haproxy基于一般的调度器设置(haproxy负载配置)
nanshan 2024-10-22 13:04 20 浏览 0 评论
基于一般的调度器设置(有listen,但无frontend和backend)
项目1:haproxy机器部署web集群(httpd是虚拟主机情况,只检查IP端口,不检查域名和站点网页)
haproxy机器:(双网卡:eth0:192.168.4.5 eth1:172.10.10.5)(不用配hosts解析,客户端能自动按照域名识别)
[root@localhost 桌面]# ifconfig eth0 |head -2
eth0 Link encap:Ethernet HWaddr 00:0C:29:90:BC:2C
inet addr:192.168.4.5 Bcast:192.168.4.255 Mask:255.255.255.0
[root@localhost 桌面]# ifconfig eth1 |head -2
eth1 Link encap:Ethernet HWaddr 00:0C:29:90:BC:36
inet addr:172.10.10.5 Bcast:172.10.10.255 Mask:255.255.255.0
[root@localhost 桌面]# vim /etc/sysctl.conf //也可不开路由转发,养成习惯最好
net.ipv4.ip_forward = 1
wq
[root@localhost 桌面]# sysctl -p
[root@localhost 桌面]# yum -y install gcc gcc-c++
[root@localhost 桌面]# ls
haproxy-1.4.24.tar.gz
[root@localhost 桌面]# tar -zxf haproxy-1.4.24.tar.gz
[root@localhost 桌面]# ls
haproxy-1.4.24 haproxy-1.4.24.tar.gz
[root@localhost 桌面]# cd haproxy-1.4.24
[root@localhost haproxy-1.4.24]# ls
CHANGELOG ebtree LICENSE Makefile.osx src TODO
contrib examples Makefile README SUBVERS VERDATE
doc include Makefile.bsd ROADMAP tests VERSION
[root@localhost haproxy-1.4.24]# make TARGET=linux2628 ARCH=x86_64 //编译,target指定内核,架构选择
[root@localhost haproxy-1.4.24]# make PREFIX=/usr/local/haproxy install
[root@localhost haproxy-1.4.24]# cd /usr/local/haproxy/
[root@localhost haproxy]# ls
doc sbin share
[root@localhost haproxy]# mkdir conf logs var/run var/chroot -p //优化目录结构,也可不做,根据需要
[root@localhost haproxy]# ls
conf doc logs sbin share var
安装后链接变量路径和cp配置文件和启动脚本:
[root@localhost haproxy]# ln -s /usr/local/haproxy/sbin/haproxy /usr/sbin/
[root@localhost haproxy]# mkdir /etc/haproxy
[root@localhost haproxy]# cp /root/桌面/haproxy-1.4.24/examples/haproxy.cfg /etc/haproxy/
[root@localhost haproxy]# cp /root/桌面/haproxy-1.4.24/examples/haproxy.init /etc/init.d/haproxy
[root@localhost haproxy]# chmod +x /etc/init.d/haproxy
[root@localhost haproxy]# /etc/init.d/haproxy start //第一次启动会报错,配置文件模板需改
[root@localhost haproxy]# vim /etc/haproxy/haproxy.cfg //只检查IP端口,不检查域名和站点网页
global
log 127.0.0.1:514 local0 warning
log 127.0.0.1 local1 notice
chroot /usr/local/haproxy/var/chroot
pidfile /usr/local/haproxy/var/run/haproxy.pid
maxconn 20480
nbproc 8
daemon
group haproxy
user haproxy
spread-checks 3
defaults
log global
mode http
option httplog
option dontlognull
retries 3
redispatch
maxconn 2000
contimeout 5000
clitimeout 50000
srvtimeout 50000
listen test
bind 172.10.10.5:80
mode http
stats enable
stats uri /admin?stats //web界面的uri,访问时格式:http://调度IP或域名/admin?stats
stats hide-version
stats auth admin:123456
balance roundrobin
option forwardfor //在web网站配置日志中能够看到客户端真实的IP,不好演示,做一个说明即可。
timeout server 15s
timeout connect 15s
option httpclose
cookie SERVERID rewrite
server web1 192.168.4.100:80 cookie A maxconn 2048 weight 1 check port 80 inter 2000 rise 2 fall 5
server web2 192.168.4.200:80 cookie B maxconn 4096 weight 1 check port 80 inter 2000 rise 2 fall 5
wq
[root@localhost haproxy]# useradd -s /sbin/nologin haproxy -M
利用rsyslog配置haproxy记录日志功能: //当看/usr/local/haproxy/logs/haproxy.log可看haproxy日志,只做下说明
[root@localhost haproxy]# echo "local0.* /usr/local/haproxy/logs/haproxy.log" >> /etc/rsyslog.conf
[root@localhost haproxy]# tail -1 /etc/rsyslog.conf
local0.* /usr/local/haproxy/logs/haproxy.log //因为haproxy.cfg中是local0,用这个设备写日志
[root@localhost haproxy]# tail -1 /etc/sysconfig/rsyslog //这个不用动
SYSLOGD_OPTIONS="-c 5" //6.0版以上不用动,5.8版应写为:SYSLOGD_OPTIONS="-c 2 -m 0 -r -x",兼容2版本
[root@localhost haproxy]# /etc/init.d/rsyslog restart //启动记录haproxy日志服务,6.4版启动无端口
[root@localhost haproxy]# vim /etc/rsyslog.conf //解决rsyslog启动服务后无端口问题
$ModLoad imudp //注释取消
$UDPServerRun 514 //注释取消
wq
[root@localhost haproxy]# /etc/init.d/rsyslog restart
[root@localhost haproxy]# netstat -anptu |grep 514
udp 0 0 0.0.0.0:514 0.0.0.0:* 27715/rsyslogd
udp 0 0 :::514 :::* 27715/rsyslogd
[root@localhost haproxy]# /etc/init.d/haproxy start //启动haproxy服务
[root@localhost haproxy]# ps -elf |grep haproxy //查看进程
[root@localhost haproxy]# /etc/init.d/haproxy stop //停止haproxy
//也可以用源码启动,如下:
/usr/local/haproxy/sbin/haproxy -f /etc/haproxy/haproxy.cfg -c //检查语法
/usr/local/haproxy/sbin/haproxy -f /etc/haproxy/haproxy.cfg -D //启动 pkill haproxy //停止
-f指定配置文件,-D后台启动,-q安静的执行,-c检查语法,-n并发连接数,-m使用内存多少M限制,-p指定把pid号写到哪个文件去,-sf平滑重启参数。
两台web服务器上配置:(192.168.4.100上)
[root@localhost 桌面]# yum -y install httpd
[root@localhost 桌面]# /etc/init.d/httpd start
[root@localhost 桌面]# vim /etc/httpd/conf/httpd.conf
#LogFormat "%h %l %u %t \"%r\" %>s %b" common //默认如此,修改为下面,把%h修改为:\"%{X-Forwarded-For}i\"
LogFormat "\"%{X-Forwarded-For}i\" %l %u %t \"%r\" %>s %b" common //记录客户端访问的真实IP的设置
NameVirtualHost *:80
<VirtualHost *:80>
ServerAdmin 1441107787@qq.com
DocumentRoot /changyou
ServerName www.changyou.com
ErrorLog logs/changyou-error_log
CustomLog logs/changyou-access_log common //记录客户端真实IP
</VirtualHost>
<VirtualHost *:80>
ServerAdmin 14411077@qq.com
DocumentRoot /tarena
ServerName www.tarena.com
ErrorLog logs/tarena-error_log
CustomLog logs/tarena-access_log common //记录客户机真实IP
</VirtualHost>
wq
[root@localhost 桌面]# /etc/init.d/httpd restart
[root@localhost 桌面]# mkdir /changyou
[root@localhost 桌面]# mkdir /tarena
[root@localhost 桌面]# echo changyou1 > /changyou/index.html
[root@localhost 桌面]# echo tarena1 > /tarena/index.html
两台web服务器上配置:(192.168.4.200上)
[root@localhost 桌面]# yum -y install httpd
[root@localhost 桌面]# /etc/init.d/httpd start
[root@localhost 桌面]# vim /etc/httpd/conf/httpd.conf
#LogFormat "%h %l %u %t \"%r\" %>s %b" common //默认如此,修改为下面,把%h修改为:\"%{X-Forwarded-For}i\"
LogFormat "\"%{X-Forwarded-For}i\" %l %u %t \"%r\" %>s %b" common //记录客户端访问的真实IP
NameVirtualHost *:80
<VirtualHost *:80>
