随笔 - 1683  文章 - 620 评论 - 440 trackbacks - 0

This example will guide you through a simple IP based load balancing solution that handles ssl traffic.

The Configuration =

  • Load Balancer:  <192.168.0.2>  // will be our haproxy server
  • Web Server 1: <192.168.0.10>  // web application server 1
  • Web Server 2: <192.168.0.20>  // web application server 2
  • Admin Panel Port 8080: <192.168.0.2>  // Statistics Panel on port 8080

                                       Web Server 1
Load Balancer   <
                                       Web Server 2

Step 1: Get and Install haproxy

We’ll be using the 1.3.17 src files to install haproxy. You can get them from http://haproxy.1wt.eu/

  1. wget http://haproxy.1wt.eu/download/1.3/src/haproxy-1.3.17.tar.gz     
  2.    
  3. cd haproxy-1.3.17    
  4.    
  5. make TARGET=linux26     
  6.    
  7. cp /path/to/haproxy-1.3.17/examples/haproxy.init /etc/init.d/haproxy    
  8.    
  9. chmod +x /etc/init.d/haproxy 
Step 2: Create some users for security

We’re going to add a haproxy user and run it in a chroot jail. Be sure to read up on other security measures for your server.

  1. useradd haproxy     
  2. mkdir /var/chroot/haproxy     
  3. chown haproxy:haproxy /var/chroot/haproxy     
  4. chmod 700 /var/chroot/haproxy 
 
Step 3: Configure /etc/haproxy.cfg

This will be a simple load balancing. The HAProxy server will listen to 1 IP and distribute to 2 servers.

  1. global  
  2.     maxconn     10000 # Total Max Connections.  
  3.     log     127.0.0.1   local0  
  4.     log     127.0.0.1   local1 notice  
  5.     daemon  
  6.     nbproc      1 # Number of processes  
  7.     user        haproxy  
  8.         group       haproxy  
  9.         chroot      /var/chroot/haproxy  
  10.  
  11. defaults  
  12.     log     global  
  13.     option      httplog  
  14.     mode        tcp  
  15.     clitimeout  60000  
  16.     srvtimeout  30000  
  17.     contimeout  4000  
  18.     retries     3  
  19.     redispatch  
  20.     option      httpclose   
  21.  
  22. listen  load_balanced   192.168.0.2:80,192.168.0.2:443  
  23.     balance     source  
  24.     option      ssl-hello-chk  
  25.     option      forwardfor  
  26.  
  27.     server webserver1 192.168.0.10 weight 1 maxconn 5000 check  
  28.     server webserver2 192.168.0.20 weight 1 maxconn 5000 check  
  29.  
  30. listen  admin_stats 192.168.0.2:8080  
  31.     mode        http  
  32.     stats uri   /my_stats  
  33.     stats realm     Global\ statistics  
  34.     stats auth  username:password 

Step 4: Configuring logging

Edit /etc/sysconfig/syslog

  1. SYSLOGD_OPTIONS=”-m 0 -r” 
 
Edit /etc/syslog.conf. Add the following:
  1. local0.* /var/log/haproxy.log   
  2. local1.* /var/log/haproxy-1.log 
Restart Syslog
  1. service syslog restart 
posted on 2013-11-04 21:58  一天不进步,就是退步  阅读(...)  评论(... 编辑 收藏