haproxy目录

  • haproxy
    • 部署haproxy
      • 1.源码部署haproxy
      • 2.Haproxy搭建http负载均衡

部署haproxy

haproxy源码包下载网站地址

主机名称IP地址需要安装的应用系统版本
LB192.168.111.141haproxycentos 8
RS1192.168.111.142httpdcentos 8
RS2192.168.111.143httpdcentos 8
client192.168.111.144centos 8

1.源码部署haproxy

//安装编译环境[root@LB ~]# yum -y install make gcc pcre-devel bzip2-devel openssl-devel systemd-devel --allowerasing//创建haproxy用户[root@LB ~]# useradd -r -M -s /sbin/nologin haproxy//下载,解压和安装[root@LB ~]# wget https://src.fedoraproject.org/repo/pkgs/haproxy/haproxy-2.1.3.tar.gz/sha512/4728c1177b2bba69465cbc56b1ed73a1b2d36891ba2d94d29bb49714ad98ccfac4b52947735aded211f0cd8070002f5406ddd77cabd2f8230b00438189dd7a60/haproxy-2.1.3.tar.gz[root@LB ~]# tar -xzf haproxy-2.1.3.tar.gz [root@LB ~]# cd haproxy-2.1.3[root@LB haproxy-2.1.3]# make clean[root@LB haproxy-2.1.3]# make -j $(grep 'processor' /proc/cpuinfo |wc -l)  \> TARGET=linux-glibc  \> USE_OPENSSL=1  \> USE_ZLIB=1  \> USE_PCRE=1  \> USE_SYSTEMD=1[root@LB haproxy-2.1.3]# make install PREFIX=/usr/local/haproxy[root@LB haproxy-2.1.3]# cp haproxy  /usr/sbin///设置Linux内核参数[root@LB haproxy-2.1.3]# vim /etc/sysctl.confnet.ipv4.ip_forward = 1net.ipv4.ip_nonlocal_bind = 1[root@LB haproxy-2.1.3]# sysctl -pnet.ipv4.ip_forward = 1net.ipv4.ip_nonlocal_bind = 1//配置haproxy服务[root@LB haproxy-2.1.3]# mkdir /etc/haproxy[root@LB haproxy-2.1.3]# vim /etc/haproxy/haproxy.cfgglobal    log 127.0.0.1 local0  info    #log loghost local0 info    maxconn 20480#chroot /usr/local/haproxy    pidfile /var/run/haproxy.pid    #maxconn 4000    user haproxy    group haproxy    daemon#---------------------------------------------------------------------#common defaults that all the 'listen' and 'backend' sections will#use if not designated in their block#---------------------------------------------------------------------defaults    mode http    log global    option dontlognull    option httpclose    option httplog    #option forwardfor    option redispatch    balance roundrobin    timeout connect 10s    timeout client 10s    timeout server 10s    timeout check 10s    maxconn 60000    retries 3#--------------统计页面配置------------------listen admin_stats    bind 0.0.0.0:8189    stats enable    mode http    log global    stats uri /haproxy_stats    stats realm Haproxy\ Statistics    stats auth admin:admin    #stats hide-version    stats admin if TRUE    stats refresh 30s#---------------web设置-----------------------listen webcluster    bind 0.0.0.0:80    mode http    #option httpchk GET /index.html    log global    maxconn 3000    balance roundrobin    cookie SESSION_COOKIE insert indirect nocache    server web01 192.168.111.142:80 check inter 2000 fall 5    #server web01 192.168.111.143:80 cookie web01 check inter 2000 fall 5//启动haproxy,配置haproxy.service服务单元文件[root@LB ~]# vim /usr/lib/systemd/system/haproxy.service[Unit]Description=HAProxy Load BalancerAfter=syslog.target network.target[Service]ExecStartPre=/usr/local/haproxy/sbin/haproxy -f /etc/haproxy/haproxy.cfg   -c -qExecStart=/usr/local/haproxy/sbin/haproxy -Ws -f /etc/haproxy/haproxy.cfg  -p /var/run/haproxy.pidExecReload=/bin/kill -USR2 $MAINPID[Install]WantedBy=multi-user.target[root@LB ~]# systemctl daemon-reload//配置日志信息[root@LB ~]# vim /etc/rsyslog.conflocal0.*        /var/log/haproxy.log[root@LB ~]# systemctl enable --now rsyslog[root@LB ~]# systemctl restart rsyslog[root@LB ~]# systemctl enable --now haproxy[root@LB ~]# systemctl restart haproxy

