haproxy配置示例
1.最基础的的配置
下面的例子配置了一个监听在所有接口的80端口上HTTP proxy服务,它转发所有的请求至后端监听在127.0.0.1:8000上的"server"。
global daemon maxconn 25600 defaults mode http timeout connect 5000ms timeout client 50000ms timeout server 50000ms frontend http-in bind *:80 default_backend servers backend servers server server1 127.0.0.1:8080 maxconn 32
2.http服务器实例
#--------------------------------------------------------------------- # Global settings #--------------------------------------------------------------------- global # to have these messages end up in /var/log/haproxy.log you will # need to: # # 1) configure syslog to accept network log events. This is done # by adding the '-r' option to the SYSLOGD_OPTIONS in # /etc/sysconfig/syslog # # 2) configure local2 events to go to the /var/log/haproxy.log # file. A line like the following can be added to # /etc/sysconfig/syslog # # local2.* /var/log/haproxy.log log 127.0.0.1 local2 chroot /var/lib/haproxy pidfile /var/run/haproxy.pid maxconn 4000 user haproxy group haproxy daemon defaults mode http log global option httplog option dontlognull option http-server-close option forwardfor except 127.0.0.0/8 option redispatch retries 3 timeout http-request 10s timeout queue 1m timeout connect 10s timeout client 1m timeout server 1m timeout http-keep-alive 10s timeout check 10s maxconn 30000 listen stats mode http bind 0.0.0.0:1080 stats enable stats hide-version stats uri /haproxyadmin?stats stats realm Haproxy\ Statistics stats auth admin:admin stats admin if TRUE frontend http-in bind *:80 mode http log global option httpclose option logasap option dontlognull capture request header Host len 20 capture request header Referer len 60 default_backend servers frontend healthcheck bind :1099 mode http option httpclose option forwardfor default_backend servers backend servers balance roundrobin server websrv1 192.168.10.11:80 check maxconn 2000 server websrv2 192.168.10.12:80 check maxconn 2000
3.负载均衡MySQL服务的配置示例
后端的两个mysql主机应该设置为多主模式或者全部为从主机(只读),这样读写才不会出现问题。
#--------------------------------------------------------------------- # Global settings #--------------------------------------------------------------------- global # to have these messages end up in /var/log/haproxy.log you will # need to: # # 1) configure syslog to accept network log events. This is done # by adding the '-r' option to the SYSLOGD_OPTIONS in # /etc/sysconfig/syslog # # 2) configure local2 events to go to the /var/log/haproxy.log # file. A line like the following can be added to # /etc/sysconfig/syslog # # local2.* /var/log/haproxy.log # log 127.0.0.1 local2 chroot /var/lib/haproxy pidfile /var/run/haproxy.pid maxconn 4000 user haproxy group haproxy daemon defaults mode tcp log global option httplog option dontlognull retries 3 timeout http-request 10s timeout queue 1m timeout connect 10s timeout client 1m timeout server 1m timeout http-keep-alive 10s timeout check 10s maxconn 600 listen stats mode http bind 0.0.0.0:1080 stats enable stats hide-version stats uri /haproxyadmin?stats stats realm Haproxy\ Statistics stats auth admin:admin stats admin if TRUE frontend mysql bind *:3306 mode tcp log global default_backend mysqlservers backend mysqlservers balance leastconn server dbsrv1 192.168.10.11:3306 check port 3306 intval 2 rise 1 fall 2 maxconn 300 server dbsrv2 192.168.10.12:3306 check port 3306 intval 2 rise 1 fall 2 maxconn 300
4.动静分离示例
global log 127.0.0.1 local2 chroot /var/lib/haproxy pidfile /var/run/haproxy.pid maxconn 4000 user haproxy group haproxy daemon # turn on stats unix socket stats socket /var/lib/haproxy/stats defaults mode http log global option httplog option dontlognull option http-server-close option forwardfor except 127.0.0.0/8 option redispatch retries 3 timeout http-request 10s timeout queue 1m timeout connect 10s timeout client 1m timeout server 1m timeout http-keep-alive 10s timeout check 10s maxconn 30000 listen stats mode http bind 0.0.0.0:1080 stats enable stats hide-version stats uri /haproxyadmin?stats stats realm Haproxy\ Statistics stats auth admin:admin stats admin if TRUE frontend http-in bind *:80 mode http log global option httpclose option logasap option dontlognull capture request header Host len 20 capture request header Referer len 60 acl url_static path_beg -i /static /images /javascript /stylesheets acl url_static path_end -i .jpg .jpeg .gif .png .css .js use_backend static_servers if url_static default_backend dynamic_servers backend static_servers balance roundrobin server imgsrv1 172.16.200.7:80 check maxconn 6000 server imgsrv2 172.16.200.8:80 check maxconn 6000 backend dynamic_servers cookie srv insert nocache balance roundrobin server websrv1 172.16.200.7:80 check maxconn 1000 cookie websrv1 server websrv2 172.16.200.8:80 check maxconn 1000 cookie websrv2 server websrv3 172.16.200.9:80 check maxconn 1000 cookie websrv3
