一、HAProxy介紹

? ? ? ? ?專業反向代理,支持雙機熱備支持虛擬主機,配置簡單,擁有非常不錯的服務器健康檢查功能,當其代理的后端節點出現故障, HAProxy會自動將該服務器摘除,故障恢復后再自動將該服務器加入，基于TCP和HTTP應用的代理軟件，開源免費、快速并且可靠的一種方案。

二、HAProxy優點

1、專業做反向代理負載均衡的軟件
2、負載均衡算法多，大概8種
3、性能優于nginx
4、支持動態管理、通過和haproxy的sock進行通信管理
5、有比較豐富的dashboard頁面
6、強大的七層功能

三、HAProxy應用場景

1、"tcp"即4層代理（大多用于郵件服務器、內部協議通信服務器等）

2、HAProxy可以作為MySQL、郵件或其它的非web的負載均衡，我們常用于它作為MySQL(讀)負載均衡

3、特別適用于負載特大的web站點，這些站點通常又需要會話保持或者七層處理

四、HAProxy服務部署

1、環境

#haproxy01 [root@haproxy01 ~]# cat /etc/redhat-release CentOS release 6.9 (Final) [root@haproxy01 ~]# uname -r 2.6.32-696.el6.x86_64 [root@haproxy01 ~]# getenforce Disabled [root@haproxy01 ~]# /etc/init.d/iptables status iptables: Firewall is not running. [root@haproxy01 ~]# hostname -I 172.19.5.3 172.16.1.3 #haproxy02 [root@haproxy02 ~]# cat /etc/redhat-release CentOS release 6.9 (Final) [root@haproxy02 ~]# uname -r 2.6.32-696.el6.x86_64 [root@haproxy02 ~]# getenforce Disabled [root@haproxy02 ~]# /etc/init.d/iptables status iptables: Firewall is not running. [root@haproxy02 ~]# hostname -I 172.19.5.4 172.16.1.4

2、編譯安裝HAProxy

mkdir /server/tools -p cd /server/tools/ #上傳haproxy-1.7.9.tar.gz tar xf haproxy-1.7.9.tar.gz cd haproxy-1.7.9 make TARGET=linux26 PREFIX=/usr/local/haproxy-1.7.9 make install cp /usr/local/sbin/haproxy /usr/sbin/ cp /server/tools/haproxy-1.7.9/examples/haproxy.init /etc/init.d/haproxy chmod +x /etc/init.d/haproxy useradd -r haproxy mkdir /etc/haproxy mkdir /var/lib/haproxy

3、設置HAProxy日志(/etc/rsyslog.conf)

$ModLoad imudp $UDPServerRun 514 local3.* /var/log/haproxy.log

4、創建配置文件

###全局配置###
globallog 127.0.0.1 local3 info #日志輸出配置chroot /var/lib/haproxy #chroot運行路徑user haproxy #運行haproxy用戶 group haproxy #運行haproxy所屬的組daemon #以后臺的形式運行haproxystats socket /var/lib/haproxy/haproxy.sock mode 600 level admin #haproxy動態管理配置stats timeout 2m
maxconn 4096 #默認最大連接數###默認配置###
defaultslog global #采用全局定義的日志mode http #默認的模式mode，tcp是4層，http是7層option httplog #日志類別option dontlognull #不記錄健康檢查日志timeout connect 5000ms #連接超時timeout client 50000ms #客戶端超時timeout server 50000ms #服務器超時
###前端配置### frontend web_frontmode http #7層bind *:80 #建議使用bindstats uri /haproxy-status #haproxy監控頁面uridefault_backend web_back#acl is_static_reg url_reg /*.(css|jpg|png|js|jpeg|gif)$#use_backend web01_back_backend if is_static_reg
###后端配置### backend web_backbalance roundrobin #默認負載均衡方式，輪詢
#balance source #負載均衡方式，類似Nginx的ip_hash
#balance leastconn #負載均衡方式，最小連接數#option httpchk GET /index.html #后端節點健康檢查server haproxy01 172.19.5.3:8080 check inter 2000 rise 30 fall 15 #后端服務器定義server haproxy02 172.19.5.4:8080 check inter 2000 rise 30 fall 15 #后端服務器定義

5、實現HAProxy負載均衡

#分別在haproxy01和haproxy02上面裝了http服務，修改默監聽端口為8080 #測試負載均衡數據 [root@haproxy01 ~]# curl 172.19.5.3 http01 [root@haproxy01 ~]# curl 172.19.5.3 http02 [root@haproxy01 ~]# curl 172.19.5.3 http01 [root@haproxy01 ~]# curl 172.19.5.3 http02 [root@haproxy01 ~]# curl 172.19.5.3 http01 [root@haproxy01 ~]# curl 172.19.5.3 [root@haproxy02 ~]# curl 172.19.5.4 http01 [root@haproxy02 ~]# curl 172.19.5.4 http02 [root@haproxy02 ~]# curl 172.19.5.4 http01 [root@haproxy02 ~]# curl 172.19.5.4 http02 [root@haproxy02 ~]# curl 172.19.5.4 http01 [root@haproxy02 ~]# curl 172.19.5.4 http02?

五、HAProxy動態管理

1、安裝socat命令

yum install -y socat

2、使用方法

[root@haproxy01 ~]# echo "help"|socat stdio /var/lib/haproxy/haproxy.sock Unknown command. Please enter one of the following commands only :help : this messageprompt : toggle interactive mode with promptquit : disconnectset maxconn global : change the per-process maxconn settingset rate-limit : change a rate limiting valueset timeout : change a timeout settingshow env [var] : dump environment variables known to the processshow stat resolvers [id]: dumps counters from all resolvers section andassociated name serversadd acl : add acl entryclear acl <id> : clear the content of this acldel acl : delete acl entryget acl : report the patterns matching a sample for an ACLshow acl [id] : report available acls or dump an acl's contentsadd map : add map entryclear map <id> : clear the content of this mapdel map : delete map entryget map : report the keys and values matching a sample for a mapset map : modify map entryshow map [id] : report available maps or dump a map's contentsshow pools : report information about the memory pools usageshow sess [id] : report the list of current sessions or dump this sessionshutdown session : kill a specific sessionshutdown sessions server : kill sessions on a serverclear counters : clear max statistics counters (add 'all' for all counters)show info : report information about the running processshow stat : report counters for each proxy and servershow errors : report last request and response errors for each proxyclear table : remove an entry from a tableset table [id] : update or create a table entry's datashow table [id]: report table usage stats or dump this table's contentsdisable frontend : temporarily disable specific frontendenable frontend : re-enable specific frontendset maxconn frontend : change a frontend's maxconn settingshow servers state [id]: dump volatile server information (for backend <id>)show backend : list backends in the current running configshutdown frontend : stop a specific frontenddisable agent : disable agent checks (use 'set server' instead)disable health : disable health checks (use 'set server' instead)disable server : disable a server for maintenance (use 'set server' instead)enable agent : enable agent checks (use 'set server' instead)enable health : enable health checks (use 'set server' instead)enable server : enable a disabled server (use 'set server' instead)set maxconn server : change a server's maxconn settingset server : change a server's state, weight or addressget weight : report a server's current weightset weight : change a server's weight (deprecated)

3、監控數據

[root@haproxy01 ~]# echo "show info"|socat stdio /var/lib/haproxy/haproxy.sock Name: HAProxy Version: 1.7.9 Release_date: 2017/08/18 Nbproc: 1 Process_num: 1 Pid: 3897 Uptime: 0d 2h57m54s Uptime_sec: 10674 Memmax_MB: 0 PoolAlloc_MB: 0 PoolUsed_MB: 0 PoolFailed: 0 Ulimit-n: 4031 Maxsock: 4031 Maxconn: 2000 Hard_maxconn: 2000 CurrConns: 0 CumConns: 3563 CumReq: 3575 Maxpipes: 0 PipesUsed: 0 PipesFree: 0 ConnRate: 1 ConnRateLimit: 0 MaxConnRate: 2 SessRate: 1 SessRateLimit: 0 MaxSessRate: 2 CompressBpsIn: 0 CompressBpsOut: 0 CompressBpsRateLim: 0 Tasks: 5 Run_queue: 1 Idle_pct: 100 node: haproxy01

4、管理后端節點

①后端節點正常狀態

②關閉后端節點haproxy01

echo "disable server web_back/haproxy01"|socat stdio /var/lib/haproxy/haproxy.sock

③打開后端節點haproxy01又恢復正常

[root@haproxy01 ~]# echo "enable server web_back/haproxy01"|socat stdio /var/lib/haproxy/haproxy.sock

