一.HAProxy 是什么
HAProxy 是一个免费的负载均衡软件。
HAProxy 提供了 L4(TCP) 和 L7 (HTTP) 两种负载均衡能力。
二.安装和运行
2.1 创建用户
为 Haproxy 创建用户和用户组,此例用户和用户组都是 “ha”。如果想让 Haproxy 监听 1024 以下的端口,则需要以 root 用户来启动。我没有按照网上大佬的方法来创建用户,而是直接以 root 用户运行 Haproxy。
2.2 下载并解压
wget http://www.haproxy.org/download/1.8/src/haproxy-1.8.14.tar.gz
tar -zxvf haproxy-1.8.14.tar.gz
2.3 编译并安装
make PREFIX=/home/tools/haproxy TARGET=linux31
make install PREFIX=/home/tools/haproxy
PREFIX为指定的安装路径,TARGET则根据当前操作系统内核版本指定
2.4 配置文件
global #全局属性
daemon #以daemon方式在后台运行
maxconn 256 #最大同时256连接
pidfile /home/tools/haproxy/haproxyhome/conf/haproxy.pid #指定保存HAProxy进程号的文件
log 127.0.0.1 local0 info
log 127.0.0.1 local1 warning
defaults #默认参数
mode http #http模式
timeout connect 5000ms #连接server端超时5s
timeout client 50000ms #客户端响应超时50s
timeout server 50000ms #server端响应超时50s
log global
frontend http-in #前端服务http-in
bind *:8080 #监听8080端口
default_backend servers #请求转发至名为"servers"的后端服务
capture request header User-Agent len 128
capture request header X-Forwarded-For len 100
capture request header Referer len 200
capture response header Server len 40
capture response header Server-ID len 40
log-format "%ci:%cp \"[%tr]\" %ST %B \"%r\" \"%b\" \"%f\" \"%hrl\" \"%bi\" %si:%sp"
backend servers #后端服务servers
server server1 192.168.133.112:9000 maxconn 32 #backend servers 中只有一个后端服务,名字叫server1,起在本机的8080端口,HAProxy同时最多向这个服务发起32个连接
server server2 192.168.133.113:9000 maxconn 32
2.5 将 Haproxy 注册为系统服务
在 /etc/init.d
目录下添加 Haproxy 服务的启停脚本
vi /etc/init.d/haproxy
#!/bin/bash
set -e
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/home/tools/haproxy/haproxyhome/sbin
PROGDIR=/home/tools/haproxy/haproxyhome
PROGNAME=haproxy
DAEMON=$PROGDIR/sbin/$PROGNAME
CONFIG=$PROGDIR/conf/$PROGNAME.cfg
PIDFILE=$PROGDIR/conf/$PROGNAME.pid
DESC="HAProxy daemon"
SCRIPTNAME=/etc/init.d/$PROGNAME
# Gracefully exit if the package has been removed.
test -x $DAEMON || exit 0
start()
{
echo -e "Starting $DESC: $PROGNAME\n"
$DAEMON -f $CONFIG
echo "."
}
stop()
{
echo -e "Stopping $DESC: $PROGNAME\n"
haproxy_pid="$(cat $PIDFILE)"
kill $haproxy_pid
echo "."
}
restart()
{
echo -e "Restarting $DESC: $PROGNAME\n"
$DAEMON -f $CONFIG -p $PIDFILE -sf $(cat $PIDFILE)
echo "."
}
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
restart
;;
*)
echo "Usage: $SCRIPTNAME {start|stop|restart}" >&2
exit 1
;;
esac
exit 0
2.6 运行
service haproxy start
service haproxy stop
service haproxy restart
2.7 访问
三.日志文件详细配置
Haproxy 不会直接输出文件日志,所以要借助 Linux 的 rsyslog
3.1修改 haproxy.cfg
在 global
和 defaults
中添加
global
...
log 127.0.0.1 local0 info
log 127.0.0.1 local1 warning
...
defaults
...
log global
...
