配置haproxy负载均衡http

环境说明：

准备工作

三台主机都做，同时在rs1和rs2上面安装好httpd

#配置阿里源
curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-vault-8.5.2111.repo
sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo

配置epel源
yum -y install epel-release

关闭selinux和防火墙
systemctl disable --now firewalld
firewall-cmd  --state
   not running
sed -i "s/=enforcing/=disabled/g" /etc/selinux/config
setenforce 0
getenforce 
   Permissive
reboot
getenforce 
   Disabled
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18

配置httpd负载均衡

haproxy安装

yum -y install make gcc pcre-devel bzip2-devel openssl-devel systemd-devel
#创建用户
useradd -r -M -s /sbin/nologin haproxy
1
2
3

下载并解压haproxy包 http://github.com/haproxy/haproxy
[root@haproxy ~]# ls
anaconda-ks.cfg  haproxy-2.6.0.tar.gz

[root@haproxy ~]# tar xf haproxy-2.6.0.tar.gz 
[root@haproxy ~]# cd haproxy-2.6.0
[root@haproxy haproxy-2.6.0]# ls
addons    CHANGELOG     doc       INSTALL      Makefile   scripts  tests
admin     CONTRIBUTING  examples  LICENSE      README     src      VERDATE
BRANCHES  dev           include   MAINTAINERS  reg-tests  SUBVERS  VERSION
1
2
3
4
5
6
7
8
9
10

#查看几个cpu
[root@haproxy haproxy-2.6.0]# nproc 
1
[root@haproxy haproxy-2.6.0]# make clean 
#编译
[root@haproxy haproxy-2.6.0]# make -j $(grep 'processor' /proc/cpuinfo |wc -l)  \> TARGET=linux-glibc  \
> USE_OPENSSL=1  \
> USE_ZLIB=1  \
> USE_PCRE=1  \
> USE_SYSTEMD=1

[root@haproxy haproxy-2.6.0]# make install PREFIX=/usr/local/haproxy
[root@haproxy haproxy-2.6.0]# ls
addons     CONTRIBUTING  haproxy  MAINTAINERS  scripts  VERDATE
admin      dev           include  Makefile     src      VERSION
BRANCHES   doc           INSTALL  README       SUBVERS
CHANGELOG  examples      LICENSE  reg-tests    tests

[root@haproxy haproxy-2.3.0]# cp haproxy /usr/sbin/
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19

配置各个负载的内核参数

[root@haproxy haproxy-2.6.0]# echo 'net.ipv4.ip_nonlocal_bind = 1' >>  /etc/sysctl.conf
[root@haproxy haproxy-2.6.0]# echo 'net.ipv4.ip_forward = 1' >> /etc/sysctl.conf

[root@haproxy haproxy-2.6.0]# cat /etc/sysctl.conf 
# sysctl settings are defined through files in
# /usr/lib/sysctl.d/, /run/sysctl.d/, and /etc/sysctl.d/.
#
# Vendors settings live in /usr/lib/sysctl.d/.
# To override a whole file, create a new file with the same in
# /etc/sysctl.d/ and put new settings there. To override
# only specific settings, add a file with a lexically later
# name in /etc/sysctl.d/ and put new settings there.
#
# For more information, see sysctl.conf(5) and sysctl.d(5).
net.ipv4.ip_nonlocal_bind = 1
net.ipv4.ip_forward = 1


#文件生效
[root@haproxy haproxy-2.6.0]# sysctl -p
net.ipv4.ip_nonlocal_bind = 1
net.ipv4.ip_forward = 1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22

配置文件

#rs1和rs2 一样配置
[root@rs1 html]# 
/var/www/html
[root@rs1 html]# echo 'rs1' >index.html
[root@rs1 html]# systemctl enable --now httpd
Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service.
[root@rs1 html]# chmod 777 index.html
[root@rs1 html]# ss -antl
State    Recv-Q   Send-Q     Local Address:Port     Peer Address:Port  Process   
LISTEN   0        128              0.0.0.0:22            0.0.0.0:*               
LISTEN   0        128                    *:80                  *:*               
LISTEN   0        128                 [::]:22               [::]:*  
1
2
3
4
5
6
7
8
9
10
11
12

[root@haproxy haproxy-2.6.0]# vim /etc/haproxy/haproxy.cfg
[root@haproxy haproxy-2.6.0]# cat /etc/haproxy/haproxy.cfg
#--------------全局配置----------------
global
    log 127.0.0.1 local0  info
    #log loghost local0 info
    maxconn 20480
#chroot /usr/local/haproxy
    pidfile /var/run/haproxy.pid
    #maxconn 4000
    user haproxy
    group haproxy
    daemon
#---------------------------------------------------------------------
#common defaults that all the 'listen' and 'backend' sections will
#use if not designated in their block
#---------------------------------------------------------------------
defaults
    mode http
    log global
    option dontlognull
    option httpclose
    option httplog
    #option forwardfor
    option redispatch
    balance roundrobin
    timeout connect 10s
    timeout client 10s
    timeout server 10s
    timeout check 10s
    maxconn 60000
    retries 3
#--------------统计页面配置------------------
listen admin_stats
    bind 0.0.0.0:8189
    stats enable
    mode http
    log global
    stats uri /haproxy_stats
    stats realm Haproxy\ Statistics
    stats auth admin:admin
    #stats hide-version
    stats admin if TRUE
    stats refresh 30s
#---------------web设置-----------------------
listen webcluster
    bind 0.0.0.0:80
    mode http
    #option httpchk GET /index.html
    log global
    maxconn 3000
    balance roundrobin
    cookie SESSION_COOKIE insert indirect nocache
    server web01 172.16.103.130:80 check inter 2000 fall 5
    #server web01 192.168.80.102:80 cookie web01 check inter 2000 fall 5

修改配置文件
[root@haproxy ~]# vim /etc/haproxy/haproxy.cfg 
#    cookie SESSION_COOKIE insert indirect nocache            
    server web01 192.168.192.136:80 check inter 2000 fall 5          添加rs1和rs2的IP
    server web02 192.168.192.137:80 check inter 2000 fall 5      
    #server web01 192.168.80.102:80 cookie web01 check inter 2000 fall 5
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62

配置开机自启

[root@haproxy ~]# cat > /usr/lib/systemd/system/haproxy.service <