- A+
所属分类:linux技术
haproxy
部署haproxy
| 主机名称 | IP地址 | 需要安装的应用 | 系统版本 |
|---|---|---|---|
| LB | 192.168.111.141 | haproxy | centos 8 |
| RS1 | 192.168.111.142 | httpd | centos 8 |
| RS2 | 192.168.111.143 | httpd | centos 8 |
| client | 192.168.111.144 | 无 | centos 8 |
1.源码部署haproxy
//安装编译环境 [root@LB ~]# yum -y install make gcc pcre-devel bzip2-devel openssl-devel systemd-devel --allowerasing //创建haproxy用户 [root@LB ~]# useradd -r -M -s /sbin/nologin haproxy //下载,解压和安装 [root@LB ~]# wget https://src.fedoraproject.org/repo/pkgs/haproxy/haproxy-2.1.3.tar.gz/sha512/4728c1177b2bba69465cbc56b1ed73a1b2d36891ba2d94d29bb49714ad98ccfac4b52947735aded211f0cd8070002f5406ddd77cabd2f8230b00438189dd7a60/haproxy-2.1.3.tar.gz [root@LB ~]# tar -xzf haproxy-2.1.3.tar.gz [root@LB ~]# cd haproxy-2.1.3 [root@LB haproxy-2.1.3]# make clean [root@LB haproxy-2.1.3]# make -j $(grep 'processor' /proc/cpuinfo |wc -l) > TARGET=linux-glibc > USE_OPENSSL=1 > USE_ZLIB=1 > USE_PCRE=1 > USE_SYSTEMD=1 [root@LB haproxy-2.1.3]# make install PREFIX=/usr/local/haproxy [root@LB haproxy-2.1.3]# cp haproxy /usr/sbin/ //设置Linux内核参数 [root@LB haproxy-2.1.3]# vim /etc/sysctl.conf net.ipv4.ip_forward = 1 net.ipv4.ip_nonlocal_bind = 1 [root@LB haproxy-2.1.3]# sysctl -p net.ipv4.ip_forward = 1 net.ipv4.ip_nonlocal_bind = 1 //配置haproxy服务 [root@LB haproxy-2.1.3]# mkdir /etc/haproxy [root@LB haproxy-2.1.3]# vim /etc/haproxy/haproxy.cfg global log 127.0.0.1 local0 info #log loghost local0 info maxconn 20480 #chroot /usr/local/haproxy pidfile /var/run/haproxy.pid #maxconn 4000 user haproxy group haproxy daemon #--------------------------------------------------------------------- #common defaults that all the 'listen' and 'backend' sections will #use if not designated in their block #--------------------------------------------------------------------- defaults mode http log global option dontlognull option httpclose option httplog #option forwardfor option redispatch balance roundrobin timeout connect 10s timeout client 10s timeout server 10s timeout check 10s maxconn 60000 retries 3 #--------------统计页面配置------------------ listen admin_stats bind 0.0.0.0:8189 stats enable mode http log global stats uri /haproxy_stats stats realm Haproxy Statistics stats auth admin:admin #stats hide-version stats admin if TRUE stats refresh 30s #---------------web设置----------------------- listen webcluster bind 0.0.0.0:80 mode http #option httpchk GET /index.html log global maxconn 3000 balance roundrobin cookie SESSION_COOKIE insert indirect nocache server web01 192.168.111.142:80 check inter 2000 fall 5 #server web01 192.168.111.143:80 cookie web01 check inter 2000 fall 5 //启动haproxy,配置haproxy.service服务单元文件 [root@LB ~]# vim /usr/lib/systemd/system/haproxy.service [Unit] Description=HAProxy Load Balancer After=syslog.target network.target [Service] ExecStartPre=/usr/local/haproxy/sbin/haproxy -f /etc/haproxy/haproxy.cfg -c -q ExecStart=/usr/local/haproxy/sbin/haproxy -Ws -f /etc/haproxy/haproxy.cfg -p /var/run/haproxy.pid ExecReload=/bin/kill -USR2 $MAINPID [Install] WantedBy=multi-user.target [root@LB ~]# systemctl daemon-reload //配置日志信息 [root@LB ~]# vim /etc/rsyslog.conf local0.* /var/log/haproxy.log [root@LB ~]# systemctl enable --now rsyslog [root@LB ~]# systemctl restart rsyslog [root@LB ~]# systemctl enable --now haproxy [root@LB ~]# systemctl restart haproxy 2.Haproxy搭建http负载均衡
//LB、RS1、RS2都关闭防火墙和selinux //RS1和RS2部署httpd #RS1 [root@RS1 ~]# yum -y install httpd [root@RS1 ~]# echo RS1 > /var/www/html/index.html [root@RS1 ~]# systemctl enable --now httpd #RS2 [root@RS2 ~]# yum -y install httpd [root@RS2 ~]# echo RS2 > /var/www/html/index.html [root@RS2 ~]# systemctl enable --now httpd //修改LB的内核参数 [root@LB ~]# vim /etc/sysctl.conf net.ipv4.ip_nonlocal_bind = 1 net.ipv4.ip_forward = 1 [root@LB ~]# sysctl -p net.ipv4.ip_nonlocal_bind = 1 net.ipv4.ip_forward = 1 //修改haproxy配置文件 [root@LB ~]# vim /etc/haproxy/haproxy.cfg global daemon maxconn 256 defaults mode http timeout connect 5000ms timeout client 50000ms timeout server 50000ms frontend http-in bind *:80 default_backend servers backend servers server web01 192.168.111.142:80 server web02 192.168.111.143:80 [root@LB ~]# systemctl restart haproxy //客户端验证 [root@client ~]# curl http://192.168.111.141 RS1 [root@client ~]# curl http://192.168.111.141 RS2 [root@client ~]# curl http://192.168.111.141 RS1 [root@client ~]# curl http://192.168.111.141 RS2 //使用WEB网页访问测试 [root@LB ~]# vim /etc/haproxy/haproxy.cfg global log 127.0.0.1 local0 info #log loghost local0 info maxconn 256 #chroot /usr/local/haproxy pidfile /var/run/haproxy.pid #maxconn 4000 user haproxy group haproxy daemon #--------------------------------------------------------------------- #common defaults that all the 'listen' and 'backend' sections will #use if not designated in their block #--------------------------------------------------------------------- defaults mode http log global option dontlognull option httpclose option httplog #option forwardfor option redispatch balance roundrobin timeout connect 5000ms timeout client 50000ms timeout server 50000ms timeout check 10s maxconn 60000 retries 3 #--------------统计页面配置------------------ listen admin_stats bind 0.0.0.0:8189 stats enable mode http log global stats uri /haproxy_stats stats realm Haproxy Statistics stats auth admin:admin #stats hide-version stats admin if TRUE stats refresh 30s #---------------web设置----------------------- listen webcluster bind 0.0.0.0:80 mode http #option httpchk GET /index.html log global maxconn 3000 balance roundrobin cookie SESSION_COOKIE insert indirect nocache server web01 192.168.111.142:80 check inter 2000 fall 5 server web02 192.168.111.143:80 cookie web01 check inter 2000 fall 5 [root@LB ~]# systemctl restart haproxy [root@LB ~]# ss -anlt State Recv-Q Send-Q Local Address:Port Peer Address:Port Process LISTEN 0 128 0.0.0.0:22 0.0.0.0:* LISTEN 0 128 0.0.0.0:8189 0.0.0.0:* LISTEN 0 128 0.0.0.0:80 0.0.0.0:* LISTEN 0 128 [::]:22 [::]:* 访问测试
http://IP:8189/haproxy_stats
用户名和密码都为admin