2.Haproxy搭建http负载均衡

//LB、RS1、RS2都关闭防火墙和selinux//RS1和RS2部署httpd#RS1[root@RS1 ~]# yum -y install httpd[root@RS1 ~]# echo RS1 > /var/www/html/index.html[root@RS1 ~]# systemctl enable --now httpd#RS2[root@RS2 ~]# yum -y install httpd[root@RS2 ~]# echo RS2 > /var/www/html/index.html[root@RS2 ~]# systemctl enable --now httpd
//修改LB的内核参数[root@LB ~]# vim /etc/sysctl.confnet.ipv4.ip_nonlocal_bind = 1net.ipv4.ip_forward = 1[root@LB ~]# sysctl -pnet.ipv4.ip_nonlocal_bind = 1net.ipv4.ip_forward = 1//修改haproxy配置文件[root@LB ~]# vim /etc/haproxy/haproxy.cfgglobal    daemon    maxconn 256    defaults    mode http    timeout connect 5000ms    timeout client 50000ms    timeout server 50000msfrontend http-in    bind *:80    default_backend serversbackend servers    server web01 192.168.111.142:80    server web02 192.168.111.143:80    [root@LB ~]# systemctl restart haproxy//客户端验证[root@client ~]# curl http://192.168.111.141RS1[root@client ~]# curl http://192.168.111.141RS2[root@client ~]# curl http://192.168.111.141RS1[root@client ~]# curl http://192.168.111.141RS2//使用WEB网页访问测试[root@LB ~]# vim /etc/haproxy/haproxy.cfgglobal    log 127.0.0.1 local0  info    #log loghost local0 info    maxconn 256#chroot /usr/local/haproxy    pidfile /var/run/haproxy.pid    #maxconn 4000    user haproxy    group haproxy    daemon#---------------------------------------------------------------------#common defaults that all the 'listen' and 'backend' sections will#use if not designated in their block#---------------------------------------------------------------------defaults    mode http    log global    option dontlognull    option httpclose    option httplog    #option forwardfor    option redispatch    balance roundrobin    timeout connect 5000ms    timeout client 50000ms    timeout server 50000ms    timeout check 10s    maxconn 60000    retries 3#--------------统计页面配置------------------listen admin_stats    bind 0.0.0.0:8189    stats enable    mode http    log global    stats uri /haproxy_stats    stats realm Haproxy\ Statistics    stats auth admin:admin    #stats hide-version    stats admin if TRUE    stats refresh 30s#---------------web设置-----------------------listen webcluster    bind 0.0.0.0:80    mode http    #option httpchk GET /index.html    log global    maxconn 3000    balance roundrobin    cookie SESSION_COOKIE insert indirect nocache    server web01 192.168.111.142:80 check inter 2000 fall 5    server web02 192.168.111.143:80 cookie web01 check inter 2000 fall 5[root@LB ~]# systemctl restart haproxy[root@LB ~]# ss -anltState            Recv-Q           Send-Q                       Local Address:Port                       Peer Address:Port           Process           LISTEN           0                128                                0.0.0.0:22                              0.0.0.0:*                                LISTEN           0                128                                0.0.0.0:8189                            0.0.0.0:*                                LISTEN           0                128                                0.0.0.0:80                              0.0.0.0:*                                LISTEN           0                128                                   [::]:22                                 [::]:*                                

访问测试

http://IP:8189/haproxy_stats
用户名和密码都为admin