0
点赞
收藏
分享

微信扫一扫

web集群之haproxy相关配置

沪钢木子 2022-01-13 阅读 43

1. 源码编译安装haproxy 2.x,配置服务启动脚本。

安装

1)、下载安装包

[root@localhost ~]# wget -c https://repo.huaweicloud.com/haproxy/2.4/src/haproxy-2.4.8.tar.gz

[root@localhost ~]# ls haproxy-2.4.8.tar.gz 
haproxy-2.4.8.tar.gz

2)、安装依赖

[root@localhost ~]# curl -R -O http://www.lua.org/ftp/lua-5.4.3.tar.gz
[root@localhost ~]# yum install gcc gcc-c++ make -y

3)、解压lua

[root@localhost ~]# tar xf lua-5.4.3.tar.gz -C /usr/local/src/
[root@localhost ~]# cd /usr/local/src/lua-5.4.3/

4)、编译安装lua

[root@localhost lua-5.4.3]# make linux test
[root@localhost lua-5.4.3]# cp src/lua /usr/bin/lua
[root@localhost lua-5.4.3]# lua -v
Lua 5.4.3  Copyright (C) 1994-2021 Lua.org, PUC-Rio

5)、解压haproxy

[root@localhost ~]# tar xf haproxy-2.4.8.tar.gz -C /usr/local/src/
[root@localhost ~]# cd /usr/local/src/haproxy-2.4.8/

6)、安装依赖

[root@localhost haproxy-2.4.8]# yum -y install gcc openssl-devel pcre-devel systemd-devel

7)、编译安装

[root@localhost haproxy-2.4.8]# make ARCH=x86_64 TARGET=linux-glibc USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 USE_SYSTEMD=1 USE_LUA=1 LUA_INC=/usr/local/src/lua-5.4.3/src/ LUA_LIB=/usr/local/src/lua-5.4.3/src/

[root@localhost haproxy-2.4.8]# make install PREFIX=/usr/local/src/haproxy

查看目录结构

[root@localhost haproxy-2.4.8]# tree /usr/local/haproxy/
/usr/local/haproxy/
├── doc
│   └── haproxy
│       ├── 51Degrees-device-detection.txt
│       ├── architecture.txt
│       ├── close-options.txt
│       ├── configuration.txt
│       ├── cookie-options.txt
│       ├── DeviceAtlas-device-detection.txt
│       ├── intro.txt
│       ├── linux-syn-cookies.txt
│       ├── lua.txt
│       ├── management.txt
│       ├── netscaler-client-ip-insertion-protocol.txt
│       ├── network-namespaces.txt
│       ├── peers.txt
│       ├── peers-v2.0.txt
│       ├── proxy-protocol.txt
│       ├── regression-testing.txt
│       ├── seamless_reload.txt
│       ├── SOCKS4.protocol.txt
│       ├── SPOE.txt
│       └── WURFL-device-detection.txt
├── sbin
│   └── haproxy
└── share
    └── man
        └── man1
            └── haproxy.1

 8)、设置软链接

[root@localhost haproxy-2.4.8]# ln -sv /usr/local/haproxy/sbin/haproxy /usr/sbin/haproxy

 验证版本

[root@localhost haproxy-2.4.8]# haproxy -v
HAProxy version 2.4.8-d1f8d41 2021/11/03 - https://haproxy.org/
Status: long-term supported branch - will stop receiving fixes around Q2 2026.
Known bugs: http://www.haproxy.org/bugs/bugs-2.4.8.html
Running on: Linux 3.10.0-1160.el7.x86_64 #1 SMP Mon Oct 19 16:18:59 UTC 2020 x86_64

 配置服务脚本

 1)、编写服务脚本

[root@localhost ~]# vim /usr/lib/systemd/system/haproxy.service
[root@localhost ~]# more /usr/lib/systemd/system/haproxy.service
[Unit] 
Description=HAProxy Load Balancer 
After=syslog.target network.target 

[Service] 
ExecStartPre=/usr/sbin/haproxy -f /etc/haproxy/haproxy.cfg -c -q 
ExecStart=/usr/sbin/haproxy -Ws -f /etc/haproxy/haproxy.cfg -p /usr/local/haproxy/haproxy.pid 
ExecReload=/bin/kill -USR2 $MAINPID 

[Install] 
WantedBy=multi-user.target

 2)、创建配置文件


[root@localhost ~]# more /etc/haproxy/haproxy.cfg 
global
        maxconn         10000
        stats socket    /var/run/haproxy.stat mode 600 level admin
        log             127.0.0.1 local0
        #uid             200
        #gid             200
        user            haproxy
        group           haproxy
        chroot          /usr/local/haproxy
        daemon

defaults
	mode http
	option httplog
	log global
	timeout client 1m
	timeout server 1m
	timeout connect 10s
	timeout http-keep-alive 2m
	timeout queue 15s
	timeout tunnel 4h  # for websocket

listen stats  
        mode http  
        bind :9999  
        stats enable  
        log global
        stats uri /haproxy-status 
        stats auth haadmin:123456  //账号密码


listen app1
   # this is the address and port we'll listen to, the ones to aim the
   # load generators at
   bind :80

   # create a certificate and uncomment this for SSL
   # bind :8443 ssl crt my-cert.pem alpn h2,http/1.1

   # Put the server's IP address and port below
   server web1 192.168.159.136:80
   server web2 192.168.159.138:80

3)、创建用户

[root@localhost ~]# useradd -r -s /sbin/nologin -d /usr/local/haproxy/ haproxy

4)、配置两台web服务,配置静态页面

[root@rs1 ~]# more /var/www/html/index.html 
web1 test ip:192.168.159.136

[root@rs2 ~]# more /var/www/html/index.html 
web2 test2  ip:192.168.159.138

新开一台虚拟机测试:

