环境说明:
所需主机 | IP |
---|---|
服务器 haproxy | 192.168.152.132 |
服务器 RS1 | 192.168.152.134 |
服务器 RS2 | 192.168.152.135 |
配置haproxy负载均衡http和httpds
- RS上配置http
//RS1下载httpd,设置开机自启,写个网站
[root@RS1 ~]# yum -y install wget httpd
[root@RS1 ~]# cd /var/www/html/
[root@RS1 html]# echo 'RS1' > index.html
[root@RS1 html]# systemctl enable --now httpd
Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service.
//RS2下载httpd,设置开机自启,写个网站
[root@RS2 ~]# yum -y install wget httpd
[root@RS2 ~]# cd /var/www/html/
[root@RS2 html]# echo 'RS2' >index.html
[root@RS2 html]# systemctl enable --now httpd
Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service.
- RS上配置https,生成证书
[root@RS2 ~]# ls
anaconda-ks.cfg certificate.sh
[root@RS2 ~]# yum -y install expect //下载工具包
[root@RS2 ~]# bash certificate.sh //执行脚本生成证书
证书生成成功...
证书存放在/root/目录下
anaconda-ks.cfg www.example.com.crt www.example.com.key
certificate.sh www.example.com.csr
//把crt和key传给RS1
[root@RS2 ~]# scp www.example.com.crt www.example.com.key 192.168.152.134:/root/
The authenticity of host '192.168.152.134 (192.168.152.134)' can't be established.
ECDSA key fingerprint is SHA256:ixzGjAkndT/VFCzEmxX9N4cQn6s4W7UhEUHNj6USkc4.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '192.168.152.134' (ECDSA) to the list of known hosts.
[email protected]'s password:
www.example.com.crt 100% 4559 1.7MB/s 00:00
www.example.com.key 100% 1679 775.8KB/s 00:00
- RS上配置https
[root@RS1 ~]# yum -y install mod_ssl //安装模块
[root@RS1 ~]# mkdir /etc/httpd/ssl
[root@RS1 ~]# mv www* /etc/httpd/ssl/
[root@RS1 ~]# cd /etc/httpd/ssl/
[root@RS1 ssl]# ls
www.example.com.crt www.example.com.key
[root@RS1 ssl]# cd ..