ServerAdmin 1441107787@qq.com
DocumentRoot /changyou
ServerName www.changyou.com
ErrorLog logs/changyou-error_log
CustomLog logs/changyou-access_log common
</VirtualHost>
<VirtualHost *:80>
ServerAdmin 14411077@qq.com
DocumentRoot /tarena
ServerName www.tarena.com
ErrorLog logs/tarena-error_log
CustomLog logs/tarena-access_log common
</VirtualHost>
wq
[root@localhost 桌面]# /etc/init.d/httpd restart
[root@localhost 桌面]# mkdir /changyou
[root@localhost 桌面]# mkdir /tarena
[root@localhost 桌面]# echo changyou2 > /changyou/index.html
[root@localhost 桌面]# echo tarena2 > /tarena/index.html
客户端机器(172.10.10.6)
[root@localhost 桌面]# vim /etc/hosts
172.10.10.5 www.changyou.com www.tarena.com
[root@localhost 桌面]# curl www.changyou.com
changyou1
[root@localhost 桌面]# curl www.changyou.com
changyou2
[root@localhost 桌面]# curl www.changyou.com
changyou1
[root@localhost 桌面]# curl www.changyou.com
changyou1
[root@localhost 桌面]# curl www.changyou.com
changyou1
[root@localhost 桌面]# curl www.changyou.com
changyou2
[root@localhost 桌面]# curl www.changyou.com
changyou2
[root@localhost 桌面]# curl www.tarena.com
tarena1
[root@localhost 桌面]# curl www.tarena.com
tarena2
[root@localhost 桌面]# curl www.tarena.com
tarena2
[root@localhost 桌面]# curl www.tarena.com
tarena1
[root@localhost 桌面]# curl www.tarena.com
tarena1
[root@localhost 桌面]# curl www.tarena.com
tarena2
做个说明:当后端的服务器的其中一个宕机后,会被haproxy自动剔除集群,不演示了,但看到效果了。
客户端访问调度器的web页面,查看后端web服务器是否正常:
输入:http://调度器IP或域名/admin?Stats如下图:
输入配置文件中设置的用户名和密码:admin,123456,如下图:(当后台两服务器都正常时)
当web1宕机后,如下图:
当web1恢复启动后,web界面又恢复正常,如下图:
项目2:haproxy机器部署web集群(httpd是虚拟主机情况,健康检查站点网页,当检查到站点有网页才认为正常)
haproxy机器:(双网卡:eth0:192.168.4.5 eth1:172.10.10.5)(不用配hosts解析,客户端能自动按照域名识别) [root@localhost 桌面]# ifconfig eth0 |head -2
eth0 Link encap:Ethernet HWaddr 00:0C:29:90:BC:2C
inet addr:192.168.4.5 Bcast:192.168.4.255 Mask:255.255.255.0
[root@localhost 桌面]# ifconfig eth1 |head -2
eth1 Link encap:Ethernet HWaddr 00:0C:29:90:BC:36
inet addr:172.10.10.5 Bcast:172.10.10.255 Mask:255.255.255.0
[root@localhost 桌面]# vim /etc/sysctl.conf //也可不开路由转发,养成习惯最好
net.ipv4.ip_forward = 1
wq
[root@localhost 桌面]# sysctl -p
[root@localhost 桌面]# yum -y install gcc gcc-c++
[root@localhost 桌面]# ls
haproxy-1.4.24.tar.gz
[root@localhost 桌面]# tar -zxf haproxy-1.4.24.tar.gz
[root@localhost 桌面]# ls
haproxy-1.4.24 haproxy-1.4.24.tar.gz
[root@localhost 桌面]# cd haproxy-1.4.24
[root@localhost haproxy-1.4.24]# ls
CHANGELOG ebtree LICENSE Makefile.osx src TODO
contrib examples Makefile README SUBVERS VERDATE
doc include Makefile.bsd ROADMAP tests VERSION
[root@localhost haproxy-1.4.24]# make TARGET=linux2628 ARCH=x86_64 //编译,target指定内核,架构选择
[root@localhost haproxy-1.4.24]# make PREFIX=/usr/local/haproxy install
[root@localhost haproxy-1.4.24]# cd /usr/local/haproxy/
[root@localhost haproxy]# ls
doc sbin share
[root@localhost haproxy]# mkdir conf logs var/run var/chroot -p //优化目录结构,也可不做,根据需要
[root@localhost haproxy]# ls
conf doc logs sbin share var
安装后链接变量路径和cp配置文件和启动脚本:
[root@localhost haproxy]# ln -s /usr/local/haproxy/sbin/haproxy /usr/sbin/
[root@localhost haproxy]# mkdir /etc/haproxy
[root@localhost haproxy]# cp /root/桌面/haproxy-1.4.24/examples/haproxy.cfg /etc/haproxy/
[root@localhost haproxy]# cp /root/桌面/haproxy-1.4.24/examples/haproxy.init /etc/init.d/haproxy
[root@localhost haproxy]# chmod +x /etc/init.d/haproxy
[root@localhost haproxy]# /etc/init.d/haproxy start //第一次启动会报错,配置文件模板需改
[root@localhost haproxy]# vim /etc/haproxy/haproxy.cfg //健康检查站点网页
global
log 127.0.0.1:514 local0 warning
log 127.0.0.1 local1 notice
chroot /usr/local/haproxy/var/chroot
pidfile /usr/local/haproxy/var/run/haproxy.pid
maxconn 20480
nbproc 8
daemon
group haproxy
user haproxy
spread-checks 3
defaults
log global
mode http
option httplog
option dontlognull
retries 3
redispatch
maxconn 2000
contimeout 5000
clitimeout 50000
srvtimeout 50000
listen test
bind 172.10.10.5:80
mode http
stats enable
stats uri /admin?stats //web界面的uri,访问时格式:http://调度IP或域名/admin?stats
stats hide-version
stats auth admin:123456
balance roundrobin
option forwardfor //在web网站配置日志中能够看到客户端真实的IP,不好演示,做一个说明即可。
option httpchk HEAD /check.html HTTP/1.0 //当站点目录有check.html才认为网站正常,HEAD也可换成GET
timeout server 15s
timeout connect 15s
option httpclose
cookie SERVERID rewrite
server web1 192.168.4.100:80 cookie A maxconn 2048 weight 1 check port 80 inter 2000 rise 2 fall 5
server web2 192.168.4.200:80 cookie B maxconn 4096 weight 1 check port 80 inter 2000 rise 2 fall 5
wq
[root@localhost haproxy]# useradd -s /sbin/nologin haproxy -M
利用rsyslog配置haproxy记录日志功能: //当看/usr/local/haproxy/logs/haproxy.log可看haproxy日志,只做下说明
[root@localhost haproxy]# echo "local0.* /usr/local/haproxy/logs/haproxy.log" >> /etc/rsyslog.conf
[root@localhost haproxy]# tail -1 /etc/rsyslog.conf
local0.* /usr/local/haproxy/logs/haproxy.log //因为haproxy.cfg中是local0,用这个设备写日志
[root@localhost haproxy]# tail -1 /etc/sysconfig/rsyslog //这个不用动
SYSLOGD_OPTIONS="-c 5" //6.0版以上不用动,5.8版应写为:SYSLOGD_OPTIONS="-c 2 -m 0 -r -x",兼容2版本
[root@localhost haproxy]# /etc/init.d/rsyslog restart //启动记录haproxy日志服务,6.4版启动无端口
[root@localhost haproxy]# vim /etc/rsyslog.conf //解决rsyslog启动服务后无端口问题
$ModLoad imudp //注释取消
$UDPServerRun 514 //注释取消
wq
[root@localhost haproxy]# /etc/init.d/rsyslog restart
[root@localhost haproxy]# netstat -anptu |grep 514
udp 0 0 0.0.0.0:514 0.0.0.0:* 27715/rsyslogd
udp 0 0 :::514 :::* 27715/rsyslogd
[root@localhost haproxy]# /etc/init.d/haproxy start //启动haproxy服务
[root@localhost haproxy]# ps -elf |grep haproxy //查看进程
[root@localhost haproxy]# /etc/init.d/haproxy stop //停止haproxy
//也可以用源码启动,如下:
/usr/local/haproxy/sbin/haproxy -f /etc/haproxy/haproxy.cfg -c //检查语法
