安装HAProxy
1. HAProxy功能
HAProxy支持的功能:
- TCP和HTTP反向代理
- SSL/TSL服务器
- 可以针对HTTP请求添加cookie,进行路由后端服务器
- 可平衡负载至后端服务器,并支持持久连接
- 支持所有主服务器故障切换至备用服务器
- 支持专用端口实现监控服务
- 支持不影响现有连接情况下停止接受新连接请求
- 可以在双向添加,修改或删除HTTP报文首部
- 响应报文压缩
- 支持基于pattern实现连接请求的访问控制
- 通过特定的URI为授权用户提供详细的状态信息
不支持的功能:
- 正向代理–squid, nginx
- 缓存代理-varnish
- web服务–nginx, tengine, apache,php,tomcat
- UDP–目前不支持UDP协议, 2.1版本会支持UDP协议代理
- 单机性能–LVS
2.ubuntu安装
root@ubuntu:~# apt install software-properties-common -y
root@ubuntu:~# add-apt-repository ppa:vbernat/haproxy-2.0
root@ubuntu:~# apt update
root@ubuntu:~# apt install haproxy -y
官网安装教程:
https://haproxy.debian.net/#?distribution=Ubuntu&release=bionic&version=2.0
3. centos安装
cnetos7自带的base仓库中带的haproxy是1.5.X版本的,比较老旧了,推荐用最新的长期支持版本2.0。
[root@centos7 ~]# yum info haproxy.x86_64
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
Available Packages
Name : haproxy
Arch : x86_64
Version : 1.5.18
Release : 8.el7
Size : 834 k
Repo : base
Summary : TCP/HTTP proxy and load balancer for high availability environments
URL : http://www.haproxy.org/
License : GPLv2+
Description : HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high
: availability environments. Indeed, it can:
: - route HTTP requests depending on statically assigned cookies
: - spread load among several servers while assuring server persistence
: through the use of HTTP cookies
: - switch to backup servers in the event a main server fails
: - accept connections to special ports dedicated to service monitoring
: - stop accepting connections without breaking existing ones
: - add, modify, and delete HTTP headers in both directions
: - block requests matching particular patterns
: - report detailed status to authenticated users from a URI
: intercepted by the application
##可以另外找例如阿里云的镜像
4. 编译安装haproxy
4.1 cnetos编译安装haproxy
编译安装HAProxy 2.0 LTS版本,更多源码包下载地址: http://www.haproxy.org/download/
4.1.1 解决lua环境:
HAProxy支持基于lua实现功能扩展, lua是一种小巧的脚本语言,于1993年由巴西里约热内卢天主教大学 (Pontifical Catholic University of Rio de Janeiro)里的一个研究小组开发,其设计目的是为了嵌入应用程序中,而为应用程序提供灵活的扩展和定制功能。
由于centos自带的lua版本比较低并不符合HAProxy要求的lua最低版本(5.3)的要求,因此需要编译安装较新版本的 lua环境,然后才能编译安装HAProxy,过程如下:
[root@centos7 lua-5.3.5]# yum install gcc make wget readline-devel.x86_64 -y
[root@centos7 data]# wget https://www.lua.org/ftp/lua-5.3.5.tar.gz
[root@centos7 data]# tar xvf lua-5.3.5.tar.gz
[root@centos7 data]# cd lua-5.3.5/
[root@centos7 lua-5.3.5]# make linux test
[root@centos7 lua-5.3.5]# lua -v
Lua 5.1.4 Copyright (C) 1994-2008 Lua.org, PUC-Rio
[root@centos7 lua-5.3.5]# ./src/lua -v
Lua 5.3.5 Copyright (C) 1994-2018 Lua.org, PUC-Rio
4.1.2 安装haproxy
[root@centos7 data]# yum install openssl-devel.x86_64 systemd-devel.x86_64 make gcc -y
[root@centos7 data]# wget http://www.haproxy.org/download/2.0/src/haproxy-2.0.12.tar.gz
[root@centos7 data]# tar xvf haproxy-2.0.12.tar
[root@centos7 data]# cd haproxy-2.0.12/
#HAProxy 1.8和1.9编译参数
[root@centos7 haproxy-2.0.12]# make ARCH=x86_64 TARGET=linux2628 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 USE_SYSTEMD=1 USE_CPU_AFFINITY=1 PREFIX=/usr/local/haproxy
#HAProxy 2.0编译参数
[root@centos7 haproxy-2.0.12]# make ARCH=x86_64 TARGET=linux-glibc USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 USE_SYSTEMD=1 USE_CPU_AFFINITY=1 USE_LUA=1 LUA_INC=/data/lua-5.3.5/src LUA_LIB=/data/lua-5.3.5/src PREFIX=/usr/local/haproxy
[root@centos7 haproxy-2.0.12]# cp haproxy /usr/sbin/
[root@centos7 haproxy-2.0.12]# make install PREFIX=/usr/local/haproxy
#查看HAProxy版本
