1.编译安装 HAProxy
1.编译安装 HAProxy
编译安装HAProxy 2.0 LTS版本,更多源码包下载地址:http://www.haproxy.org/download/
1.1 解决 lua 环境
HAProxy 支持基于lua实现功能扩展,lua是一种小巧的脚本语言,于1993年由巴西里约热内卢天主教大 学(Pontifical Catholic University of Rio de Janeiro)里的一个研究小组开发,其设计目的是为了嵌入应用程序中,从而为应用程序提供灵活的扩展和定制功能。
1.1.1 CentOS 基础环境
由于CentOS7 之前版本自带的lua版本比较低并不符合HAProxy要求的lua最低版本(5.3)的要求,因此需要编译安装较新版本的lua环境,然后才能编译安装HAProxy,过程如下:
[root@centos7 ~]# lua -v
Lua 5.1.4 Copyright (C) 1994-2008 Lua.org, PUC-Rio
[root@centos7 ~]# yum install gcc readline-devel -y
[root@centos7 ~]# wget http://www.lua.org/ftp/lua-5.3.5.tar.gz
[root@centos7 ~]# tar xvf lua-5.3.5.tar.gz -C /usr/local/src
[root@centos7 ~]# cd /usr/local/src/lua-5.3.5/
[root@centos7 lua-5.3.5]# ls
doc Makefile README src
[root@centos7 lua-5.3.5]# make linux test
#查看编译安装的版本
[root@centos7 lua-5.3.5]# src/lua -v
Lua 5.3.5 Copyright (C) 1994-2018 Lua.org, PUC-Rio
1.2 编译安装HAProxy
#HAProxy 1.8及1.9版本编译参数:
make ARCH=x86_64 TARGET=linux2628 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1
USE_SYSTEMD=1 USE_CPU_AFFINITY=1 PREFIX=/usr/local/haproxy
#HAProxy 2.0以上版本编译参数:
[root@centos7 ~]#yum -y install gcc openssl-devel pcre-devel systemd-devel
[root@centos7 ~]#tar xvf haproxy-2.1.3.tar.gz -C /usr/local/src
[root@centos7 ~]#cd /usr/local/src/haproxy-2.1.3/
[root@centos7 haproxy-2.1.3]# ls
BRANCHES CONTRIBUTING examples LICENSE README scripts tests
CHANGELOG doc include MAINTAINERS reg-tests src VERDATE
contrib ebtree INSTALL Makefile ROADMAP SUBVERS VERSION
#查看安装方法
[root@centos7 haproxy-2.1.3]#ll Makefile
-rw-rw-r-- 1 root root 40812 Feb 12 23:18 Makefile
[root@centos7 haproxy-2.1.3]#cat README
[root@centos7 haproxy-2.1.3]#cat INSTALL
#参考INSTALL文件进行编译安装
[root@centos7 haproxy-2.1.3]#make ARCH=x86_64 TARGET=linux-glibc USE_PCRE=1
USE_OPENSSL=1 USE_ZLIB=1 USE_SYSTEMD=1 USE_LUA=1 LUA_INC=/usr/local/src/lua-
5.3.5/src/ LUA_LIB=/usr/local/src/lua-5.3.5/src/
[root@centos7 haproxy-2.1.3]# make install PREFIX=/apps/haproxy
[root@centos7 haproxy-2.1.3]#ln -s /apps/haproxy/sbin/haproxy /usr/sbin/
#查看生成的文件
[root@centos7 haproxy-2.1.3]# tree /apps/haproxy/
/apps/haproxy/
├── doc
│ └── haproxy
│ ├── 51Degrees-device-detection.txt
│ ├── architecture.txt
│ ├── close-options.txt
│ ├── configuration.txt
│ ├── cookie-options.txt
│ ├── DeviceAtlas-device-detection.txt
│ ├── intro.txt
│ ├── linux-syn-cookies.txt
│ ├── lua.txt
│ ├── management.txt
│ ├── netscaler-client-ip-insertion-protocol.txt
│ ├── network-namespaces.txt
│ ├── peers.txt
│ ├── peers-v2.0.txt
│ ├── proxy-protocol.txt
│ ├── regression-testing.txt
│ ├── seamless_reload.txt
│ ├── SOCKS4.protocol.txt
│ ├── SPOE.txt
│ └── WURFL-device-detection.txt
├── sbin
│ └── haproxy
└── share
└── man
└── man1
└── haproxy.1
6 directories, 22 files
1.3 验证HAProxy版本
#验证HAProxy版本:
[root@centos7 haproxy-2.1.3]# which haproxy
/usr/sbin/haprox
[root@centos7 haproxy-2.1.3]# haproxy -v
HA-Proxy version 2.1.3 2020/02/12 - https://haproxy.org/
Status: stable branch - will stop receiving fixes around Q1 2021.
