今日新闻

今日新闻

首页 / 科技 / haproxy基于一般的调度器设置

haproxy基于一般的调度器设置

科技 2023年9月25日 22:11

haproxy基于一般的调度器设置(有listen,但无frontend和backend)

项目1:haproxy机器部署web集群(httpd是虚拟主机情况,只检查IP端口,不检查域名和站点网页

haproxy机器:(双网卡:eth0:192.168.4.5 eth1:172.10.10.5)(不用配hosts解析,客户端能自动按照域名识别)

[root@localhost 桌面]# ifconfig eth0 |head -2

eth0 Link encap:Ethernet HWaddr 00:0C:29:90:BC:2C

inet addr:192.168.4.5 Bcast:192.168.4.255 Mask:255.255.255.0

[root@localhost 桌面]# ifconfig eth1 |head -2

eth1 Link encap:Ethernet HWaddr 00:0C:29:90:BC:36

inet addr:172.10.10.5 Bcast:172.10.10.255 Mask:255.255.255.0

[root@localhost 桌面]# vim /etc/sysctl.conf //也可不开路由转发,养成习惯最好

net.ipv4.ip_forward = 1

wq

[root@localhost 桌面]# sysctl -p

[root@localhost 桌面]# yum -y install gcc gcc-c++

[root@localhost 桌面]# ls

haproxy-1.4.24.tar.gz

[root@localhost 桌面]# tar -zxf haproxy-1.4.24.tar.gz

[root@localhost 桌面]# ls

haproxy-1.4.24 haproxy-1.4.24.tar.gz

[root@localhost 桌面]# cd haproxy-1.4.24

[root@localhost haproxy-1.4.24]# ls

CHANGELOG ebtree LICENSE Makefile.osx src TODO

contrib examples Makefile README SUBVERS VERDATE

doc include Makefile.bsd ROADMAP tests VERSION

[root@localhost haproxy-1.4.24]# make TARGET=linux2628 ARCH=x86_64 //编译,target指定内核,架构选择

[root@localhost haproxy-1.4.24]# make PREFIX=/usr/local/haproxy install

[root@localhost haproxy-1.4.24]# cd /usr/local/haproxy/

[root@localhost haproxy]# ls

doc sbin share

[root@localhost haproxy]# mkdir conf logs var/run var/chroot -p //优化目录结构,也可不做,根据需要

[root@localhost haproxy]# ls

conf doc logs sbin share var

安装后链接变量路径和cp配置文件和启动脚本:

[root@localhost haproxy]# ln -s /usr/local/haproxy/sbin/haproxy /usr/sbin/

[root@localhost haproxy]# mkdir /etc/haproxy

[root@localhost haproxy]# cp /root/桌面
/haproxy-1.4.24/examples/haproxy.cfg /etc/haproxy/

[root@localhost haproxy]# cp /root/桌面
/haproxy-1.4.24/examples/haproxy.init /etc/init.d/haproxy

[root@localhost haproxy]# chmod +x /etc/init.d/haproxy

[root@localhost haproxy]# /etc/init.d/haproxy start //第一次启动会报错,配置文件模板需改

[root@localhost haproxy]# vim /etc/haproxy/haproxy.cfg //只检查IP端口,不检查域名和站点网页

global

log 127.0.0.1:514 local0 warning

log 127.0.0.1 local1 notice

chroot /usr/local/haproxy/var/chroot

pidfile /usr/local/haproxy/var/run/haproxy.pid

maxconn 20480

nbproc 8

daemon

group haproxy

user haproxy

spread-checks 3

defaults

log global

mode http

option httplog

option dontlognull

retries 3

redispatch

maxconn 2000

contimeout 5000

clitimeout 50000

srvtimeout 50000

listen test

bind 172.10.10.5:80

mode http

stats enable

stats uri /admin?stats //web界面的uri,访问时格式:http://调度IP或域名/admin?stats

stats hide-version

stats auth admin:123456

balance roundrobin

option forwardfor //在web网站配置日志中能够看到客户端真实的IP,不好演示,做一个说明即可

timeout server 15s

timeout connect 15s

option httpclose

cookie SERVERID rewrite

server web1 192.168.4.100:80 cookie A maxconn 2048 weight 1 check port 80 inter 2000 rise 2 fall 5

server web2 192.168.4.200:80 cookie B maxconn 4096 weight 1 check port 80 inter 2000 rise 2 fall 5

wq

[root@localhost haproxy]# useradd -s /sbin/nologin haproxy -M

利用rsyslog配置haproxy记录日志功能: //当看
/usr/local/haproxy/logs/haproxy.log可看haproxy日志,只做下说明

[root@localhost haproxy]# echo “local0.* /usr/local/haproxy/logs/haproxy.log” >> /etc/rsyslog.conf

[root@localhost haproxy]# tail -1 /etc/rsyslog.conf

local0.*
/usr/local/haproxy/logs/haproxy.log //因为haproxy.cfg中是local0,用这个设备写日志

[root@localhost haproxy]# tail -1 /etc/sysconfig/rsyslog //这个不用动

SYSLOGD_OPTIOn=”-c 5″ //6.0版以上不用动,5.8版应写为:SYSLOGD_OPTIOn=”-c 2 -m 0 -r -x”,兼容2版本

[root@localhost haproxy]# /etc/init.d/rsyslog restart //启动记录haproxy日志服务,6.4版启动无端口

[root@localhost haproxy]# vim /etc/rsyslog.conf //解决rsyslog启动服务后无端口问题

$ModLoad imudp //注释取消

$UDPServerRun 514 //注释取消

wq

[root@localhost haproxy]# /etc/init.d/rsyslog restart

[root@localhost haproxy]# netstat -anptu |grep 514

udp 0 0 0.0.0.0:514 0.0.0.0:* 27715/rsyslogd

udp 0 0 :::514 :::* 27715/rsyslogd

[root@localhost haproxy]# /etc/init.d/haproxy start //启动haproxy服务

[root@localhost haproxy]# ps -elf |grep haproxy //查看进程

[root@localhost haproxy]# /etc/init.d/haproxy stop //停止haproxy

//也可以用源码启动,如下:


/usr/local/haproxy/sbin/haproxy -f /etc/haproxy/haproxy.cfg -c //检查语法


/usr/local/haproxy/sbin/haproxy -f /etc/haproxy/haproxy.cfg -D //启动 pkill haproxy //停止

-f指定配置文件,-D后台启动,-q安静的执行,-c检查语法,-n并发连接数,-m使用内存多少M限制,-p指定把pid号写到哪个文件去,-sf平滑重启参数。

两台web服务器上配置:(192.168.4.100上)

[root@localhost 桌面]# yum -y install httpd

[root@localhost 桌面]# /etc/init.d/httpd start

[root@localhost 桌面]# vim
/etc/httpd/conf/httpd.conf

#LogFormat “%h %l %u %t \”%r\” %>s %b” common //默认如此,修改为下面,把%h修改为:\”%{X-Forwarded-For}i\”

LogFormat “\”%{X-Forwarded-For}i\” %l %u %t \”%r\” %>s %b” common //记录客户端访问的真实IP的设置

NameVirtualHost *:80

<VirtualHost *:80>

ServerAdmin [email protected]

DocumentRoot /changyou

ServerName www.changyou.com

ErrorLog logs/changyou-error_log

CustomLog logs/changyou-access_log common //记录客户端真实IP

</VirtualHost>

<VirtualHost *:80>

ServerAdmin [email protected]

DocumentRoot /tarena

ServerName www.tarena.com

ErrorLog logs/tarena-error_log

CustomLog logs/tarena-access_log common //记录客户机真实IP

</VirtualHost>

wq

[root@localhost 桌面]# /etc/init.d/httpd restart

[root@localhost 桌面]# mkdir /changyou

[root@localhost 桌面]# mkdir /tarena

[root@localhost 桌面]# echo changyou1 > /changyou/index.html

[root@localhost 桌面]# echo tarena1 > /tarena/index.html

两台web服务器上配置:(192.168.4.200上)