意思是将info级(及以上)的日志推送到rsyslog的local0接口,将warn级(及以上)的日志推送到rsyslog的local1接口,并且所有frontend都默认使用global中的日志配置。
注:info级的日志会打印HAProxy处理的每一条请求,会占用很大的磁盘空间,在生产环境中,建议将日志级别调整为notice
3.2 为 rsyslog 添加 haproxy 日志的配置
vi /etc/rsyslog.d/haproxy.conf
$ModLoad imudp
$UDPServerRun 514
$FileCreateMode 0644 #日志文件的权限
$FileOwner ha #日志文件的owner
local0.* /var/log/haproxy.log #local0接口对应的日志输出文件
local1.* /var/log/haproxy_warn.log #local1接口对应的日志输出文件
3.3 修改 rsyslog 的启动参数
vi /etc/sysconfig/rsyslog
# Options for rsyslogd
# Syslogd options are deprecated since rsyslog v3.
# If you want to use them, switch to compatibility mode 2 by "-c 2"
# See rsyslogd(8) for more details
SYSLOGD_OPTIONS="-c 2 -r -m 0"
3.4 重启 rsyslog 和 Haproxy
service rsyslog restart
service haproxy restart
此时就应该能在/var/log目录下看到haproxy的日志文件了
3.5 日志配置示例
默认的 haproxy 日志输出比较简陋,如下
Nov 6 17:10:34 localhost haproxy[10072]: Proxy http-in started.
Nov 6 17:10:34 localhost haproxy[10072]: Proxy servers started.
Nov 6 17:11:13 localhost haproxy[10073]: Connect from 192.168.133.1:52152 to 192.168.133.112:8080 (http-in/HTTP)
Nov 6 17:11:13 localhost haproxy[10073]: Connect from 192.168.133.1:52153 to 192.168.133.112:8080 (http-in/HTTP)
Nov 6 17:50:58 localhost haproxy[10073]: Connect from 192.168.133.1:53004 to 192.168.133.112:8080 (http-in/HTTP)
Nov 6 17:50:59 localhost haproxy[10073]: Connect from 192.168.133.1:53003 to 192.168.133.112:8080 (http-in/HTTP)
Nov 6 18:08:35 localhost haproxy[10073]: Connect from 192.168.133.1:53544 to 192.168.133.112:8080 (http-in/HTTP)
Nov 6 18:08:35 localhost haproxy[10073]: Connect from 192.168.133.1:53545 to 192.168.133.112:8080 (http-in/HTTP)
Nov 6 18:08:35 localhost haproxy[10073]: Connect from 192.168.133.1:53548 to 192.168.133.112:8080 (http-in/HTTP)
Nov 16 09:33:47 localhost haproxy[10073]: Connect from 192.168.133.1:53644 to 192.168.133.112:8080 (http-in/HTTP)
Nov 16 09:33:47 localhost haproxy[10073]: Connect from 192.168.133.1:53645 to 192.168.133.112:8080 (http-in/HTTP)
Nov 16 09:34:11 localhost haproxy[10073]: Connect from 192.168.133.1:53755 to 192.168.133.112:8080 (http-in/HTTP)
Nov 16 09:34:11 localhost haproxy[10073]: Connect from 192.168.133.1:53756 to 192.168.133.112:8080 (http-in/HTTP)
希望记录的更详细些,于是 haproxy.cfg
配置文件更改如下:
frontend http-img
bind *:80
acl url_static path_beg -i /static /images /javascript /stylesheets
acl url_static path_end -i .jpg .gif .png .css .js
use_backend img_backup if url_static
capture request header User-Agent len 128
capture request header X-Forwarded-For len 100
capture request header Referer len 200
capture response header Server len 40
capture response header Server-ID len 40
log-format "%ci:%cp \"[%tr]\" %ST %B \"%r\" \"%b\" \"%f\" \"%hrl\" \"%bi\" %si:%sp"
从上面的配置文件可以看出获取了一些头信息,然后将日志格式重新format
结果
防丢失
Nov 16 09:52:57 localhost haproxy[10247]: 192.168.133.1:54116 "[16/Nov/2020:09:52:57.404]" 200 1159 "GET /minio/login HTTP/1.1" "servers" "http-in" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.193 Safari/537.36 Edg/86.0.622 - -" "192.168.133.112" 192.168.133.113:9000
Nov 16 09:52:57 localhost haproxy[10247]: 192.168.133.1:54116 "[16/Nov/2020:09:52:57.429]" 200 889 "GET /minio/loader.css HTTP/1.1" "servers" "http-in" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.193 Safari/537.36 Edg/86.0.622 - http://192.168.133.112:8080/minio/login" "192.168.133.112" 192.168.133.112:9000
Nov 16 09:52:57 localhost haproxy[10247]: 192.168.133.1:54117 "[16/Nov/2020:09:52:57.430]" 200 1584 "GET /minio/logo.svg HTTP/1.1" "servers" "http-in" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.193 Safari/537.36 Edg/86.0.622 - http://192.168.133.112:8080/minio/login" "192.168.133.112" 192.168.133.113:9000
Nov 16 09:52:57 localhost haproxy[10247]: 192.168.133.1:54117 "[16/Nov/2020:09:52:57.669]" 200 651 "POST /minio/webrpc HTTP/1.1" "servers" "http-in" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.193 Safari/537.36 Edg/86.0.622 - http://192.168.133.112:8080/minio/login" "192.168.133.112" 192.168.133.112:9000