/usr/local/haproxy/sbin/haproxy -f /etc/haproxy/haproxy.cfg -D //启动 pkill haproxy //停止
-f指定配置文件,-D后台启动,-q安静的执行,-c检查语法,-n并发连接数,-m使用内存多少M限制,-p指定把pid号写到哪个文件去,-sf平滑重启参数。
两台web服务器上配置:(192.168.4.100上) //此时站点目录没有check.html,但两web服务都启动正常
[root@localhost 桌面]# yum -y install httpd
[root@localhost 桌面]# /etc/init.d/httpd start
[root@localhost 桌面]# vim /etc/httpd/conf/httpd.conf
#LogFormat "%h %l %u %t \"%r\" %>s %b" common //默认如此,修改为下面,把%h修改为:\"%{X-Forwarded-For}i\"
LogFormat "\"%{X-Forwarded-For}i\" %l %u %t \"%r\" %>s %b" common //记录客户端访问的真实IP的设置
NameVirtualHost *:80
<VirtualHost *:80>
ServerAdmin 1441107787@qq.com
DocumentRoot /changyou
ServerName www.changyou.com
ErrorLog logs/changyou-error_log
CustomLog logs/changyou-access_log common //记录客户端真实IP
</VirtualHost>
<VirtualHost *:80>
ServerAdmin 14411077@qq.com
DocumentRoot /tarena
ServerName www.tarena.com
ErrorLog logs/tarena-error_log
CustomLog logs/tarena-access_log common //记录客户端真实IP
</VirtualHost>
wq
[root@localhost 桌面]# /etc/init.d/httpd restart
[root@localhost 桌面]# mkdir /changyou
[root@localhost 桌面]# mkdir /tarena
[root@localhost 桌面]# echo changyou1 > /changyou/index.html
[root@localhost 桌面]# echo tarena1 > /tarena/index.html
两台web服务器上配置:(192.168.4.200上) //此时站点目录没有check.html,但两web服务都启动正常
[root@localhost 桌面]# yum -y install httpd
[root@localhost 桌面]# /etc/init.d/httpd start
[root@localhost 桌面]# vim /etc/httpd/conf/httpd.conf
#LogFormat "%h %l %u %t \"%r\" %>s %b" common //默认如此,修改为下面,把%h修改为:\"%{X-Forwarded-For}i\"
LogFormat "\"%{X-Forwarded-For}i\" %l %u %t \"%r\" %>s %b" common //记录客户端访问的真实IP
NameVirtualHost *:80
<VirtualHost *:80>
ServerAdmin 1441107787@qq.com
DocumentRoot /changyou
ServerName www.changyou.com
ErrorLog logs/changyou-error_log
CustomLog logs/changyou-access_log common
</VirtualHost>
<VirtualHost *:80>
ServerAdmin 14411077@qq.com
DocumentRoot /tarena
ServerName www.tarena.com
ErrorLog logs/tarena-error_log //记录客户端真实IP
CustomLog logs/tarena-access_log common
</VirtualHost>
wq
[root@localhost 桌面]# /etc/init.d/httpd restart
[root@localhost 桌面]# mkdir /changyou
[root@localhost 桌面]# mkdir /tarena
[root@localhost 桌面]# echo changyou2 > /changyou/index.html
[root@localhost 桌面]# echo tarena2 > /tarena/index.html
客户端机器(172.10.10.6)访问测试: //因为检查不到站点目录的check.html,所以认为不正常,访问不到
[root@localhost 桌面]# vim /etc/hosts
172.10.10.5 www.changyou.com www.tarena.com
[root@localhost 桌面]# curl www.changyou.com
<html><body><h1>503 Service Unavailable</h1>
No server is available to handle this request.
</body></html>
[root@localhost 桌面]# curl www.changyou.com
<html><body><h1>503 Service Unavailable</h1>
No server is available to handle this request.
</body></html>
[root@localhost 桌面]# curl www.tarena.com
<html><body><h1>503 Service Unavailable</h1>
No server is available to handle this request.
</body></html>
[root@localhost 桌面]# curl www.changyou.com
<html><body><h1>503 Service Unavailable</h1>
No server is available to handle this request.
</body></html>
两台web服务器上配置:(192.168.4.100上) //此时站点目录有check.html
[root@localhost 桌面]# touch /changyou/check.html
[root@localhost 桌面]# touch /tarena/check.html
两台web服务器上配置:(192.168.4.200上) //此时站点目录有check.html
[root@localhost 桌面]# touch /changyou/check.html
[root@localhost 桌面]# touch /tarena/check.html
客户端机器(172.10.10.6)访问测试: //因为能检查到站点目录的check.html,所以认为正常,可以访问
[root@localhost 桌面]# curl www.changyou.com
changyou1
[root@localhost 桌面]# curl www.changyou.com
changyou1
[root@localhost 桌面]# curl www.changyou.com
changyou1
[root@localhost 桌面]# curl www.changyou.com
changyou2
[root@localhost 桌面]# curl www.changyou.com
changyou2
[root@localhost 桌面]# curl www.changyou.com
changyou1
[root@localhost 桌面]# curl www.changyou.com
changyou1
[root@localhost 桌面]# curl www.changyou.com
changyou2
[root@localhost 桌面]# curl www.changyou.com
changyou2
[root@localhost 桌面]# curl www.changyou.com
changyou2
[root@localhost 桌面]# curl www.tarena.com
tarena1
[root@localhost 桌面]# curl www.tarena.com
tarena1
[root@localhost 桌面]# curl www.tarena.com
tarena2
[root@localhost 桌面]# curl www.tarena.com
tarena1
[root@localhost 桌面]# curl www.tarena.com
tarena2
[root@localhost 桌面]# curl www.tarena.com
tarena2
做个说明:当后端的服务器的其中一个宕机后,会被haproxy自动剔除集群,不演示了,但看到效果了。
客户端访问调度器的web页面,查看后端web服务器是否正常:
输入:http://调度器IP或域名/admin?Stats如下图:
输入配置文件中设置的用户名和密码:admin,123456,如下图:(当后台两服务器都正常时)
当web1宕机后或者web1正常,但是站点目录无check.html,如下图:
当web1恢复启动且站点目录有check.html后,web界面又恢复正常,如下图:
基于acl控制的调度器设置(无listen,但有frontend和backend)
项目1:基于定义域名acl规则,然后根据不同域名抛给后面对应服务器池中或跳转。
要求:访问www.chagnyou.com时,抛给后面的chagnyou池,访问baidu.com时,跳转到真实的百度(无法测试),默认的IP或域名访问时,默认抛给后面的tarena池。
haproxy机器:(双网卡:eth0:192.168.4.5 eth1:172.10.10.5)(不用配hosts解析,客户端也能识别)
[root@localhost 桌面]# ifconfig eth0 |head -2
eth0 Link encap:Ethernet HWaddr 00:0C:29:90:BC:2C
inet addr:192.168.4.5 Bcast:192.168.4.255 Mask:255.255.255.0
[root@localhost 桌面]# ifconfig eth1 |head -2
eth1 Link encap:Ethernet HWaddr 00:0C:29:90:BC:36
inet addr:172.10.10.5 Bcast:172.10.10.255 Mask:255.255.255.0
[root@localhost 桌面]# vim /etc/sysctl.conf //也可不开路由转发,养成习惯最好
net.ipv4.ip_forward = 1
wq
[root@localhost 桌面]# sysctl -p
[root@localhost 桌面]# yum -y install gcc gcc-c++
[root@localhost 桌面]# ls
haproxy-1.4.24.tar.gz
[root@localhost 桌面]# tar -zxf haproxy-1.4.24.tar.gz
[root@localhost 桌面]# ls
haproxy-1.4.24 haproxy-1.4.24.tar.gz
[root@localhost 桌面]# cd haproxy-1.4.24
[root@localhost haproxy-1.4.24]# ls
CHANGELOG ebtree LICENSE Makefile.osx src TODO
contrib examples Makefile README SUBVERS VERDATE
doc include Makefile.bsd ROADMAP tests VERSION
[root@localhost haproxy-1.4.24]# make TARGET=linux2628 ARCH=x86_64 //编译,target指定内核,架构选择
[root@localhost haproxy-1.4.24]# make PREFIX=/usr/local/haproxy install
