haproxy

最新推荐文章于 2024-07-26 09:07:38 发布

头发保卫者

最新推荐文章于 2024-07-26 09:07:38 发布

阅读量690

点赞数

分类专栏： haproxy 文章标签：服务器运维 linux

本文链接：https://blog.csdn.net/qq_52943068/article/details/126354282

版权

haproxy 专栏收录该内容

1 篇文章 0 订阅

订阅专栏

1.haprorxy简介

HAProxy提供高可用性、负载均衡以及基于TCP和HTTP应用的代理，支持虚拟主机，它是免费、快速并且可靠的一种解决方案。HAProxy特别适用于那些负载特大的web站点，这些站点通常又需要会话保持或七层处理。HAProxy运行在当前的硬件上，完全可以支持数以万计的并发连接。并且它的运行模式使得它可以很简单安全的整合进您当前的架构中，同时可以保护你的web服务器不被暴露到网络上。
HAProxy实现了一种事件驱动, 单一进程模型，此模型支持非常大的并发连接数。多进程或多线程模型受内存限制、系统调度器限制以及无处不在的锁限制，很少能处理数千并发连接。
准备三台新的虚拟机
RS1和RS2提供网站，haproxy当调度器

服务器名称	IP	版本
haproxy	192.168.106.20	centos8/redhat8
RS1	192.168.106.16	centos8/redhat8
RS2	192.168.106.17	centos8/redhat8

2.准备工作

//将三台主机都配置阿里云的源
//关闭防火墙以及selinux
//RS1
[root@RS1 ~]# systemctl disable --now firewalld.service 
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@RS1 ~]# setenforce 0
[root@RS1 ~]# vim /etc/selinux/config 
[root@RS1 ~]# cat /etc/selinux/config 

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=disabled      //改为disabled
# SELINUXTYPE= can take one of these three values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected. 
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted
//RS2
[root@RS2 ~]# systemctl disable --now firewalld.service 
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@RS2 ~]# setenforce 0
[root@RS2 ~]# vim /etc/selinux/config 
[root@RS2 ~]# cat /etc/selinux/config 

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=disabled      //改为disabled
# SELINUXTYPE= can take one of these three values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected. 
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted
//haproxy
[root@haproxy ~]# systemctl disable --now firewalld.service 
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@haproxy ~]# setenforce 0
[root@haproxy ~]# vim /etc/selinux/config 
[root@haproxy ~]# cat /etc/selinux/config 

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=disabled      //改为disabled
# SELINUXTYPE= can take one of these three values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected. 
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted
//将两个RS安装httpd
[root@RS2 ~]# yum -y install httpd
[root@RS1 ~]# yum -y install httpd
//过程以省略...
//设置开机自启并修改网站内容
//RS2
[root@RS2 ~]# systemctl enable --now httpd
Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service.
[root@RS2 ~]# echo "hello RS2" > /var/www/html/index.html
//RS1
[root@RS1 ~]# systemctl enable --now httpd
Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service.
[root@RS1 ~]# echo "hello RS1" > /var/www/html/index.html

访问测试页面
在这里插入图片描述

在这里插入图片描述
可以看到是可以访问到的
下载haproxy包。点击下载<haproxy2.6.0>版本也可以通过wget命令直接下载到虚拟机

[root@haproxy ~]# yum -y install wget
wget https://github.com/haproxy/haproxy/archive/refs/tags/v2.6.0.tar.gz    //通过wget方式下载haproxy包

3. haproxy安装

//安装依赖包
yum -y install make gcc pcre-devel bzip2-devel openssl-devel systemd-devel   //过程以省略...
//创建haproxy系统用户
useradd -r -M -s /sbin/nologin haproxy
//解压haproxy包
[root@haproxy ~]# tar xf v2.6.0.tar.gz
[root@haproxy ~]# ls
anaconda-ks.cfg  haproxy-2.6.0  v2.6.0.tar.gz
//编译
[root@haproxy ~]# cd haproxy-2.6.0/
[root@haproxy haproxy-2.6.0]# make clean    //清理缓存
[[root@haproxy haproxy-2.6.0]# make -j $(grep 'processor' /proc/cpuinfo |wc -l)  TARGET=linux-glibc  USE_OPENSSL=1  USE_ZLIB=1  USE_PCRE=1  USE_SYSTEMD=1     //编译
[root@haproxy haproxy-2.6.0]# make install PREFIX=/usr/local/haproxy     //编译安装
//创建软连接
[root@haproxy haproxy]# ln -s /usr/local/haproxy/sbin/haproxy /usr/sbin/
[root@haproxy haproxy]# which haproxy 
/usr/sbin/haproxy

3.1.配置各个负载的内核参数

[root@haproxy haproxy]# echo 'net.ipv4.ip_nonlocal_bind = 1' >>  /etc/sysctl.conf
[root@haproxy haproxy]# echo 'net.ipv4.ip_forward = 1' >> /etc/sysctl.conf
[root@haproxy haproxy]# sysctl  -p      //读取一下
net.ipv4.ip_nonlocal_bind = 1
net.ipv4.ip_forward = 1

