haproxy配置及使用
haproxy配置及使用
lua官网: https://www.lua.org/download.html
安装haproxy
//安装需要的软件包 [root@DR ~]# yum -y install make gcc pcre-devel bzip2-devel openssl-devel systemd-devel //创建用户 [root@DR ~]# useradd -r -M -s /sbin/nologin haproxy //解压haproxy(当前主机提前下载好了) [root@DR ~]# ls anaconda-ks.cfg haproxy-2.3.10.tar.gz [root@DR ~]# tar xf haproxy-2.3.10.tar.gz [root@DR ~]# cd haproxy-2.3.10 //编译安装 [root@DR haproxy-2.3.10]# make clean [root@DR haproxy-2.3.10]# make -j $(grep 'processor' /proc/cpuinfo |wc -l) \ > TARGET=linux-glibc \ > USE_OPENSSL=1 \ > USE_ZLIB=1 \ > USE_PCRE=1 \ > USE_SYSTEMD=1 [root@DR haproxy-2.3.10]# make install PREFIX=/usr/local/haproxy [root@DR haproxy-2.3.10]# cp haproxy /usr/sbin/
配置各个负载的内核参数
[root@DR haproxy-2.3.10]# echo 'net.ipv4.ip_nonlocal_bind = 1' >> /etc/sysctl.conf [root@DR haproxy-2.3.10]# echo 'net.ipv4.ip_forward = 1' >> /etc/sysctl.conf [root@DR haproxy-2.3.10]# sysctl -p net.ipv4.ip_nonlocal_bind = 1 net.ipv4.ip_forward = 1
提供配置文件
[root@DR haproxy-2.3.10]# mkdir /etc/haproxy [root@DR haproxy-2.3.10]# cat > /etc/haproxy/haproxy.cfg <<EOF > #--------------全局配置---------------- > global > log 127.0.0.1 local0 info > #log loghost local0 info > maxconn 20480 > #chroot /usr/local/haproxy > pidfile /var/run/haproxy.pid > #maxconn 4000 > user haproxy > group haproxy > daemon > #--------------------------------------------------------------------- > #common defaults that all the 'listen' and 'backend' sections will > #use if not designated in their block > #--------------------------------------------------------------------- > defaults > mode http > log global > option dontlognull > option httpclose > option httplog > #option forwardfor > option redispatch > balance roundrobin > timeout connect 10s > timeout client 10s > timeout server 10s > timeout check 10s > maxconn 60000 > retries 3 > #--------------统计页面配置------------------ > listen admin_stats > bind 0.0.0.0:8189 > stats enable > mode http > log global > stats uri /haproxy_stats > stats realm Haproxy\ Statistics > stats auth admin:admin > #stats hide-version > stats admin if TRUE > stats refresh 30s > #---------------web设置----------------------- > listen webcluster > bind 0.0.0.0:80 > mode http > #option httpchk GET /index.html > log global > maxconn 3000 > balance roundrobin > cookie SESSION_COOKIE insert indirect nocache > server web01 172.16.103.130:80 check inter 2000 fall 5 > #server web01 192.168.80.102:80 cookie web01 check inter 2000 fall 5 > EOF [root@DR haproxy-2.3.10]#
haproxy.service文件编写
[root@DR haproxy-2.3.10]# cat > /usr/lib/systemd/system/haproxy.service <<EOF > [Unit] > Description=HAProxy Load Balancer > After=syslog.target network.target > > [Service] > ExecStartPre=/usr/local/haproxy/sbin/haproxy -f /etc/haproxy/haproxy.cfg -c -q > ExecStart=/usr/local/haproxy/sbin/haproxy -Ws -f /etc/haproxy/haproxy.cfg -p /var/run/haproxy.pid > ExecReload=/bin/kill -USR2 $MAINPID > > [Install] > WantedBy=multi-user.target > EOF
[root@DR haproxy-2.3.10]# systemctl daemon-reload
启用日志
[root@DR haproxy-2.3.10]# vim /etc/rsyslog.conf ... local0.* /var/log/haproxy.log
systemctl restart rsyslog
启动服务
[root@DR haproxy-2.3.10]# systemctl restart haproxy [root@DR haproxy-2.3.10]# ss -antl State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 0.0.0.0:22 0.0.0.0:* LISTEN 0 128 0.0.0.0:8189 0.0.0.0:* LISTEN 0 128 0.0.0.0:80 0.0.0.0:* LISTEN 0 128 [::]:22 [::]:*
访问haproxy网页界面
[root@DR haproxy-2.3.10]# systemctl stop firewalld [root@DR haproxy-2.3.10]# setenforce 0
登陆的方式在 /etc/haproxy/haproxy.cfg里面有登录用户和密码,以及访问方式
[root@DR haproxy-2.3.10]# cat /etc/haproxy/haproxy.cfg stats uri /haproxy_stats stats realm Haproxy\ Statistics //访问方式 stats auth admin:admin //用户名和密码admin //网页访问的时候加上(XXX是你的主机IP) XXX:8189/haproxy_stats