标签:haporoxy
haproxy是一款功能强大、灵活好用反向代理软件,提供了高可用、负载均衡、后端服务器代理的功能,它在7层负载均衡方面的功能很强大(支持
cookie track, header
rewrite等等),支持双机热备,支持虚拟主机,拥有非常不错的服务器健康检查功能,当其代理的后端服务器出现故障,
HAProxy会自动将该服务器摘除,故障恢复后再自动将该服务器加入;同时还提供直观的监控页面,可以清晰实时的监控服务集群的运行状况。
在四层(tcp)实现负载均衡的软件:
lvs------>重量级
nginx------>轻量级,带缓存功能,正则表达式较灵活
haproxy------>模拟四层转发,较灵活
在七层(http)实现反向代理的软件:
haproxy------>天生技能,全面支持七层代理,会话保持,标记,路径转移;
nginx------>只在http协议和mail协议上功能比较好,性能与haproxy差不多;
apache------>功能较差
haproxy的配置文件分为四个部分:
全局配置:
global: 全局配置段
代理配置:
default: 默认配置----->所有在backend、frontend、linsten中相同内容可以在此定义;
frontend:前段配置----->定义前端套接字,接受客户端请求;
backend: 后端配置----->定义后端分配规则,与后端服务器交互;
listen: 绑定配置----->直接将指定的客户端与后端特定服务器绑定到一起;
实验环境:rhel6.5 selinux and iptables disabled
172.25.85.2 server2.example.com
172.25.85.3 server3.example.com
172.25.85.7 server7.example.com
172.25.85.8 server8.example.com
1.haproxy的安装和配置:
在server3和server2上安装:
yum install haproxy -y
/etc/init.d/haproxy start
在server2上:
vim /etc/haproxy/haproxy.cfg
需要注释掉一部分:
stats uri /status stats auth admin:westos
frontend westos *:80 default_backend web backend web balance roundrobin server web1 172.25.31.10:80 check weight 1 server web2 172.25.31.11:80 check weight 1 server backup 127.0.0.1:8080 backup server backup 127.0.0.1:8080 backup
/etc/init.d/haproxy reload
检测:
打开server7和server8上的httpd:
在浏览器中打开172.25.85.2
交替出现 server7.linux.org server8.westos.org
在浏览器中打开172.25.85.2/status
检测2:
关闭server7和server8上的httpd
在server2上:
echo server2.zhangweijing > index.html
vim /etc/httpd/conf/httpd.conf
listen 8080
/etc/init.d/httpd start
在浏览器中打开172.25.85.2:
2. server2:
tail -f /var/log/messages
vim /etc/rsyslog.conf
$ModLoad imudp $UDPServerRun 514
local2.* /var/log/haproxy.log
/etc/init.d/rsyslog reload
tail -f /var/log/messages
tail -f /var/log/haproxy.log
3. server2:
vim /etc/haproxy/haproxy.cfg
增加 stats auth admin:westos /etc/init.d/haproxy reload
在浏览器中打开172.25.85.2/status
4.1 server2:
vim /etc/haproxy/haproxy.cfg
增加
frontend westos *:80 acl bad src 172.25.85.250 block if bad errorloc 403 http://172.25.85.2:8080 default_backend web backend web balance roundrobin server web1 172.25.85.7:80 check server web2 172.25.85.8:80 check server backup 127.0.0.1:8080 backup
/etc/init.d/haproxy reload
在浏览器中打开http://172.25.85.2:8080/
4.2 server2:
vim /etc/haproxy/haproxy.cfg
frontend westos *:80 acl bad src 172.25.85.250 #block if bad #errorloc 403 http://172.25.85.2:8080 redirect location http://172.25.85.3:80 if bad default_backend web backend web balance roundrobin server web1 172.25.85.7:80 check server web2 172.25.85.8:80 check server backup 127.0.0.1:8080 backup
/etc/init.d/haproxy reload
在浏览器中打开http://172.25.85.3
4.3 server2:
vim /etc/haproxy/haproxy.cfg
frontend westos *:80 acl bad src 172.25.85.250 #block if bad #errorloc 403 http://172.25.85.2:8080 #redirect location http://172.25.85.3:80 if bad # http-request deny if denyfile bad default_backend web backend web balance roundrobin server web1 172.25.85.7:80 check server web2 172.25.85.8:80 check server backup 127.0.0.1:8080 backup
/etc/init.d/haproxy reload
在server7:
cd /var/www/html/
mkdir admin
cd admin/
echo server7.server7 > index.html
在server8:
cd /var/www/html/
mkdir admin
cd admin/
echo server8.server8 > index.html
在浏览器中打开http://172.25.85.2/admin/
交替出现 server7.server7 server8.server8
4.4 server2:
vim /etc/haproxy/haproxy.cfg
frontend westos *:80 acl bad src 172.25.85.250 acl denyfile path /admin/ #block if bad #errorloc 403 http://172.25.85.2:8080 #redirect location http://172.25.85.3:80 if bad http-request deny if denyfile bad default_backend web backend web balance roundrobin server web1 172.25.85.7:80 check server web2 172.25.85.8:80 check server backup 127.0.0.1:8080 backup
/etc/init.d/haproxy reload
在浏览器中打开http://172.25.85.2/admin/
5.server2:
vim /etc/haproxy/haproxy.cfg
frontend westos *:80 acl bad src 172.25.85.250 acl denyfile path /admin/ #block if bad #errorloc 403 http://172.25.85.2:8080 #redirect location http://172.25.85.3:80 if bad #http-request deny if denyfile bad acl url_static path_beg -i /static /images /javascript /stylesheets acl url_static path_end -i .jpg .gif .png .css .js use_backend images if url_static default_backend upload
backend images balance roundrobin server web1 172.25.85.7:80 check server backup 127.0.0.1:8080 backup
backend upload server web2 172.25.85.8:80 check
/etc/init.d/haproxy reload
server7:
cd /var/www/html/
mkdir images ##给这个目录下方一个小图片redhat.jpg
在浏览器中打开:http://172.25.85.2/images/redhat.jpg
6.server2:
vim /etc/haproxy/haproxy.cfg
frontend westos *:80 acl bad src 172.25.85.250 acl denyfile path /admin/ #block if bad #errorloc 403 http://172.25.85.2:8080 #redirect location http://172.25.85.3:80 if bad #http-request deny if denyfile bad acl url_static path_beg -i /static /images /javascript /stylesheets acl url_static path_end -i .jpg .gif .png .css .js acl read method GET acl read method HEAD acl write method PUT acl write method POST # use_backend images if url_static # use_backend images if read use_backend upload if write default_backend images
backend images balance roundrobin server web1 172.25.85.8:80 check
backend upload server web1 172.25.85.7:80 check
/etc/init.d/haproxy reload
在server8:
cd /var/www/html ##将upload文件放在这个目录下
chown 777 upload
cd /var/www/html /upload
mkdir upload
在浏览器中打开172.25.85.2/upload就可以上传文件了。
标签:haporoxy
原文地址:http://11713145.blog.51cto.com/11703145/1834579
