Haproxy

目录

haproxy简介

HAProxy是一个使用C语言编写的自由及开放源代码软件,其提供高可用性、负载均衡,以及基于TCP和HTTP的应用程序代理。
HAProxy特别适用于那些负载特大的web站点,这些站点通常又需要会话保持或七层处理。HAProxy运行在当前的硬件上,完全可以支持数以万计的并发连接。并且它的运行模式使得它可以很简单安全的整合进您当前的架构中, 同时可以保护你的web服务器不被暴露到网络上。
HAProxy实现了一种事件驱动, 单一进程模型,此模型支持非常大的并发连接数。多进程或多线程模型受内存限制 、系统调度器限制以及无处不在的锁限制,很少能处理数千并发连接。事件驱动模型因为在有更好的资源和时间管理的用户空间(User-Space) 实现所有这些任务,所以没有这些问题。此模型的弊端是,在多核系统上,这些程序通常扩展性较差。这就是为什么他们必须进行优化以 使每个CPU时间片(Cycle)做更多的工作。
包括 GitHub、Bitbucket、Stack Overflow、Reddit、Tumblr、Twitter和 Tuenti在内的知名网站,及亚马逊网络服务系统都使用了HAProxy。

haproxy安装

1.yum安装
yum -y install haproxy

2.源码安装

下载安装包
haproxy源码包下载网站地址:https://src.fedoraproject.org/repo/pkgs/haproxy/

//安装编译环境
[root@localhost ~]# yum -y install make gcc pcre-devel bzip2-devel openssl-devel systemd-devel

//创建haproxy用户
[root@localhost ~]# useradd -rMs /sbin/nologin haproxy
[root@localhost ~]# id haproxy
uid=993(haproxy) gid=990(haproxy) groups=990(haproxy)

//解压和安装
[root@localhost ~]# tar xf haproxy-2.6.0.tar.gz 
[root@localhost ~]# cd haproxy-2.6.0
[root@localhost haproxy-2.6.0]# make -j $(grep 'processor' /proc/cpuinfo |wc -l)  \
>  TARGET=linux-glibc \
> USE_OPENSSL=1 \
> USE_ZLIB=1 \
> USE_PCRE=1 \
> USE_SYSTEMD=1

[root@localhost haproxy-2.6.0]# make install PREFIX=/usr/local/haproxy
[root@localhost haproxy-2.6.0]# cp haproxy /usr/sbin/

//设置Linux内核参数
[root@localhost haproxy-2.6.0]# vim /etc/sysctl.conf 
[root@localhost haproxy-2.6.0]# sysctl -p
net.ipv4.ip_nonlocal_bind = 1
net.ipv4.ip_forward = 1

//配置haproxy服务
[root@localhost haproxy-2.6.0]# mkdir /etc/haproxy
[root@localhost haproxy-2.6.0]# cat /etc/haproxy/haproxy.cfg
global
    log 192.168.26.138 local0  info
    #log loghost local0 info
    maxconn 20480
#chroot /usr/local/haproxy
    pidfile /var/run/haproxy.pid
    #maxconn 4000
    user haproxy
    group haproxy
    daemon
#---------------------------------------------------------------------
#common defaults that all the 'listen' and 'backend' sections will
#use if not designated in their block
#---------------------------------------------------------------------
defaults
    mode http
    log global
    option dontlognull
    option httpclose
    option httplog
    #option forwardfor
    option redispatch
    balance roundrobin
    timeout connect 10s
    timeout client 10s
    timeout server 10s
    timeout check 10s
    maxconn 60000
    retries 3
#--------------统计页面配置------------------
listen admin_stats
    bind 0.0.0.0:8189
    stats enable
    mode http
    log global
    stats uri /haproxy_stats
    stats realm Haproxy\ Statistics
    stats auth admin:admin
    #stats hide-version
    stats admin if TRUE
    stats refresh 30s
#---------------web设置-----------------------
listen webcluster
    bind 0.0.0.0:80
    mode http
    #option httpchk GET /index.html
    log global
    maxconn 3000
    balance roundrobin
    cookie SESSION_COOKIE insert indirect nocache
    server web01 172.16.103.130:80 check inter 2000 fall 5
    #server web01 192.168.26.138:80 cookie web01 check inter 2000 fall 5

//启动haproxy,配置haproxy.service服务单元文件
[root@localhost ~]# vim /usr/lib/systemd/system/haproxy.service
[root@localhost ~]# cat /usr/lib/systemd/system/haproxy.service 
[Unit]
Description=HAProxy Load Balancer
After=syslog.target network.target

[Service]
ExecStartPre=/usr/local/haproxy/sbin/haproxy -f /etc/haproxy/haproxy.cfg   -c -q
ExecStart=/usr/local/haproxy/sbin/haproxy -Ws -f /etc/haproxy/haproxy.cfg  -p /var/run/haproxy.pid
ExecReload=/bin/kill -USR2 $MAINPID

[Install]
WantedBy=multi-user.target

[root@localhost ~]# systemctl daemon-reload

//配置日志信息
[root@localhost ~]# vim /etc/rsyslog.conf 
local0.*        /var/log/haproxy.log
[root@localhost ~]# systemctl restart rsyslog
[root@localhost ~]# systemctl enable rsyslog
[root@localhost ~]# systemctl restart haproxy
[root@localhost ~]# systemctl enable haproxy

Haproxy搭建http负载均衡

环境

主机名称 IP地址 需要安装的应用 系统版本
client 192.168.26.151 Centos8
LB 192.168.26.138 haproxy Centos8
RS1 192.168.26.132 httpd Centos8
RS2 192.168.26.134 httpd Centos8 
//LB、RS1、RS2都关闭防火墙和selinux
[root@RS1 ~]# sed -ri 's/^(SELINUX=).*/\1disabled/g' /etc/selinux/config
[root@RS1 ~]# setenforce 0
[root@RS1 ~]# systemctl disable --now firewalld.service

[root@RS2 ~]# sed -ri 's/^(SELINUX=).*/\1disabled/g' /etc/selinux/config
[root@RS2 ~]# setenforce 0
[root@RS2 ~]# systemctl disable --now firewalld.service

[root@LB ~]# sed -ri 's/^(SELINUX=).*/\1disabled/g' /etc/selinux/config
[root@LB ~]# setenforce 0
[root@LB ~]# systemctl disable --now firewalld.service

//RS1和RS2部署httpd
[root@RS1 ~]# yum -y install httpd
[root@RS1 ~]# echo RS1 > /var/www/html/index.html
[root@RS1 ~]# systemctl restart httpd
[root@RS1 ~]# systemctl enable httpd

[root@RS2 ~]# yum -y install httpd
[root@RS2 ~]# echo RS2 > /var/www/html/index.html
[root@RS2 ~]# systemctl restart httpd
[root@RS2 ~]# systemctl enable httpd

//修改LB的内核参数
[root@LB ~]# vim /etc/sysctl.conf 
[root@LB ~]# sysctl -p
net.ipv4.ip_nonlocal_bind = 1
net.ipv4.ip_forward = 1

//修改haproxy配置文件
[root@LB ~]# vim /etc/haproxy/haproxy.cfg 
[root@LB ~]# cat /etc/haproxy/haproxy.cfg 
global
    daemon
    maxconn 256

defaults
    mode http
    timeout connect 5000ms
    timeout client 50000ms
    timeout server 50000ms

frontend http-in
    bind *:80
    default_backend servers

backend servers
    server web01 192.168.26.132:80
    server web02 192.168.26.134:80


//启动haproxy服务
如果没有使用systemd管理,则执行
[root@LB ~]# haproxy -f /etc/haproxy/haproxy.cfg -c

如果配置systemd管理haproxy服务
[root@LB ~]# systemctl  restart  haproxy


//客户端验证
[root@client ~]# curl http://192.168.26.138
RS1
[root@client ~]# curl http://192.168.26.138
RS2
[root@client ~]# curl http://192.168.26.138
RS1
[root@client ~]# curl http://192.168.26.138
RS2

使用WEB网页访问测试
[root@LB ~]# vim  /etc/haproxy/haproxy.cfg 
[root@LB ~]# cat  /etc/haproxy/haproxy.cfg 
global
    log 127.0.0.1 local0  info
    #log loghost local0 info
    maxconn 20480
#chroot /usr/local/haproxy
    pidfile /var/run/haproxy.pid
    #maxconn 4000
    user haproxy
    group haproxy
    daemon
#---------------------------------------------------------------------
#common defaults that all the 'listen' and 'backend' sections will
#use if not designated in their block
#---------------------------------------------------------------------
defaults
    mode http
    log global
    option dontlognull
    option httpclose
    option httplog
    #option forwardfor
    option redispatch
    balance roundrobin
    timeout connect 10s
    timeout client 10s
    timeout server 10s
    timeout check 10s
    maxconn 60000
    retries 3
#--------------统计页面配置------------------
listen admin_stats
    bind 0.0.0.0:8189
    stats enable
    mode http
    log global
    stats uri /haproxy_stats            //访问网页后缀URL
    stats realm Haproxy\ Statistics
    stats auth admin:admin              //用户名和密码
    #stats hide-version
    stats admin if TRUE
    stats refresh 30s
#---------------web设置-----------------------
listen webcluster
    bind 0.0.0.0:80
    mode http
    #option httpchk GET /index.html
    log global
    maxconn 3000
    balance roundrobin
    cookie SESSION_COOKIE insert indirect nocache
    server web01 192.168.26.132:80 check inter 2000 fall 5
    server web02 192.168.26.134:80 check inter 2000 fall 5

//重启服务
[root@LB ~]# systemctl restart haproxy.service

//网页访问测试
http://192.168.26.138:8189/haproxy_stats
用户名和密码都为admin

posted @   世界的尽头*  阅读(100)  评论(0编辑  收藏  举报
相关博文:
· keepalived高可用
· 监控服务zabbix
· Haproxy
· haproxy
· Haproxy
阅读排行:
· Manus重磅发布:全球首款通用AI代理技术深度解析与实战指南
· 被坑几百块钱后,我竟然真的恢复了删除的微信聊天记录!
· 没有Manus邀请码?试试免邀请码的MGX或者开源的OpenManus吧
· 【自荐】一款简洁、开源的在线白板工具 Drawnix
· 园子的第一款AI主题卫衣上架——"HELLO! HOW CAN I ASSIST YOU TODAY
点击右上角即可分享
微信分享提示