Haproxy安装和配置
跳转到导航
跳转到搜索
总的为
搭建keepalived+haproxy双主高可用负载均衡系统
haproxy安装
master and backup 都要
https://www.haproxy.org/download/
wget -c https://www.haproxy.org/download/1.5/src/haproxy-1.5.9.tar.gz
tar xvf haproxy-1.5.9.tar.gz && cd haproxy-1.5.9
make TARGET=linux2628 PREFIX=/usr/local/haproxy -j3
make install PREFIX=/usr/local/haproxy
mkdir /usr/local/haproxy/conf
cp examples/haproxy.cfg /usr/local/haproxy/conf/
# - linux26 for Linux 2.6 and above
#- linux2628 for Linux 2.6.28, 3.x, and above (enables splice and tproxy)
#这个脚本不好用 跳过 可能要改一下相关的 bin config 路径就行 了
#cp examples/init.haproxy /etc/init.d/haproxy
==haproxy配置==
===配置文件===
<pre>
global
## 20170617 am 参考了 http://nmshuishui.blog.51cto.com/1850554/1405486
log 127.0.0.1 local0 info
maxconn 4096
user nobody
group nobody
daemon
nbproc 2
pidfile /var/run/haproxy.pid
defaults
mode http
retries 3
timeout connect 10s
timeout client 20s
timeout server 30s
timeout check 5s
listen admin_stats
bind 0.0.0.0:8888
mode http
log 127.0.0.1 local0 err
stats refresh 30s
stats uri /haproxy-status
stats realm welcome login\ Haproxy
stats auth evan:evan
stats hide-version
stats admin if TRUE
frontend www
bind 192.168.30.88:80
#bind *:80
mode http
option httplog
option forwardfor
#option httpclose
log global
acl host_www hdr_dom(host) -i www.zb.com
acl host_static hdr_dom(host) -i static.zb.com
# acl host_video hdr_dom(host) -i video.zb.com
use_backend server_www if host_www
use_backend server_static if host_static
# use_backend server_video if host_video
#here 0617
backend server_www
mode http
option redispatch
option abortonclose
balance roundrobin
#cookie SERVERID
option httpchk GET /index.html
server webapp1 192.168.30.71:80 weight 6 check inter 2000 rise 2 fall 3
server webapp2 192.168.30.72:80 weight 6 check inter 2000 rise 2 fall 3
#上面是两台 real web vm
# #server iivey234 192.168.81.234:8080 cookie server2 weight 3 check inter 2000 rise 2 fall 3
## here 20160616
backend server_static
mode http
option redispatch
option abortonclose
balance roundrobin
option httpchk GET /index.html
server webapp2 192.168.30.72:80 weight 6 check inter 2000 rise 2 fall 3
#backend server_video
# mode http
# option redispatch
# option abortonclose
# balance roundrobin
# option httpchk GET /index.html
# server 237server 192.168.30.71:80 cookie server1 weight 6 check inter 2000 rise 2 fall 3
启动脚本
#!/bin/sh
# chkconfig 2345 on
# cat /etc/init.d/haproxy
# description: HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments.
if [ -f /etc/init.d/functions ]; then
. /etc/init.d/functions
elif [ -f /etc/rc.d/init.d/functions ] ; then
. /etc/rc.d/init.d/functions
else
exit 0
fi
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
#[ ${NETWORKING} = "no" ] && exit 0
[ "${NETWORKING}" = "no" ] && exit 0
config="/usr/local/haproxy/conf/haproxy.cfg"
exec="/usr/local/haproxy/sbin/haproxy"
prog=$(basename $exec)
lockfile=/var/lock/subsys/haproxy
PID="/var/run/haproxy.pid"
check(){
$exec -c -V -f $config
}
#[ -f $config ] || exit 1
#RETVAL=0
start() {
$exec -c -q -f $config
#daemon $exec -c -q -f $config
# daemon $exec -f $config
if [ $? -ne 0 ]; then
echo "Errors found in configuration file."
return 1
fi
echo -n "Starting HAproxy: "
daemon $exec -D -f $config -p $PID
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/haproxy
return $RETVAL
}
stop() {
echo -n "Shutting down HAproxy: "
#kill $(cat $PID)
killproc haproxy
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/haproxy
[ $RETVAL -eq 0 ] && rm -f $PID
return $RETVAL
}
restart() {
$exec -c -q -f $config
if [ $? -ne 0 ]; then
echo "Errors found in configuration file, check it with 'haproxy check'."
return 1
fi
stop
start
}
reload(){
$exec -c -q -f $config
if [ $? -ne 0 ]; then
echo "Errors found in configuration file, check it with 'haproxy check'."
return 1
fi
echo -n $"reloading haproxy:"
$exec -D -f $config -p $PID -sf $(cat $PID)
RETVAL=$?
echo
return $RETVAL
}
force_reload(){
restart
}
fdr_status(){
status $prog
}
##
rhstatus() {
status haproxy
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
restart
;;
check)
check
;;
status)
rhstatus
;;
*)
echo $"Usage: haproxy {start|stop|restart|status}"
RETVAL=1
esac
exit $RETVAL
配置日志
HAProxy 不会直接输出文件日志,需要借助 Linux 的 rsyslog 来让 HAProxy 输出日志。
0)
emerg 0 系统不可用
alert 1 必须马上采取行动的事件
crit 2 关键的事件
err 3 错误事件
warning 4 警告事件
notice 5 普通但重要的事件
info 6 有用的信息
debug 7 调试信息
1)修改 haproxy.cfg
在配置文件的 global 和 defaults 域中添加以下字段:
global
...
log 127.0.0.1 local0 info
log 127.0.0.1 local1 warning
...
defaults
...
log global
...
