Haproxy-负载均衡

◆案例1◆ 编译安装Haproxy

Haproxy镜像站:https://src.fedoraproject.org/repo/pkgs/haproxy/

1.安装依赖

yum install -y gcc autoconf automake

2.安装haproxy

tar -xzvf haproxy-1.8.8.tar.gz

cd haproxy-1.8.8/

mkdir -p /usr/local/haproxy

make TARGET=linux2628 ARCH=x86_64 PREFIX=/usr/local/haproxy

make install PREFIX=/usr/local/haproxy


/usr/local/haproxy/sbin/haproxy -v     #检查版本
useradd -s /sbin/nologin -M haproxy    #增加用户

3.内核优化,开启NAT转发

echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf
echo "net.ipv4.ip_nonlocal_bind = 1" >> /etc/sysctl.conf  #允许没监听IP时启动

sysctl -p

4.日志配置

sed -i 's/^#$ModLoad imudp/$ModLoad imudp/g' /etc/rsyslog.conf
sed -i 's/^#$UDPServerRun 514/$UDPServerRun 514/g' /etc/rsyslog.conf
echo 'local0.* /var/log/haproxy.log'>>/etc/rsyslog.conf   #添加haproxy日志路径

systemctl restart rsyslog

 ◆案例2◆ Haproxy配置Web负载均衡集群

1.生成Haproxy配置文件

注:由于Haproxy不会生成配置文件,所有应手动创建(写入以下内容)

vim /usr/local/haproxy/haproxy.cfg


######################全局配置####################

global
log 127.0.0.1 local0
log 127.0.0.1 local1 notice
daemon
#nbproc 1                     #进程数量 
maxconn 4096                  #最大连接数
user haproxy                  #运行用户
group haproxy                 #运行组
chroot /usr/local/haproxy     #haproxy路径
pidfile /var/run/haproxy.pid  #进程ID

###################默认配置#######################

defaults
log global
mode http              #默认模式{ tcp|http|health }
option httplog         #日志类别,采用httplog
option dontlognull     #不记录健康检查日志信息
retries 2              #2次连接失败不可用
option forwardfor      #后端服务获得真实ip
option httpclose       #请求完毕后主动关闭http通道
option abortonclose    #服务器负载很高,自动结束比较久的链接
maxconn 4096           #最大连接数
timeout connect 5m     #连接超时
timeout client 1m      #客户端超时
timeout server 31m     #服务器超时
timeout check 10s      #心跳检测超时
balance roundrobin     #负载均衡方式,轮询

###################统计页面配置###################

listen stats
bind 0.0.0.0:1080
mode http
option httplog
log 127.0.0.1 local0 err
stats refresh 30s
maxconn 10                         #最大连接数 
stats uri /admin                   #状态页面 http//ip:1080/admin访问 
stats realm Haproxy\ Statistics
stats auth admin:admin             #用户和密码:admin
stats hide-version                 #隐藏版本信息 
stats admin if TRUE                #设置手工启动/禁用

##############设置haproxy 错误页面#################

#errorfile 403 /opt/haproxy/errorfiles/403.http 
#errorfile 500 /opt/haproxy/errorfiles/500.http 
#errorfile 502 /opt/haproxy/errorfiles/502.http
errorloc 503 https://www.baidu.com/
#errorfile 504 /opt/errorfiles/504.http 

#################frontend前端配置#################

frontend http_main                #指定类型(http_main/mysql)
bind *:80                         #本机侦听端口(80/3306)
option forwardfor
acl web hdr(host) -i elven.win    #acl规则,-i忽略大小写,访问*就触发web规则
use_backend web1 if web

acl web_kvm path_beg -i /kvm
use_backend kvm if web_kvm

default_backend web1              #不满足则响应的默认页面

#################backend后端配置#################

backend web1                      #www1作用域
cookie SERVERID
balance roundrobin
option httpchk HEAD /index.html HTTP/1.0

server web1 192.168.1.10:80 weight 1 check inter 2000 rise 2 fall 3    #web1均衡(应添加内容)
server web2 192.168.1.11:80 weight 1 check inter 2000 rise 2 fall 3    #web2均衡(应添加内容)

backend kvm
server kvm1 127.0.0.1:8000

#################################################

2.设置权限

chmod 755 -R /usr/local/haproxy
chown -R haproxy:haproxy /usr/local/haproxy

3.启动haproxy

/usr/local/haproxy/sbin/haproxy -f /usr/local/haproxy/haproxy.cfg

4.查看Web监控页面

http://127.0.0.1:1080/admin
cat /var/log/haproxy.log

◆案例3◆ Haproxy配置MySQL负载均衡集群

1.生成Haproxy配置文件

注:由于Haproxy不会生成配置文件,所有应手动创建(写入以下内容)

vim /usr/local/haproxy/haproxy.cfg

global 
maxconn 4096 
daemon 
chroot /usr/local/haproxy 
pidfile /var/run/haproxy.pid 
#debug 
#quiet 
user haproxy 
group haproxy 

defaults 
log global 
mode http 
option httplog 
option dontlognull 
log 127.0.0.1 local0 
retries 3 
option redispatch 
maxconn 2000 
#contimeout 5000 
#clitimeout 50000 
#srvtimeout 50000 
timeout http-request 10s 
timeout queue 1m 
timeout connect 10s 
timeout client 1m 
timeout server 1m 
timeout http-keep-alive 10s 
timeout check 10s 

listen admin_stats
bind *:1080 
mode http 
stats uri /admin 
stats realm Global\ statistics 
stats auth admin:admin
stats hide-version

listen proxy-mysql
bind *:3306
mode tcp 
balance roundrobin 
option tcplog 
option mysql-check user haproxy #在mysql中创建无任何权限用户haproxy且无密码
server MySQL1 192.168.1.13:3306 check weight 1 maxconn 2000 
server MySQL2 192.168.1.14:3306 check weight 1 maxconn 2000 
option tcpka

2.进入从数据库,创建haproxy用户

MariaDB [(none)]> create user 'haproxy'@'%';
Query OK, 0 rows affected (0.10 sec)

MariaDB [(none)]> create user 'haproxy'@'localhost';
Query OK, 0 rows affected (0.00 sec)

3.设置权限

chmod 755 -R /usr/local/haproxy
chown -R haproxy:haproxy /usr/local/haproxy

4.启动haproxy

/usr/local/haproxy/sbin/haproxy -f /usr/local/haproxy/haproxy.cfg

5.查看Web监控页面

http://127.0.0.1:1080/admin
cat /var/log/haproxy.log

6.测试MySQL负载均衡(在haproxy主机上做)

mysql -uroot -p -h 192.168.1.12

grant all privileges on *.* to root@'%' identified by "123";

MariaDB [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| wang |
+--------------------+
4 rows in set (0.18 sec)


MariaDB [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| rui |
+--------------------+
4 rows in set (0.01 sec)