haproxy负载均衡的部署
实验环境:
主机名称 | IP地址 | 需要安装的应用 | 系统版本 |
---|---|---|---|
client | 192.168.171.13 | 无 | centos8 |
wtk(负载均衡调度器) | 192.168.171.141 | haproxy | centos8 |
RS1 | 192.168.171.142 | httpd | centos8 |
RS2 | 192.168.171.133 | httpd | centos8 |
配置调度器
//关闭防火墙selinux
[root@wtk ~]# systemctl disable --now firewalld.service
[root@wtk ~]# sed -i 's/^SELINUX.*/SELINUX=disabled/' /etc/selinux/config
[root@wtk ~]# setenforce 0
//修改参数内核
[root@wtk ~]# vi /etc/sysctl.conf
[root@wtk ~]# sysctl -p
net.ipv4.ip_nonlocal_bind = 1
net.ipv4.ip_forward = 1
[root@wtk ~]#
//下载harpoxy的依赖包和编译器
[root@wtk ~]# yum -y install make gcc pcre-devel bzip2-devel openssl-devel systemd-devel
//然后在网上下载压缩包(网址:https://src.fedoraproject.org/repo/pkgs/haproxy/)
[root@wtk ~]# ls
anaconda-ks.cfg haproxy-2.6.0.tar.gz
//创建用户和解压依赖包
[root@wtk ~]# useradd -rMs /sbin/nologin haproxy
[root@wtk ~]# tar -xzf haproxy-2.6.0.tar.gz
//然后进入解压目录编译
[root@wtk ~]# cd haproxy-2.6.0/
[root@wtk haproxy-2.6.0]# make clean
[root@wtk haproxy-2.6.0]# make -j $(grep 'processor' /proc/cpuinfo |wc -l) \
TARGET=linux-glibc \
USE_OPENSSL=1 \
USE_ZLIB=1 \
USE_PCRE=1 \
USE_SYSTEMD=1
[root@wtk haproxy-2.6.0]# make install PREFIX=/usr/local/haproxy
[root@wtk haproxy-2.6.0]# cp haproxy /usr/sbin/
//创建配置文件路径
[root@wtk ~]# mkdir /etc/haproxy
[root@wtk haproxy-2.6.0]# vi /etc/haproxy/haproxy.cfg
global
daemon
maxconn 256
defaults
mode http
timeout connect 5000ms
timeout client 50000ms
timeout server 50000ms
frontend http-in
bind *:80
default_backend servers
backend servers
server web01 192.168.100.20:80
server web02 192.168.100.30:80
//写service文件
[root@wtk haproxy-2.6.0]# vi /usr/lib/systemd/system/haproxy.service
[Unit]
Description=HAProxy Load Balancer
After=syslog.target network.target
[Service]
ExecStartPre=/usr/local/haproxy/sbin/haproxy -f /etc/haproxy/haproxy.cfg -c -q
ExecStart=/usr/local/haproxy/sbin/haproxy -Ws -f /etc/haproxy/haproxy.cfg -p /var/run/haproxy.pid
ExecReload=/bin/kill -USR2 $MAINPID
[Install]
WantedBy=multi-user.target
[root@wtk haproxy-2.6.0]# systemctl daemon-reload
[root@wtk haproxy-2.6.0]# systemctl restart haproxy.service
[root@wtk haproxy-2.6.0]# systemctl enable haproxy.service
配置RS1
[root@RS1 ~]# systemctl disable --now firewalld.service
[root@RS1 ~]# sed -i 's/^SELINUX.*/SELINUX=disabled/' /etc/selinux/config
[root@RS1 ~]# setenforce 0
[root@RS1 ~]# yum -y install httpd
[root@RS1 ~]# echo "RS1" >/var/www/html/index.html
[root@RS1 ~]# systemctl restart httpd
[root@RS1 ~]# systemctl enable httpd
Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service.
[root@RS1 ~]#
配置RS2
[root@RS2 ~]# systemctl disable --now firewalld.service
[root@RS2 ~]# setenforce 0
[root@RS2 ~]# sed -i 's/^SELINUX.*/SELINUX=disabled/' /etc/selinux/config
[root@RS2 ~]# yum -y install httpd
[root@RS2 ~]# echo "RS2" >/var/www/html/index.html
[root@RS2 ~]# systemctl restart httpd
[root@RS2 ~]# systemctl enable httpd
Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service.
[root@RS2 ~]#
用客户端测试
//轮询模式触发
[root@localhost ~]# curl http://192.168.171.141
RS1
[root@localhost ~]# curl http://192.168.171.141
RS2
[root@localhost ~]# curl http://192.168.171.141
RS1
[root@localhost ~]# curl http://192.168.171.141
RS2
[root@localhost ~]#
使用WEB网页访问测试
//在配置文件里面加入这些就可以在网页上访问到
[root@wtk ~]# cat /etc/haproxy/haproxy.cfg
global
log 127.0.0.1 local0 info
maxconn 20480
pidfile /var/run/haproxy.pid
#maxconn 4000
user haproxy
group haproxy
daemon
defaults
mode http
log global
option dontlognull
option httpclose
option httplog
option redispatch
balance roundrobin
timeout connect 10s
timeout client 10s
timeout server 10s
timeout check 10s
maxconn 60000
retries 3
listen admin_stats
bind 0.0.0.0:8189
stats enable
mode http
log global
stats uri /admin //访问网页后缀URL
stats realm Haproxy\ Statistics
stats auth admin:123456 //用户名和密码
#stats hide-version
stats admin if TRUE
stats refresh 30s
#---------------web设置-----------------------
listen webcluster
bind 0.0.0.0:80
mode http
log global
maxconn 3000
balance roundrobin
cookie SESSION_COOKIE insert indirect nocache
server web01 192.168.171.142:80
server web02 192.168.171.133:80
//利用ip加端口访问
[root@wtk ~]# systemctl restart haproxy.service
[root@wtk ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:80 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 0.0.0.0:8189 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*