3.2.提供配置文件

[root@haproxy ~]# mkdir /etc/haproxy
[root@haproxy ~]# cd /etc/haproxy/
[root@haproxy haproxy]# vim haproxy.cfg
[root@haproxy haproxy]# cat haproxy.cfg 
#------------Global configuration-----------------
global
    log 127.0.0.1 local0  info
    #log loghost local0 info
    maxconn 20480
#chroot /usr/local/haproxy
    pidfile /var/run/haproxy.pid
    #maxconn 4000
    user haproxy
    group haproxy
    daemon
#---------------------------------------------------------------------
#common defaults that all the 'listen' and 'backend' sections will
#use if not designated in their block
#---------------------------------------------------------------------
defaults
    mode http
    log global
    option dontlognull
    option httpclose
    option httplog
    #option forwardfor
    option redispatch
    balance roundrobin
    timeout connect 10s
    timeout client 10s
    timeout server 10s
    timeout check 10s
    maxconn 60000
    retries 3
#--------------Statistics page configuration------------------
listen admin_stats
    bind 0.0.0.0:8189
    stats enable
    mode http
    log global
    stats uri /haproxy_stats
    stats realm Haproxy\ Statistics
    stats auth admin:admin
    #stats hide-version
    stats admin if TRUE
    stats refresh 30s
#---------------web settings-----------------------
listen webcluster
    bind 0.0.0.0:80
    mode http
    #option httpchk GET /index.html
    log global
    maxconn 3000
    balance roundrobin
    cookie SESSION_COOKIE insert indirect nocache
    server web01 192.168.106.16:80 check inter 2000 fall 5       //这里填写RS1的IP地址
    server web02 192.168.106.17:80 check inter 2000 fall 5       //这里填写RS2的IP地址
    #server web01 192.168.80.102:80 cookie web01 check inter 2000 fall 5

3.3.haproxy.service文件编写

[root@haproxy haproxy]# cat > /usr/lib/systemd/system/haproxy.service <<EOF
[Unit]
Description=HAProxy Load Balancer
After=syslog.target network.target

[Service]
ExecStartPre=/usr/local/haproxy/sbin/haproxy -f /etc/haproxy/haproxy.cfg   -c -q
ExecStart=/usr/local/haproxy/sbin/haproxy -Ws -f /etc/haproxy/haproxy.cfg  -p /var/run/haproxy.pid
ExecReload=/bin/kill -USR2 $MAINPID

[Install]
WantedBy=multi-user.target
EOF
[root@haproxy haproxy]# systemctl daemon-reload

3.4.启用日志

[root@haproxy haproxy]# vim /etc/rsyslog.conf
local0.*                        /var/log/haproxy.log     //在文件中添加这一行
[root@haproxy haproxy]# systemctl restart rsyslog

3.5.启动服务

[root@haproxy ~]# systemctl enable --now  haproxy.service 
[root@haproxy ~]# systemctl status haproxy.service 
● haproxy.service - HAProxy Load Balancer
   Loaded: loaded (/usr/lib/systemd/system/haproxy.service; enabled; vendor preset: disabled)
   Active: active (running) since Mon 2022-08-15 09:41:35 EDT; 28s ago
 Main PID: 14621 (haproxy)
    Tasks: 3 (limit: 23458)
   Memory: 31.9M
   CGroup: /system.slice/haproxy.service
           ├─14621 /usr/local/haproxy/sbin/haproxy -Ws -f /etc/haproxy/haproxy.cfg -p /var/ru>
           └─14623 /usr/local/haproxy/sbin/haproxy -Ws -f /etc/haproxy/haproxy.cfg -p /var/ru>

Aug 15 09:41:35 haproxy systemd[1]: Starting HAProxy Load Balancer...
Aug 15 09:41:35 haproxy systemd[1]: Started HAProxy Load Balancer.
Aug 15 09:41:35 haproxy haproxy[14621]: [NOTICE]   (14621) : haproxy version is 2.6.0-a1efc04>
Aug 15 09:41:35 haproxy haproxy[14621]: [NOTICE]   (14621) : path to executable is /usr/local>
Aug 15 09:41:35 haproxy haproxy[14621]: [ALERT]    (14621) : config : parsing [/etc/haproxy/h
//查看端口
[root@haproxy ~]# ss -antl        //能够看到 80和8191就成功了
State     Recv-Q    Send-Q         Local Address:Port         Peer Address:Port    Process    
LISTEN    0         5                    0.0.0.0:873               0.0.0.0:*                  
LISTEN    0         128                  0.0.0.0:80                0.0.0.0:*                  
LISTEN    0         128                  0.0.0.0:22                0.0.0.0:*                  
LISTEN    0         128                  0.0.0.0:8189              0.0.0.0:*                  
LISTEN    0         5                       [::]:873                  [::]:*                  
LISTEN    0         128                     [::]:22                   [::]:*