[root@centos7 haproxy-2.0.12]# haproxy -v
HA-Proxy version 2.0.12 2019/12/21 - https://haproxy.org/
**haproxy启动脚本: **
[root@centos7 haproxy]# vim /usr/lib/systemd/system/haproxy.service
[Unit]
Description=HAProxy Load Balancer
After=syslog.target network.target
[Service]
ExecStartPre=/usr/sbin/haproxy -f /etc/haproxy/haproxy.cfg -c -q
ExecStart=/usr/sbin/haproxy -Ws -f /etc/haproxy/haproxy.cfg -p /var/lib/haproxy/haproxy.pid
ExecReload=/bin/kill -USR2 $MAINPID
[Install]
WantedBy=multi-user.target
配置文件:
[root@centos7 haproxy]# mkdir /etc/haproxy
[root@centos7 haproxy]# vim /etc/haproxy/haproxy.cfg
#---------------------------------------------------------------------
global
log 127.0.0.1 local3 info
chroot /usr/local/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy
daemon
stats socket /var/lib/haproxy/haproxy.sock mode 600 level admin
#---------------------------------------------------------------------
defaults
mode http
log global
option httplog
option dontlognull
option http-server-close
option forwardfor except 127.0.0.0/8
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 3000
#---------------------------------------------------------------------
启动haproxy:
[root@centos7 haproxy]# mkdir /var/lib/haproxy
[root@centos7 haproxy]# id haproxy
id: haproxy: no such user
[root@centos7 haproxy]# useradd -r -s /sbin/nologin haproxy
[root@centos7 haproxy]# chown haproxy.haproxy /var/lib/haproxy/
[root@centos7 haproxy]# systemctl start haproxy.service
[root@centos7 haproxy]# systemctl status haproxy.service
● haproxy.service - HAProxy Load Balancer
Loaded: loaded (/usr/lib/systemd/system/haproxy.service; disabled; vendor preset: disabled)
Active: active (running) since Thu 2020-01-09 10:40:02 CST; 8s ago
Process: 13395 ExecStartPre=/usr/sbin/haproxy -f /etc/haproxy/haproxy.cfg -c -q (code=exited, status=0/SUCCESS)
Main PID: 13397 (haproxy)
CGroup: /system.slice/haproxy.service
├─13397 /usr/sbin/haproxy -Ws -f /etc/haproxy/haproxy.cfg -p /var/lib/haprox...
└─13399 /usr/sbin/haproxy -Ws -f /etc/haproxy/haproxy.cfg -p /var/lib/haprox...
Jan 09 10:40:02 centos7 systemd[1]: Stopped HAProxy Load Balancer.
Jan 09 10:40:02 centos7 systemd[1]: Starting HAProxy Load Balancer...
Jan 09 10:40:02 centos7 systemd[1]: Started HAProxy Load Balancer.
Jan 09 10:40:02 centos7 haproxy[13397]: [NOTICE] 008/104002 (13397) : New worker #1 (...ed
Hint: Some lines were ellipsized, use -l to show in full.
4.2 ubuntu编译安装haproxy
4.2.1 解决lua环境
root@ubuntu:/data# tar xvf lua-5.3.5.tar.gz
root@ubuntu:/data# cd lua-5.3.5/
root@ubuntu:/data/lua-5.3.5# apt install make libreadline-dev gcc -y
root@ubuntu:/data/lua-5.3.5# make linux test
root@ubuntu:/data/lua-5.3.5# ./src/lua -v
Lua 5.3.5 Copyright (C) 1994-2018 Lua.org, PUC-Rio
4.2.2 安装haproxy
#安装依赖
root@ubuntu:/data# apt install libssl-dev libpcre++-dev zlib1g-dev libsystemd-dev -y
#解压
root@ubuntu:/data# tar xvf haproxy-2.0.12.tar
root@ubuntu:/data# cd haproxy-2.0.12/
#开始编译
root@ubuntu:/data/haproxy-2.0.12# make ARCH=x86_64 TARGET=linux-glibc USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 USE_SYSTEMD=1 USE_CPU_AFFINITY=1 USE_LUA=1 LUA_INC=/data/lua-5.3.5/src LUA_LIB=/data/lua-5.3.5/src PREFIX=/usr/local/haproxy
#生成目录
root@ubuntu:/data/haproxy-2.0.12# make install PREFIX=/usr/local/haproxy
root@ubuntu:/data/haproxy-2.0.12# cp haproxy /usr/sbin/
root@ubuntu:/data/haproxy-2.0.12# haproxy -v
HA-Proxy version 2.0.12 2019/12/21 - https://haproxy.org/
剩下的和cnetos一样,创建启动脚本,创建配置文件,启动即可。