六、HAProxy結合Keepalived實現高可用

?1、安裝keepalived

yum install keepalived -y

2、keepalived配置文件

#HAProxy01-keepalived配置# global_defs { ?? router_id HAProxy-HA01 } ? vrrp_instance HAProxy_1 { ??? state MASTER ??? interface eth0 ??? virtual_router_id 55 ??? priority 150 ??? advert_int 1 ??? authentication { ??????? auth_type PASS ??????? auth_pass 1111 ??? } ??? virtual_ipaddress { ??????? 172.19.5.16/24 ??????? 172.19.5.17/24 ??? } }

#HAProxy02-keepalived配置# global_defs { ?? router_id HAProxy-HA02 } ? vrrp_instance HAProxy_1 { ??? state BACKUP ??? interface eth0 ??? virtual_router_id 55 ??? priority 100 ??? advert_int 1 ??? authentication { ??????? auth_type PASS ??????? auth_pass 1111 ??? } ??? virtual_ipaddress { ??????? 172.19.5.16/24 ??????? 172.19.5.17/24 ??? } }

3、使用tcpdump檢測主發包

[root@haproxy01 ~]# tcpdump -n 'host 224.0.0.18' tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes 16:22:52.240031 IP 172.19.5.3 > 224.0.0.18: VRRPv2, Advertisement, vrid 55, prio 150, authtype simple, intvl 1s, length 24 16:22:53.241106 IP 172.19.5.3 > 224.0.0.18: VRRPv2, Advertisement, vrid 55, prio 150, authtype simple, intvl 1s, length 24 16:22:54.242203 IP 172.19.5.3 > 224.0.0.18: VRRPv2, Advertisement, vrid 55, prio 150, authtype simple, intvl 1s, length 24 16:22:55.243301 IP 172.19.5.3 > 224.0.0.18: VRRPv2, Advertisement, vrid 55, prio 150, authtype simple, intvl 1s, length 24 16:22:56.244382 IP 172.19.5.3 > 224.0.0.18: VRRPv2, Advertisement, vrid 55, prio 150, authtype simple, intvl 1s, length 24 16:22:57.245453 IP 172.19.5.3 > 224.0.0.18: VRRPv2, Advertisement, vrid 55, prio 150, authtype simple, intvl 1s, length 24 16:22:58.245809 IP 172.19.5.3 > 224.0.0.18: VRRPv2, Advertisement, vrid 55, prio 150, authtype simple, intvl 1s, length 24 16:22:59.246893 IP 172.19.5.3 > 224.0.0.18: VRRPv2, Advertisement, vrid 55, prio 150, authtype simple, intvl 1s, length 24 16:23:00.247984 IP 172.19.5.3 > 224.0.0.18: VRRPv2, Advertisement, vrid 55, prio 150, authtype simple, intvl 1s, length 24 16:23:01.249098 IP 172.19.5.3 > 224.0.0.18: VRRPv2, Advertisement, vrid 55, prio 150, authtype simple, intvl 1s, length 24

?4、測試keepalived的高可用，故障切換

①使用vip訪問測試

[root@m01 ~]# curl 172.19.5.16 http01 [root@m01 ~]# curl 172.19.5.16 http02 [root@m01 ~]# curl 172.19.5.17 http01 [root@m01 ~]# curl 172.19.5.17 http02

②haproxy01上查看vip

[root@haproxy01 ~]# ip a s eth0 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000link/ether 02:63:31:57:80:01 brd ff:ff:ff:ff:ff:ffinet 172.19.5.3/24 brd 172.19.5.255 scope global eth0inet 172.19.5.16/24 scope global secondary eth0inet 172.19.5.17/24 scope global secondary eth0inet6 fe80::63:31ff:fe57:8001/64 scope link valid_lft forever preferred_lft forever

③停掉haproxy01的keepalived服務

[root@haproxy01 ~]# /etc/init.d/keepalived stop Stopping keepalived: [ OK ]

④haproxy02上查看vip

[root@haproxy02 ~]# ip a s eth0 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000link/ether f6:4f:56:db:f5:d8 brd ff:ff:ff:ff:ff:ffinet 172.19.5.4/24 brd 172.19.5.255 scope global eth0inet 172.19.5.16/24 scope global secondary eth0inet 172.19.5.17/24 scope global secondary eth0inet6 fe80::f44f:56ff:fedb:f5d8/64 scope link valid_lft forever preferred_lft forever

轉載于:https://www.cnblogs.com/yanxinjiang/p/7929889.html

總結

以上是生活随笔為你收集整理的linux运维、架构之路-HAProxy反向代理的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。