[root@localhost haproxy-1.4.24]# cd /usr/local/haproxy/
[root@localhost haproxy]# ls
doc sbin share
[root@localhost haproxy]# mkdir conf logs var/run var/chroot -p //优化目录结构,也可不做,根据需要
[root@localhost haproxy]# ls
conf doc logs sbin share var
安装后链接变量路径和cp配置文件和启动脚本:
[root@localhost haproxy]# ln -s /usr/local/haproxy/sbin/haproxy /usr/sbin/
[root@localhost haproxy]# mkdir /etc/haproxy
[root@localhost haproxy]# cp /root/桌面/haproxy-1.4.24/examples/haproxy.cfg /etc/haproxy/
[root@localhost haproxy]# cp /root/桌面/haproxy-1.4.24/examples/haproxy.init /etc/init.d/haproxy
[root@localhost haproxy]# chmod +x /etc/init.d/haproxy
[root@localhost haproxy]# /etc/init.d/haproxy start //第一次启动会报错,配置文件模板需改
[root@localhost haproxy]# vim /etc/haproxy/haproxy.cfg
global
log 127.0.0.1:514 local0 warning
log 127.0.0.1 local1 notice
chroot /usr/local/haproxy/var/chroot
pidfile /usr/local/haproxy/var/run/haproxy.pid
maxconn 20480
nbproc 8
daemon
group haproxy
user haproxy
spread-checks 3
defaults
log global
option httplog
option dontlognull
retries 3
redispatch
maxconn 2000
contimeout 5000
clitimeout 50000
srvtimeout 50000
mode http
stats enable
stats uri /admin?stats
stats hide-version
stats auth admin:123456
balance roundrobin
frontend zdyname
mode http
stats enable
stats uri /admin?stats
stats hide-version
stats auth admin:123456
bind 172.10.10.5:80
acl bd_zdyname hdr(host) -i baidu.com
acl cy_zdyname hdr(host) -i www.changyou.com
redirect prefix http://www.baidu.com code 301 if bd_zdyname
use_backend changyou if cy_zdyname
default_backend tarena
backend changyou
balance roundrobin
option httpclose
option forwardfor
server web1 192.168.4.100:80 cookie A maxconn 2048 weight 1 check port 80 inter 2000 rise 2 fall 5
backend tarena
balance roundrobin
option httpclose
option forwardfor
server web2 192.168.4.200:80 cookie A maxconn 2048 weight 1 check port 80 inter 2000 rise 2 fall 5
wq
[root@localhost haproxy]# useradd -s /sbin/nologin haproxy -M
利用rsyslog配置haproxy记录日志功能: //当看/usr/local/haproxy/logs/haproxy.log可看haproxy日志,只做下说明
[root@localhost haproxy]# echo "local0.* /usr/local/haproxy/logs/haproxy.log" >> /etc/rsyslog.conf
[root@localhost haproxy]# tail -1 /etc/rsyslog.conf
local0.* /usr/local/haproxy/logs/haproxy.log //因为haproxy.cfg中是local0,用这个设备写日志
[root@localhost haproxy]# tail -1 /etc/sysconfig/rsyslog //这个不用动
SYSLOGD_OPTIONS="-c 5" //6.0版以上不用动,5.8版应写为:SYSLOGD_OPTIONS="-c 2 -m 0 -r -x",兼容2版本
[root@localhost haproxy]# /etc/init.d/rsyslog restart //启动记录haproxy日志服务,6.4版启动无端口
[root@localhost haproxy]# vim /etc/rsyslog.conf //解决rsyslog启动服务后无端口问题
$ModLoad imudp //注释取消
$UDPServerRun 514 //注释取消
wq
[root@localhost haproxy]# /etc/init.d/rsyslog restart
[root@localhost haproxy]# netstat -anptu |grep 514
udp 0 0 0.0.0.0:514 0.0.0.0:* 27715/rsyslogd
udp 0 0 :::514 :::* 27715/rsyslogd
[root@localhost haproxy]# /etc/init.d/haproxy start //启动haproxy服务
[root@localhost haproxy]# ps -elf |grep haproxy //查看进程
[root@localhost haproxy]# /etc/init.d/haproxy stop //停止haproxy
//也可以用源码启动,如下:
/usr/local/haproxy/sbin/haproxy -f /etc/haproxy/haproxy.cfg -c //检查语法
/usr/local/haproxy/sbin/haproxy -f /etc/haproxy/haproxy.cfg -D //启动 pkill haproxy //停止
-f指定配置文件,-D后台启动,-q安静的执行,-c检查语法,-n并发连接数,-m使用内存多少M限制,-p指定把pid号写到哪个文件去,-sf平滑重启参数。
两台web服务器上配置:(192.168.4.100上)
[root@localhost 桌面]# yum -y install httpd
[root@localhost 桌面]# /etc/init.d/httpd start
[root@localhost 桌面]# vim /etc/httpd/conf/httpd.conf
#LogFormat "%h %l %u %t \"%r\" %>s %b" common //默认如此,修改为下面,把%h修改为:\"%{X-Forwarded-For}i\"
LogFormat "\"%{X-Forwarded-For}i\" %l %u %t \"%r\" %>s %b" common //记录客户端访问的真实IP
NameVirtualHost *:80
<VirtualHost *:80>
ServerAdmin 1441107787@qq.com
DocumentRoot /changyou
ServerName www.changyou.com
ErrorLog logs/changyou-error_log
CustomLog logs/changyou-access_log common
</VirtualHost>
wq
[root@localhost 桌面]# mkdir /changyou
[root@localhost 桌面]# echo changyou > /changyou/index.html
[root@localhost 桌面]# /etc/init.d/httpd restart
两台web服务器上配置:(192.168.4.200上)
[root@localhost 桌面]# yum -y install httpd
[root@localhost 桌面]# /etc/init.d/httpd start
[root@localhost 桌面]# vim /etc/httpd/conf/httpd.conf
#LogFormat "%h %l %u %t \"%r\" %>s %b" common //默认如此,修改为下面,把%h修改为:\"%{X-Forwarded-For}i\"
LogFormat "\"%{X-Forwarded-For}i\" %l %u %t \"%r\" %>s %b" common //记录客户端访问的真实IP
NameVirtualHost *:80
<VirtualHost *:80>
ServerAdmin 14411077@qq.com
DocumentRoot /tarena
ServerName www.tarena.com
ErrorLog logs/tarena-error_log
CustomLog logs/tarena-access_log common
</VirtualHost>
wq
[root@localhost 桌面]# mkdir /tarena
[root@localhost 桌面]# echo tarena > /tarena/index.html
[root@localhost 桌面]# /etc/init.d/httpd restart
客户端访问调度器测试:(172.10.10.6)
[root@localhost 桌面]# vim /etc/hosts
172.10.10.5 www.changyou.com www.tarena.com www.test.com
[root@localhost 桌面]# curl baidu.com //无环境,无法测试。
curl: (6) Couldn't resolve host 'baidu.com'
[root@localhost 桌面]# curl www.changyou.com //当用changyou域名访问时,仅仅解析到changyou池
changyou
[root@localhost 桌面]# curl www.tarena.com
tarena
[root@localhost 桌面]# curl www.test.com //当默认访问时,仅仅解析到tarena池
tarena
[root@localhost 桌面]# curl 172.10.10.5 //当默认访问时,仅仅解析到tarena池
tarena
说明:客户端也可输入:http;//调度器IP或域名/admin?stats来查看后面各个节点是否处于正常状态,用户名和密码为:admin,123456,访问后如下图:
项目2:基于访问站点下的不同目录时,到后面对应池中找服务器的对应站点目录
haproxy机器:(双网卡:eth0:192.168.4.5 eth1:172.10.10.5)(不用配hosts解析,客户端也能识别)
[root@localhost 桌面]# ifconfig eth0 |head -2
eth0 Link encap:Ethernet HWaddr 00:0C:29:90:BC:2C
inet addr:192.168.4.5 Bcast:192.168.4.255 Mask:255.255.255.0
[root@localhost 桌面]# ifconfig eth1 |head -2
eth1 Link encap:Ethernet HWaddr 00:0C:29:90:BC:36
inet addr:172.10.10.5 Bcast:172.10.10.255 Mask:255.255.255.0
[root@localhost 桌面]# vim /etc/sysctl.conf //也可不开路由转发,养成习惯最好
