Haproxy是一个开源的高性能的反向代理或者说是负载均衡服务软件之一,它支持双机热备、虚拟主机、基于TCP和HTTP应用代理等功能。其配置简单,而且拥有很好的对服务器节点的健康检查功能(相当于keepalived健康检查),当其代理的后端服务器出现故障时,Haproxy会自动的将该故障服务器摘除,当服务器的故障恢复后Haproxy还会自动将RS服务器假如。
Haproxy特别使用与那些访问量很大。但又需要会话保持或七层应用的业务。Haproxy运行在普通的服务器硬件上,仅仅进行简单的优化就可以支持数以万计的并发连接。并且它的运行模式使得它可以很简单安全的整合到各种网站的架构中,同时使得应用服务器不会暴露到网络中。
Haproxy软件引入了frontend,backend的功能,frontend(acl规则匹配)可以运维管理人员根据任意HTTP请求头做规则匹配,然后把请求定向到相关的backend(server pools等待前端把请求转过来的服务器组)。通过frontend和backup,我们可以很容易的实现haproxy的7层代理功能,haproxy是一款不可多得的优秀代理服务软件
Haproxy支持两种主要代理模式:第一个是4层tcp代理(例如:可用于邮件服务内部协议通信服务器、Mysql服务等)。第二个是7层代理(如HTTP代理)。在4层tcp代理模式下,Haproxy仅在客户端和服务器之间双向转发流量。但是在7层模式下Haproxy会分析应用层协议,并且能通过运行、拒绝、交换、增加、修改或者删除请求(request)或者回应(reponse)里指定内容来控制协议
Haproxy:base_01
Web1: base_02
Web2: base_03
haproxy-1.6.11.tar.gz
[root@base_01 ~]# tar zxf haproxy-1.6.11.tar.gz
[root@base_01 ~]# ls
haproxy-1.6.11
haproxy-1.6.11.tar.gz
[root@base_01 ~]# cd haproxy-1.6.11
[root@base_01 haproxy-1.6.11]# ls
CHANGELOG doc include Makefile src VERDATE
contrib ebtree LICENSE README SUBVERS VERSION
CONTRIBUTING examples MAINTAINERS ROADMAP tests
[root@base_01 haproxy-1.6.11]# less README
[root@base_01 haproxy-1.6.11]# make TARGET=linux26 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1
.............................
src/haproxy.c:1480: error: ‘struct bind_conf’ has no member named ‘by_fe’
src/haproxy.c:1480: error: ‘struct bind_conf’ has no member named ‘by_fe’
make: *** [src/haproxy.o] Error 1
[root@base_01 haproxy-1.6.11]# yum install pcre-devel openssl-devel zlib-devel -y
[root@base_01 haproxy-1.6.11]# make TARGET=linux26 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 PREFIX=/usr/local/haproxy
[root@base_01 haproxy-1.6.11]# make TARGET=linux26 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 PREFIX=/usr/local/haproxy install
install -d "/usr/local/haproxy/sbin"
install haproxy haproxy-systemd-wrapper "/usr/local/haproxy/sbin"
install -d "/usr/local/haproxy/share/man"/man1
install -m 644 doc/haproxy.1 "/usr/local/haproxy/share/man"/man1
install -d "/usr/local/haproxy/doc/haproxy"
for x in architecture close-options configuration cookie-options intro linux-syn-cookies lua management network-namespaces proxy-protocol; do \
install -m 644 doc/$x.txt "/usr/local/haproxy/doc/haproxy" ; \
done
[root@base_01 examples]# cp content-sw-sample.cfg /etc/haproxy/
[root@base_01 examples]# cd /etc/haproxy/
[root@base_01 haproxy]# ls
content-sw-sample.cfg haproxy.cfg
[root@base_01 haproxy]# vi haproxy.cfg
[root@base_01 haproxy]# cat haproxy.cfg | grep ^# -v
global
maxconn 10000
stats socket /var/run/haproxy.stat mode 600 level admin
log 127.0.0.1 local0
uid 99
gid 99
#chroot /var/empty
daemon
defaults
mode http
log global
option httplog
option dontlognull
monitor-uri /monitoruri
maxconn 8000
timeout client 30s
stats uri /status
frontend westos
bind 0.0.0.0:80
#bind 192.168.1.10:443 ssl crt /etc/haproxy/haproxy.pem
#use_backend static if { hdr_beg(host) -i img }
#use_backend static if { path_beg /img /css }
default_backend dynamic
backend dynamic
balance roundrobin
server web1 172.25.77.2:80 check inter 1000
server web2 172.25.77.3:80 check inter 1000
[root@base_01 haproxy]# /etc/init.d/haproxy start
/etc/init.d/haproxy: line 98: /usr/sbin/haproxy: No such file or directory
Errors found in configuration file, check it with 'haproxy check'.
这是因为我们指定安装路径为/usr/local/sbin/haproxy
[root@base_01 haproxy]# vi /etc/init.d/haproxy
[root@base_01 haproxy]# /etc/init.d/haproxy start
Starting haproxy: [WARNING] 274/001506 (2061) : config : missing timeouts for backend 'dynamic'.
| While not properly invalid, you will certainly encounter various problems
| with such a configuration. To fix this, please ensure that all following
| timeouts are set to a non-zero value: 'client', 'connect', 'server'.
[ OK ]
2062 ? Ss 0:00 /usr/local/sbin/haproxy -D -f /etc/haproxy/haproxy.cfg -p /var/run/haproxy.pid
2065 pts/0 R+ 0:00 ps -ax
在浏览器访问172.25.77.1/status
http://172.25.77.1/monitoruri
200 OK
Service ready.
[root@foundation77 Desktop]# curl 172.25.77.1
base_03
[root@foundation77 Desktop]# curl 172.25.77.1
<h1>base_02<h1>