haproxy目录
- haproxy
- 部署haproxy
- 1.源码部署haproxy
- 2.Haproxy搭建http负载均衡
- 部署haproxy
部署haproxy
haproxy源码包下载网站地址
主机名称 | IP地址 | 需要安装的应用 | 系统版本 |
---|---|---|---|
LB | 192.168.111.141 | haproxy | centos 8 |
RS1 | 192.168.111.142 | httpd | centos 8 |
RS2 | 192.168.111.143 | httpd | centos 8 |
client | 192.168.111.144 | 无 | centos 8 |
1.源码部署haproxy
//安装编译环境[root@LB ~]# yum -y install make gcc pcre-devel bzip2-devel openssl-devel systemd-devel --allowerasing//创建haproxy用户[root@LB ~]# useradd -r -M -s /sbin/nologin haproxy//下载,解压和安装[root@LB ~]# wget https://src.fedoraproject.org/repo/pkgs/haproxy/haproxy-2.1.3.tar.gz/sha512/4728c1177b2bba69465cbc56b1ed73a1b2d36891ba2d94d29bb49714ad98ccfac4b52947735aded211f0cd8070002f5406ddd77cabd2f8230b00438189dd7a60/haproxy-2.1.3.tar.gz[root@LB ~]# tar -xzf haproxy-2.1.3.tar.gz [root@LB ~]# cd haproxy-2.1.3[root@LB haproxy-2.1.3]# make clean[root@LB haproxy-2.1.3]# make -j $(grep 'processor' /proc/cpuinfo |wc -l) \> TARGET=linux-glibc \> USE_OPENSSL=1 \> USE_ZLIB=1 \> USE_PCRE=1 \> USE_SYSTEMD=1[root@LB haproxy-2.1.3]# make install PREFIX=/usr/local/haproxy[root@LB haproxy-2.1.3]# cp haproxy /usr/sbin///设置Linux内核参数[root@LB haproxy-2.1.3]# vim /etc/sysctl.confnet.ipv4.ip_forward = 1net.ipv4.ip_nonlocal_bind = 1[root@LB haproxy-2.1.3]# sysctl -pnet.ipv4.ip_forward = 1net.ipv4.ip_nonlocal_bind = 1//配置haproxy服务[root@LB haproxy-2.1.3]# mkdir /etc/haproxy[root@LB haproxy-2.1.3]# vim /etc/haproxy/haproxy.cfgglobal log 127.0.0.1 local0 info #log loghost local0 info maxconn 20480#chroot /usr/local/haproxy pidfile /var/run/haproxy.pid #maxconn 4000 user haproxy group haproxy daemon#---------------------------------------------------------------------#common defaults that all the 'listen' and 'backend' sections will#use if not designated in their block#---------------------------------------------------------------------defaults mode http log global option dontlognull option httpclose option httplog #option forwardfor option redispatch balance roundrobin timeout connect 10s timeout client 10s timeout server 10s timeout check 10s maxconn 60000 retries 3#--------------统计页面配置------------------listen admin_stats bind 0.0.0.0:8189 stats enable mode http log global stats uri /haproxy_stats stats realm Haproxy\ Statistics stats auth admin:admin #stats hide-version stats admin if TRUE stats refresh 30s#---------------web设置-----------------------listen webcluster bind 0.0.0.0:80 mode http #option httpchk GET /index.html log global maxconn 3000 balance roundrobin cookie SESSION_COOKIE insert indirect nocache server web01 192.168.111.142:80 check inter 2000 fall 5 #server web01 192.168.111.143:80 cookie web01 check inter 2000 fall 5//启动haproxy,配置haproxy.service服务单元文件[root@LB ~]# vim /usr/lib/systemd/system/haproxy.service[Unit]Description=HAProxy Load BalancerAfter=syslog.target network.target[Service]ExecStartPre=/usr/local/haproxy/sbin/haproxy -f /etc/haproxy/haproxy.cfg -c -qExecStart=/usr/local/haproxy/sbin/haproxy -Ws -f /etc/haproxy/haproxy.cfg -p /var/run/haproxy.pidExecReload=/bin/kill -USR2 $MAINPID[Install]WantedBy=multi-user.target[root@LB ~]# systemctl daemon-reload//配置日志信息[root@LB ~]# vim /etc/rsyslog.conflocal0.* /var/log/haproxy.log[root@LB ~]# systemctl enable --now rsyslog[root@LB ~]# systemctl restart rsyslog[root@LB ~]# systemctl enable --now haproxy[root@LB ~]# systemctl restart haproxy