net.ipv4.ip_forward = 1
wq
[root@localhost 桌面]# sysctl -p
[root@localhost 桌面]# yum -y install gcc gcc-c++
[root@localhost 桌面]# ls
haproxy-1.4.24.tar.gz
[root@localhost 桌面]# tar -zxf haproxy-1.4.24.tar.gz
[root@localhost 桌面]# ls
haproxy-1.4.24 haproxy-1.4.24.tar.gz
[root@localhost 桌面]# cd haproxy-1.4.24
[root@localhost haproxy-1.4.24]# ls
CHANGELOG ebtree LICENSE Makefile.osx src TODO
contrib examples Makefile README SUBVERS VERDATE
doc include Makefile.bsd ROADMAP tests VERSION
[root@localhost haproxy-1.4.24]# make TARGET=linux2628 ARCH=x86_64 //编译,target指定内核,架构选择
[root@localhost haproxy-1.4.24]# make PREFIX=/usr/local/haproxy install
[root@localhost haproxy-1.4.24]# cd /usr/local/haproxy/
[root@localhost haproxy]# ls
doc sbin share
[root@localhost haproxy]# mkdir conf logs var/run var/chroot -p //优化目录结构,也可不做,根据需要
[root@localhost haproxy]# ls
conf doc logs sbin share var
安装后链接变量路径和cp配置文件和启动脚本:
[root@localhost haproxy]# ln -s /usr/local/haproxy/sbin/haproxy /usr/sbin/
[root@localhost haproxy]# mkdir /etc/haproxy
[root@localhost haproxy]# cp /root/桌面/haproxy-1.4.24/examples/haproxy.cfg /etc/haproxy/
[root@localhost haproxy]# cp /root/桌面/haproxy-1.4.24/examples/haproxy.init /etc/init.d/haproxy
[root@localhost haproxy]# chmod +x /etc/init.d/haproxy
[root@localhost haproxy]# /etc/init.d/haproxy start //第一次启动会报错,配置文件模板需改
[root@localhost haproxy]# vim /etc/haproxy/haproxy.cfg
global
log 127.0.0.1:514 local0 warning
log 127.0.0.1 local1 notice
chroot /usr/local/haproxy/var/chroot
pidfile /usr/local/haproxy/var/run/haproxy.pid
maxconn 20480
nbproc 8
daemon
group haproxy
user haproxy
spread-checks 3
defaults
log global
option httplog
option dontlognull
retries 3
redispatch
maxconn 2000
contimeout 5000
clitimeout 50000
srvtimeout 50000
mode http
stats enable
stats uri /admin?stats
stats hide-version
stats auth admin:123456
balance roundrobin
frontend zdyname
mode http
stats enable
stats uri /admin?stats
stats hide-version
stats auth admin:123456
bind 172.10.10.5:80
acl zdy_cy path_beg /changyou
acl zdy_tarena path_beg /tarena
use_backend changyou if zdy_cy
use_backend tarena if zdy_tarena
backend changyou
balance roundrobin
option httpclose
option forwardfor
server web1 192.168.4.100:80 cookie A maxconn 2048 weight 1 check port 80 inter 2000 rise 2 fall 5
backend tarena
balance roundrobin
option httpclose
option forwardfor
server web2 192.168.4.200:80 cookie A maxconn 2048 weight 1 check port 80 inter 2000 rise 2 fall 5
wq
[root@localhost haproxy]# useradd -s /sbin/nologin haproxy -M
利用rsyslog配置haproxy记录日志功能: //当看/usr/local/haproxy/logs/haproxy.log可看haproxy日志,只做下说明
[root@localhost haproxy]# echo "local0.* /usr/local/haproxy/logs/haproxy.log" >> /etc/rsyslog.conf
[root@localhost haproxy]# tail -1 /etc/rsyslog.conf
local0.* /usr/local/haproxy/logs/haproxy.log //因为haproxy.cfg中是local0,用这个设备写日志
[root@localhost haproxy]# tail -1 /etc/sysconfig/rsyslog //这个不用动
SYSLOGD_OPTIONS="-c 5" //6.0版以上不用动,5.8版应写为:SYSLOGD_OPTIONS="-c 2 -m 0 -r -x",兼容2版本
[root@localhost haproxy]# /etc/init.d/rsyslog restart //启动记录haproxy日志服务,6.4版启动无端口
[root@localhost haproxy]# vim /etc/rsyslog.conf //解决rsyslog启动服务后无端口问题
$ModLoad imudp //注释取消
$UDPServerRun 514 //注释取消
wq
[root@localhost haproxy]# /etc/init.d/rsyslog restart
[root@localhost haproxy]# netstat -anptu |grep 514
udp 0 0 0.0.0.0:514 0.0.0.0:* 27715/rsyslogd
udp 0 0 :::514 :::* 27715/rsyslogd
[root@localhost haproxy]# /etc/init.d/haproxy start //启动haproxy服务
[root@localhost haproxy]# ps -elf |grep haproxy //查看进程
[root@localhost haproxy]# /etc/init.d/haproxy stop //停止haproxy
//也可以用源码启动,如下:
/usr/local/haproxy/sbin/haproxy -f /etc/haproxy/haproxy.cfg -c //检查语法
/usr/local/haproxy/sbin/haproxy -f /etc/haproxy/haproxy.cfg -D //启动 pkill haproxy //停止
-f指定配置文件,-D后台启动,-q安静的执行,-c检查语法,-n并发连接数,-m使用内存多少M限制,-p指定把pid号写到哪个文件去,-sf平滑重启参数。
两台web服务器上配置:(192.168.4.100上)
[root@localhost 桌面]# yum -y install httpd
[root@localhost 桌面]# /etc/init.d/httpd start
[root@localhost 桌面]# vim /etc/httpd/conf/httpd.conf
#LogFormat "%h %l %u %t \"%r\" %>s %b" common //默认如此,修改为下面,把%h修改为:\"%{X-Forwarded-For}i\"
LogFormat "\"%{X-Forwarded-For}i\" %l %u %t \"%r\" %>s %b" common //记录客户端访问的真实IP
NameVirtualHost *:80
<VirtualHost *:80>
ServerAdmin 1441107787@qq.com
DocumentRoot /changyou
ServerName www.changyou.com
ErrorLog logs/changyou-error_log
CustomLog logs/changyou-access_log common
</VirtualHost>
wq
[root@localhost 桌面]# mkdir /changyou/changyou -p
[root@localhost 桌面]# echo changyou > /changyou/changyou/index.html
[root@localhost 桌面]# /etc/init.d/httpd restart
两台web服务器上配置:(192.168.4.200上)
[root@localhost 桌面]# yum -y install httpd
[root@localhost 桌面]# /etc/init.d/httpd start
[root@localhost 桌面]# vim /etc/httpd/conf/httpd.conf
#LogFormat "%h %l %u %t \"%r\" %>s %b" common //默认如此,修改为下面,把%h修改为:\"%{X-Forwarded-For}i\"
LogFormat "\"%{X-Forwarded-For}i\" %l %u %t \"%r\" %>s %b" common //记录客户端访问的真实IP
NameVirtualHost *:80
<VirtualHost *:80>
ServerAdmin 14411077@qq.com
DocumentRoot /tarena
ServerName www.tarena.com
ErrorLog logs/tarena-error_log
CustomLog logs/tarena-access_log common
</VirtualHost>
wq
[root@localhost 桌面]# mkdir /tarena/tarena -p
[root@localhost 桌面]# echo tarena > /tarena/tarena/index.html
[root@localhost 桌面]# /etc/init.d/httpd restart
客户端访问调度器测试:(172.10.10.6)
[root@localhost 桌面]# vim /etc/hosts
172.10.10.5 www.changyou.com www.tarena.com www.test.com
[root@localhost 桌面]# curl www.changyou.com
<html><body><h1>503 Service Unavailable</h1>
No server is available to handle this request.
</body></html>
[root@localhost 桌面]# curl www.tarena.com
<html><body><h1>503 Service Unavailable</h1>
No server is available to handle this request.
