy ~]# vim /etc/sysctl.conf 
[root@haproxy ~]# sysctl -p
net.ipv4.ip_nonlocal_bind = 1//ip绑定非本地地址，打开，能够用没有配置当期主机的ip
net.ipv4.ip_forward = 1//ip转发功能
[root@haproxy ~]#

4. 提供配置文件

[root@haproxy ~]# cd haproxy-2.7-dev0/
[root@haproxy haproxy-2.7-dev0]# ls examples/
basic-config-edge.cfg  quick-test.cfg
content-sw-sample.cfg  socks4.cfg
errorfiles             transparent_proxy.cfg
haproxy.init           wurfl-example.cfg
option-http_proxy.cfg
[root@haproxy haproxy-2.7-dev0]# 

maxconn：连接数


[root@haproxy ~]# mkdir -p /etc/haproxy
[root@haproxy ~]# cd /etc/haproxy
[root@haproxy haproxy]# vim haproxy.cfg 
[root@haproxy haproxy]# cat haproxy.cfg 
#--------------全局配置----------------
global
    log 127.0.0.1 local0  info
    #log loghost local0 info
    maxconn 20480
#chroot /usr/local/haproxy
    pidfile /var/run/haproxy.pid
    #maxconn 4000
    user haproxy
    group haproxy
    daemon
#---------------------------------------------------------------------
#common defaults that all the 'listen' and 'backend' sections will
#use if not designated in their block
#---------------------------------------------------------------------
defaults
    mode http
    log global
    option dontlognull
    option httpclose
    option httplog
    #option forwardfor
    option redispatch
    balance roundrobin
    timeout connect 10s
    timeout client 10s
    timeout server 10s
    timeout check 10s
    maxconn 60000
    retries 3
#--------------统计页面配置------------------
listen admin_stats
    bind 0.0.0.0:8189
    stats enable
    mode http
    log global
    stats uri /haproxy_stats
    stats realm Haproxy\ Statistics
    stats auth admin:admin
    #stats hide-version
    stats admin if TRUE
    stats refresh 30s
#---------------web设置-----------------------
listen webcluster
    bind 0.0.0.0:80
    mode http
    #option httpchk GET /index.html
    log global
    maxconn 3000
    balance roundrobin
    cookie SESSION_COOKIE insert indirect nocache
    server web01 192.168.232.134:80 check inter 2000 fall 5
    server web02 192.168.232.128:80 check inter 2000 fall 5
    #server web01 192.168.80.102:80 cookie web01 check inter 2000 fall 5
[root@haproxy haproxy]#

5. 启用日志

[root@haproxy ~]# systemctl enable --now rsyslog 
[root@haproxy ~]# vim /etc/rsyslog.conf
[root@haproxy ~]# cat /etc/rsyslog.conf|grep /var/log/haproxy.log
local0.*       /var/log/haproxy.log
[root@haproxy ~]# systemctl restart rsyslog

6. haproxy.service文件编写

[root@haproxy ~]# vim /usr/lib/systemd/system/haproxy.service
[root@haproxy ~]# cat /usr/lib/systemd/system/haproxy.service
[Unit]
Description=HAProxy Load Balancer
After=syslog.target network.target

[Service]
ExecStartPre=/usr/local/haproxy/sbin/haproxy -f /etc/haproxy/haproxy.cfg   -c -q
ExecStart=/usr/local/haproxy/sbin/haproxy -Ws -f /etc/haproxy/haproxy.cfg  -p /var/run/haproxy.pid
ExecReload=/bin/kill -USR2 

[Install]
WantedBy=multi-user.target
[root@haproxy ~]# systemctl daemon-reload
[root@haproxy ~]# 


-f 指定配置文件
-c 检查
-q 静默模式
-p 指定pid

7. 启动服务

[root@haproxy ~]# ss -antl
State  Recv-Q Send-Q   Local Address:Port   Peer Address:Port Process                                                       
LISTEN 0      128            0.0.0.0:22          0.0.0.0:*                                                                  
LISTEN 0      128               [::]:22             [::]:*                                                                  
[root@haproxy ~]# systemctl enable --now  haproxy
Created symlink /etc/systemd/system/multi-user.target.wants/haproxy.service 鈫� /usr/lib/systemd/system/haproxy.service.
[root@haproxy ~]# ss -antl
State  Recv-Q Send-Q   Local Address:Port   Peer Address:Port Process                                                       
LISTEN 0      128            0.0.0.0:80          0.0.0.0:*                                                                  
LISTEN 0      128            0.0.0.0:22          0.0.0.0:*                                                                  
LISTEN 0      128            0.0.0.0:8189        0.0.0.0:*                                                                  
LISTEN 0      128               [::]:22             [::]:*                                                                  
[root@haproxy ~]#