互联网运维技术分享

编译安装

yum install gcc pcre-static pcre-devel -y
wget http://www.haproxy.org/download/1.9/src/haproxy-1.9.4.tar.gz -O ~/haproxy.tar.gz
tar xzvf ~/haproxy.tar.gz -C ~/
cd ~/haproxy-1.9.4
make TARGET=linux2628
make install
mkdir -p /etc/haproxy
mkdir -p /var/lib/haproxy
touch /var/lib/haproxy/stats
ln -s /usr/local/sbin/haproxy /usr/sbin/haproxy
cp ~/haproxy-1.9.4/examples/haproxy.init /etc/init.d/haproxy
chmod 755 /etc/init.d/haproxy
systemctl daemon-reload
useradd -r haproxy
haproxy -v
chkconfig haproxy on

防火墙

sudo firewall-cmd --permanent --zone=public --add-service=http
sudo firewall-cmd --permanent --zone=public --add-port=8181/tcp
sudo firewall-cmd --reload

4层配置 haproxy.cfg

global
   log /dev/log local0
   log /dev/log local1 notice
   chroot /var/lib/haproxy
   stats timeout 30s
   user haproxy
   group haproxy
   daemon

# turn on stats unix socket
#stats socket /var/lib/haproxy/stats mode 600 level admin

defaults
   log global
   mode http
   option httplog
   option dontlognull
   maxconn           256000
   timeout connect 5000
   timeout client 50000
   timeout server 50000

listen admin_stat
    #haproxy的web管理端口 8888，自行设置
    bind 0.0.0.0:8888
    mode http
    stats refresh 30s
    #haproxy web管理url，自行设置
    stats uri /haproxy_stats
    stats realm Haproxy\\ Statistics
    #haproxy web管理用户名密码，自行设置
    stats auth admin:admin
    stats hide-version

frontend http_front
   bind *:8098
#   stats uri /haproxy?stats
   default_backend http_back

backend http_back
   balance roundrobin
    option      httpchk GET /ping
   server      riakkv1 10.200.124.111:8098 check
   server      riakkv2 10.200.124.112:8098 check
   server      riakkv3 10.200.124.113:8098 check
   server      riakkv4 10.200.124.114:8098 check
   server      riakkv5 10.200.124.115:8098 check
   server      riakkv6 10.200.124.116:8098 check
   server      riakkv7 10.200.124.117:8098 check
   server      riakkv8 10.200.124.118:8098 check
   server      riakkv9 10.200.124.119:8098 check
   server      riakkv10 10.200.124.120:8098 check

frontend tcp_front
   bind *:8087
    mode                 tcp
    option             tcplog
    option             contstats
    option             tcpka
   default_backend tcp_back

backend tcp_back

    balance     leastconn
    mode        tcp
    option      tcpka
    option      srvtcpka

   server      riakkv1 10.200.124.111:8087 check
   server      riakkv2 10.200.124.112:8087 check
   server      riakkv3 10.200.124.113:8087 check
   server      riakkv4 10.200.124.114:8087 check
   server      riakkv5 10.200.124.115:8087 check
   server      riakkv6 10.200.124.116:8087 check
   server      riakkv7 10.200.124.117:8087 check
   server      riakkv8 10.200.124.118:8087 check
   server      riakkv9 10.200.124.119:8087 check
   server      riakkv10 10.200.124.120:8087 check

web管理

http://<load balancer public IP>:<http_front port>/haproxy?stats

web管理加密（http://:8181）

listen stats
  bind *:8181
  stats enable
  stats uri /
  stats realm Haproxy\\ Statistics
  stats auth username:password

7成配置例子

frontend http_front
  bind *:80
  stats uri /haproxy?stats
  acl url_blog path_beg /blog
  use_backend blog_back if url_blog
  default_backend http_back

backend http_back
  balance roundrobin
  server <server name> <private IP>:80 check
  server <server name> <private IP>:80 check