Known bugs: http://www.haproxy.org/bugs/bugs-2.1.3.html
[root@centos7 haproxy-2.1.3]# haproxy -V
HA-Proxy version 2.1.3 2020/02/12 - https://haproxy.org/
Status: stable branch - will stop receiving fixes around Q1 2021.
Known bugs: http://www.haproxy.org/bugs/bugs-2.1.3.html
Usage : haproxy [-f <cfgfile|cfgdir>]* [ -vdVD ] [ -n <maxconn> ] [ -N <maxpconn> ]
[ -p <pidfile> ] [ -m <max megs> ] [ -C <dir> ] [-- <cfgfile>*]
-v displays version ; -vv shows known build options.
-d enters debug mode ; -db only disables background mode.
-dM[<byte>] poisons memory with <byte> (defaults to 0x50)
-V enters verbose mode (disables quiet mode)
-D goes daemon ; -C changes to <dir> before loading files.
-W master-worker mode.
-Ws master-worker mode with systemd notify support.
-q quiet mode : don't display messages
-c check mode : only check config files and exit
-n sets the maximum total # of connections (uses ulimit -n)
-m limits the usable amount of memory (in MB)
-N sets the default, per-proxy maximum # of connections (0)
-L set local peer name (default to hostname)
-p writes pids of all children to this file
-de disables epoll() usage even when available
-dp disables poll() usage even when available
-dS disables splice usage (broken on old kernels)
-dG disables getaddrinfo() usage
-dR disables SO_REUSEPORT usage
-dr ignores server address resolution failures
-dV disables SSL verify on servers side
-sf/-st [pid ]* finishes/terminates old pids.
-x <unix_socket> get listening sockets from a unix socket
-S <bind>[,<bind options>...] new master CLI
[root@centos7 haproxy-2.1.3]# haproxy -vv
HA-Proxy version 2.1.3 2020/02/12 - https://haproxy.org/
Status: stable branch - will stop receiving fixes around Q1 2021.
Known bugs: http://www.haproxy.org/bugs/bugs-2.1.3.html
Build options :
TARGET = linux-glibc
CPU = generic
CC = gcc
CFLAGS = -m64 -march=x86-64 -O2 -g -fno-strict-aliasing -Wdeclaration-after-statement -fwrapv -Wno-unused-label -Wno-sign-compare -Wno-unused-parameter -Wno-old-style-declaration -Wno-ignored-qualifiers -Wno-clobbered -Wno-missing-field-initializers -Wtype-limits
OPTIONS = USE_PCRE=1 USE_OPENSSL=1 USE_LUA=1 USE_ZLIB=1 USE_SYSTEMD=1
Feature list : +EPOLL -KQUEUE -MY_EPOLL -MY_SPLICE +NETFILTER +PCRE -PCRE_JIT -PCRE2 -PCRE2_JIT +POLL -PRIVATE_CACHE +THREAD -PTHREAD_PSHARED -REGPARM -STATIC_PCRE -STATIC_PCRE2 +TPROXY +LINUX_TPROXY +LINUX_SPLICE +LIBCRYPT +CRYPT_H -VSYSCALL +GETADDRINFO +OPENSSL +LUA +FUTEX +ACCEPT4 -MY_ACCEPT4 +ZLIB -SLZ +CPU_AFFINITY +TFO +NS +DL +RT -DEVICEATLAS -51DEGREES -WURFL +SYSTEMD -OBSOLETE_LINKER +PRCTL +THREAD_DUMP -EVPORTS
Default settings :
bufsize = 16384, maxrewrite = 124, maxpollevents = 200
Built with multi-threading support (MAX_THREADS=64, default=1).
