haproxy是一款功能強大、靈活好用反向代理軟件,提供了高可用、負載均衡、後端服務器代理的功能,它在7層負載均衡方面的功能很強大(支持
cookie track, header
rewrite等等),支持雙機熱備,支持虛擬主機,擁有非常不錯的服務器健康檢查功能,當其代理的後端服務器出現故障,
HAProxy會自動將該服務器摘除,故障恢復後再自動將該服務器加入;同時還提供直觀的監控頁面,可以清晰實時的監控服務集羣的運行狀況。
在四層(tcp)實現負載均衡的軟件:
lvs------>重量級
nginx------>輕量級,帶緩存功能,正則表達式較靈活
haproxy------>模擬四層轉發,較靈活
在七層(http)實現反向代理的軟件:
haproxy------>天生技能,全面支持七層代理,會話保持,標記,路徑轉移;
nginx------>只在http協議和mail協議上功能比較好,性能與haproxy差不多;
apache------>功能較差
haproxy的配置文件分爲四個部分:
全局配置:
global: 全局配置段
代理配置:
default: 默認配置----->所有在backend、frontend、linsten中相同內容可以在此定義;
frontend:前段配置----->定義前端套接字,接受客戶端請求;
backend: 後端配置----->定義後端分配規則,與後端服務器交互;
listen: 綁定配置----->直接將指定的客戶端與後端特定服務器綁定到一起;
實驗環境:rhel6.5 selinux and iptables disabled
172.25.85.2 server2.example.com
172.25.85.3 server3.example.com
172.25.85.7 server7.example.com
172.25.85.8 server8.example.com
1.haproxy的安裝和配置:
在server3和server2上安裝:
yum install haproxy -y
/etc/init.d/haproxy start
在server2上:
vim /etc/haproxy/haproxy.cfg
需要註釋掉一部分:
stats uri /status stats auth admin:westos
frontend westos *:80 default_backend web backend web balance roundrobin server web1 172.25.31.10:80 check weight 1 server web2 172.25.31.11:80 check weight 1 server backup 127.0.0.1:8080 backup server backup 127.0.0.1:8080 backup
/etc/init.d/haproxy reload
檢測:
打開server7和server8上的httpd:
在瀏覽器中打開172.25.85.2
交替出現 server7.linux.org server8.westos.org
在瀏覽器中打開172.25.85.2/status
檢測2:
關閉server7和server8上的httpd
在server2上:
echo server2.zhangweijing > index.html
vim /etc/httpd/conf/httpd.conf
listen 8080
/etc/init.d/httpd start
在瀏覽器中打開172.25.85.2:
2. server2:
tail -f /var/log/messages
vim /etc/rsyslog.conf
$ModLoad imudp $UDPServerRun 514
local2.* /var/log/haproxy.log
/etc/init.d/rsyslog reload
tail -f /var/log/messages
tail -f /var/log/haproxy.log
3. server2:
vim /etc/haproxy/haproxy.cfg
增加 stats auth admin:westos /etc/init.d/haproxy reload
在瀏覽器中打開172.25.85.2/status
4.1 server2:
vim /etc/haproxy/haproxy.cfg
增加
frontend westos *:80 acl bad src 172.25.85.250 block if bad errorloc 403 http://172.25.85.2:8080 default_backend web backend web balance roundrobin server web1 172.25.85.7:80 check server web2 172.25.85.8:80 check server backup 127.0.0.1:8080 backup
/etc/init.d/haproxy reload
在瀏覽器中打開http://172.25.85.2:8080/
4.2 server2:
vim /etc/haproxy/haproxy.cfg
frontend westos *:80 acl bad src 172.25.85.250 #block if bad #errorloc 403 http://172.25.85.2:8080 redirect location http://172.25.85.3:80 if bad default_backend web backend web balance roundrobin server web1 172.25.85.7:80 check server web2 172.25.85.8:80 check server backup 127.0.0.1:8080 backup
/etc/init.d/haproxy reload
在瀏覽器中打開http://172.25.85.3
4.3 server2:
vim /etc/haproxy/haproxy.cfg
frontend westos *:80 acl bad src 172.25.85.250 #block if bad #errorloc 403 http://172.25.85.2:8080 #redirect location http://172.25.85.3:80 if bad # http-request deny if denyfile bad default_backend web backend web balance roundrobin server web1 172.25.85.7:80 check server web2 172.25.85.8:80 check server backup 127.0.0.1:8080 backup
/etc/init.d/haproxy reload
在server7:
cd /var/www/html/
mkdir admin
cd admin/
echo server7.server7 > index.html
在server8:
cd /var/www/html/
mkdir admin
cd admin/
echo server8.server8 > index.html
在瀏覽器中打開http://172.25.85.2/admin/
交替出現 server7.server7 server8.server8
4.4 server2:
vim /etc/haproxy/haproxy.cfg
frontend westos *:80 acl bad src 172.25.85.250 acl denyfile path /admin/ #block if bad #errorloc 403 http://172.25.85.2:8080 #redirect location http://172.25.85.3:80 if bad http-request deny if denyfile bad default_backend web backend web balance roundrobin server web1 172.25.85.7:80 check server web2 172.25.85.8:80 check server backup 127.0.0.1:8080 backup
/etc/init.d/haproxy reload
在瀏覽器中打開http://172.25.85.2/admin/
5.server2:
vim /etc/haproxy/haproxy.cfg
frontend westos *:80 acl bad src 172.25.85.250 acl denyfile path /admin/ #block if bad #errorloc 403 http://172.25.85.2:8080 #redirect location http://172.25.85.3:80 if bad #http-request deny if denyfile bad acl url_static path_beg -i /static /images /javascript /stylesheets acl url_static path_end -i .jpg .gif .png .css .js use_backend images if url_static default_backend upload
backend images balance roundrobin server web1 172.25.85.7:80 check server backup 127.0.0.1:8080 backup
backend upload server web2 172.25.85.8:80 check
/etc/init.d/haproxy reload
server7:
cd /var/www/html/
mkdir images ##給這個目錄下方一個小圖片redhat.jpg
在瀏覽器中打開:http://172.25.85.2/images/redhat.jpg
6.server2:
vim /etc/haproxy/haproxy.cfg
frontend westos *:80 acl bad src 172.25.85.250 acl denyfile path /admin/ #block if bad #errorloc 403 http://172.25.85.2:8080 #redirect location http://172.25.85.3:80 if bad #http-request deny if denyfile bad acl url_static path_beg -i /static /images /javascript /stylesheets acl url_static path_end -i .jpg .gif .png .css .js acl read method GET acl read method HEAD acl write method PUT acl write method POST # use_backend images if url_static # use_backend images if read use_backend upload if write default_backend images
backend images balance roundrobin server web1 172.25.85.8:80 check
backend upload server web1 172.25.85.7:80 check
/etc/init.d/haproxy reload
在server8:
cd /var/www/html ##將upload文件放在這個目錄下
chown 777 upload
cd /var/www/html /upload
mkdir upload
在瀏覽器中打開172.25.85.2/upload就可以上傳文件了。