haproxy
HAProxy是一个使用C语言编写的自由及开放源代码软件[1],其提供高可用性、负载均衡,以及基于TCP和HTTP的应用程序代理。
准备工作
ip | 作用 |
---|---|
192.168.94.141 | DR(调度机) |
192.168.94.143 | RS1(真实服务器1) |
192.168.92.129 | RS2(真实服务器2) |
-
下载包
https://github.com/haproxy/haproxy/archive/refs/tags/v2.3.0.tar.gz
-
关闭防火墙selinux
systemctl stop firewalld && setenforce 0
-
RS安装httpd启动服务,修改index网页内容方便验证
[root@RS1 ~]# yum -y install httpd
[root@RS1 ~]# systemctl enable --now httpd
[root@RS1 ~]# echo RS1> /var/www/html/index.html
[root@RS2 ~]# yum -y install httpd
[root@RS2 ~]# systemctl enable --now httpd
[root@RS2 ~]# echo RS2> /var/www/html/index.html
- 解压并安装相关依赖
[root@DR ~]# tar xf haproxy-2.3.0.tar.gz
[root@DR ~]# cd haproxy-2.3.0/
[root@DR haproxy-2.3.0]# yum -y install gcc pcre-devel bzip2-devel openssl-devel systemd-devel
[root@DR haproxy-2.3.0]# useradd -r -M -s /sbin/nologin haproxy
安装与配置
查看安装相关配置的文档
[root@DR haproxy-2.3.0]# less INSTALL
编译并安装
//确保环境纯净
[root@DR haproxy-2.3.0]# make clean
//-j 多核加速编译
[root@DR haproxy-2.3.0]# make -j $(nproc) TARGET=linux-glibc USE_OPENSSL=1 USE_ZLIB=1 USE_PCRE=1 USE_SYSTEMD=1
//make install指定安装目录
[root@DR haproxy-2.3.0]# make install PREFIX=/usr/local/haproxy
//复制命令到sbin下
[root@DR haproxy]# cp sbin/haproxy /usr/sbin/
内核参数配置
//启用ip转发和非本地ip绑定(不在网卡配置文件,直接在配置文件写入修改)
[root@DR haproxy]# echo 'net.ipv4.ip_forward = 1'>> /etc/sysctl.conf
[root@DR haproxy]# echo 'net.ipv4.ip_nonlocal_bind = 1'>> /etc/sysctl.conf
[root@DR haproxy]# sysctl -p
net.ipv4.ip_forward = 1
net.ipv4.ip_nonlocal_bind = 1
基于haproxy的http负载均衡
生成haproxy配置文件
//生成配置保存目录
[root@DR haproxy]# mkdir /etc/haproxy
//查看配置说明文档
[root@DR haproxy-2.3.0]# less doc/configuration.txt
//写入配置文件
[root@DR haproxy-2.3.0]# vim /etc/haproxy/haproxy.cfg
[root@DR ~]# cat /etc/haproxy/haproxy.cfg
#--------------全局配置----------------
global
log 127.0.0.1 local0 info
#log loghost local0 info
maxconn 20480
#chroot /usr/local/haproxy
pidfile /var/run/haproxy.pid
#maxconn 4000
user haproxy
group haproxy
daemon
#---------------------------------------------------------------------
#common defaults that all the 'listen' and 'backend' sections will
#use if not designated in their block
#---------------------------------------------------------------------
defaults
mode http
log global
option dontlognull
option httpclose
option httplog
#option forwardfor
option redispatch
balance roundrobin
timeout connect 10s
timeout client 10s
timeout server 10s
timeout check 10s
maxconn 60000
retries 3
#--------------统计页面配置------------------
listen admin_stats
bind 0.0.0.0:8189
stats enable
mode http
log global
stats uri /haproxy_stats
stats realm Haproxy Statistics
stats auth admin:admin
#stats hide-version
stats admin if TRUE
stats refresh 30s
#---------------web设置-----------------------
listen webcluster
bind 0.0.0.0:80
mode http
#option httpchk GET /index.html
log global
maxconn 3000
balance roundrobin
server web01 192.168.94.143:80 check inter 2000 fall 5
server web02 192.168.94.129:8080 check inter 2000 fall 5
#server web01 192.168.80.102:80 cookie web01 check inter 2000 fall 5
//-f指定文件 -c查看配置文件是否有效
[root@DR haproxy-2.3.0]# haproxy -f /etc/haproxy/haproxy.cfg -c
Configuration file is valid
//修改日志服务让local0的info级别信息记录到指定文件
[root@DR ~]# vim /etc/rsyslog.conf
...
# Save boot messages also to boot.log
local0.info /var/
log/haproxy.log
local7.* /var/log/boot.log
//重启服务
[root@DR ~]# systemctl restart rsyslog.service
修改RS2端监听端口为8080
[root@RS2 ~]# vi /etc/httpd/conf/httpd.conf
#Listen 12.34.56.78:80
Listen 8080
[root@RS2 ~]# systemctl restart httpd
载入配置文件并启动
[root@DR haproxy-2.3.0]# haproxy -f /etc/haproxy/haproxy.cfg
//80端口起来
[root@DR ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 0.0.0.0:80 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 0.0.0.0:8189 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
测试访问
C:Usersego>curl 192.168.94.141
RS1
C:Usersego>curl 192.168.94.141
RS2
状态查看