Built with OpenSSL version : OpenSSL 1.0.2k-fips 26 Jan 2017
Running on OpenSSL version : OpenSSL 1.0.2k-fips 26 Jan 2017
OpenSSL library supports TLS extensions : yes
OpenSSL library supports SNI : yes
OpenSSL library supports : SSLv3 TLSv1.0 TLSv1.1 TLSv1.2
Built with Lua version : Lua 5.3.5
Built with network namespace support.
Built with transparent proxy support using: IP_TRANSPARENT IPV6_TRANSPARENT IP_FREEBIND
Built with PCRE version : 8.32 2012-11-30
Running on PCRE version : 8.32 2012-11-30
PCRE library supports JIT : no (USE_PCRE_JIT not set)
Encrypted password support via crypt(3): yes
Built with zlib version : 1.2.7
Running on zlib version : 1.2.7
Compression algorithms supported : identity("identity"), deflate("deflate"), raw-deflate("deflate"), gzip("gzip")
Available polling systems :
epoll : pref=300, test result OK
poll : pref=200, test result OK
select : pref=150, test result OK
Total: 3 (3 usable), will use epoll.
Available multiplexer protocols :
(protocols marked as <default> cannot be specified using 'proto' keyword)
h2 : mode=HTTP side=FE|BE mux=H2
fcgi : mode=HTTP side=BE mux=FCGI
<default> : mode=HTTP side=FE|BE mux=H1
<default> : mode=TCP side=FE|BE mux=PASS
Available services : none
Available filters :
[SPOE] spoe
[CACHE] cache
[FCGI] fcgi-app
[TRACE] trace
[COMP] compression
1.4 准备HAProxy启动文件
#默认缺少配置文件,无法启动
[root@centos7 ~]#systemctl daemon-reload
[root@centos7 ~]#systemctl start haproxy
[root@centos7 haproxy-2.1.3]# systemctl start haproxy
Failed to start haproxy.service: Unit not found.
Job for haproxy.service failed because the control process exited with error
code. See "systemctl status haproxy.service" and "journalctl -xe" for details.
[root@centos7 ~]#tail /var/log/messages
#创建service文件
[root@centos7 ~]#vim /usr/lib/systemd/system/haproxy.service
[Unit]
Description=HAProxy Load Balancer
After=syslog.target network.target
[Service]
ExecStartPre=/usr/sbin/haproxy -f /etc/haproxy/haproxy.cfg -c -q
ExecStart=/usr/sbin/haproxy -Ws -f /etc/haproxy/haproxy.cfg -p /var/lib/haproxy/haproxy.pid
ExecReload=/bin/kill -USR2 $MAINPID
LimitNOFILE=10000
[Install]
WantedBy=multi-user.target
1.5 配置文件
#查看配置文件范例
[root@centos7 haproxy-2.1.3]# tree /usr/local/src/haproxy-2.1.3/examples/
/usr/local/src/haproxy-2.1.3/examples/
├── acl-content-sw.cfg
......
└── wurfl-example.cfg
1 directory, 15 files
#创建自定义的配置文件
[root@centos7 haproxy-2.1.3]# vim /etc/haproxy/haproxy.cfg
global
maxconn 10000
chroot /apps/haproxy
stats socket /var/lib/haproxy/haproxy.sock mode 600 level admin
#uid 99
#gid 99
user haproxy
group haproxy
daemon
#nbproc 4
#cpu-map 1 0
#cpu-map 2 1
#cpu-map 3 2
#cpu-map 4 3
pidfile /var/lib/haproxy/haproxy.pid
log 127.0.0.1 local2 info
defaults
option http-keep-alive
option forwardfor
maxconn 10000
mode http
timeout connect 300000ms
timeout client 300000ms
timeout server 300000ms
listen stats
mode http
bind 0.0.0.0:9999
stats enable
log global
stats uri /haproxy-status
stats auth haadmin:123456
listen web_port
bind 1.0.0.7:80
mode http
log global
server web1 127.0.0.1:8080 check inter 3000 fall 2 rise 5
1.6 启动 haproxy
#准备socket文件目录
[root@centos7 ~]# mkdir /var/lib/haproxy
#设置用户和目录权限
[root@centos7 ~]# useradd -r -s /sbin/nologin -d /var/lib/haproxy haproxy
启动报错,主要是service文件问题
[root@centos7 ~]# systemctl enable --now haproxy
Failed to execute operation: Bad message
查看日志,少写了个=
[root@centos7 log]# tail messages -f
Aug 16 20:27:02 centos7 systemd: [/usr/lib/systemd/system/haproxy.service:8] Missing '='.