Nov 16 09:52:57 localhost haproxy[10247]: 192.168.133.1:54117 "[16/Nov/2020:09:52:57.786]" 200 2748 "GET /minio/favicon-32x32.png HTTP/1.1" "servers" "http-in" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.193 Safari/537.36 Edg/86.0.622 - http://192.168.133.112:8080/minio/login" "192.168.133.112" 192.168.133.113:9000
Nov 16 09:53:13 localhost haproxy[10247]: 192.168.133.1:54117 "[16/Nov/2020:09:53:13.169]" 200 1159 "GET /minio/login HTTP/1.1" "servers" "http-in" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.193 Safari/537.36 Edg/86.0.622 - -" "192.168.133.112" 192.168.133.112:9000
Nov 16 09:53:13 localhost haproxy[10247]: 192.168.133.1:54117 "[16/Nov/2020:09:53:13.193]" 200 889 "GET /minio/loader.css HTTP/1.1" "servers" "http-in" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.193 Safari/537.36 Edg/86.0.622 - http://192.168.133.112:8080/minio/login" "192.168.133.112" 192.168.133.112:9000
Nov 16 09:53:13 localhost haproxy[10247]: 192.168.133.1:54116 "[16/Nov/2020:09:53:13.194]" 200 1584 "GET /minio/logo.svg HTTP/1.1" "servers" "http-in" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.193 Safari/537.36 Edg/86.0.622 - http://192.168.133.112:8080/minio/login" "192.168.133.112" 192.168.133.113:9000
Nov 16 09:53:13 localhost haproxy[10247]: 192.168.133.1:54116 "[16/Nov/2020:09:53:13.414]" 200 651 "POST /minio/webrpc HTTP/1.1" "servers" "http-in" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.193 Safari/537.36 Edg/86.0.622 - http://192.168.133.112:8080/minio/login" "192.168.133.112" 192.168.133.113:9000
Nov 16 09:53:13 localhost haproxy[10247]: 192.168.133.1:54116 "[16/Nov/2020:09:53:13.527]" 200 2748 "GET /minio/favicon-32x32.png HTTP/1.1" "servers" "http-in" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.193 Safari/537.36 Edg/86.0.622 - http://192.168.133.112:8080/minio/login" "192.168.133.112" 192.168.133.112:9000
Nov 16 09:53:22 localhost haproxy[10247]: 192.168.133.1:54116 "[16/Nov/2020:09:53:22.680]" 200 1159 "GET /minio/login HTTP/1.1" "servers" "http-in" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.193 Safari/537.36 Edg/86.0.622 - -" "192.168.133.112" 192.168.133.113:9000
Nov 16 09:53:22 localhost haproxy[10247]: 192.168.133.1:54116 "[16/Nov/2020:09:53:22.703]" 200 889 "GET /minio/loader.css HTTP/1.1" "servers" "http-in" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.193 Safari/537.36 Edg/86.0.622 - http://192.168.133.112:8080/minio/login" "192.168.133.112" 192.168.133.112:9000
Nov 16 09:53:22 localhost haproxy[10247]: 192.168.133.1:54117 "[16/Nov/2020:09:53:22.703]" 200 1584 "GET /minio/logo.svg HTTP/1.1" "servers" "http-in" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.193 Safari/537.36 Edg/86.0.622 - http://192.168.133.112:8080/minio/login" "192.168.133.112" 192.168.133.113:9000
Nov 16 09:53:22 localhost haproxy[10247]: 192.168.133.1:54117 "[16/Nov/2020:09:53:22.940]" 200 651 "POST /minio/webrpc HTTP/1.1" "servers" "http-in" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.193 Safari/537.36 Edg/86.0.622 - http://192.168.133.112:8080/minio/login" "192.168.133.112" 192.168.133.112:9000
Nov 16 09:53:23 localhost haproxy[10247]: 192.168.133.1:54117 "[16/Nov/2020:09:53:23.052]" 200 2748 "GET /minio/favicon-32x32.png HTTP/1.1" "servers" "http-in" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.193 Safari/537.36 Edg/86.0.622 - http://192.168.133.112:8080/minio/login" "192.168.133.112" 192.168.133.113:9000
日志输出解析
-
User-Agent
:Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.193 Safari/537.36 Edg/86.0.622 - http://192.168.133.112:8080/minio/login
-
Refer
:http://192.168.133.112:8080/minio/login
-
Server-ID
:192.168.133.112
-
Server
:192.168.133.113:9000