意思是将 info 级(及以上)的日志推送到 rsyslog 的 local0 接口,将 warn 级(及以上)的日志推送到 rsyslog 的 local1 接口,并且所有 frontend 都默认使用 global 中的日志配置。
注意:info 级的日志会打印 HAProxy 处理的每一条请求,会占用很大的磁盘空间,在生产环境中,建议将日志级别调整为 notice。
2)为 rsyslog 添加 haproxy 日志的配置
vi /etc/rsyslog.d/haproxy.conf
#配置文件内容如下:
$ModLoad imudp
$UDPServerRun 514
$FileCreateMode 0644 #日志文件的权限
$FileOwner root #日志文件的owner
local0.* /var/log/haproxy.log #local0接口对应的日志输出文件
local1.* /var/log/haproxy_warn.log #local1接口对应的日志输出文件
3)修改 rsyslog 的启动参数
vi /etc/sysconfig/rsyslog
# 置文件内容如下:
# Options for rsyslogd
# Syslogd options are deprecated since rsyslog v3.
# If you want to use them, switch to compatibility mode 2 by "-c 2"
# See rsyslogd(8) for more details
SYSLOGD_OPTIONS="-c 2 -r -m 0"
4)重启 rsyslog
service rsyslog restart
5)用 logrotate 进行日志切分
通过 rsyslog 输出的日志是不会切分的,所以需要通过 Linux 提供的 logrotate 来对日志文件进行切分。
使用 root 用户,创建 haproxy 日志切分配置文件:
# mkdir /root/logrotate
# vi /root/logrotate/haproxy
配置文件内容如下:
/var/log/haproxy.log /var/log/haproxy_warn.log { #切分的两个文件名
daily #按天切分
rotate 7 #保留7份
create 0644 root root #创建新文件的权限、用户、用户组
compress #压缩旧日志
delaycompress #延迟一天压缩
missingok #忽略文件不存在的错误
dateext #旧日志加上日志后缀
sharedscripts #切分后的重启脚本只运行一次
postrotate #切分后运行脚本重载rsyslog,让rsyslog向新的日志文件中输出日志
/bin/kill -HUP $(/bin/cat /var/run/syslogd.pid 2>/dev/null) &>/dev/null
endscript
}
6)将 logrotate 配置在 crontab 中:
0 0 * * * /usr/sbin/logrotate /root/logrotate/haproxy
chmod +x /etc/init.d/haproxy 手工启动 config="/usr/local/haproxy/conf/haproxy.cfg" exec="/usr/local/haproxy/sbin/haproxy" #检查配置文件 语法 $exec -c -f $config #Configuration file is valid #run $exec -f $config ha1 http://192.168.30.76:8888/haproxy-status ha2 http://192.168.30.76:8888/haproxy-status
问题及解决回顾
搞了一个早上 看书才知道 原来是要这样直接打开的 不能不加 haproxy-status
http://192.168.30.75:8888/haproxy-status
在其它机器 telnet 不通ha2 80 and 888 port
systemctl stop firewalld
: Starting frontend www: cannot bind socket [192.168.30.88:80]
frontend www
bind 192.168.30.88:80
先改为 bind *:80 或者先启动keepalived
关闭selinux 或者
echo 'net.ipv4.ip_nonlocal_bind=1' >>/etc/sysctl.conf
sysctl -p
下面是解说
Add net.ipv4.ip_nonlocal_bind=1 on /etc/sysctl.conf
sysctl -p
Restart the haproxy service(service restart haproxy). it will work.
nbproc 2 只能是一个提示而已
[root@localhost conf]# $exec -c -f $config
[WARNING] 165/230507 (26045) : Proxy 'admin_stats': in multi-process mode, stats will be limited to process assigned to the current request.
[WARNING] 165/230507 (26045) : Proxy 'admin_stats': stats admin will not work correctly in multi-process mode.
Configuration file is valid
参考
haproxy 配置详解good http://freehat.blog.51cto.com/1239536/1347882
haproxy日志配置 http://www.zhengdazhi.com/archives/1360
HAproxy均衡负载部署和配置文件详解 https://my.oschina.net/duxuefeng/blog/35232
负载均衡工具haproxy安装,配置,使用 http://blog.51yip.com/server/868.html
[HAProxy]实现haproxy启动/关闭/重启SHELL脚本 http://lxsym.blog.51cto.com/1364623/852363
HAproxy均衡负载部署和配置文件详解 https://my.oschina.net/duxuefeng/blog/35232
haproxy配置详解
http://leejia.blog.51cto.com/4356849/1421882
负载均衡工具haproxy安装,配置,使用 http://blog.51yip.com/server/868.html
haproxy日志配置 + rsyslog https://www.ttlsa.com/linux/haproxy-log-configuration-syslog/