</body></html>
[root@localhost 桌面]# curl www.changyou.com/changyou/
changyou
[root@localhost 桌面]# curl www.tarena.com/tarena/
tarena
两台web把各自站点目录都删除:
192.168.4.100上:
[root@localhost 桌面]# rm -rf /changyou/changyou/
192.168.4.200上:
[root@localhost 桌面]# rm -rf /tarena/tarena/
客户端(172.10.10.6)访问调度器,客户端访问如下结果:
[root@localhost 桌面]# curl www.changyou.com/changyou/
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /changyou/ was not found on this server.</p>
<hr>
<address>Apache/2.2.15 (Red Hat) Server at www.changyou.com Port 80</address>
</body></html>
[root@localhost 桌面]# curl www.tarena.com/tarena/
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /tarena/ was not found on this server.</p>
<hr>
<address>Apache/2.2.15 (Red Hat) Server at www.tarena.com Port 80</address>
</body></html>
说明:客户端也可输入:http;//调度器IP或域名/admin?stats来查看后面各个节点是否处于正常状态,用户名和密码为:admin,123456,访问如下图:
项目3:基于访问站点目录下的扩展名访问资源时,抛给对应后端池服务器访问
haproxy机器:(双网卡:eth0:192.168.4.5 eth1:172.10.10.5)(不用配hosts解析,客户端也能识别)
[root@localhost 桌面]# ifconfig eth0 |head -2
eth0 Link encap:Ethernet HWaddr 00:0C:29:90:BC:2C
inet addr:192.168.4.5 Bcast:192.168.4.255 Mask:255.255.255.0
[root@localhost 桌面]# ifconfig eth1 |head -2
eth1 Link encap:Ethernet HWaddr 00:0C:29:90:BC:36
inet addr:172.10.10.5 Bcast:172.10.10.255 Mask:255.255.255.0
[root@localhost 桌面]# vim /etc/sysctl.conf //也可不开路由转发,养成习惯最好
net.ipv4.ip_forward = 1
wq
[root@localhost 桌面]# sysctl -p
[root@localhost 桌面]# yum -y install gcc gcc-c++
[root@localhost 桌面]# ls
haproxy-1.4.24.tar.gz
[root@localhost 桌面]# tar -zxf haproxy-1.4.24.tar.gz
[root@localhost 桌面]# ls
haproxy-1.4.24 haproxy-1.4.24.tar.gz
[root@localhost 桌面]# cd haproxy-1.4.24
[root@localhost haproxy-1.4.24]# ls
CHANGELOG ebtree LICENSE Makefile.osx src TODO
contrib examples Makefile README SUBVERS VERDATE
doc include Makefile.bsd ROADMAP tests VERSION
[root@localhost haproxy-1.4.24]# make TARGET=linux2628 ARCH=x86_64 //编译,target指定内核,架构选择
[root@localhost haproxy-1.4.24]# make PREFIX=/usr/local/haproxy install
[root@localhost haproxy-1.4.24]# cd /usr/local/haproxy/
[root@localhost haproxy]# ls
doc sbin share
[root@localhost haproxy]# mkdir conf logs var/run var/chroot -p //优化目录结构,也可不做,根据需要
[root@localhost haproxy]# ls
conf doc logs sbin share var
安装后链接变量路径和cp配置文件和启动脚本:
[root@localhost haproxy]# ln -s /usr/local/haproxy/sbin/haproxy /usr/sbin/
[root@localhost haproxy]# mkdir /etc/haproxy
[root@localhost haproxy]# cp /root/桌面/haproxy-1.4.24/examples/haproxy.cfg /etc/haproxy/
[root@localhost haproxy]# cp /root/桌面/haproxy-1.4.24/examples/haproxy.init /etc/init.d/haproxy
[root@localhost haproxy]# chmod +x /etc/init.d/haproxy
[root@localhost haproxy]# /etc/init.d/haproxy start //第一次启动会报错,配置文件模板需改
[root@localhost haproxy]# vim /etc/haproxy/haproxy.cfg
global
log 127.0.0.1:514 local0 warning
log 127.0.0.1 local1 notice
chroot /usr/local/haproxy/var/chroot
pidfile /usr/local/haproxy/var/run/haproxy.pid
maxconn 20480
nbproc 8
daemon
group haproxy
user haproxy
spread-checks 3
defaults
log global
option httplog
option dontlognull
retries 3
redispatch
maxconn 2000
contimeout 5000
clitimeout 50000
srvtimeout 50000
mode http
stats enable
stats uri /admin?stats
stats hide-version
stats auth admin:123456
balance roundrobin
frontend zdyname
mode http
stats enable
stats uri /admin?stats
stats hide-version
stats auth admin:123456
bind 172.10.10.5:80
acl zdy_pic path_end .gif .png .jpg .css .js
acl zdy_static path_end .gif .png .jpg .css
use_backend static_changyou if zdy_pic or zdy_static
backend static_changyou
balance roundrobin
option httpclose
option forwardfor
server web1 192.168.4.100:80 cookie A maxconn 2048 weight 1 check port 80 inter 2000 rise 2 fall 5
backend tarena
balance roundrobin
option httpclose
option forwardfor
server web2 192.168.4.200:80 cookie A maxconn 2048 weight 1 check port 80 inter 2000 rise 2 fall 5
wq
[root@localhost haproxy]# useradd -s /sbin/nologin haproxy -M
利用rsyslog配置haproxy记录日志功能: //当看/usr/local/haproxy/logs/haproxy.log可看haproxy日志,只做下说明
[root@localhost haproxy]# echo "local0.* /usr/local/haproxy/logs/haproxy.log" >> /etc/rsyslog.conf
[root@localhost haproxy]# tail -1 /etc/rsyslog.conf
local0.* /usr/local/haproxy/logs/haproxy.log //因为haproxy.cfg中是local0,用这个设备写日志
[root@localhost haproxy]# tail -1 /etc/sysconfig/rsyslog //这个不用动
SYSLOGD_OPTIONS="-c 5" //6.0版以上不用动,5.8版应写为:SYSLOGD_OPTIONS="-c 2 -m 0 -r -x",兼容2版本
[root@localhost haproxy]# /etc/init.d/rsyslog restart //启动记录haproxy日志服务,6.4版启动无端口
[root@localhost haproxy]# vim /etc/rsyslog.conf //解决rsyslog启动服务后无端口问题
$ModLoad imudp //注释取消
$UDPServerRun 514 //注释取消
wq
[root@localhost haproxy]# /etc/init.d/rsyslog restart
[root@localhost haproxy]# netstat -anptu |grep 514
udp 0 0 0.0.0.0:514 0.0.0.0:* 27715/rsyslogd
udp 0 0 :::514 :::* 27715/rsyslogd
[root@localhost haproxy]# /etc/init.d/haproxy start //启动haproxy服务
[root@localhost haproxy]# ps -elf |grep haproxy //查看进程
[root@localhost haproxy]# /etc/init.d/haproxy stop //停止haproxy
//也可以用源码启动,如下:
/usr/local/haproxy/sbin/haproxy -f /etc/haproxy/haproxy.cfg -c //检查语法
/usr/local/haproxy/sbin/haproxy -f /etc/haproxy/haproxy.cfg -D //启动 pkill haproxy //停止
-f指定配置文件,-D后台启动,-q安静的执行,-c检查语法,-n并发连接数,-m使用内存多少M限制,-p指定把pid号写到哪个文件去,-sf平滑重启参数。
两台web服务器上配置:(192.168.4.100上)
[root@localhost 桌面]# yum -y install httpd
[root@localhost 桌面]# /etc/init.d/httpd start
[root@localhost 桌面]# vim /etc/httpd/conf/httpd.conf
#LogFormat "%h %l %u %t \"%r\" %>s %b" common //默认如此,修改为下面,把%h修改为:\"%{X-Forwarded-For}i\"
LogFormat "\"%{X-Forwarded-For}i\" %l %u %t \"%r\" %>s %b" common //记录客户端访问的真实IP
NameVirtualHost *:80
<VirtualHost *:80>
ServerAdmin 1441107787@qq.com
DocumentRoot /changyou
ServerName www.changyou.com
ErrorLog logs/changyou-error_log
CustomLog logs/changyou-access_log common
</VirtualHost>
wq
[root@localhost 桌面]# mkdir /changyou
[root@localhost 桌面]# mv changyou.jpg /changyou/
[root@localhost 桌面]# ls /changyou/
changyou.jpg
[root@localhost 桌面]# /etc/init.d/httpd restart
两台web服务器上配置:(192.168.4.200上)
[root@localhost 桌面]# yum -y install httpd
[root@localhost 桌面]# /etc/init.d/httpd start
[root@localhost 桌面]# vim /etc/httpd/conf/httpd.conf
#LogFormat "%h %l %u %t \"%r\" %>s %b" common //默认如此,修改为下面,把%h修改为:\"%{X-Forwarded-For}i\"
LogFormat "\"%{X-Forwarded-For}i\" %l %u %t \"%r\" %>s %b" common //记录客户端访问的真实IP
NameVirtualHost *:80
<VirtualHost *:80>
ServerAdmin 14411077@qq.com
DocumentRoot /tarena
ServerName www.tarena.com
ErrorLog logs/tarena-error_log
CustomLog logs/tarena-access_log common
</VirtualHost>
wq
[root@localhost 桌面]# mkdir /tarena
[root@localhost 桌面]# mv tarena.jpg /tarena/
[root@localhost 桌面]# ls /tarena/
tarena.jpg
[root@localhost 桌面]# /etc/init.d/httpd restart