[root@localhost ~]# for ((i=1;i<=6;i++)) 
> do
> curl 192.168.159.133
> done
web2 test2  ip:192.168.159.138
web1 test ip:192.168.159.136
web2 test2  ip:192.168.159.138
web1 test ip:192.168.159.136
web2 test2  ip:192.168.159.138
web1 test ip:192.168.159.136

查看haproxy的状态页

账号密码为配置文件中的

账号:haadmin

密码:123456

2. 配置haproxy日志。

1)、 修改配置文件

[root@localhost ~]# vim /etc/haproxy/haproxy.cfg
global
        log             127.0.0.1 local2 info
listen app1
   log global

 2)、rsyslog配置

[root@localhost ~]# vim /etc/rsyslog.conf 

#打开这两行注释
$ModLoad imudp 
$UDPServerRun 514

#追加
# Save haproxy messages also to haproxy.log 
local2.* /var/log/haproxy.log

4)、重启服务

[root@localhost ~]# systemctl restart haproxy.service rsyslog

5)、查看日志

[root@localhost ~]# tail -f /var/log/haproxy.log
Jan 12 20:55:27 localhost haproxy[1500]: 192.168.159.1:60108 [12/Jan/2022:20:55:27.655] stats stats/<STATS> 0/-1/-1/-1/0 401 263 - - LR-- 2/2/0/0/3 0/0 "GET /haproxy-status HTTP/1.1"
Jan 12 20:55:28 localhost haproxy[1500]: 192.168.159.1:60109 [12/Jan/2022:20:55:27.632] stats stats/<NOSRV> -1/-1/-1/-1/574 400 0 - - CR-- 2/2/0/0/0 0/0 "<BADREQ>"
Jan 12 20:56:25 localhost haproxy[1500]: 192.168.159.1:60130 [12/Jan/2022:20:56:25.386] stats stats/<STATS> 0/0/0/0/0 200 20172 - - LR-- 2/2/0/0/0 0/0 "GET /haproxy-status HTTP/1.1"
Jan 12 20:56:28 localhost haproxy[1500]: 192.168.159.1:60131 [12/Jan/2022:20:56:25.383] stats stats/<NOSRV> -1/-1/-1/-1/2847 400 0 - - CR-- 2/2/0/0/0 0/0 "<BADREQ>"


3. 配置haproxy实现web服务器负载均衡。

1)、对 MySQL 服务实现四层负载

[root@localhost ~]# vim /etc/haproxy/haproxy.cfg

frontend mysql 
   bind :3306 
   mode tcp #必须指定tcp模式 
   default_backend mysqlsrvs 
backend mysqlsrvs  
   mode tcp #必须指定tcp模式  
   balance leastconn  
   server mysql1 192.168.159.136:3306
   server mysql2 192.168.159.138:3306

[root@localhost ~]# systemctl restart haproxy

2)、 准备两台虚拟机安装和配置mariadb

[root@rs1 ~]# yum install mariadb-server -y
[root@rs2 ~]# yum install mariadb-server -y

 3)、两台虚拟机给MySQL创建用户并授权

mysql> create user 'tom'@'%' identified by '123456';
mysql> grant all  on *.* to tom@'%';

4)、修改server id 

[root@rs1 ~]# vim /etc/my.cnf

[mysqld]
server_id = 136

[root@rs2 ~]# vim /etc/my.cnf

[mysqld]
server_id = 138

5、重启mariadb

[root@rs1 ~]# systemctl start mariadb
[root@rs2 ~]# systemctl start mariadb


4. 通过haproxy的acl规则实现智能负载均衡(动静分离)。

基于文件后名缀实现动静分离

1)、设置acl

[root@localhost ~]# vim /etc/haproxy/conf.d/test.cfg
[root@localhost ~]# cat /etc/haproxy/conf.d/test.cfg
frontend openlab_http_port   
bind 10.0.0.7:80  
mode http 
balance roundrobin  
log global  
option httplog
###################### acl setting ###############################   
acl acl_static path_end -i .jpg .jpeg .png .gif .css .js 
###################### acl setting ############################### 
  acl acl_static path_end -i .jpg .jpeg .png .gif .css .js
  acl dynamic path_end -i .php
###################### acl hosts ################################# 
  use_backend static_pools  if acl_static
  use_backend dynamic_pools if dynamic 
###################### backend hosts ############################# 
backend static_pools
  mode http
  server web1 192.168.159.136:80 check
backend dynamic_pools
  mode http
  server web2 192.168.159.138:80 check

 准备两台虚拟机

一台实现静态,一台实现动态

2)、下载服务

[root@rs1 ~]# yum install httpd -y
[root@rs2 ~]# yum install php -y

3)、动态端配置php

[root@rs2 ~]# vim /var/www/html/test.php
[root@rs2 ~]# cat /var/www/html/test.php
<?php
 phpinfo()
?>

[root@rs2 ~]# systemctl restart httpd

4)、静态端配置

准备主页和文件

[root@rs1 ~]# cd /var/www/html/
[root@rs1 html]# ls
bjx.jpg  index.html

5)、重启haproxy

[root@localhost ~]# systemctl restart haproxy

测试

静态

动态 

 

 

举报

相关推荐

0 条评论