--- title: "Haproxy 笔记" date: 2019-10-30T11:40:20+08:00 lastmod: 2019-10-30T11:40:20+08:00 tags: ["haproxy", "高可用", "负载均衡"] categories: ["ha/lb"] --- ## CentOS7 下安装 - CentOS7 自带的 haproxy 版本太低,这里通过 cheese 源安装最新版本 - 安装 cheese repo,详细参考[这里](http://www.nosuchhost.net/~cheese/fedora/packages/epel-7/x86_64/cheese-release.html) ```bash wget http://www.nosuchhost.net/~cheese/fedora/packages/epel-7/x86_64/cheese-release-7-1.noarch.rpm rpm -Uvh cheese-release-7-1.noarch.rpm ``` - 安装 haproxy ```bash yum install haproxy ``` - 修改 sysctl.conf ```bash cat >> /etc/sysctl.conf <<-END net.ipv4.ip_forward=1 net.ipv4.tcp_syncookies = 1 net.ipv4.tcp_tw_reuse = 1 net.ipv4.tcp_tw_recycle = 1 net.ipv4.tcp_fin_timeout = 8 END sysctl -p ``` - 禁用 selinux ```bash sed -i '/^SELINUX=/cSELINUX=disabled' /etc/selinux/config setenforce 0 ``` ## 全局配置 ``` global log 127.0.0.1 local2 info chroot /var/lib/haproxy # 如果需要外部检查脚本,则需注释该行 #external-check # 如果需要外部检查脚本,则取消注释 pidfile /var/run/haproxy.pid maxconn 102400 user haproxy group haproxy daemon stats socket /var/lib/haproxy/stats ``` ## 默认配置 ``` defaults log global option dontlognull option redispatch option abortonclose timeout check 8s ``` ## tcp 连接多个 ceph-radosgw ``` frontend ceph-radosgw bind *:7480 timeout client 8s default_backend ceph-radosgw backend ceph-radosgw mode tcp balance roundrobin timeout connect 8s timeout server 8s retries 2 #option external-check #external-check command /var/lib/haproxy/health_check.sh server cpeh240 10.9.10.234:7480 check server ceph241 10.9.10.235:7480 check server ceph243 10.9.10.236:7480 check ``` ## tcp 连接 mysql galera cluster ``` frontend mysql bind *:3306 timeout client 1800s default_backend mysql backend mysql balance source option tcpka timeout connect 8s timeout server 1800s retries 2 server mysql231 10.9.10.231:3306 check inter 4s server mysql232 10.9.10.232:3306 check inter 4s server mysql233 10.9.10.233:3306 check inter 4s ``` ## tcp 连接 redis 主库 ``` frontend redis bind *:6379 timeout client 1800s default_backend redis backend redis balance roundrobin timeout connect 8s timeout server 1800s retries 2 option tcp-check tcp-check connect tcp-check send PING\r\n tcp-check expect string +PONG tcp-check send info\ replication\r\n tcp-check expect string role:master tcp-check send QUIT\r\n tcp-check expect string +OK server redis87 10.1.14.87:6379 check inter 4s server redis88 10.1.14.88:6379 check inter 4s server redis89 10.1.14.89:6379 check inter 4s ``` ## 状态页面 ``` listen admin_stats bind 0.0.0.0:10080 mode http maxconn 100 timeout client 1m timeout connect 4s timeout server 4s stats refresh 30s stats uri / stats auth username:password stats realm haproxy for private user, enter username/password stats hide-version ``` ## 通过 rsyslog 生成日志 ```bash sed -i -e '/ModLoad imudp/s/^#//' \ -e '/UDPServerRun 514/s/^#//' /etc/rsyslog.conf cat > /etc/rsyslog.d/haproxy.conf <