[root@localhost 桌面]# yum -y install httpd

[root@localhost 桌面]# /etc/init.d/httpd start

[root@localhost 桌面]# vim
/etc/httpd/conf/httpd.conf

#LogFormat “%h %l %u %t \”%r\” %>s %b” common //默认如此,修改为下面,把%h修改为:\”%{X-Forwarded-For}i\”

LogFormat “\”%{X-Forwarded-For}i\” %l %u %t \”%r\” %>s %b” common //记录客户端访问的真实IP

NameVirtualHost *:80

<VirtualHost *:80>

ServerAdmin [email protected]

DocumentRoot /changyou

ServerName www.changyou.com

ErrorLog logs/changyou-error_log

CustomLog logs/changyou-access_log common

</VirtualHost>

<VirtualHost *:80>

ServerAdmin [email protected]

DocumentRoot /tarena

ServerName www.tarena.com

ErrorLog logs/tarena-error_log

CustomLog logs/tarena-access_log common

</VirtualHost>

wq

[root@localhost 桌面]# /etc/init.d/httpd restart

[root@localhost 桌面]# mkdir /changyou

[root@localhost 桌面]# mkdir /tarena

[root@localhost 桌面]# echo changyou2 > /changyou/index.html

[root@localhost 桌面]# echo tarena2 > /tarena/index.html

客户端机器(172.10.10.6)

[root@localhost 桌面]# vim /etc/hosts

172.10.10.5 www.changyou.com www.tarena.com

[root@localhost 桌面]# curl www.changyou.com

changyou1

[root@localhost 桌面]# curl www.changyou.com

changyou2

[root@localhost 桌面]# curl www.changyou.com

changyou1

[root@localhost 桌面]# curl www.changyou.com

changyou1

[root@localhost 桌面]# curl www.changyou.com

changyou1

[root@localhost 桌面]# curl www.changyou.com

changyou2

[root@localhost 桌面]# curl www.changyou.com

changyou2

[root@localhost 桌面]# curl www.tarena.com

tarena1

[root@localhost 桌面]# curl www.tarena.com

tarena2

[root@localhost 桌面]# curl www.tarena.com

tarena2

[root@localhost 桌面]# curl www.tarena.com

tarena1

[root@localhost 桌面]# curl www.tarena.com

tarena1

[root@localhost 桌面]# curl www.tarena.com

tarena2

做个说明:当后端的服务器的其中一个宕机后,会被haproxy自动剔除集群,不演示了,但看到效果了。

客户端访问调度器的web页面,查看后端web服务器是否正常:

输入:http://调度器IP或域名/admin?Stats如下图:

输入配置文件中设置的用户名和密码:admin,123456,如下图:(当后台两服务器都正常时)

当web1宕机后,如下图:

当web1恢复启动后,web界面又恢复正常,如下图:

项目2:haproxy机器部署web集群(httpd是虚拟主机情况,健康检查站点网页,当检查到站点有网页才认为正常

haproxy机器:(双网卡:eth0:192.168.4.5 eth1:172.10.10.5)(不用配hosts解析,客户端能自动按照域名识别) [root@localhost 桌面]# ifconfig eth0 |head -2

eth0 Link encap:Ethernet HWaddr 00:0C:29:90:BC:2C

inet addr:192.168.4.5 Bcast:192.168.4.255 Mask:255.255.255.0

[root@localhost 桌面]# ifconfig eth1 |head -2

eth1 Link encap:Ethernet HWaddr 00:0C:29:90:BC:36

inet addr:172.10.10.5 Bcast:172.10.10.255 Mask:255.255.255.0

[root@localhost 桌面]# vim /etc/sysctl.conf //也可不开路由转发,养成习惯最好

net.ipv4.ip_forward = 1

wq

[root@localhost 桌面]# sysctl -p

[root@localhost 桌面]# yum -y install gcc gcc-c++

[root@localhost 桌面]# ls

haproxy-1.4.24.tar.gz

[root@localhost 桌面]# tar -zxf haproxy-1.4.24.tar.gz

[root@localhost 桌面]# ls

haproxy-1.4.24 haproxy-1.4.24.tar.gz

[root@localhost 桌面]# cd haproxy-1.4.24

[root@localhost haproxy-1.4.24]# ls

CHANGELOG ebtree LICENSE Makefile.osx src TODO

contrib examples Makefile README SUBVERS VERDATE

doc include Makefile.bsd ROADMAP tests VERSION

[root@localhost haproxy-1.4.24]# make TARGET=linux2628 ARCH=x86_64 //编译,target指定内核,架构选择

[root@localhost haproxy-1.4.24]# make PREFIX=/usr/local/haproxy install

[root@localhost haproxy-1.4.24]# cd /usr/local/haproxy/

[root@localhost haproxy]# ls

doc sbin share

[root@localhost haproxy]# mkdir conf logs var/run var/chroot -p //优化目录结构,也可不做,根据需要

[root@localhost haproxy]# ls

conf doc logs sbin share var

安装后链接变量路径和cp配置文件和启动脚本:

[root@localhost haproxy]# ln -s /usr/local/haproxy/sbin/haproxy /usr/sbin/

[root@localhost haproxy]# mkdir /etc/haproxy

[root@localhost haproxy]# cp /root/桌面
/haproxy-1.4.24/examples/haproxy.cfg /etc/haproxy/

[root@localhost haproxy]# cp /root/桌面
/haproxy-1.4.24/examples/haproxy.init /etc/init.d/haproxy

[root@localhost haproxy]# chmod +x /etc/init.d/haproxy

[root@localhost haproxy]# /etc/init.d/haproxy start //第一次启动会报错,配置文件模板需改

[root@localhost haproxy]# vim /etc/haproxy/haproxy.cfg //健康检查站点网页

global

log 127.0.0.1:514 local0 warning

log 127.0.0.1 local1 notice

chroot /usr/local/haproxy/var/chroot

pidfile /usr/local/haproxy/var/run/haproxy.pid

maxconn 20480

nbproc 8

daemon

group haproxy

user haproxy

spread-checks 3

defaults

log global

mode http

option httplog

option dontlognull

retries 3

redispatch

maxconn 2000

contimeout 5000

clitimeout 50000

srvtimeout 50000

listen test

bind 172.10.10.5:80

mode http

stats enable

stats uri /admin?stats //web界面的uri,访问时格式:http://调度IP或域名/admin?stats

stats hide-version

stats auth admin:123456

balance roundrobin

option forwardfor //在web网站配置日志中能够看到客户端真实的IP,不好演示,做一个说明即可

option httpchk HEAD /check.html HTTP/1.0 //当站点目录有check.html才认为网站正常,HEAD也可换成GET

timeout server 15s

timeout connect 15s

option httpclose

cookie SERVERID rewrite

server web1 192.168.4.100:80 cookie A maxconn 2048 weight 1 check port 80 inter 2000 rise 2 fall 5

server web2 192.168.4.200:80 cookie B maxconn 4096 weight 1 check port 80 inter 2000 rise 2 fall 5

wq

[root@localhost haproxy]# useradd -s /sbin/nologin haproxy -M

利用rsyslog配置haproxy记录日志功能: //当看
/usr/local/haproxy/logs/haproxy.log可看haproxy日志,只做下说明

[root@localhost haproxy]# echo “local0.* /usr/local/haproxy/logs/haproxy.log” >> /etc/rsyslog.conf

