HAProxy
官网:https://www.haproxy.org/
下载地址:https://www.haproxy.org/download/1.7/src/
源码包中的 doc 目录中的文件,描述了 haproxy 的相关信息,如下所示:
- intro.txt:它介绍了 haproxy 的基础知识。
- management.txt:它说明了如何运行和升级 haproxy。
- configuration.txt:配置文件参考手册。
- coding-style.txt:源代码描述了,供开发人员使用。
- proxy-protocol.txt:其它产品。
- README:如何从源代码构建 haproxy。
安装 haproxy
根据 README 文件中的信息,进行安装。
1 安装依赖包
yum -y install gcc gcc-c++
2 创建 haproxy 组和用户
#指定GID和UID,方便集群管理
groupadd -g 4000 haproxy
useradd -u 4000 -g 4000 -s /sbin/nologin haproxy
3 安装依赖库
PCRE 库
官网:http://pcre.org/,下载源码包进行编译安装。
tar -zxf pcre-8.38.tar.gz
cd pcre-8.38
./configure --prefix=/usr/local/pcre-8.38 --enable-jit
make && make install
ZLIB 库
官网:https://www.zlib.net/,下载源码包进行编译安装。
tar -zxf zlib-1.2.11.tar.gz
cd zlib-1.2.11
./configure --prefix=/usr/local/zlib-1.2.11
make && make install
OpenSSL
官网:https://www.openssl.org/,下载源码包进行编译安装。
tar -zxf openssl-1.0.1h.tar.gz
cd openssl-1.0.1h
./config --prefix=/usr/local/openssl-1.0.1h
make -j 4
make install
4 查看内核版本
uname -r
3.10.0-1160.el7.x86_64
#README 中表示:2.6.28、3.x 及更高的版本可指定 linux2628。
5 编译安装 haproxy
cd /usr/local/src/haproxy-1.7.5
#编译
make -j 4 ARCH=x86_64 \
TARGET=linux2628 \
USE_PCRE=1 PCRE_INC=/usr/local/pcre-8.38/include/ PCRE_LIB=/usr/local/pcre-8.38/lib \
USE_OPENSSL=1 SSL_INC=/usr/local/openssl-1.0.1h/include/ SSL_LIB=/usr/local/openssl-1.0.1h/lib \
USE_ZLIB=1 ZLIB_INC=/usr/local/zlib-1.2.11/include/ ZLIB_LIB=/usr/local/zlib-1.2.11/lib
#编译安装,使用变量 PREFIX 指定安装路径
make install PREFIX=/usr/local/haproxy
6 配置启动文件
cd /usr/local/src/haproxy-1.7.5
cp -p haproxy-systemd-wrapper /usr/local/haproxy/sbin/
cp -p contrib/systemd/haproxy.service.in /usr/lib/systemd/system/haproxy.service
sed -i 's#CONFIG=/etc/haproxy/haproxy.cfg#CONFIG=/usr/local/haproxy/etc/haproxy.cfg#g' /usr/lib/systemd/system/haproxy.service
sed -i 's#PIDFILE=/run/haproxy.pid#PIDFILE=/usr/local/haproxy/temp/haproxy.pid#g' /usr/lib/systemd/system/haproxy.service
sed -i 's#@SBINDIR@#/usr/local/haproxy/sbin#g' /usr/lib/systemd/system/haproxy.service