2.Haproxy搭建http负载均衡
//LB、RS1、RS2都关闭防火墙和selinux//RS1和RS2部署httpd#RS1[root@RS1 ~]# yum -y install httpd[root@RS1 ~]# echo RS1 > /var/www/html/index.html[root@RS1 ~]# systemctl enable --now httpd#RS2[root@RS2 ~]# yum -y install httpd[root@RS2 ~]# echo RS2 > /var/www/html/index.html[root@RS2 ~]# systemctl enable --now httpd
//修改LB的内核参数[root@LB ~]# vim /etc/sysctl.confnet.ipv4.ip_nonlocal_bind = 1net.ipv4.ip_forward = 1[root@LB ~]# sysctl -pnet.ipv4.ip_nonlocal_bind = 1net.ipv4.ip_forward = 1//修改haproxy配置文件[root@LB ~]# vim /etc/haproxy/haproxy.cfgglobal daemon maxconn 256 defaults mode http timeout connect 5000ms timeout client 50000ms timeout server 50000msfrontend http-in bind *:80 default_backend serversbackend servers server web01 192.168.111.142:80 server web02 192.168.111.143:80 [root@LB ~]# systemctl restart haproxy//客户端验证[root@client ~]# curl http://192.168.111.141RS1[root@client ~]# curl http://192.168.111.141RS2[root@client ~]# curl http://192.168.111.141RS1[root@client ~]# curl http://192.168.111.141RS2//使用WEB网页访问测试[root@LB ~]# vim /etc/haproxy/haproxy.cfgglobal log 127.0.0.1 local0 info #log loghost local0 info maxconn 256#chroot /usr/local/haproxy pidfile /var/run/haproxy.pid #maxconn 4000 user haproxy group haproxy daemon#---------------------------------------------------------------------#common defaults that all the 'listen' and 'backend' sections will#use if not designated in their block#---------------------------------------------------------------------defaults mode http log global option dontlognull option httpclose option httplog #option forwardfor option redispatch balance roundrobin timeout connect 5000ms timeout client 50000ms timeout server 50000ms timeout check 10s maxconn 60000 retries 3#--------------统计页面配置------------------listen admin_stats bind 0.0.0.0:8189 stats enable mode http log global stats uri /haproxy_stats stats realm Haproxy\ Statistics stats auth admin:admin #stats hide-version stats admin if TRUE stats refresh 30s#---------------web设置-----------------------listen webcluster bind 0.0.0.0:80 mode http #option httpchk GET /index.html log global maxconn 3000 balance roundrobin cookie SESSION_COOKIE insert indirect nocache server web01 192.168.111.142:80 check inter 2000 fall 5 server web02 192.168.111.143:80 cookie web01 check inter 2000 fall 5[root@LB ~]# systemctl restart haproxy[root@LB ~]# ss -anltState Recv-Q Send-Q Local Address:Port Peer Address:Port Process LISTEN 0 128 0.0.0.0:22 0.0.0.0:* LISTEN 0 128 0.0.0.0:8189 0.0.0.0:* LISTEN 0 128 0.0.0.0:80 0.0.0.0:* LISTEN 0 128 [::]:22 [::]:*
访问测试
http://IP:8189/haproxy_stats
用户名和密码都为admin