[root@localhost haproxy]# tail -1 /etc/rsyslog.conf

local0.*
/usr/local/haproxy/logs/haproxy.log //因为haproxy.cfg中是local0,用这个设备写日志

[root@localhost haproxy]# tail -1 /etc/sysconfig/rsyslog //这个不用动

SYSLOGD_OPTIOn=”-c 5″ //6.0版以上不用动,5.8版应写为:SYSLOGD_OPTIOn=”-c 2 -m 0 -r -x”,兼容2版本

[root@localhost haproxy]# /etc/init.d/rsyslog restart //启动记录haproxy日志服务,6.4版启动无端口

[root@localhost haproxy]# vim /etc/rsyslog.conf //解决rsyslog启动服务后无端口问题

$ModLoad imudp //注释取消

$UDPServerRun 514 //注释取消

wq

[root@localhost haproxy]# /etc/init.d/rsyslog restart

[root@localhost haproxy]# netstat -anptu |grep 514

udp 0 0 0.0.0.0:514 0.0.0.0:* 27715/rsyslogd

udp 0 0 :::514 :::* 27715/rsyslogd

[root@localhost haproxy]# /etc/init.d/haproxy start //启动haproxy服务

[root@localhost haproxy]# ps -elf |grep haproxy //查看进程

[root@localhost haproxy]# /etc/init.d/haproxy stop //停止haproxy

//也可以用源码启动,如下:


/usr/local/haproxy/sbin/haproxy -f /etc/haproxy/haproxy.cfg -c //检查语法


/usr/local/haproxy/sbin/haproxy -f /etc/haproxy/haproxy.cfg -D //启动 pkill haproxy //停止

-f指定配置文件,-D后台启动,-q安静的执行,-c检查语法,-n并发连接数,-m使用内存多少M限制,-p指定把pid号写到哪个文件去,-sf平滑重启参数。

两台web服务器上配置:(192.168.4.100上) //此时站点目录没有check.html,但两web服务都启动正常

[root@localhost 桌面]# yum -y install httpd

[root@localhost 桌面]# /etc/init.d/httpd start

[root@localhost 桌面]# vim
/etc/httpd/conf/httpd.conf

#LogFormat “%h %l %u %t \”%r\” %>s %b” common //默认如此,修改为下面,把%h修改为:\”%{X-Forwarded-For}i\”

LogFormat “\”%{X-Forwarded-For}i\” %l %u %t \”%r\” %>s %b” common //记录客户端访问的真实IP的设置

NameVirtualHost *:80

<VirtualHost *:80>

ServerAdmin [email protected]

DocumentRoot /changyou

ServerName www.changyou.com

ErrorLog logs/changyou-error_log

CustomLog logs/changyou-access_log common //记录客户端真实IP

</VirtualHost>

<VirtualHost *:80>

ServerAdmin [email protected]

DocumentRoot /tarena

ServerName www.tarena.com

ErrorLog logs/tarena-error_log

CustomLog logs/tarena-access_log common //记录客户端真实IP

</VirtualHost>

wq

[root@localhost 桌面]# /etc/init.d/httpd restart

[root@localhost 桌面]# mkdir /changyou

[root@localhost 桌面]# mkdir /tarena

[root@localhost 桌面]# echo changyou1 > /changyou/index.html

[root@localhost 桌面]# echo tarena1 > /tarena/index.html

两台web服务器上配置:(192.168.4.200上) //此时站点目录没有check.html,但两web服务都启动正常

[root@localhost 桌面]# yum -y install httpd

[root@localhost 桌面]# /etc/init.d/httpd start

[root@localhost 桌面]# vim
/etc/httpd/conf/httpd.conf

#LogFormat “%h %l %u %t \”%r\” %>s %b” common //默认如此,修改为下面,把%h修改为:\”%{X-Forwarded-For}i\”

LogFormat “\”%{X-Forwarded-For}i\” %l %u %t \”%r\” %>s %b” common //记录客户端访问的真实IP

NameVirtualHost *:80

<VirtualHost *:80>

ServerAdmin [email protected]

DocumentRoot /changyou

ServerName www.changyou.com

ErrorLog logs/changyou-error_log

CustomLog logs/changyou-access_log common

</VirtualHost>

<VirtualHost *:80>

ServerAdmin [email protected]

DocumentRoot /tarena

ServerName www.tarena.com

ErrorLog logs/tarena-error_log //记录客户端真实IP

CustomLog logs/tarena-access_log common

</VirtualHost>

wq

[root@localhost 桌面]# /etc/init.d/httpd restart

[root@localhost 桌面]# mkdir /changyou

[root@localhost 桌面]# mkdir /tarena

[root@localhost 桌面]# echo changyou2 > /changyou/index.html

[root@localhost 桌面]# echo tarena2 > /tarena/index.html

客户端机器(172.10.10.6)访问测试: //因为检查不到站点目录的check.html,所以认为不正常,访问不到

[root@localhost 桌面]# vim /etc/hosts

172.10.10.5 www.changyou.com www.tarena.com

[root@localhost 桌面]# curl www.changyou.com

<html><body><h1>503 Service Unavailable</h1>

No server is available to handle this request.

</body></html>

[root@localhost 桌面]# curl www.changyou.com

<html><body><h1>503 Service Unavailable</h1>

No server is available to handle this request.

</body></html>

[root@localhost 桌面]# curl www.tarena.com

<html><body><h1>503 Service Unavailable</h1>

No server is available to handle this request.

</body></html>

[root@localhost 桌面]# curl www.changyou.com

<html><body><h1>503 Service Unavailable</h1>

No server is available to handle this request.

</body></html>

两台web服务器上配置:(192.168.4.100上) //此时站点目录有check.html

[root@localhost 桌面]# touch /changyou/check.html

[root@localhost 桌面]# touch /tarena/check.html

两台web服务器上配置:(192.168.4.200上) //此时站点目录有check.html

[root@localhost 桌面]# touch /changyou/check.html

[root@localhost 桌面]# touch /tarena/check.html

客户端机器(172.10.10.6)访问测试: //因为能检查到站点目录的check.html,所以认为正常,可以访问

[root@localhost 桌面]# curl www.changyou.com

changyou1

[root@localhost 桌面]# curl www.changyou.com

changyou1

[root@localhost 桌面]# curl www.changyou.com

changyou1

[root@localhost 桌面]# curl www.changyou.com

changyou2

[root@localhost 桌面]# curl www.changyou.com

changyou2

[root@localhost 桌面]# curl www.changyou.com

changyou1

[root@localhost 桌面]# curl www.changyou.com

changyou1

[root@localhost 桌面]# curl www.changyou.com

changyou2

[root@localhost 桌面]# curl www.changyou.com

changyou2

[root@localhost 桌面]# curl www.changyou.com

changyou2

[root@localhost 桌面]# curl www.tarena.com

tarena1

[root@localhost 桌面]# curl www.tarena.com

tarena1

[root@localhost 桌面]# curl www.tarena.com

tarena2

[root@localhost 桌面]# curl www.tarena.com

tarena1

[root@localhost 桌面]# curl www.tarena.com

tarena2

[root@localhost 桌面]# curl www.tarena.com

tarena2

做个说明:当后端的服务器的其中一个宕机后,会被haproxy自动剔除集群,不演示了,但看到效果了。

客户端访问调度器的web页面,查看后端web服务器是否正常:

输入:http://调度器IP或域名/admin?Stats如下图:

输入配置文件中设置的用户名和密码:admin,123456,如下图:(当后台两服务器都正常时)

当web1宕机后或者web1正常,但是站点目录无check.html,如下图:

当web1恢复启动且站点目录有check.html后,web界面又恢复正常,如下图:

基于acl控制的调度器设置(无listen,但有frontend和backend)

项目1:基于定义域名acl规则,然后根据不同域名抛给后面对应服务器池中或跳转。

要求:访问www.chagnyou.com时,抛给后面的chagnyou池,访问baidu.com时,跳转到真实的百度(无法测试),默认的IP或域名访问时,默认抛给后面的tarena池。

haproxy机器:(双网卡:eth0:192.168.4.5 eth1:172.10.10.5)(不用配hosts解析,客户端也能识别)

