Of Stack

CentOS7 HAProxy installation and configuration details

  • 2020-05-15 03:24:53
  • OfStack

An overview of the

Download address: Haproxy http: / / pkgs fedoraproject. org/repo/pkgs haproxy /

Turn off SElinux and configure the firewall

1, vi/etc/selinux/config 


#SELINUX=enforcing # Comment out the 

#SELINUXTYPE=targeted # Comment out the 

SELINUX=disabled # increase 

:wq! # Save the exit 

setenforce 0 # Enable the configuration to take effect immediately

2. Edit vi /etc/sysconfig/iptables # 


-A RH-Firewall-1-INPUT -d 224.0.0.18 -j ACCEPT # Allows multicast address communication 

-A RH-Firewall-1-INPUT -p vrrp -j ACCEPT # allow VRRP (virtual router redundancy) communication 

-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT # allow 80 Port through firewall 

:wq! # Save the exit 

/etc/init.d/iptables restart # Restart the firewall to enable the configuration

Install HAProxy

1. Create HAProxy running accounts and groups 


groupadd haproxy # add haproxy group 

useradd -g haproxy haproxy -s /bin/false # create nginx Running account haproxy To join the haproxy Group, not allowed haproxy The user logs in to the system directly

2. Installation: 


[root@A local]# yum install -y gcc
[root@A local]# tar zxvf haproxy-1.6.9.tar.gz
[root@A local]# cd haproxy-1.6.9
[root@A local]# make TARGET=linux3100 CPU=x86_64 PREFIX=/usr/local/haprpxy # compile  uname -r # View the system kernel version number 
[root@A local]# make install PREFIX=/usr/local/haproxy # The installation 

# Few details: 
#TARGET=linux3100
# use uname -r View the kernel, such as: 2.6.18-371.el5 , at which time the parameter is linux26
#kernel  Is greater than 2.6.28 The use of: TARGET=linux2628
#CPU=x86_64 # use uname -r View system information, such as x86_64 x86_64 x86_64 GNU/Linux , at which time the parameter is x86_64
#PREFIX=/usr/local/haprpxy #/usr/local/haprpxy for haprpxy The installation path

3. Set HAProxy 


mkdir -p /usr/local/haproxy/conf # Create the profile directory 

mkdir -p /etc/haproxy # Create the profile directory 

touch /usr/local/haproxy/conf/haproxy.cfg # Create profile 

ln -s /usr/local/haproxy/conf/haproxy.cfg /etc/haproxy/haproxy.cfg # Add configuration file soft connection 

cp -r /usr/local/src/haproxy-1.6.9/examples/errorfiles /usr/local/haproxy/errorfiles # Copy error page 

ln -s /usr/local/haproxy/errorfiles /etc/haproxy/errorfiles # Add soft join 

mkdir -p /usr/local/haproxy/log # Create the log file directory 

touch /usr/local/haproxy/log/haproxy.log # Create log files 

ln -s /usr/local/haproxy/log/haproxy.log /var/log/haproxy.log # Add soft join 

cp /usr/local/src/haproxy-1.6.9/examples/haproxy.init /etc/rc.d/init.d/haproxy # Copy the boot boot file 

chmod +x /etc/rc.d/init.d/haproxy # Add script execution permissions 

chkconfig haproxy on # Set to boot 

ln -s /usr/local/haproxy/sbin/haproxy /usr/sbin # Add soft join

4. Configure haproxy.cfg parameter 


cp /usr/local/haproxy/conf/haproxy.cfg /usr/local/haproxy/conf/haproxy.cfg-bak # The backup 

vi /usr/local/haproxy/conf/haproxy.cfg # Edit, modify 


#---------------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------
global
 log 127.0.0.1 local2   ###[err warning info debug] 
 chroot /usr/local/haproxy
 pidfile /var/run/haproxy.pid ###haproxy the pid Store path , The user who started the process must have access to this file  
 maxconn 4000     ### Maximum number of connections, default 4000
 user haproxy
 group haproxy
 daemon       ### create 1 Process entry deamon Run in mode. This parameter requires that the run mode be set to "daemon"
 
#---------------------------------------------------------------------
# common defaults that all the 'listen' and 'backend' sections will 
# use if not designated in their block
#---------------------------------------------------------------------
defaults
 mode http    ### Default mode mode { tcp|http|health } . tcp is 4 Layer, http is 7 Layer, health Will only return OK
 log global   ### Take a globally defined log 
 option dontlognull  ### Do not log health check information 
 option httpclose  ### Active shutdown after each request http channel  
 option httplog   ### Log categories http Log format  
 option forwardfor  ### If the back-end server needs to get the client real ip The parameters that need to be configured can be from Http Header Get the client in ip 
 option redispatch  ###serverId The corresponding server is down , Force you to redirect to another healthy server 
 timeout connect 10000 #default 10 second timeout if a backend is not found
 timeout client 300000 ### Client connection timeout 
 timeout server 300000 ### Server connection timeout 
 maxconn  60000  ### Maximum number of connections 
 retries  3   ###3 The service is considered unavailable when the secondary connection fails, which can also be set later  
####################################################################
listen stats
  bind 0.0.0.0:1080   # Listen on port  
  stats refresh 30s   # Statistics page automatic refresh time  
  stats uri /stats   # Statistics page url 
  stats realm Haproxy Manager # Prompt text on the statistics page password box  
  stats auth admin:admin  # Statistics page user name and password Settings  
  #stats hide-version   # Hide statistics on the page HAProxy Version information 
#---------------------------------------------------------------------
# main frontend which proxys to the backends
#---------------------------------------------------------------------
frontend main
 bind 0.0.0.0:80
 acl url_static path_beg -i /static /images /javascript /stylesheets
 acl url_static path_end -i .jpg .gif .png .css .js
 
 use_backend static if url_static  ### Meets the policy requirements, then responds to the policy definition backend page 
 default_backend dynamic   ### They respond if they are not satisfied backend Default page 
 
#---------------------------------------------------------------------
# static backend for serving up images, stylesheets and such
#---------------------------------------------------------------------
 
backend static
 balance  roundrobin     ### Load balancing mode polling 
 server  static 127.0.0.1:80 check ### Back-end server definition 
  
backend dynamic
 balance roundrobin
 server   websrv1 10.252.97.106:80 check maxconn 2000
 server   websrv2 10.117.8.20:80 check maxconn 2000
 
#---------------------------------------------------------------------
# round robin balancing between the various backends
#---------------------------------------------------------------------

#errorloc 503 http://www.osyunwei.com/404.html

errorfile 403 /etc/haproxy/errorfiles/403.http

errorfile 500 /etc/haproxy/errorfiles/500.http

errorfile 502 /etc/haproxy/errorfiles/502.http

errorfile 503 /etc/haproxy/errorfiles/503.http

errorfile 504 /etc/haproxy/errorfiles/504.http



:wq! # Save the exit 

service haproxy start # Start the 

service haproxy stop # Shut down 

service haproxy restart # restart

5. Set HAProxy log 


vi /etc/syslog.conf # Edit, add at the bottom 

# haproxy.log

local0.*   /var/log/haproxy.log

local3.*   /var/log/haproxy.log

:wq! # Save the exit 

vi /etc/sysconfig/syslog # edit 

SYSLOGD_OPTIONS="-r -m 0" # Receive remote server logs 

:wq! # Save the exit 

service syslog restart # restart syslog

6. The browser opens the monitoring page of haproxy

As follows: http: / / 120.55.95.103:1080 / stats / / description: namely haproxy configuration file listening on port 1080, stats namely haproxy listening in the configuration file name

Related articles: