HAProxy相关案例

最新推荐文章于 2023-01-28 17:52:35 发布

哈密瓜小贼

最新推荐文章于 2023-01-28 17:52:35 发布

阅读量247

点赞数

分类专栏： Linux 负载均衡

本文链接：https://blog.csdn.net/weixin_44515412/article/details/107136016

版权

Linux 同时被 2 个专栏收录

91 篇文章 2 订阅

订阅专栏

负载均衡

1 篇文章 0 订阅

订阅专栏

1、基于acl+文件后缀实现动静分离

 listen web_port
 	bind 192.168.7.102:80
 	mode http
 	acl php_server path_end -i .php
 	use_backend php_server_host if php_server
 	acl image_server path_end -i .jpg .png .jpeg .gif
 	use_backend image_server_host if image_server
 	default_backend default_host
 backend default_host
 	mode http
	server web1 192.168.7.101:8080 check inter 2000 fall 3 rise 5
 backend php_server_host
 	mode http
 	server web1 192.168.7.101:8080 check inter 2000 fall 3 rise 5
 backend image_server_host
 	mode http
 	server web1 192.168.7.102:8080 check inter 2000 fall 3 rise 5

2、acl-匹配访问路径

 listen web_port
 	bind 192.168.7.102:80
 	mode http
 	acl static_path path_beg -i /static /images /javascript
 	use_backend static_path_host if static_path
 	default_backend default_host
 backend default_host
 	mode http
 	server web1 192.168.7.101:8080 check inter 2000 fall 3 rise 5
 backend static_path_host 
 	mode http
 	server web1 192.168.7.101:8080 check inter 2000 fall 3 rise 5

3、http 基于策略的访问控制

 listen web_port
 	bind 192.168.7.102:80
 	mode http 
 	acl badguy_deny src 192.168.4.1
 	http-request deny if badguy_deny
 	http-request allow
 	default_backend default_host
 backend default_host
 	mode http
 	server web1 192.168.7.102:8080 check inter 2000 fall 3 rise 5
 backend static_path_host 
 	mode http
 	server web1 192.168.7.101:8080 check inter 2000 fall 3 rise 5
 backend image_server_host
 	mode http
 	server web1 192.168.7.102:8080 check inter 2000 fall 3 rise 5

4、预定义acl使用

 listen web_port
 	bind 192.168.7.102:80
 	mode http
 	acl static_path path_beg -i /static /images /javascript
 	use_backend static_path_host if HTTP_1.1 TRUE static_path
 	default_backend default_host
 backend default_host
 	mode http
 	server web1 192.168.7.102:8080 check inter 2000 fall 3 rise 5
 backend static_path_host 
 	mode http
 	server web1 192.168.7.101:8080 check inter 2000 fall 3 rise 5

5、https

#https-证书制作
 mkdir /usr/local/haproxy/certs
 cd /usr/local/haproxy/cert
 openssl genrsa -out haproxy.key 2048
 openssl req -new -x509 -key haproxy.key -out haproxy.crt -subj "/CN=www.magedu.net"
 cat haproxy.key haproxy.crt > haproxy.pem
 openssl x509 -in haproxy.pem -noout -text #查看证书
#https 示例
 #web server http
 frontend web_server-http
 	bind 172.18.200.101:80
 	redirect scheme https if !{ ssl_fc }
 	mode http
 	use_backend web_host
 #web server https
 frontend web_server-https
 	bind 172.18.200.101:443 ssl crt /usr/local/haproxy/certs/haproxy.pem
 	mode http
 	use_backend web_host
 backend default_host
 	mode http
 	server web1 192.168.7.101:8080 check inter 2000 fall 3 rise 5
 	server web2 192.168.7.102:8080 check inter 2000 fall 3 rise 5
 backend web_host
 	mode http
 	http-request set-header X-Forwarded-Port %[dst_port]
 	http-request add-header X-Forwarded-Proto https if { ssl_fc }
 	server web1 192.168.7.101:8080 check inter 2000 fall 3 rise 5
 	server web2 192.168.7.102:8080 check inter 2000 fall 3 rise 5

6、HAProxy-服务器动态上下线

 yum install socat 
 echo "show info" | socat stdio /var/lib/haproxy/haproxy.sock
 echo "get weight web_host/192.168.7.101" | socat stdio /var/lib/haproxy/haproxy.sock 
 echo "disable server web_host/192.168.7.101" | socat stdio /var/lib/haproxy/haproxy.sock 
 echo "enable server web_host/192.168.7.101" | socat stdio /var/lib/haproxy/haproxy.sock

7、HAProxy-实战案例

编写shell脚本，实现能传递多个后端服务器IP为脚本参数，并ssh到haproxy 服务器中动态将后端server逐个开启和关闭。

哈密瓜小贼

关注

0
点赞
踩
1

收藏

觉得还不错? 一键收藏
0
评论
HAProxy相关案例

1、基于acl+文件后缀实现动静分离 listen web_port bind 192.168.7.102:80 mode http acl php_server path_end -i .php use_backend php_server_host if php_server acl image_server path_end -i .jpg .png .jpeg .gif use_backend image_server_host if image_server defa
复制链接

扫一扫