[root@localhost 桌面]# ifconfig eth0 |head -2

eth0 Link encap:Ethernet HWaddr 00:0C:29:90:BC:2C

inet addr:192.168.4.5 Bcast:192.168.4.255 Mask:255.255.255.0

[root@localhost 桌面]# ifconfig eth1 |head -2

eth1 Link encap:Ethernet HWaddr 00:0C:29:90:BC:36

inet addr:172.10.10.5 Bcast:172.10.10.255 Mask:255.255.255.0

[root@localhost 桌面]# vim /etc/sysctl.conf //也可不开路由转发,养成习惯最好

net.ipv4.ip_forward = 1

wq

[root@localhost 桌面]# sysctl -p

[root@localhost 桌面]# yum -y install gcc gcc-c++

[root@localhost 桌面]# ls

haproxy-1.4.24.tar.gz

[root@localhost 桌面]# tar -zxf haproxy-1.4.24.tar.gz

[root@localhost 桌面]# ls

haproxy-1.4.24 haproxy-1.4.24.tar.gz

[root@localhost 桌面]# cd haproxy-1.4.24

[root@localhost haproxy-1.4.24]# ls

CHANGELOG ebtree LICENSE Makefile.osx src TODO

contrib examples Makefile README SUBVERS VERDATE

doc include Makefile.bsd ROADMAP tests VERSION

[root@localhost haproxy-1.4.24]# make TARGET=linux2628 ARCH=x86_64 //编译,target指定内核,架构选择

[root@localhost haproxy-1.4.24]# make PREFIX=/usr/local/haproxy install

[root@localhost haproxy-1.4.24]# cd /usr/local/haproxy/

[root@localhost haproxy]# ls

doc sbin share

[root@localhost haproxy]# mkdir conf logs var/run var/chroot -p //优化目录结构,也可不做,根据需要

[root@localhost haproxy]# ls

conf doc logs sbin share var

安装后链接变量路径和cp配置文件和启动脚本:

[root@localhost haproxy]# ln -s /usr/local/haproxy/sbin/haproxy /usr/sbin/

[root@localhost haproxy]# mkdir /etc/haproxy

[root@localhost haproxy]# cp /root/桌面
/haproxy-1.4.24/examples/haproxy.cfg /etc/haproxy/

[root@localhost haproxy]# cp /root/桌面
/haproxy-1.4.24/examples/haproxy.init /etc/init.d/haproxy

[root@localhost haproxy]# chmod +x /etc/init.d/haproxy

[root@localhost haproxy]# /etc/init.d/haproxy start //第一次启动会报错,配置文件模板需改

[root@localhost haproxy]# vim /etc/haproxy/haproxy.cfg

global

log 127.0.0.1:514 local0 warning

log 127.0.0.1 local1 notice

chroot /usr/local/haproxy/var/chroot

pidfile /usr/local/haproxy/var/run/haproxy.pid

maxconn 20480

nbproc 8

daemon

group haproxy

user haproxy

spread-checks 3

defaults

log global

option httplog

option dontlognull

retries 3

redispatch

maxconn 2000

contimeout 5000

clitimeout 50000

srvtimeout 50000

mode http

stats enable

stats uri /admin?stats

stats hide-version

stats auth admin:123456

balance roundrobin

frontend zdyname

mode http

stats enable

stats uri /admin?stats

stats hide-version

stats auth admin:123456

bind 172.10.10.5:80

acl bd_zdyname hdr(host) -i baidu.com

acl cy_zdyname hdr(host) -i www.changyou.com

redirect prefix http://www.baidu.com code 301 if bd_zdyname

use_backend changyou if cy_zdyname

default_backend tarena

backend changyou

balance roundrobin

option httpclose

option forwardfor

server web1 192.168.4.100:80 cookie A maxconn 2048 weight 1 check port 80 inter 2000 rise 2 fall 5

backend tarena

balance roundrobin

option httpclose

option forwardfor

server web2 192.168.4.200:80 cookie A maxconn 2048 weight 1 check port 80 inter 2000 rise 2 fall 5

wq

[root@localhost haproxy]# useradd -s /sbin/nologin haproxy -M

利用rsyslog配置haproxy记录日志功能: //当看
/usr/local/haproxy/logs/haproxy.log可看haproxy日志,只做下说明

[root@localhost haproxy]# echo “local0.* /usr/local/haproxy/logs/haproxy.log” >> /etc/rsyslog.conf

[root@localhost haproxy]# tail -1 /etc/rsyslog.conf

local0.*
/usr/local/haproxy/logs/haproxy.log //因为haproxy.cfg中是local0,用这个设备写日志

[root@localhost haproxy]# tail -1 /etc/sysconfig/rsyslog //这个不用动

SYSLOGD_OPTIOn=”-c 5″ //6.0版以上不用动,5.8版应写为:SYSLOGD_OPTIOn=”-c 2 -m 0 -r -x”,兼容2版本

[root@localhost haproxy]# /etc/init.d/rsyslog restart //启动记录haproxy日志服务,6.4版启动无端口

[root@localhost haproxy]# vim /etc/rsyslog.conf //解决rsyslog启动服务后无端口问题

$ModLoad imudp //注释取消

$UDPServerRun 514 //注释取消

wq

[root@localhost haproxy]# /etc/init.d/rsyslog restart

[root@localhost haproxy]# netstat -anptu |grep 514

udp 0 0 0.0.0.0:514 0.0.0.0:* 27715/rsyslogd

udp 0 0 :::514 :::* 27715/rsyslogd

[root@localhost haproxy]# /etc/init.d/haproxy start //启动haproxy服务

[root@localhost haproxy]# ps -elf |grep haproxy //查看进程

[root@localhost haproxy]# /etc/init.d/haproxy stop //停止haproxy

//也可以用源码启动,如下:


/usr/local/haproxy/sbin/haproxy -f /etc/haproxy/haproxy.cfg -c //检查语法


/usr/local/haproxy/sbin/haproxy -f /etc/haproxy/haproxy.cfg -D //启动 pkill haproxy //停止

-f指定配置文件,-D后台启动,-q安静的执行,-c检查语法,-n并发连接数,-m使用内存多少M限制,-p指定把pid号写到哪个文件去,-sf平滑重启参数。

两台web服务器上配置:(192.168.4.100上)

[root@localhost 桌面]# yum -y install httpd

[root@localhost 桌面]# /etc/init.d/httpd start

[root@localhost 桌面]# vim
/etc/httpd/conf/httpd.conf

#LogFormat “%h %l %u %t \”%r\” %>s %b” common //默认如此,修改为下面,把%h修改为:\”%{X-Forwarded-For}i\”

LogFormat “\”%{X-Forwarded-For}i\” %l %u %t \”%r\” %>s %b” common //记录客户端访问的真实IP

NameVirtualHost *:80

<VirtualHost *:80>

ServerAdmin [email protected]

DocumentRoot /changyou

ServerName www.changyou.com

ErrorLog logs/changyou-error_log

CustomLog logs/changyou-access_log common

</VirtualHost>

wq

[root@localhost 桌面]# mkdir /changyou

[root@localhost 桌面]# echo changyou > /changyou/index.html

[root@localhost 桌面]# /etc/init.d/httpd restart

两台web服务器上配置:(192.168.4.200上)

[root@localhost 桌面]# yum -y install httpd

[root@localhost 桌面]# /etc/init.d/httpd start

[root@localhost 桌面]# vim
/etc/httpd/conf/httpd.conf

#LogFormat “%h %l %u %t \”%r\” %>s %b” common //默认如此,修改为下面,把%h修改为:\”%{X-Forwarded-For}i\”

