Haproxy搭建Web群集
1. 基本环境配置
IP地址配置
主机 | IP地址 | 系统 |
haproxy | 192.168.100.100/24 | CentOS 7.7 |
web01 | 192.168.100.110/24 | CentOS 7.7 |
web02 | 192.168.100.120/24 | CentOS 7.7 |
主机名设置
# haproxy
$ hostnamectl set-hostname haproxy
# web01
$ hostnamectl set-hostname web01
# web02
$ hostnamectl set-hostname web02
关闭SeLinux
# 临时关闭
$ setenforce 0
# 永久关闭
$ sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
2. 配置web网站
添加Nginx YUM源
web1和web2安装nginx,并设置不同的首页内容:
$ vim /etc/yum.repos.d/nginx.repo
[nginx-stable]
name=nginx stable repo
baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck=1
enabled=1
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true
[nginx-mainline]
name=nginx mainline repo
baseurl=http://nginx.org/packages/mainline/centos/$releasever/$basearch/
gpgcheck=1
enabled=0
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true
安装Nginx
$ yum install nginx -y
添加Web页面
[root@web01 ~]# echo '<h1>web01 test</h1>' > /usr/share/nginx/html/index.html
[root@web02 ~]# echo '<h1>web02 test</h1>' > /usr/share/nginx/html/index.html
启动服务
$ systemctl start nginx
$ systemctl enable nginx
防火墙
$ firewall-cmd --add-service=http --permanent
$ firewall-cmd --reload
3. 安装haproxy
[root@haproxy ~]# yum install haproxy -y
[root@haproxy ~]# haproxy -v
HA-Proxy version 1.5.18 2016/05/10
Copyright 2000-2016 Willy Tarreau <willy@haproxy.org>
4. 配置rsyslog服务来接收 haproxy 的日志
修改rsyslog配置文件
[root@haproxy ~]# vim /etc/rsyslog.conf
# Provides UDP syslog reception #开启UDP日志接收,使用514端口
$ModLoad imudp
$UDPServerRun 514
#添加日志规则
local2.* /var/log/haproxy.log
重启rsyslog服务
[root@haproxy ~]# systemctl restart rsyslog.service
5. 配置haproxy
[root@haproxy ~]# vim /etc/haproxy/haproxy.cfg
global
log 127.0.0.1:514 local2 info
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000 #最大连接数,根据应用实际情况进行调整,推荐使用10240
user haproxy
group haproxy
daemon #以后台形式运行haproxy
defaults
mode http #工作模式,所处理的类别,默认采用http模式,可配置成tcp
log global
option httplog
option dontlognull
#option http-server-close
#option forwardfor except 127.0.0.0/8
#option redispatch
#retries 3
#timeout http-request 10s
#timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
#timeout http-keep-alive 10s
#timeout check 10s
#maxconn 3000
frontend http_front
bind 192.168.100.100:80
status uri /haproxy?stats
default_backend http_back
backend http_back
balance roundrobin #调度算法采用RR轮询算法
server web01 192.168.100.110:80 check
server web02 192.168.100.120:80 check
启动haproxy服务,防火墙放行80端口
[root@haproxy ~]# systemctl enable haproxy.service
Created symlink from /etc/systemd/system/multi-user.target.wants/haproxy.service to /usr/lib/systemd/system/haproxy.service.
[root@haproxy ~]# systemctl start haproxy.service
[root@haproxy ~]# firewall-cmd --add-port=80/tcp --permanent
success
[root@haproxy ~]# firewall-cmd --reload
success
6. 访问测试
轮询访问
[root@haproxy ~]# curl 192.168.100.100
<h1>web01 test</h1>
[root@haproxy ~]# curl 192.168.100.100
<h1>web02 test</h1>
访问haproxy状态页面
基于域名的负载平衡web集群
[root@haproxy ~]# vim /etc/haproxy/haproxy.cfg
global
log 127.0.0.1:514 local2 info
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000 #最大连接数,根据应用实际情况进行调整,推荐使用10240
user haproxy
group haproxy
daemon
defaults
mode http
log global
option httplog
option dontlognull
timeout connect 10s
timeout client 1m
timeout server 1m
frontend http_front
bind 192.168.100.100:80
stats uri /haproxy?stats
default_backend web01
acl is_web02 hdr_end(host) www.web02.com
use_backend web02 if is_web02
backend web01
option forwardfor header X_REAL-IP
option httpchk GET /index.html
balance roundrobin
server web01 192.168.100.110:80 check inter 2000 rise 3 fall 3 weight 1
backend web02
option forwardfor header X-REAL-IP
option httpchk GET /index.html
balance roundrobin
server web02 192.168.100.120:80 check inter 2000 rise 3 fall 3 weight 1
配置域名解析
#linux
[root@haproxy ~]# echo '192.168.100.100 www.web01.com' >> /etc/hosts
[root@haproxy ~]# echo '192.168.100.100 www.web02.com' >> /etc/hosts
#windows客户端配置host文件,C:\Windows\System32\drivers\etc\hosts
192.168.100.100 www.web01.com
192.168.100.100 www.web02.com
重启haproxy,使用域名进行访问
[root@haproxy ~]# systemctl restart haproxy.service
[root@haproxy ~]# curl http://www.web01.com
<h1>web01 test</h1>
[root@haproxy ~]# curl http://www.web02.com
<h1>web02 test</h1>
调度算法采用IP哈希,来提供会话保持
[root@haproxy ~]# vim /etc/haproxy/haproxy.cfg
frontend http_front
bind 192.168.100.100:80
stats uri /haproxy?stats
# default_backend web01
# acl is_web02 hdr_end(host) www.web02.com
# use_backend web02 if is_web02
default_backend http_back
backend http_back
balance source hashing
server web01 192.168.100.110:80 check
server web02 192.168.100.120:80 check
[root@haproxy ~]# systemctl restart haproxy.service
#测试
[root@haproxy ~]# curl http://192.168.100.100
<h1>web01 test</h1>
[root@haproxy ~]# curl http://192.168.100.100
<h1>web01 test</h1>
[root@haproxy ~]# curl http://192.168.100.100
<h1>web01 test</h1>
[root@haproxy ~]# curl http://192.168.100.100
<h1>web01 test</h1>
web界面
- 开启Haproxy的状态监测界面,并设置认证登录;
- 成功访问状态监测界面并截图;
frontend http_front
bind 192.168.100.100:80
stats uri /haproxy?stats
stats hide-version
stats realm "Welcome to the haproxy load balancer status page of Legolas"
stats auth admin:admin123
stats admin if TRUE
default_backend http_back
backend http_back
option httpchk GET /index.html
balance roundrobin
server web01 192.168.100.110:80 check inter 2000 rise 3 fall 3 weight 1
server web02 192.168.100.120:80 check inter 2000 rise 3 fall 3 weight 1