systemctl daemon-reload
7 创建依赖路径
cd /usr/local/haproxy/
mkdir ./{etc,temp,log}
mkdir /var/lib/haproxy
8 编写配置文件
关于配置文件中各选项的含义,可参考另外的文档:HAProxy 常用配置介绍
vim /usr/local/haproxy/etc/haproxy.cfg
#---------------------------------------------------------------------
# Example configuration for a possible web application. See the
# full configuration options online.
#
# http://haproxy.1wt.eu/download/1.4/doc/configuration.txt
#
#---------------------------------------------------------------------
#---------------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------
global
# to have these messages end up in /var/log/haproxy.log you will
# need to:
#
# 1) configure syslog to accept network log events. This is done
# by adding the '-r' option to the SYSLOGD_OPTIONS in
# /etc/sysconfig/syslog
#
# 2) configure local2 events to go to the /var/log/haproxy.log
# file. A line like the following can be added to
# /etc/sysconfig/syslog
#
# local2.* /var/log/haproxy.log
#
log 127.0.0.1 local2 info
chroot /var/lib/haproxy
pidfile /usr/local/haproxy/temp/haproxy.pid
maxconn 40960
user haproxy
group haproxy
daemon
nbproc 2
cpu-map 1 0
cpu-map 2 1
#后端节点少时,没必要使用。
#spread-checks 5
stats socket /usr/local/haproxy/temp/haproxy.sock1 level admin mode 600 process 1
stats socket /usr/local/haproxy/temp/haproxy.sock2 level admin mode 600 process 2
#---------------------------------------------------------------------
# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
#---------------------------------------------------------------------
defaults
log global
option dontlognull
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 120s
timeout check 10s
#errorfile 503 /usr/local/haproxy/errorfiles/503.http
errorloc 503 "https://blog.csdn.net/qq_43584691"
#---------------------------------------------------------------------
# web test page
#---------------------------------------------------------------------
listen WebTest
mode http
log global
bind 192.168.10.143:80,192.168.10.143:8000
balance roundrobin
option httpchk
option tcpka
option httplog
option forwardfor except 127.0.0.0/8
option http-server-close
option http-keep-alive
server web1 192.168.10.143:8080 weight 1 check inter 3s fall 2 rise 5
server web2 192.168.10.143:8090 weight 1 check inter 3s fall 2 rise 5
#server php1 192.168.10.143:80 weight 1 check addr 10.0.10.143 port 9000 inter 3s fall 2 rise 5
#---------------------------------------------------------------------
# mongodb test
#---------------------------------------------------------------------
listen MysqlTest
mode tcp
bind 192.168.10.143:3306
balance source
option mysql-check
option tcplog
server mysql1 192.168.10.137:3306 weight 1 check inter 3s fall 2 rise 5
server mysql2 192.168.10.138:3306 backup weight 1 check inter 3s fall 2 rise 5
#---------------------------------------------------------------------
# HAProxy status page
#---------------------------------------------------------------------
listen HAProxyPage
bind-process 1
bind 192.168.10.143:8888
stats enable
stats hide-version
stats refresh 30s
stats uri /haproxy-status
stats auth admin:123456
stats realm "haproxy status page of wpftest"
#---------------------------------------------------------------------
# main frontend which proxys to the backends
#---------------------------------------------------------------------
#frontend main *:5000
# acl url_static path_beg -i /static /images /javascript /stylesheets
# acl url_static path_end -i .jpg .gif .png .css .js
#
# use_backend static if url_static
# default_backend app
#---------------------------------------------------------------------
# static backend for serving up images, stylesheets and such
#---------------------------------------------------------------------
#backend static
# balance roundrobin
# server static 127.0.0.1:4331 check
#---------------------------------------------------------------------
# round robin balancing between the various backends
#---------------------------------------------------------------------
#backend app
# balance roundrobin
# server app1 127.0.0.1:5001 check
# server app2 127.0.0.1:5002 check
# server app3 127.0.0.1:5003 check
# server app4 127.0.0.1:5004 check
9 配置记录 haproxy 日志的功能
#安装 rsyslog
yum -y install rsyslog
#在 rsyslog 中添加 haproxy.log
vim /etc/rsyslog.d/haproxy.conf
$ModLoad imudp
$UDPServerRun 514
local2.* /usr/local/haproxy/log/haproxy.log
#开启 rsyslog 的远程日志功能
vim /etc/sysconfig/rsyslog
SYSLOGD_OPTIONS="-c 2 -r -m 0"
#-c 2 使用兼容模式,默认是 -c 5。
#-r 开启远程日志
#-m 0 标记时间戳。单位是分钟,为0时,表示禁用该功能
#重启 rsyslog
systemctl restart rsyslog
10 启动&自启 haproxy
chown -R haproxy:haproxy /usr/local/haproxy
chown -R haproxy:haproxy /var/lib/haproxy
systemctl start haproxy && systemctl enable haproxy