客户端访问调度器测试:(172.10.10.6)
[root@localhost 桌面]# vim /etc/hosts
172.10.10.5 www.changyou.com www.tarena.com www.test.com
说明:客户端也可输入:http;//调度器IP或域名/admin?stats来查看后面各个节点是否处于正常状态,用户名和密码为:admin,123456,访问时如下图:
项目4:定义域名acl规则,根据不同域名抛给后面对应服务器池中,但基于端口和IP访问限制做控制
要求:访问www.chagnyou.com时,抛给后面的chagnyou池,默认的IP或域名访问时,默认抛给后面的tarena池。
haproxy机器:(双网卡:eth0:192.168.4.5 eth1:172.10.10.5)(不用配hosts解析,客户端也能识别)
[root@localhost 桌面]# ifconfig eth0 |head -2
eth0 Link encap:Ethernet HWaddr 00:0C:29:90:BC:2C
inet addr:192.168.4.5 Bcast:192.168.4.255 Mask:255.255.255.0
[root@localhost 桌面]# ifconfig eth1 |head -2
eth1 Link encap:Ethernet HWaddr 00:0C:29:90:BC:36
inet addr:172.10.10.5 Bcast:172.10.10.255 Mask:255.255.255.0
[root@localhost 桌面]# vim /etc/sysctl.conf //也可不开路由转发,养成习惯最好
net.ipv4.ip_forward = 1
wq
[root@localhost 桌面]# sysctl -p
[root@localhost 桌面]# yum -y install gcc gcc-c++
[root@localhost 桌面]# ls
haproxy-1.4.24.tar.gz
[root@localhost 桌面]# tar -zxf haproxy-1.4.24.tar.gz
[root@localhost 桌面]# ls
haproxy-1.4.24 haproxy-1.4.24.tar.gz
[root@localhost 桌面]# cd haproxy-1.4.24
[root@localhost haproxy-1.4.24]# ls
CHANGELOG ebtree LICENSE Makefile.osx src TODO
contrib examples Makefile README SUBVERS VERDATE
doc include Makefile.bsd ROADMAP tests VERSION
[root@localhost haproxy-1.4.24]# make TARGET=linux2628 ARCH=x86_64 //编译,target指定内核,架构选择
[root@localhost haproxy-1.4.24]# make PREFIX=/usr/local/haproxy install
[root@localhost haproxy-1.4.24]# cd /usr/local/haproxy/
[root@localhost haproxy]# ls
doc sbin share
[root@localhost haproxy]# mkdir conf logs var/run var/chroot -p //优化目录结构,也可不做,根据需要
[root@localhost haproxy]# ls
conf doc logs sbin share var
安装后链接变量路径和cp配置文件和启动脚本:
[root@localhost haproxy]# ln -s /usr/local/haproxy/sbin/haproxy /usr/sbin/
[root@localhost haproxy]# mkdir /etc/haproxy
[root@localhost haproxy]# cp /root/桌面/haproxy-1.4.24/examples/haproxy.cfg /etc/haproxy/
[root@localhost haproxy]# cp /root/桌面/haproxy-1.4.24/examples/haproxy.init /etc/init.d/haproxy
[root@localhost haproxy]# chmod +x /etc/init.d/haproxy
[root@localhost haproxy]# /etc/init.d/haproxy start //第一次启动会报错,配置文件模板需改
[root@localhost haproxy]# vim /etc/haproxy/haproxy.cfg
global
log 127.0.0.1:514 local0 warning
log 127.0.0.1 local1 notice
chroot /usr/local/haproxy/var/chroot
pidfile /usr/local/haproxy/var/run/haproxy.pid
maxconn 20480
nbproc 8
daemon
group haproxy
user haproxy
spread-checks 3
defaults
log global
option httplog
option dontlognull
retries 3
redispatch
maxconn 2000
contimeout 5000
clitimeout 50000
srvtimeout 50000
mode http
stats enable
stats uri /admin?stats
stats hide-version
stats auth admin:123456
balance roundrobin
frontend zdyname
mode http
stats enable
stats uri /admin?stats
stats hide-version
stats auth admin:123456
bind 172.10.10.5:80
#acl zdy_valid_ip src 192.168.4.0/24 //也可对网段进行限制,这里是合法的网段
acl zdy_valid_ip src 172.10.10.6 #//这里是合法的IP
block if !zdy_valid_ip #//如果不是合法的IP,则丢弃,不给代理
acl cy_zdyname hdr(host) -i www.changyou.com
use_backend changyou if cy_zdyname
default_backend tarena
backend changyou
balance roundrobin
option httpclose
option forwardfor
server web1 192.168.4.100:80 cookie A maxconn 2048 weight 1 check port 80 inter 2000 rise 2 fall 5
backend tarena
balance roundrobin
option httpclose
option forwardfor
server web2 192.168.4.200:80 cookie A maxconn 2048 weight 1 check port 80 inter 2000 rise 2 fall 5
wq
[root@localhost haproxy]# useradd -s /sbin/nologin haproxy -M
利用rsyslog配置haproxy记录日志功能: //当看/usr/local/haproxy/logs/haproxy.log可看haproxy日志,只做下说明
[root@localhost haproxy]# echo "local0.* /usr/local/haproxy/logs/haproxy.log" >> /etc/rsyslog.conf
[root@localhost haproxy]# tail -1 /etc/rsyslog.conf
local0.* /usr/local/haproxy/logs/haproxy.log //因为haproxy.cfg中是local0,用这个设备写日志
[root@localhost haproxy]# tail -1 /etc/sysconfig/rsyslog //这个不用动
SYSLOGD_OPTIONS="-c 5" //6.0版以上不用动,5.8版应写为:SYSLOGD_OPTIONS="-c 2 -m 0 -r -x",兼容2版本
[root@localhost haproxy]# /etc/init.d/rsyslog restart //启动记录haproxy日志服务,6.4版启动无端口
[root@localhost haproxy]# vim /etc/rsyslog.conf //解决rsyslog启动服务后无端口问题
$ModLoad imudp //注释取消
$UDPServerRun 514 //注释取消
wq
[root@localhost haproxy]# /etc/init.d/rsyslog restart
[root@localhost haproxy]# netstat -anptu |grep 514
udp 0 0 0.0.0.0:514 0.0.0.0:* 27715/rsyslogd
udp 0 0 :::514 :::* 27715/rsyslogd
[root@localhost haproxy]# /etc/init.d/haproxy start //启动haproxy服务
[root@localhost haproxy]# ps -elf |grep haproxy //查看进程
[root@localhost haproxy]# /etc/init.d/haproxy stop //停止haproxy
//也可以用源码启动,如下:
/usr/local/haproxy/sbin/haproxy -f /etc/haproxy/haproxy.cfg -c //检查语法
/usr/local/haproxy/sbin/haproxy -f /etc/haproxy/haproxy.cfg -D //启动 pkill haproxy //停止
-f指定配置文件,-D后台启动,-q安静的执行,-c检查语法,-n并发连接数,-m使用内存多少M限制,-p指定把pid号写到哪个文件去,-sf平滑重启参数。
两台web服务器上配置:(192.168.4.100上)
[root@localhost 桌面]# yum -y install httpd
[root@localhost 桌面]# /etc/init.d/httpd start
[root@localhost 桌面]# vim /etc/httpd/conf/httpd.conf
#LogFormat "%h %l %u %t \"%r\" %>s %b" common //默认如此,修改为下面,把%h修改为:\"%{X-Forwarded-For}i\"
LogFormat "\"%{X-Forwarded-For}i\" %l %u %t \"%r\" %>s %b" common //记录客户端访问的真实IP
NameVirtualHost *:80
<VirtualHost *:80>
ServerAdmin 1441107787@qq.com
DocumentRoot /changyou
ServerName www.changyou.com
ErrorLog logs/changyou-error_log
CustomLog logs/changyou-access_log common
</VirtualHost>
wq
[root@localhost 桌面]# mkdir /changyou
[root@localhost 桌面]# echo changyou > /changyou/index.html
[root@localhost 桌面]# /etc/init.d/httpd restart
两台web服务器上配置:(192.168.4.200上)
[root@localhost 桌面]# yum -y install httpd
[root@localhost 桌面]# /etc/init.d/httpd start
[root@localhost 桌面]# vim /etc/httpd/conf/httpd.conf
#LogFormat "%h %l %u %t \"%r\" %>s %b" common //默认如此,修改为下面,把%h修改为:\"%{X-Forwarded-For}i\"
LogFormat "\"%{X-Forwarded-For}i\" %l %u %t \"%r\" %>s %b" common //记录客户端访问的真实IP
NameVirtualHost *:80
<VirtualHost *:80>
ServerAdmin 14411077@qq.com
DocumentRoot /tarena
ServerName www.tarena.com
ErrorLog logs/tarena-error_log
CustomLog logs/tarena-access_log common
</VirtualHost>
wq
[root@localhost 桌面]# mkdir /tarena
[root@localhost 桌面]# echo tarena > /tarena/index.html
[root@localhost 桌面]# /etc/init.d/httpd restart
客户端访问调度器测试:(172.10.10.6) //成功给代理
[root@localhost 桌面]# vim /etc/hosts
172.10.10.5 www.changyou.com www.tarena.com www.test.com
[root@localhost 桌面]# curl www.changyou.com //当用changyou域名访问时,仅仅解析到changyou池
changyou
[root@localhost 桌面]# curl www.tarena.com
tarena
[root@localhost 桌面]# curl www.test.com //当默认访问时,仅仅解析到tarena池
tarena
[root@localhost 桌面]# curl 172.10.10.5 //当默认访问时,仅仅解析到tarena池
tarena
客户端访问调度器测试:(172.10.10.8) //不给代理,访问不到
[root@localhost 桌面]# curl www.changyou.com
<html><body><h1>403 Forbidden</h1>
Request forbidden by administrative rules.