LogFormat “\”%{X-Forwarded-For}i\” %l %u %t \”%r\” %>s %b” common //记录客户端访问的真实IP

NameVirtualHost *:80

<VirtualHost *:80>

ServerAdmin [email protected]

DocumentRoot /tarena

ServerName www.tarena.com

ErrorLog logs/tarena-error_log

CustomLog logs/tarena-access_log common

</VirtualHost>

wq

[root@localhost 桌面]# mkdir /tarena

[root@localhost 桌面]# echo tarena > /tarena/index.html

[root@localhost 桌面]# /etc/init.d/httpd restart

客户端访问调度器测试:(172.10.10.6)

[root@localhost 桌面]# vim /etc/hosts

172.10.10.5 www.changyou.com www.tarena.com www.test.com

[root@localhost 桌面]# curl baidu.com //无环境,无法测试。

curl: (6) Couldn’t resolve host ‘baidu.com’

[root@localhost 桌面]# curl www.changyou.com //当用changyou域名访问时,仅仅解析到changyou池

changyou

[root@localhost 桌面]# curl www.tarena.com

tarena

[root@localhost 桌面]# curl www.test.com //当默认访问时,仅仅解析到tarena池

tarena

[root@localhost 桌面]# curl 172.10.10.5 //当默认访问时,仅仅解析到tarena池

tarena

说明:客户端也可输入:http;//调度器IP或域名/admin?stats来查看后面各个节点是否处于正常状态,用户名和密码为:admin,123456,访问后如下图:

项目2:基于访问站点下的不同目录时,到后面对应池中找服务器的对应站点目录

haproxy机器:(双网卡:eth0:192.168.4.5 eth1:172.10.10.5)(不用配hosts解析,客户端也能识别)

[root@localhost 桌面]# ifconfig eth0 |head -2

eth0 Link encap:Ethernet HWaddr 00:0C:29:90:BC:2C

inet addr:192.168.4.5 Bcast:192.168.4.255 Mask:255.255.255.0

[root@localhost 桌面]# ifconfig eth1 |head -2

eth1 Link encap:Ethernet HWaddr 00:0C:29:90:BC:36

inet addr:172.10.10.5 Bcast:172.10.10.255 Mask:255.255.255.0

[root@localhost 桌面]# vim /etc/sysctl.conf //也可不开路由转发,养成习惯最好

net.ipv4.ip_forward = 1

wq

[root@localhost 桌面]# sysctl -p

[root@localhost 桌面]# yum -y install gcc gcc-c++

[root@localhost 桌面]# ls

haproxy-1.4.24.tar.gz

[root@localhost 桌面]# tar -zxf haproxy-1.4.24.tar.gz

[root@localhost 桌面]# ls

haproxy-1.4.24 haproxy-1.4.24.tar.gz

[root@localhost 桌面]# cd haproxy-1.4.24

[root@localhost haproxy-1.4.24]# ls

CHANGELOG ebtree LICENSE Makefile.osx src TODO

contrib examples Makefile README SUBVERS VERDATE

doc include Makefile.bsd ROADMAP tests VERSION

[root@localhost haproxy-1.4.24]# make TARGET=linux2628 ARCH=x86_64 //编译,target指定内核,架构选择

[root@localhost haproxy-1.4.24]# make PREFIX=/usr/local/haproxy install

[root@localhost haproxy-1.4.24]# cd /usr/local/haproxy/

[root@localhost haproxy]# ls

doc sbin share

[root@localhost haproxy]# mkdir conf logs var/run var/chroot -p //优化目录结构,也可不做,根据需要

[root@localhost haproxy]# ls

conf doc logs sbin share var

安装后链接变量路径和cp配置文件和启动脚本:

[root@localhost haproxy]# ln -s /usr/local/haproxy/sbin/haproxy /usr/sbin/

[root@localhost haproxy]# mkdir /etc/haproxy

[root@localhost haproxy]# cp /root/桌面
/haproxy-1.4.24/examples/haproxy.cfg /etc/haproxy/

[root@localhost haproxy]# cp /root/桌面
/haproxy-1.4.24/examples/haproxy.init /etc/init.d/haproxy

[root@localhost haproxy]# chmod +x /etc/init.d/haproxy

[root@localhost haproxy]# /etc/init.d/haproxy start //第一次启动会报错,配置文件模板需改

[root@localhost haproxy]# vim /etc/haproxy/haproxy.cfg

global

log 127.0.0.1:514 local0 warning

log 127.0.0.1 local1 notice

chroot /usr/local/haproxy/var/chroot

pidfile /usr/local/haproxy/var/run/haproxy.pid

maxconn 20480

nbproc 8

daemon

group haproxy

user haproxy

spread-checks 3

defaults

log global

option httplog

option dontlognull

retries 3

redispatch

maxconn 2000

contimeout 5000

clitimeout 50000

srvtimeout 50000

mode http

stats enable

stats uri /admin?stats

stats hide-version

stats auth admin:123456

balance roundrobin

frontend zdyname

mode http

stats enable

stats uri /admin?stats

stats hide-version

stats auth admin:123456

bind 172.10.10.5:80

acl zdy_cy path_beg /changyou

acl zdy_tarena path_beg /tarena

use_backend changyou if zdy_cy

use_backend tarena if zdy_tarena

backend changyou

balance roundrobin

option httpclose

option forwardfor

server web1 192.168.4.100:80 cookie A maxconn 2048 weight 1 check port 80 inter 2000 rise 2 fall 5

backend tarena

balance roundrobin

option httpclose

option forwardfor

server web2 192.168.4.200:80 cookie A maxconn 2048 weight 1 check port 80 inter 2000 rise 2 fall 5

wq

[root@localhost haproxy]# useradd -s /sbin/nologin haproxy -M

利用rsyslog配置haproxy记录日志功能: //当看
/usr/local/haproxy/logs/haproxy.log可看haproxy日志,只做下说明

[root@localhost haproxy]# echo “local0.* /usr/local/haproxy/logs/haproxy.log” >> /etc/rsyslog.conf

[root@localhost haproxy]# tail -1 /etc/rsyslog.conf

local0.*
/usr/local/haproxy/logs/haproxy.log //因为haproxy.cfg中是local0,用这个设备写日志

[root@localhost haproxy]# tail -1 /etc/sysconfig/rsyslog //这个不用动

SYSLOGD_OPTIOn=”-c 5″ //6.0版以上不用动,5.8版应写为:SYSLOGD_OPTIOn=”-c 2 -m 0 -r -x”,兼容2版本

[root@localhost haproxy]# /etc/init.d/rsyslog restart //启动记录haproxy日志服务,6.4版启动无端口

[root@localhost haproxy]# vim /etc/rsyslog.conf //解决rsyslog启动服务后无端口问题

$ModLoad imudp //注释取消

$UDPServerRun 514 //注释取消

wq

[root@localhost haproxy]# /etc/init.d/rsyslog restart

[root@localhost haproxy]# netstat -anptu |grep 514

udp 0 0 0.0.0.0:514 0.0.0.0:* 27715/rsyslogd

udp 0 0 :::514 :::* 27715/rsyslogd

[root@localhost haproxy]# /etc/init.d/haproxy start //启动haproxy服务

[root@localhost haproxy]# ps -elf |grep haproxy //查看进程

[root@localhost haproxy]# /etc/init.d/haproxy stop //停止haproxy

//也可以用源码启动,如下:


/usr/local/haproxy/sbin/haproxy -f /etc/haproxy/haproxy.cfg -c //检查语法


/usr/local/haproxy/sbin/haproxy -f /etc/haproxy/haproxy.cfg -D //启动 pkill haproxy //停止

