haproxy负载均衡

最新推荐文章于 2022-10-19 18:02:24 发布

天外来物_

最新推荐文章于 2022-10-19 18:02:24 发布

阅读量239

点赞数

文章标签： haproxy

本文链接：https://blog.csdn.net/tianwailaiwu_/article/details/120812924

版权

haproxy负载均衡

1.安装httpd，生成证书

关闭防火墙和selinux

[root@DR ~]# systemctl disable --now firewalld.service 
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@DR ~]# sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config 
[root@DR ~]# reboot

[root@RS1 ~]# systemctl disable --now firewalld.service 
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@RS1 ~]# sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
[root@RS1 ~]# reboot

[root@RS2 ~]# systemctl disable --now firewalld.service 
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@RS2 ~]# sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
[root@RS2 ~]# reboot

RS1、RS2安装httpd

[root@RS1 ~]# yum -y install httpd
[root@RS1 ~]# systemctl enable --now httpd
Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service.
[root@RS1 ~]# echo 'test1' > /var/www/html/index.html

[root@RS2 ~]# yum -y install httpd
[root@RS2 ~]# systemctl enable --now httpd
Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service.
[root@RS2 ~]# echo 'test2' > /var/www/html/index.html

生成证书，实现https认证加密
RS1和RS2相同操作

//安装mod_ssl模块
[root@RS1 ~]# yum -y install mod_ssl
[root@RS2 ~]# yum -y install mod_ssl

//生成秘钥（私钥）
[root@RS1 ~]# mkdir ssl
[root@RS1 ~]# cd ssl/
[root@RS1 ssl]# openssl genrsa -out server.key 2048
Generating RSA private key, 2048 bit long modulus (2 primes)
.........+++++
..........................................................................................................................+++++
e is 65537 (0x010001)

//生成证书请求文件
[root@RS1 ssl]# openssl req -new -key server.key -out server.csr
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be lef