启动还是报错。
[root@centos7 ~]# systemctl enable --now haproxy
Job for haproxy.service failed because the control process exited with error code. See "systemctl status haproxy.service" and "journalctl -xe" for details.
查看日志,配置文件出错
[root@centos7 log]# tail messages -f
Aug 16 20:31:30 centos7 systemd: Reloading.
Aug 16 20:31:30 centos7 systemd: Starting HAProxy Load Balancer...
Aug 16 20:31:30 centos7 haproxy: [ALERT] 227/203130 (3297) : parsing [/etc/haproxy/haproxy.cfg:39] : 'server web1' : could not resolve address ' 127.0.0.1'.
Aug 16 20:31:30 centos7 haproxy: [ALERT] 227/203130 (3297) : Failed to initialize server(s) addr.
更改下面这行,改为当前主机名,或者是格式不对,少个空格或多个空格之类
[root@centos7 ~]# vim /etc/haproxy/haproxy.cfg
server centos7 127.0.0.1:8080 check inter 3000 fall 2 rise 5
[root@centos7 ~]# systemctl enable --now haproxy
1.7 验证 haproxy 状态
haproxy.cfg文件中定义了chroot、pidfile、user、group等参数,如果系统没有相应的资源会导致 haproxy无法启动,具体参考日志文件 /var/log/messages
[root@centos7 ~]# systemctl status haproxy
● haproxy.service - HAProxy Load Balancer
Loaded: loaded (/usr/lib/systemd/system/haproxy.service; enabled; vendor preset: disabled)
Active: active (running) since Tue 2022-08-16 20:34:35 CST; 6min ago
Main PID: 3352 (haproxy)
CGroup: /system.slice/haproxy.service
├─3352 /usr/sbin/haproxy -Ws -f /etc/haproxy/haproxy.cfg -p /var/lib/haproxy/haproxy.pid
└─3358 /usr/sbin/haproxy -Ws -f /etc/haproxy/haproxy.cfg -p /var/lib/haproxy/haproxy.pid
Aug 16 20:34:35 centos7 systemd[1]: Starting HAProxy Load Balancer...
Aug 16 20:34:35 centos7 systemd[1]: Started HAProxy Load Balancer.
Aug 16 20:34:35 centos7 haproxy[3352]: [NOTICE] 227/203435 (3352) : New worker #1 (3358) forked
[root@centos7 ~]# pstree -p | grep haproxy
|-haproxy(3352)---haproxy(3358)
1.8查看haproxy的状态页面
浏览器访问: http://haproxy-server:9999/haproxy-status
http://1.0.0.7:9999/haproxy-status
[root@centos7 log]# tail messages -f
Aug 16 20:54:19 centos7 haproxy: [ALERT] 227/205419 (3854) : proxy 'web_port' has no server available!
[root@centos7 ~]# vim /etc/haproxy/haproxy.cfg
......
listen web_port
bind 1.0.0.7:80
mode http
log global
server centos7 127.0.0.1:8080 check inter 3000 fall 2 rise 5
这时配置文件多个空格少个空格报错,改正一下。
在浏览器多刷新几下就出来了。
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· 分享一个免费、快速、无限量使用的满血 DeepSeek R1 模型,支持深度思考和联网搜索!
· 25岁的心里话
· 基于 Docker 搭建 FRP 内网穿透开源项目(很简单哒)
· ollama系列01:轻松3步本地部署deepseek,普通电脑可用
· 闲置电脑爆改个人服务器(超详细) #公网映射 #Vmware虚拟网络编辑器