############################################################# Nginx 优点: 1、Web服务器功能广泛 2、7层 location可以设置负载 的http负载均衡 3、性能强大,网络依赖小。 4、安装配置简单
缺点: 1、无法基于url的健康检查 2、负载均衡算法少只有轮训和ip_hash 3、不能动态管理 4、没有集群upstream的状态界面
haproxy 优点: 1、专门做反向代理 2、负载均衡算法>=8种 3、支持动态管理 通过和haproxy的sock进行通信进行管理 4、性能>=Nginx 5、有状态的界面 6、有强大的7层功能
############################################################# 修改rsyslog的配置文件记录日志,去掉以下的# vim /etc/rsyslog.conf $ModLoad imudp $UDPServerRun 514
.# Save boot messages also to boot.log local7.* /var/log/boot.log local2.* /var/log/haproxy.log
重启 systemctl restart rsyslog
############################################################# 安装 yum install haproxy
查看配置文件 vim /etc/haproxy/haproxy.cfg
global log 127.0.0.1 local2
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy
daemon #守护进程运行
stats socket /var/lib/haproxy/stats
defaults mode http log global option httplog option dontlognull #日志中不记录空连接 option http-server-close option forwardfor except 127.0.0.0/8 option redispatch retries 3 timeout http-request 10s timeout queue 1m timeout connect 10s timeout client 1m timeout server 1m timeout http-keep-alive 10s timeout check 10s maxconn 3000 #最大连接数
frontend http_front #前端网页配置 mode http #默认mode是http bind *:80 stats uri /haproxy?stats default_backend http_back
backend http_back balance roundrobin #默认算法轮询,也可以是source相当于nginx的ip_hash,cookie option httpchk GET /index.html #默认检查端口,基于url的健康检查,ngingx不支持 option forwardfor header X-REAL-IP #客户端真实ip,后端程序通过X-REAL-IP获取 server linux-node1 192.168.56.100:8080 check inter 2s rise 3 fall 4 weight 2 #inter 2s 两秒检查 rise 3 3次ok才正常4次ng才失败 server linux-node2 192.168.56.20:80 check inter 2s rise 3 fall 4 weight 1
启动haproxy systemctl start haproxy
查看dashbord http://192.168.56.100/haproxy?stats
查看日志 more /var/log/haproxy.log Jan 10 22:12:33 localhost haproxy[92684]: Proxy http_front started. Jan 10 22:12:33 localhost haproxy[92684]: Proxy http_back started.
配置文件vim /etc/haproxy/haproxy.conf 根据不同域名的代理 frontend http_front bind *:80 stats uri /haproxy?stats default_backend http_back acl domian_panduan hdr_end(host) docker1.lmk.com use_backend http_back1 if domian_panduan
backend http_back balance roundrobin server linux-node1 192.168.56.100:8080 check
backend http_back1 balance roundrobin server linux-node2 192.168.56.20:80 check
根据不同后缀的代理 frontend http_front bind :80 stats uri /haproxy?stats default_backend http_back acl url_panduan url_reg /.(css|jpg|png|js|jpeg|gif)$ use_backend http_back1 if url_panduan
backend http_back balance roundrobin server linux-node1 192.168.56.100:8080 check
backend http_back1 balance roundrobin server linux-node2 192.168.56.20:80 check
根据不同url的代理 frontend http_front bind *:80 stats uri /haproxy?stats default_backend http_back acl url_panduan url_reg /xxx.do use_backend http_back1 if url_panduan
backend http_back balance roundrobin server linux-node1 192.168.56.100:8080 check
backend http_back1 balance roundrobin server linux-node2 192.168.56.20:80 check
根据不同ua的代理 frontend http_front bind *:80 stats uri /haproxy?stats default_backend http_back acl ua_panduan hdr_reg(User-Agent) -i android use_backend http_back1 if url_panduan
backend http_back balance roundrobin server linux-node1 192.168.56.100:8080 check
backend http_back1 balance roundrobin server linux-node2 192.168.56.20:80 check
############################################################# 动态管理 yum install socat vim /etc/haproxy/haproxy.conf 配置权限 stats socket /var/lib/haproxy/stats mode 600 level admin stats timeout 2m
查看帮助 echo "help" | socat stdio /var/lib/haproxy/stats 查看信息 echo "show info" | socat stdio /var/lib/haproxy/stats 关闭主机 echo "disable server http_back/linux-node1" | socat stdio /var/lib/haproxy/stats 开启主机配置nginx可以动态管理主机 echo "enable server http_back/linux-node1" | socat stdio /var/lib/haproxy/stats