</body></html>
[root@localhost 桌面]# curl www.tarena.com
<html><body><h1>403 Forbidden</h1>
Request forbidden by administrative rules.
</body></html>
[root@localhost 桌面]# curl www.test.com
<html><body><h1>403 Forbidden</h1>
Request forbidden by administrative rules.
</body></html>
[root@localhost 桌面]# curl 172.10.10.5
<html><body><h1>403 Forbidden</h1>
Request forbidden by administrative rules.
</body></html>
说明:客户端也可输入:http;//调度器IP或域名/admin?stats来查看后面各个节点是否处于正常状态,用户名和密码为:admin,123456,访问后如下图:
相关推荐
- Linux 的磁盘系统,和你了解的Windows差别很大
-
我的C盘去哪了?一个系统,如果没有存储,那么也就不能称之为系统。存储性是一个完整系统的重要组成部分。例如AWS最开始的服务就是S3(用来存储数据的云服务),足以见得存储对于一个应用平台是多么的重要。...
- 一文读懂 Linux 硬盘挂载:从问题到解决方案
-
各位互联网大厂的后端开发伙伴们!在咱们日常工作中,操作Linux系统是常有的事儿吧。你们有没有遇到过这样的场景:新添加了一块硬盘,满心欢喜准备用来存储重要数据或者部署新的应用服务,却突然发现不知道...
- 硬盘分区(硬盘分区格式)
-
磁盘(硬盘)分区,可以分C、D、E等分区,大家可能都会用,会根据自已的需要确定所需的空间,但分区是如何工作的呢,内容如下。Windows中有3类:MBR分区:MasterBootRecord,也...
- parted命令工具分区介绍(particle命令)
-
linux系统磁盘分区通常可以使用fdisk和parted命令,当分区大小小于2TB的时候,两种皆可以使用,当分区大于2TB的话,就需要用parted分区。以下介绍parted命令相关使用,以sdb为...
- Linux 服务器上查看磁盘类型的方法
-
方法1:使用lsblk命令lsblk输出说明:TYPE列显示设备类型,如disk(物理磁盘)、part(分区)、rom(只读存储)等。NAME列显示设备名称(如sda、nvme0n1)。TR...
- Linux分区命令fdisk和parted使用介绍
-
摘要:一般情况下,Linux分区都是选择fdisk工具,要求硬盘格式为MBR格式,能支持的最大分区空间为2T。但是目前在实际生产环境中使用的磁盘空间越来越大,呈TB级别增长;而常用的fdisk这个工具...
- linux 分区原理与名词解释(linux操作系统中的分区类型)
-
分区的意义将磁盘分成几份,每份挂在到文件系统的那个目录在linux里的文件系统Ext2:早期的格式,不支持日志功能Ext3:ext2改良版,增加了日志功能,是最基本且最常用的使用格式了Ext4:针对e...
- linux 分区合并(linux合理分区)
-
查看虚拟机当前磁盘挂载情况fdisk-l选择磁盘fdisk/dev/sda查看磁盘分区情况p重新选择分区n选择主分区p保存w创建物理卷pvcreate/dev/sda3查看物理卷信息pvdi...
- 如何在 Linux 系统中永久禁用交换分区 ?
-
Linux操作系统中的交换分区或交换文件充当硬盘上的临时存储区域,当物理内存(RAM)满时,系统使用该存储区域。它用于交换较少使用的内存页,这样系统就不会因为运行应用程序而耗尽物理内存。随着技术的发...
- Linux 如何知道硬盘已用多少空间、未用多少空间
-
刚出社会时,去了一家公司上班,老板为了省钱,买的服务器是低配的,硬盘大小只有40G,有一次网站突然不能访问了,排查半天才知道原来服务器的硬盘空间已用完,已无可用空间。第一步是查看硬盘的使用情况,第二步...
- 用Linux系统管理磁盘空间 就该这么来
-
要想充分有效的管理使用Linux系统中的存储空间,用户必须要做的就是双管齐下,一边扩充空间一边限制空间。不得不说的就是很多时候磁盘空间就像水资源,需节制水流。说到要如何实现限制空间就离不开使用LVM技...
- Windows 11 磁盘怎么分区?(windows11磁盘怎么分区)
-
Windows11磁盘分区技术解析与操作指南:构建高效存储体系一、磁盘分区的技术本质与系统价值磁盘分区作为存储系统的基础架构,通过逻辑划分实现数据隔离与管理优化。Windows11采用NTF...
- linux上创建多个文件分区,格式化为 ext2、ext3、ext4、XFS 文件
-
以下是在Linux系统上创建多个20GB文件分区并格式化为不同文件系统的分步指南:步骤1:创建基础文件(4个20GB文件)bash#创建4个20GB稀疏文件(实际占用空间随写入量增长)ddif=/...
- 救命的U盘低格哪家最强?(低格优盘)
-
周二时有位童鞋留言说U盘之前做过引导盘,现在格式化不了,用各种工具都不行,而且因为U盘厂商的关系,查不到U盘主控,无法量产恢复,特来求助。小编花了点时间特意弄坏一个U盘分区,终于试出方法了,特来分享一...
- Linux 查看硬件磁盘存储大小和磁盘阵列(RAID)的组合方式
-
一、查看硬件磁盘存储大小查看所有磁盘信息:#lsblk该命令会列出所有磁盘(如/dev/sda、/dev/nvme0n1)及其分区和挂载点。查看磁盘总容量:fdisk-l#或parted-...
欢迎 你 发表评论:
- 一周热门
-
-
UOS服务器操作系统防火墙设置(uos20关闭防火墙)
-
极空间如何无损移机,新Z4 Pro又有哪些升级?极空间Z4 Pro深度体验
-
NAS:DS video/DS file/DS photo等群晖移动端APP远程访问的教程
-
如何在安装前及安装后修改黑群晖的Mac地址和Sn系列号
-
手机如何设置与显示准确时间的详细指南
-
如何修复用户配置文件服务在 WINDOWS 上登录失败的问题
-
一加手机与电脑互传文件的便捷方法FileDash
-
日本海上自卫队的军衔制度(日本海上自卫队的军衔制度是什么)
-
10个免费文件中转服务站,分享文件简单方便,你知道几个?
-
爱折腾的特斯拉车主必看!手把手教你TESLAMATE的备份和恢复
-
- 最近发表
- 标签列表
-
- linux 查询端口号 (58)
- docker映射容器目录到宿主机 (66)
- 杀端口 (60)
- yum更换阿里源 (62)
- internet explorer 增强的安全配置已启用 (65)
- linux自动挂载 (56)
- 禁用selinux (55)
- sysv-rc-conf (69)
- ubuntu防火墙状态查看 (64)
- windows server 2022激活密钥 (56)
- 无法与服务器建立安全连接是什么意思 (74)
- 443/80端口被占用怎么解决 (56)
- ping无法访问目标主机怎么解决 (58)
- fdatasync (59)
- 405 not allowed (56)
- 免备案虚拟主机zxhost (55)
- linux根据pid查看进程 (60)
- dhcp工具 (62)
- mysql 1045 (57)
- 宝塔远程工具 (56)
- ssh服务器拒绝了密码 请再试一次 (56)
- ubuntu卸载docker (56)
- linux查看nginx状态 (63)
- tomcat 乱码 (76)
- 2008r2激活序列号 (65)