-f指定配置文件,-D后台启动,-q安静的执行,-c检查语法,-n并发连接数,-m使用内存多少M限制,-p指定把pid号写到哪个文件去,-sf平滑重启参数。

两台web服务器上配置:(192.168.4.100上)

[root@localhost 桌面]# yum -y install httpd

[root@localhost 桌面]# /etc/init.d/httpd start

[root@localhost 桌面]# vim
/etc/httpd/conf/httpd.conf

#LogFormat “%h %l %u %t \”%r\” %>s %b” common //默认如此,修改为下面,把%h修改为:\”%{X-Forwarded-For}i\”

LogFormat “\”%{X-Forwarded-For}i\” %l %u %t \”%r\” %>s %b” common //记录客户端访问的真实IP

NameVirtualHost *:80

<VirtualHost *:80>

ServerAdmin [email protected]

DocumentRoot /changyou

ServerName www.changyou.com

ErrorLog logs/changyou-error_log

CustomLog logs/changyou-access_log common

</VirtualHost>

wq

[root@localhost 桌面]# mkdir /changyou/changyou -p

[root@localhost 桌面]# echo changyou >
/changyou/changyou/index.html

[root@localhost 桌面]# /etc/init.d/httpd restart

两台web服务器上配置:(192.168.4.200上)

[root@localhost 桌面]# yum -y install httpd

[root@localhost 桌面]# /etc/init.d/httpd start

[root@localhost 桌面]# vim
/etc/httpd/conf/httpd.conf

#LogFormat “%h %l %u %t \”%r\” %>s %b” common //默认如此,修改为下面,把%h修改为:\”%{X-Forwarded-For}i\”

LogFormat “\”%{X-Forwarded-For}i\” %l %u %t \”%r\” %>s %b” common //记录客户端访问的真实IP

NameVirtualHost *:80

<VirtualHost *:80>

ServerAdmin [email protected]

DocumentRoot /tarena

ServerName www.tarena.com

ErrorLog logs/tarena-error_log

CustomLog logs/tarena-access_log common

</VirtualHost>

wq

[root@localhost 桌面]# mkdir /tarena/tarena -p

[root@localhost 桌面]# echo tarena > /tarena/tarena/index.html

[root@localhost 桌面]# /etc/init.d/httpd restart

客户端访问调度器测试:(172.10.10.6)

[root@localhost 桌面]# vim /etc/hosts

172.10.10.5 www.changyou.com www.tarena.com www.test.com

[root@localhost 桌面]# curl www.changyou.com

<html><body><h1>503 Service Unavailable</h1>

No server is available to handle this request.

</body></html>

[root@localhost 桌面]# curl www.tarena.com

<html><body><h1>503 Service Unavailable</h1>

No server is available to handle this request.

</body></html>

[root@localhost 桌面]# curl
www.changyou.com/changyou/

changyou

[root@localhost 桌面]# curl www.tarena.com/tarena/

tarena

两台web把各自站点目录都删除:

192.168.4.100上:

[root@localhost 桌面]# rm -rf /changyou/changyou/

192.168.4.200上:

[root@localhost 桌面]# rm -rf /tarena/tarena/

客户端(172.10.10.6)访问调度器,客户端访问如下结果:

[root@localhost 桌面]# curl
www.changyou.com/changyou/

<!DOCTYPE HTML PUBLIC “-//IETF//DTD HTML 2.0//EN”>

<html><head>

<title>404 Not Found</title>

</head><body>

<h1>Not Found</h1>

<p>The requested URL /changyou/ was not found on this server.</p>

<hr>

<address>Apache/2.2.15 (Red Hat) Server at www.changyou.com Port 80</address>

</body></html>

[root@localhost 桌面]# curl www.tarena.com/tarena/

<!DOCTYPE HTML PUBLIC “-//IETF//DTD HTML 2.0//EN”>

<html><head>

<title>404 Not Found</title>

</head><body>

<h1>Not Found</h1>

<p>The requested URL /tarena/ was not found on this server.</p>

<hr>

<address>Apache/2.2.15 (Red Hat) Server at www.tarena.com Port 80</address>

</body></html>

说明:客户端也可输入:http;//调度器IP或域名/admin?stats来查看后面各个节点是否处于正常状态,用户名和密码为:admin,123456,访问如下图:

项目3:基于访问站点目录下的扩展名访问资源时,抛给对应后端池服务器访问

haproxy机器:(双网卡:eth0:192.168.4.5 eth1:172.10.10.5)(不用配hosts解析,客户端也能识别)

[root@localhost 桌面]# ifconfig eth0 |head -2

eth0 Link encap:Ethernet HWaddr 00:0C:29:90:BC:2C

inet addr:192.168.4.5 Bcast:192.168.4.255 Mask:255.255.255.0

[root@localhost 桌面]# ifconfig eth1 |head -2

eth1 Link encap:Ethernet HWaddr 00:0C:29:90:BC:36

inet addr:172.10.10.5 Bcast:172.10.10.255 Mask:255.255.255.0

[root@localhost 桌面]# vim /etc/sysctl.conf //也可不开路由转发,养成习惯最好

net.ipv4.ip_forward = 1

wq

[root@localhost 桌面]# sysctl -p

[root@localhost 桌面]# yum -y install gcc gcc-c++

[root@localhost 桌面]# ls

haproxy-1.4.24.tar.gz

[root@localhost 桌面]# tar -zxf haproxy-1.4.24.tar.gz

[root@localhost 桌面]# ls

haproxy-1.4.24 haproxy-1.4.24.tar.gz

[root@localhost 桌面]# cd haproxy-1.4.24

[root@localhost haproxy-1.4.24]# ls

CHANGELOG ebtree LICENSE Makefile.osx src TODO

contrib examples Makefile README SUBVERS VERDATE

doc include Makefile.bsd ROADMAP tests VERSION

[root@localhost haproxy-1.4.24]# make TARGET=linux2628 ARCH=x86_64 //编译,target指定内核,架构选择

[root@localhost haproxy-1.4.24]# make PREFIX=/usr/local/haproxy install

[root@localhost haproxy-1.4.24]# cd /usr/local/haproxy/

[root@localhost haproxy]# ls

doc sbin share

[root@localhost haproxy]# mkdir conf logs var/run var/chroot -p //优化目录结构,也可不做,根据需要

[root@localhost haproxy]# ls

conf doc logs sbin share var

安装后链接变量路径和cp配置文件和启动脚本:

[root@localhost haproxy]# ln -s /usr/local/haproxy/sbin/haproxy /usr/sbin/

[root@localhost haproxy]# mkdir /etc/haproxy

[root@localhost haproxy]# cp /root/桌面
/haproxy-1.4.24/examples/haproxy.cfg /etc/haproxy/

[root@localhost haproxy]# cp /root/桌面
/haproxy-1.4.24/examples/haproxy.init /etc/init.d/haproxy

[root@localhost haproxy]# chmod +x /etc/init.d/haproxy

[root@localhost haproxy]# /etc/init.d/haproxy start //第一次启动会报错,配置文件模板需改

[root@localhost haproxy]# vim /etc/haproxy/haproxy.cfg

global

log 127.0.0.1:514 local0 warning

log 127.0.0.1 local1 notice

chroot /usr/local/haproxy/var/chroot

pidfile /usr/local/haproxy/var/run/haproxy.pid

maxconn 20480

nbproc 8

daemon

group haproxy

user haproxy

spread-checks 3

defaults

log global

option httplog

option dontlognull

retries 3

redispatch

maxconn 2000

contimeout 5000

clitimeout 50000

srvtimeout 50000

mode http

stats enable

stats uri /admin?stats

stats hide-version

stats auth admin:123456

balance roundrobin

frontend zdyname

mode http

stats enable

stats uri /admin?stats

stats hide-version

stats auth admin:123456

bind 172.10.10.5:80

acl zdy_pic path_end .gif .png .jpg .css .js

acl zdy_static path_end .gif .png .jpg .css

use_backend static_changyou if zdy_pic or zdy_static

backend static_changyou

balance roundrobin

option httpclose

option forwardfor

server web1 192.168.4.100:80 cookie A maxconn 2048 weight 1 check port 80 inter 2000 rise 2 fall 5

backend tarena

balance roundrobin

option httpclose

option forwardfor

server web2 192.168.4.200:80 cookie A maxconn 2048 weight 1 check port 80 inter 2000 rise 2 fall 5

wq

[root@localhost haproxy]# useradd -s /sbin/nologin haproxy -M

利用rsyslog配置haproxy记录日志功能: //当看
/usr/local/haproxy/logs/haproxy.log可看haproxy日志,只做下说明