5.实例:keepcalived + haproxy
haproxy.cfg
# this config needs haproxy-1.1.28 or haproxy-1.2.1 global log 127.0.0.1 local0 log 127.0.0.1 local3 warning #log 127.0.0.1 local1 notice #log loghost local0 info maxconn 3000 chroot /usr/share/haproxy uid nobody gid nobody daemon #debug #quiet defaults log global mode http option httplog option dontlognull retries 3 option redispatch maxconn 20000 timeout connect 5000 timeout client 50000 timeout server 50000 backend varnish_www #option httpchk option forwardfor balance uri #server varnish1 172.18.203.134:6081 check inter 3000 rise 2 fall 5 #server varnish2 172.18.203.135:6081 check inter 3000 rise 2 fall 5 server varnish1 172.18.203.134:6081 server varnish2 172.18.203.135:6081 backend varnish_m #option httpchk option forwardfor balance uri hash-type consistent #server varnish3 172.18.203.136:6081 check #server varnish4 172.18.203.137:6081 check server varnish3 172.18.203.136:6081 server varnish4 172.18.203.137:6081 frontend host bind *:80 acl host_m hdr(host) -i m.tycoon.com acl host_www hdr(host) -i www.tycoon.com acl host_www path_end -i .jpg .jpeg .png .gif .js .css .html .htm use_backend varnish_www if host_www use_backend varnish_m if host_m listen stats *:8901 stats enable stats refresh 30s stats hide-version stats uri /haproxy?stats stats realm HAProxy\ Statistics stats auth admin:tycoon
keepcalived主:
! Configuration File for keepalived global_defs { notification_email { root@localhost } notification_email_from admin@tycoon.com smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id lb-haproxy vrrp_mcast_group4 224.0.203.10 } vrrp_script chk_haproxy { script "killall -0 haproxy" interval 5 weight -8 } vrrp_instance VI_1 { state MASTER interface eth0 virtual_router_id 51 priority 100 advert_int 1 authentication { auth_type PASS auth_pass tUPEA8I5 } track_script { chk_haproxy } virtual_ipaddress { 172.18.203.253/16 } }
keepalived从:
! Configuration File for keepalived global_defs { notification_email { root@localhost } notification_email_from admin@tycoon.com smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id lb-haproxy vrrp_mcast_group4 224.0.203.10 } vrrp_script chk_haproxy { script "killall -0 haproxy" interval 5 weight -8 } vrrp_instance VI_1 { state SLAVE interface eth0 virtual_router_id 71 priority 95 advert_int 1 authentication { auth_type PASS auth_pass tUPEA8I5 } track_script { chk_haproxy } virtual_ipaddress { 172.18.203.253/16 } }
6.实例2:ACL匹配子网站
global log 127.0.0.1 local0 info maxconn 4096 user nobody group nobody daemon nbproc 1 pidfile /usr/local/haproxy/logs/haproxy.pid defaults mode http retries 3 timeout connect 5s timeout client 30s timeout server 30s timeout check 2s listen admin_stats bind 0.0.0.0:19088 mode http log 127.0.0.1 local0 err stats refresh 30s stats uri /haproxy-status stats realm welcome login\ Haproxy stats auth admin:admin stats auth user1:passwd1 stats hide-version stats admin if TRUE front www bind *:80 mode http option httpdlog option forwardfor log global acl host_www hdr_reg(host) -i ^(www.tb.com|tb.com) acl host_bbs hdr_dom(host) -i bbs.tb.com acl host_blog hdr_beg(host) -i blog.tb.com use_backend server_www if host_www use_backend server_bbs if host_bbs use_backend server_blog if host_blog default_backend server_default backend server_default mode http option redispatch option abortonclose balance roundrobin cookie SERVER option httpcheck GET /check_status.html server default1 192.168.88.90:8000 cookie default1 weight 3 check inter 2000 rise 2 fail 3 server default2 192.168.88.91:8000 cookie default2 weight 3 check inter 2000 rise 2 fail 3 backend server_www mode http option redispatch option abortonclose balance source cookie SERVERID option httpcheck GET /check_status.jsp server www1 192.168.88.80:80 cookie www1 weight 6 check inter 2000 rise 2 fail 3 server www2 192.168.88.81:80 cookie www2 weight 6 check inter 2000 rise 2 fail 3 server www3 192.168.88.82:80 cookie www3 weight 6 check inter 2000 rise 2 fail 3 backend server_bbs mode http option redispatch option abortonclose balance source cookie SERVERID option httpcheck GET /check_status.php server bbs1 192.168.88.83:8080 cookie bbs1 weight 8 check inter 2000 rise 2 fail 3 server bbs2 192.168.88.84:8090 cookie bbs2 weight 8 check inter 2000 rise 2 fail 3 backend server_blog mode http option redispatch option abortonclose balance roundrobin cookie SERVERID option httpcheck GET /check_status.php server blog1 192.168.88.85:8000 cookie blog1 weight 5 check inter 2000 rise 2 fail 3 server blog2 192.168.88.86:8000 cookie blog2 weight 5 check inter 2000 rise 2 fail 3
