Haproxy安装和配置

来自linux中国网wiki
跳到导航 跳到搜索

总的为

搭建keepalived+haproxy双主高可用负载均衡系统

haproxy安装

master and backup 都要
https://www.haproxy.org/download/

wget -c https://www.haproxy.org/download/1.5/src/haproxy-1.5.9.tar.gz

tar xvf haproxy-1.5.9.tar.gz  && cd haproxy-1.5.9
make TARGET=linux2628 PREFIX=/usr/local/haproxy -j3
make install PREFIX=/usr/local/haproxy
mkdir /usr/local/haproxy/conf
cp examples/haproxy.cfg /usr/local/haproxy/conf/

# - linux26     for Linux 2.6 and above
#- linux2628   for Linux 2.6.28, 3.x, and above (enables splice and tproxy)

#这个脚本不好用 跳过  可能要改一下相关的 bin config 路径就行 了 
#cp  examples/init.haproxy /etc/init.d/haproxy


==haproxy配置==
===配置文件===
<pre>
global
##  20170617 am 参考了 http://nmshuishui.blog.51cto.com/1850554/1405486
        log 127.0.0.1 local0 info
        maxconn 4096
        user nobody
        group nobody
        daemon
        nbproc 2
        pidfile  /var/run/haproxy.pid 

defaults
        mode http
        retries 3
        timeout connect 10s
        timeout client 20s
        timeout server 30s
        timeout check 5s

listen admin_stats
        bind 0.0.0.0:8888
        mode http
        log 127.0.0.1 local0 err
        stats refresh 30s
        stats uri /haproxy-status
        stats realm welcome login\ Haproxy
        stats auth evan:evan
        stats hide-version
        stats admin if TRUE

frontend www
         bind 192.168.30.88:80
         #bind *:80
         mode   http
         option  httplog
         option  forwardfor
         #option  httpclose
         log     global

        acl host_www           hdr_dom(host)   -i      www.zb.com
        acl host_static        hdr_dom(host)   -i      static.zb.com
#        acl host_video            hdr_dom(host)   -i      video.zb.com

        use_backend server_www     if      host_www
        use_backend server_static  if      host_static
#        use_backend server_video   if      host_video

#here 0617
backend  server_www
        mode    http
        option   redispatch
        option   abortonclose
        balance  roundrobin
        #cookie   SERVERID
        option   httpchk GET /index.html
        server  webapp1 192.168.30.71:80  weight 6 check inter 2000 rise 2 fall 3
        server  webapp2 192.168.30.72:80  weight 6 check inter 2000 rise 2 fall 3
         #上面是两台 real web vm 
        #        #server  iivey234 192.168.81.234:8080 cookie server2 weight 3 check inter 2000 rise 2 fall 3
## here 20160616


backend  server_static
        mode    http
        option   redispatch
        option   abortonclose
        balance  roundrobin
        option   httpchk GET /index.html
        server  webapp2 192.168.30.72:80  weight 6 check inter 2000 rise 2 fall 3

#backend  server_video
#        mode    http
#        option   redispatch
#        option   abortonclose
#        balance  roundrobin
#        option   httpchk GET /index.html
#        server  237server 192.168.30.71:80 cookie server1 weight 6 check inter 2000 rise 2 fall 3


启动脚本


#!/bin/sh 
# chkconfig 2345 on 
# cat /etc/init.d/haproxy 
# description: HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments.
if [ -f /etc/init.d/functions ]; then 
 . /etc/init.d/functions 
elif [ -f /etc/rc.d/init.d/functions ] ; then 
 . /etc/rc.d/init.d/functions 
else 
 exit 0 
fi
# Source networking configuration. 
. /etc/sysconfig/network
# Check that networking is up. 
#[ ${NETWORKING} = "no" ] && exit 0
[ "${NETWORKING}" = "no" ] && exit 0

config="/usr/local/haproxy/conf/haproxy.cfg"
exec="/usr/local/haproxy/sbin/haproxy"
prog=$(basename $exec)
lockfile=/var/lock/subsys/haproxy

PID="/var/run/haproxy.pid"
check(){
   $exec -c -V -f $config
}
#[ -f $config ] || exit 1 
#RETVAL=0 
start() { 
   $exec -c -q -f $config 
  #daemon $exec -c -q -f $config 
 # daemon $exec  -f $config 
    if [ $? -ne 0 ]; then 
        echo "Errors found in configuration file." 
        return 1 
    fi 

  echo -n "Starting HAproxy: " 
  daemon $exec -D -f $config -p $PID
  RETVAL=$? 
  echo 
  [ $RETVAL -eq 0 ] && touch /var/lock/subsys/haproxy 
  return $RETVAL 
}
stop() { 
 echo -n "Shutting down HAproxy: " 
 #kill  $(cat $PID)
 killproc haproxy  
 RETVAL=$? 
 echo 
 [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/haproxy 
 [ $RETVAL -eq 0 ] && rm -f $PID 
 return $RETVAL 
}
restart() { 
   $exec -c -q -f $config 
   if [ $? -ne 0 ]; then 
       echo "Errors found in configuration file, check it with 'haproxy check'." 
       return 1 
   fi 
 stop 
 start 
}

reload(){
    $exec -c -q  -f $config
   if [ $? -ne 0 ]; then 
       echo "Errors found in configuration file, check it with 'haproxy check'." 
       return 1 
   fi 
   echo -n $"reloading haproxy:"
   $exec -D -f $config -p $PID -sf $(cat $PID)
    RETVAL=$? 
    echo 
return  $RETVAL
}

force_reload(){
    restart
}

fdr_status(){
status $prog
}

##
rhstatus() { 
 status haproxy 
}
# See how we were called. 
case "$1" in 
 start) 
        start 
        ;; 
 stop) 
        stop 
        ;; 
 restart) 
        restart 
        ;; 
 check)
        check
        ;; 
 status) 
        rhstatus 
        ;; 
 *) 
        echo $"Usage: haproxy {start|stop|restart|status}" 
        RETVAL=1 
        esac 
        exit $RETVAL 

配置日志

HAProxy 不会直接输出文件日志,需要借助 Linux 的 rsyslog 来让 HAProxy 输出日志。
0)
emerg 0 系统不可用
alert 1 必须马上采取行动的事件
crit 2 关键的事件
err 3 错误事件
warning 4 警告事件
notice 5 普通但重要的事件
info 6 有用的信息
debug 7 调试信息

1)修改 haproxy.cfg

在配置文件的 global 和 defaults 域中添加以下字段:

global
    ...
    log 127.0.0.1 local0 info
    log 127.0.0.1 local1 warning
    ...

defaults
    ...
    log global
    ...
意思是将 info 级(及以上)的日志推送到 rsyslog 的 local0 接口,将 warn 级(及以上)的日志推送到 rsyslog 的 local1 接口,并且所有 frontend 都默认使用 global 中的日志配置。
注意:info 级的日志会打印 HAProxy 处理的每一条请求,会占用很大的磁盘空间,在生产环境中,建议将日志级别调整为 notice。

2)为 rsyslog 添加 haproxy 日志的配置

 vi /etc/rsyslog.d/haproxy.conf
#配置文件内容如下:

$ModLoad imudp
$UDPServerRun 514
$FileCreateMode 0644  #日志文件的权限
$FileOwner root  #日志文件的owner
local0.*     /var/log/haproxy.log  #local0接口对应的日志输出文件
local1.*     /var/log/haproxy_warn.log  #local1接口对应的日志输出文件

3)修改 rsyslog 的启动参数

 vi /etc/sysconfig/rsyslog
# 置文件内容如下:

# Options for rsyslogd
# Syslogd options are deprecated since rsyslog v3.
# If you want to use them, switch to compatibility mode 2 by "-c 2"
# See rsyslogd(8) for more details
SYSLOGD_OPTIONS="-c 2 -r -m 0"

4)重启 rsyslog
service rsyslog restart


5)用 logrotate 进行日志切分

通过 rsyslog 输出的日志是不会切分的,所以需要通过 Linux 提供的 logrotate 来对日志文件进行切分。

使用 root 用户,创建 haproxy 日志切分配置文件:

# mkdir /root/logrotate
# vi /root/logrotate/haproxy
配置文件内容如下:

/var/log/haproxy.log /var/log/haproxy_warn.log {  #切分的两个文件名
    daily        #按天切分
    rotate 7     #保留7份
    create 0644 root root  #创建新文件的权限、用户、用户组
    compress     #压缩旧日志
    delaycompress  #延迟一天压缩
    missingok    #忽略文件不存在的错误
    dateext      #旧日志加上日志后缀
    sharedscripts  #切分后的重启脚本只运行一次
    postrotate   #切分后运行脚本重载rsyslog,让rsyslog向新的日志文件中输出日志
    /bin/kill -HUP $(/bin/cat /var/run/syslogd.pid 2>/dev/null) &>/dev/null
    endscript
}
6)将 logrotate 配置在 crontab 中:

0 0 * * * /usr/sbin/logrotate /root/logrotate/haproxy


chmod +x /etc/init.d/haproxy

手工启动
config="/usr/local/haproxy/conf/haproxy.cfg"
exec="/usr/local/haproxy/sbin/haproxy"

#检查配置文件 语法
$exec -c     -f $config
#Configuration file is valid

#run 
$exec    -f $config

ha1 
http://192.168.30.76:8888/haproxy-status

ha2
http://192.168.30.76:8888/haproxy-status 

问题及解决回顾

搞了一个早上 看书才知道  原来是要这样直接打开的 不能不加 haproxy-status

http://192.168.30.75:8888/haproxy-status


在其它机器 telnet 不通ha2  80 and 888 port 
systemctl stop firewalld


: Starting frontend www: cannot bind socket [192.168.30.88:80]

frontend www
         bind 192.168.30.88:80 
先改为 bind *:80 或者先启动keepalived 

关闭selinux  或者
echo 'net.ipv4.ip_nonlocal_bind=1' >>/etc/sysctl.conf
sysctl -p

下面是解说 
Add net.ipv4.ip_nonlocal_bind=1 on /etc/sysctl.conf
sysctl -p
Restart the haproxy service(service restart haproxy). it will work.


nbproc 2 只能是一个提示而已
[root@localhost conf]# $exec -c     -f $config
[WARNING] 165/230507 (26045) : Proxy 'admin_stats': in multi-process mode, stats will be limited to process assigned to the current request.
[WARNING] 165/230507 (26045) : Proxy 'admin_stats': stats admin will not work correctly in multi-process mode.
Configuration file is valid

参考

haproxy 配置详解good http://freehat.blog.51cto.com/1239536/1347882

haproxy日志配置 http://www.zhengdazhi.com/archives/1360

HAproxy均衡负载部署和配置文件详解 https://my.oschina.net/duxuefeng/blog/35232

负载均衡工具haproxy安装,配置,使用 http://blog.51yip.com/server/868.html

[HAProxy]实现haproxy启动/关闭/重启SHELL脚本 http://lxsym.blog.51cto.com/1364623/852363

HAproxy均衡负载部署和配置文件详解 https://my.oschina.net/duxuefeng/blog/35232


haproxy配置详解 http://leejia.blog.51cto.com/4356849/1421882

负载均衡工具haproxy安装,配置,使用 http://blog.51yip.com/server/868.html

haproxy日志配置 + rsyslog https://www.ttlsa.com/linux/haproxy-log-configuration-syslog/