[root@localhost haproxy]# echo “local0.* /usr/local/haproxy/logs/haproxy.log” >> /etc/rsyslog.conf

[root@localhost haproxy]# tail -1 /etc/rsyslog.conf

local0.*
/usr/local/haproxy/logs/haproxy.log //因为haproxy.cfg中是local0,用这个设备写日志

[root@localhost haproxy]# tail -1 /etc/sysconfig/rsyslog //这个不用动

SYSLOGD_OPTIOn=”-c 5″ //6.0版以上不用动,5.8版应写为:SYSLOGD_OPTIOn=”-c 2 -m 0 -r -x”,兼容2版本

[root@localhost haproxy]# /etc/init.d/rsyslog restart //启动记录haproxy日志服务,6.4版启动无端口

[root@localhost haproxy]# vim /etc/rsyslog.conf //解决rsyslog启动服务后无端口问题

$ModLoad imudp //注释取消

$UDPServerRun 514 //注释取消

wq

[root@localhost haproxy]# /etc/init.d/rsyslog restart

[root@localhost haproxy]# netstat -anptu |grep 514

udp 0 0 0.0.0.0:514 0.0.0.0:* 27715/rsyslogd

udp 0 0 :::514 :::* 27715/rsyslogd

[root@localhost haproxy]# /etc/init.d/haproxy start //启动haproxy服务

[root@localhost haproxy]# ps -elf |grep haproxy //查看进程

[root@localhost haproxy]# /etc/init.d/haproxy stop //停止haproxy

//也可以用源码启动,如下:


/usr/local/haproxy/sbin/haproxy -f /etc/haproxy/haproxy.cfg -c //检查语法


/usr/local/haproxy/sbin/haproxy -f /etc/haproxy/haproxy.cfg -D //启动 pkill haproxy //停止

-f指定配置文件,-D后台启动,-q安静的执行,-c检查语法,-n并发连接数,-m使用内存多少M限制,-p指定把pid号写到哪个文件去,-sf平滑重启参数。

两台web服务器上配置:(192.168.4.100上)

[root@localhost 桌面]# yum -y install httpd

[root@localhost 桌面]# /etc/init.d/httpd start

[root@localhost 桌面]# vim
/etc/httpd/conf/httpd.conf

#LogFormat “%h %l %u %t \”%r\” %>s %b” common //默认如此,修改为下面,把%h修改为:\”%{X-Forwarded-For}i\”

LogFormat “\”%{X-Forwarded-For}i\” %l %u %t \”%r\” %>s %b” common //记录客户端访问的真实IP

NameVirtualHost *:80

<VirtualHost *:80>

ServerAdmin [email protected]

DocumentRoot /changyou

ServerName www.changyou.com

ErrorLog logs/changyou-error_log

CustomLog logs/changyou-access_log common

</VirtualHost>

wq

[root@localhost 桌面]# mkdir /changyou

[root@localhost 桌面]# mv changyou.jpg /changyou/

[root@localhost 桌面]# ls /changyou/

changyou.jpg

[root@localhost 桌面]# /etc/init.d/httpd restart

两台web服务器上配置:(192.168.4.200上)

[root@localhost 桌面]# yum -y install httpd

[root@localhost 桌面]# /etc/init.d/httpd start

[root@localhost 桌面]# vim
/etc/httpd/conf/httpd.conf

#LogFormat “%h %l %u %t \”%r\” %>s %b” common //默认如此,修改为下面,把%h修改为:\”%{X-Forwarded-For}i\”

LogFormat “\”%{X-Forwarded-For}i\” %l %u %t \”%r\” %>s %b” common //记录客户端访问的真实IP

NameVirtualHost *:80

<VirtualHost *:80>

ServerAdmin [email protected]

DocumentRoot /tarena

ServerName www.tarena.com

ErrorLog logs/tarena-error_log

CustomLog logs/tarena-access_log common

</VirtualHost>

wq

[root@localhost 桌面]# mkdir /tarena

[root@localhost 桌面]# mv tarena.jpg /tarena/

[root@localhost 桌面]# ls /tarena/

tarena.jpg

[root@localhost 桌面]# /etc/init.d/httpd restart

客户端访问调度器测试:(172.10.10.6)

[root@localhost 桌面]# vim /etc/hosts

172.10.10.5 www.changyou.com www.tarena.com www.test.com

说明:客户端也可输入:http;//调度器IP或域名/admin?stats来查看后面各个节点是否处于正常状态,用户名和密码为:admin,123456,访问时如下图:

项目4:定义域名acl规则,根据不同域名抛给后面对应服务器池中,但基于端口和IP访问限制做控制

要求:访问www.chagnyou.com时,抛给后面的chagnyou池,默认的IP或域名访问时,默认抛给后面的tarena池。

haproxy机器:(双网卡:eth0:192.168.4.5 eth1:172.10.10.5)(不用配hosts解析,客户端也能识别)

[root@localhost 桌面]# ifconfig eth0 |head -2

eth0 Link encap:Ethernet HWaddr 00:0C:29:90:BC:2C

inet addr:192.168.4.5 Bcast:192.168.4.255 Mask:255.255.255.0

[root@localhost 桌面]# ifconfig eth1 |head -2

eth1 Link encap:Ethernet HWaddr 00:0C:29:90:BC:36

inet addr:172.10.10.5 Bcast:172.10.10.255 Mask:255.255.255.0

[root@localhost 桌面]# vim /etc/sysctl.conf //也可不开路由转发,养成习惯最好

net.ipv4.ip_forward = 1

wq

[root@localhost 桌面]# sysctl -p

[root@localhost 桌面]# yum -y install gcc gcc-c++

[root@localhost 桌面]# ls

haproxy-1.4.24.tar.gz

[root@localhost 桌面]# tar -zxf haproxy-1.4.24.tar.gz

[root@localhost 桌面]# ls

haproxy-1.4.24 haproxy-1.4.24.tar.gz

[root@localhost 桌面]# cd haproxy-1.4.24

[root@localhost haproxy-1.4.24]# ls

CHANGELOG ebtree LICENSE Makefile.osx src TODO

contrib examples Makefile README SUBVERS VERDATE

doc include Makefile.bsd ROADMAP tests VERSION

[root@localhost haproxy-1.4.24]# make TARGET=linux2628 ARCH=x86_64 //编译,target指定内核,架构选择

[root@localhost haproxy-1.4.24]# make PREFIX=/usr/local/haproxy install

[root@localhost haproxy-1.4.24]# cd /usr/local/haproxy/

[root@localhost haproxy]# ls

doc sbin share

[root@localhost haproxy]# mkdir conf logs var/run var/chroot -p //优化目录结构,也可不做,根据需要

[root@localhost haproxy]# ls

conf doc logs sbin share var

安装后链接变量路径和cp配置文件和启动脚本:

[root@localhost haproxy]# ln -s /usr/local/haproxy/sbin/haproxy /usr/sbin/

[root@localhost haproxy]# mkdir /etc/haproxy

[root@localhost haproxy]# cp /root/桌面
/haproxy-1.4.24/examples/haproxy.cfg /etc/haproxy/

