Ubuntu 16.04 haproxy 简单配置应用
ubuntu16.04 192.168.20.182 haproxy
ubuntu16.04 192.168.20.178 web1
ubuntu16.04 192.168.20.179 web2
安装haproxy
~#apt-get install haproxy -y
haproxy配置文件
安装完成后,配置文件路径:/etc/haproxy/haproxy.cfg
修改配置文件内容如下:
global
log /dev/log local0
log /dev/log local1 notice
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid #haproxy的pid存放路径,启动进程的用户必须有权限访问此文件
stats socket /run/haproxy/admin.sock mode 660 level admin
stats timeout 30s
user haproxy
group haproxy
daemon
# Default SSL material locations
ca-base /etc/ssl/certs
crt-base /etc/ssl/private
# Default ciphers to use on SSL-enabled listening sockets.
# For more information, see ciphers(1SSL). This list is from:
# https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/
ssl-default-bind-ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS
ssl-default-bind-options no-sslv3
defaults
log global
mode http #默认的模式mode { tcp|http|health },tcp是4层,http是7层,health只会返回OK
option httplog
option dontlognull
maxconn 60000
retries 3
timeout connect 5000
timeout client 50000
timeout server 50000
errorfile 400 /etc/haproxy/errors/400.http
errorfile 403 /etc/haproxy/errors/403.http
errorfile 408 /etc/haproxy/errors/408.http
errorfile 500 /etc/haproxy/errors/500.http
errorfile 502 /etc/haproxy/errors/502.http
errorfile 503 /etc/haproxy/errors/503.http
errorfile 504 /etc/haproxy/errors/504.http
listen stats # 管理界面,统计信息参数配置
bind 0.0.0.0:1080 #监听端口
stats refresh 30s #统计页面自动刷新时间
stats uri /stats #统计url
stats realm Haproxy Manager #统计页面密码框上提示文本
stats auth admin:admin #统计页面登录的用户和密码
frontend main # 前端haproxy服务器配置
bind 0.0.0.0:80
acl url_static path_beg -i /static /images /javascript /stylesheets
acl url_static path_end -i .jpg .gif .png .css .js
use_backend static if url_static #满足策略要求,则响应策略定义的backend页面
default_backend dynamic #不满足则响应backend的默认页面
backend static
balance roundrobin #负载均衡模式轮询
server static 127.0.0.1:80 check #后端服务器定义
backend dynamic
balance roundrobin
server websrv1 192.168.20.178:80 check maxconn 1000 #后端web server
server websrv2 192.168.20.179:80 check maxconn 1000 #后端web server
启动haproxy
~#/usr/sbin/haproxy -f /etc/haproxy/haproxy.cfg
设置开机启动
利用shell编程实现
访问测试
访问192.168.20.182:1080/stats进入haproxy的web stats界面
访问192.168.20.182,会显示178的web界面
再次刷新会访问179的web界面