backend blog_back
  server <server name> <private IP>:80 check

生产环境事例

global
   log /dev/log local0
   log /dev/log local1 notice
   chroot /var/lib/haproxy
   maxconn           600000
   user haproxy
   group haproxy
   daemon
# turn on stats unix socket
#stats socket /var/lib/haproxy/stats mode 600 level admin
defaults
   log global
   mode http
   option httplog
   option dontlognull
   maxconn         500000
   timeout connect 5000
#   timeout client 50000
#   timeout server 50000
listen WEB-STATUS
   bind 0.0.0.0:18080
   mode http
#   stats refresh 30s
   stats uri /haproxy?stats
frontend rabbitmq5672-192.168.200.28:15672
   bind *:5672
   mode               tcp
   option             tcplog
   option             contstats
   option             tcpka
   default_backend    rabbitmq-nodes
backend rabbitmq-nodes
   balance     leastconn
   mode        tcp
   option      tcpka
   option      srvtcpka
   server      mq1 192.168.200.29:5672 check
   server      mq2 192.168.200.36:5672 check
   server      mq3 192.168.200.43:5672 check
frontend riak-kv-http8098
   bind *:8098
   default_backend riak-kv-http-nodes
backend riak-kv-http-nodes
   balance     static-rr
   option      httpchk GET /ping
   server      riakkvh1 192.168.200.18:8098 check
   server      riakkvh2 192.168.200.19:8098 check
   server      riakkvh3 192.168.200.16:8098 check
   server      riakkvh4 192.168.200.12:8098 check
   server      riakkvh5 192.168.200.21:8098 check
frontend riak-kv-tcp8087
   bind *:8087
   mode               tcp
   option             tcplog
   option             contstats
   option             tcpka
   default_backend    riak-kv-tcp-nodes
backend riak-kv-tcp-nodes
   balance     leastconn
   mode        tcp
   option      tcpka
   option      srvtcpka
   server      riakkvt1 192.168.200.18:8087 check
   server      riakkvt2 192.168.200.19:8087 check
   server      riakkvt3 192.168.200.16:8087 check
   server      riakkvt4 192.168.200.12:8087 check
   server      riakkvt5 192.168.200.21:8087 check
#TCP  192.168.200.200:8080 wrr
#  -> 192.168.200.25:8080          Route   1      0          0
#  -> 192.168.200.30:8080          Route   1      0          0
#  -> 192.168.200.33:8080          Route   1      0          0
#  -> 192.168.200.37:8080          Route   1      0          0
#  -> 192.168.200.39:8080          Route   1      0          0

200.245 sit

vi /etc/haproxy/haproxy.cfg   
global
   log /dev/log local0
   log /dev/log local1 notice
   chroot /var/lib/haproxy
   maxconn           600000
   user haproxy
   group haproxy
   daemon


defaults
   log global
   mode http
   option httplog
   option dontlognull
   maxconn         500000
   timeout connect 5000

listen WEB-STATUS
   bind 0.0.0.0:18080
   mode http
   stats uri /haproxy?stats

frontend riak-kv-http8098
   bind *:8098
   default_backend riak-kv-http-nodes

backend riak-kv-http-nodes
   balance     static-rr
   option      httpchk GET /ping
   server      riakkvh1 192.168.200.18:8098 check
   server      riakkvh2 192.168.200.19:8098 check

frontend riak-kv-tcp8087
   bind *:8087
   mode               tcp
   option             tcplog
   option             contstats
   option             tcpka
   default_backend    riak-kv-tcp-nodes

backend riak-kv-tcp-nodes
   balance     leastconn
   mode        tcp
   option      tcpka
   option      srvtcpka
   server      riakkvt1 192.168.200.18:8087 check
   server      riakkvt2 192.168.200.19:8087 check

外网配置实例

global
  log 127.0.0.1 local0
  chroot /var/lib/haproxy
  user   nobody
  group  nobody
  daemon

defaults
  mode http
  log global
  option  httplog
  option  http-server-close
  option  dontlognull
  option  redispatch
  option  contstats
  retries 3
  backlog 10000
  timeout client          25s
  timeout connect          5s
  timeout server          60s
  timeout tunnel        3600s
  timeout http-keep-alive  1s
  timeout http-request    15s
  timeout queue           30s
  timeout tarpit          60s
  default-server inter 3s rise 2 fall 3


listen bk_1883
    bind *:1883
    mode tcp
    balance roundrobin
    option  tcplog
    server server1 10.200.77.41:1883 maxconn 10000  check inter 10s weight 1

centos7 编译安装haproxy1.9.4

编译安装

防火墙

4层配置 haproxy.cfg

web管理

web管理加密（http://:8181）

7成配置例子

生产环境事例

200.245 sit

外网配置实例

热门文章

最新评论

友情链接