[root@localhost haproxy]# cp /root/桌面
/haproxy-1.4.24/examples/haproxy.init /etc/init.d/haproxy

[root@localhost haproxy]# chmod +x /etc/init.d/haproxy

[root@localhost haproxy]# /etc/init.d/haproxy start //第一次启动会报错,配置文件模板需改

[root@localhost haproxy]# vim /etc/haproxy/haproxy.cfg

global

log 127.0.0.1:514 local0 warning

log 127.0.0.1 local1 notice

chroot /usr/local/haproxy/var/chroot

pidfile /usr/local/haproxy/var/run/haproxy.pid

maxconn 20480

nbproc 8

daemon

group haproxy

user haproxy

spread-checks 3

defaults

log global

option httplog

option dontlognull

retries 3

redispatch

maxconn 2000

contimeout 5000

clitimeout 50000

srvtimeout 50000

mode http

stats enable

stats uri /admin?stats

stats hide-version

stats auth admin:123456

balance roundrobin

frontend zdyname

mode http

stats enable

stats uri /admin?stats

stats hide-version

stats auth admin:123456

bind 172.10.10.5:80

#acl zdy_valid_ip src 192.168.4.0/24 //也可对网段进行限制,这里是合法的网段

acl zdy_valid_ip src 172.10.10.6 #//这里是合法的IP

block if !zdy_valid_ip #//如果不是合法的IP,则丢弃,不给代理

acl cy_zdyname hdr(host) -i www.changyou.com

use_backend changyou if cy_zdyname

default_backend tarena

backend changyou

balance roundrobin

option httpclose

option forwardfor

server web1 192.168.4.100:80 cookie A maxconn 2048 weight 1 check port 80 inter 2000 rise 2 fall 5

backend tarena

balance roundrobin

option httpclose

option forwardfor

server web2 192.168.4.200:80 cookie A maxconn 2048 weight 1 check port 80 inter 2000 rise 2 fall 5

wq

[root@localhost haproxy]# useradd -s /sbin/nologin haproxy -M

利用rsyslog配置haproxy记录日志功能: //当看
/usr/local/haproxy/logs/haproxy.log可看haproxy日志,只做下说明

[root@localhost haproxy]# echo “local0.* /usr/local/haproxy/logs/haproxy.log” >> /etc/rsyslog.conf

[root@localhost haproxy]# tail -1 /etc/rsyslog.conf

local0.*
/usr/local/haproxy/logs/haproxy.log //因为haproxy.cfg中是local0,用这个设备写日志

[root@localhost haproxy]# tail -1 /etc/sysconfig/rsyslog //这个不用动

SYSLOGD_OPTIOn=”-c 5″ //6.0版以上不用动,5.8版应写为:SYSLOGD_OPTIOn=”-c 2 -m 0 -r -x”,兼容2版本

[root@localhost haproxy]# /etc/init.d/rsyslog restart //启动记录haproxy日志服务,6.4版启动无端口

[root@localhost haproxy]# vim /etc/rsyslog.conf //解决rsyslog启动服务后无端口问题

$ModLoad imudp //注释取消

$UDPServerRun 514 //注释取消

wq

[root@localhost haproxy]# /etc/init.d/rsyslog restart

[root@localhost haproxy]# netstat -anptu |grep 514

udp 0 0 0.0.0.0:514 0.0.0.0:* 27715/rsyslogd

udp 0 0 :::514 :::* 27715/rsyslogd

[root@localhost haproxy]# /etc/init.d/haproxy start //启动haproxy服务

[root@localhost haproxy]# ps -elf |grep haproxy //查看进程

[root@localhost haproxy]# /etc/init.d/haproxy stop //停止haproxy

//也可以用源码启动,如下:


/usr/local/haproxy/sbin/haproxy -f /etc/haproxy/haproxy.cfg -c //检查语法


/usr/local/haproxy/sbin/haproxy -f /etc/haproxy/haproxy.cfg -D //启动 pkill haproxy //停止

-f指定配置文件,-D后台启动,-q安静的执行,-c检查语法,-n并发连接数,-m使用内存多少M限制,-p指定把pid号写到哪个文件去,-sf平滑重启参数。

两台web服务器上配置:(192.168.4.100上)

[root@localhost 桌面]# yum -y install httpd

[root@localhost 桌面]# /etc/init.d/httpd start

[root@localhost 桌面]# vim
/etc/httpd/conf/httpd.conf

#LogFormat “%h %l %u %t \”%r\” %>s %b” common //默认如此,修改为下面,把%h修改为:\”%{X-Forwarded-For}i\”

LogFormat “\”%{X-Forwarded-For}i\” %l %u %t \”%r\” %>s %b” common //记录客户端访问的真实IP

NameVirtualHost *:80

<VirtualHost *:80>

ServerAdmin [email protected]

DocumentRoot /changyou

ServerName www.changyou.com

ErrorLog logs/changyou-error_log

CustomLog logs/changyou-access_log common

</VirtualHost>

wq

[root@localhost 桌面]# mkdir /changyou

[root@localhost 桌面]# echo changyou > /changyou/index.html

[root@localhost 桌面]# /etc/init.d/httpd restart

两台web服务器上配置:(192.168.4.200上)

[root@localhost 桌面]# yum -y install httpd

[root@localhost 桌面]# /etc/init.d/httpd start

[root@localhost 桌面]# vim
/etc/httpd/conf/httpd.conf

#LogFormat “%h %l %u %t \”%r\” %>s %b” common //默认如此,修改为下面,把%h修改为:\”%{X-Forwarded-For}i\”

LogFormat “\”%{X-Forwarded-For}i\” %l %u %t \”%r\” %>s %b” common //记录客户端访问的真实IP

NameVirtualHost *:80

<VirtualHost *:80>

ServerAdmin [email protected]

DocumentRoot /tarena

ServerName www.tarena.com

ErrorLog logs/tarena-error_log

CustomLog logs/tarena-access_log common

</VirtualHost>

wq

[root@localhost 桌面]# mkdir /tarena

[root@localhost 桌面]# echo tarena > /tarena/index.html

[root@localhost 桌面]# /etc/init.d/httpd restart

客户端访问调度器测试:(172.10.10.6) //成功给代理

[root@localhost 桌面]# vim /etc/hosts

172.10.10.5 www.changyou.com www.tarena.com www.test.com

[root@localhost 桌面]# curl www.changyou.com //当用changyou域名访问时,仅仅解析到changyou池

changyou

[root@localhost 桌面]# curl www.tarena.com

tarena

[root@localhost 桌面]# curl www.test.com //当默认访问时,仅仅解析到tarena池

tarena

[root@localhost 桌面]# curl 172.10.10.5 //当默认访问时,仅仅解析到tarena池

tarena

客户端访问调度器测试:(172.10.10.8) //不给代理,访问不到

[root@localhost 桌面]# curl www.changyou.com

<html><body><h1>403 Forbidden</h1>

Request forbidden by administrative rules.

</body></html>

[root@localhost 桌面]# curl www.tarena.com

<html><body><h1>403 Forbidden</h1>

Request forbidden by administrative rules.

</body></html>

[root@localhost 桌面]# curl www.test.com

<html><body><h1>403 Forbidden</h1>

Request forbidden by administrative rules.

</body></html>

[root@localhost 桌面]# curl 172.10.10.5

<html><body><h1>403 Forbidden</h1>

Request forbidden by administrative rules.

</body></html>

说明:客户端也可输入:http;//调度器IP或域名/admin?stats来查看后面各个节点是否处于正常状态,用户名和密码为:admin,123456,访问后如下图:

本文来自网络,不代表今日新闻立场,转载请注明出处:https://www.newstoday.cc/L6Z7B1L.html
上一篇
下一篇

为您推荐

返回顶部