colben/www.colben.cn
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
www.colben.cn/content/post/haproxy.md
colben b0f6120151 update
2021-11-14 14:32:08 +08:00

176 lines
4.5 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
title: "Haproxy 笔记"
date: 2019-10-30T11:40:20+08:00
lastmod: 2019-10-30T11:40:20+08:00
tags: ["haproxy", "高可用", "负载均衡"]
categories: ["ha/lb"]
---
# CentOS7 下安装
- CentOS7 自带的 haproxy 版本太低,这里通过 cheese 源安装最新版本
- 安装 cheese repo详细参考[这里](http://www.nosuchhost.net/~cheese/fedora/packages/epel-7/x86_64/cheese-release.html)
```bash
wget http://www.nosuchhost.net/~cheese/fedora/packages/epel-7/x86_64/cheese-release-7-1.noarch.rpm
rpm -Uvh cheese-release-7-1.noarch.rpm
```
- 安装 haproxy
```bash
yum install haproxy
```
- 修改 sysctl.conf
```bash
cat >> /etc/sysctl.conf <<-END
net.ipv4.ip_forward=1
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_fin_timeout = 8
END
sysctl -p
```
- 禁用 selinux
```bash
sed -i '/^SELINUX=/cSELINUX=disabled' /etc/selinux/config
setenforce 0
```
# 全局配置
```
global
log 127.0.0.1 local2 info
chroot /var/lib/haproxy # 如果需要外部检查脚本,则需注释该行
#external-check # 如果需要外部检查脚本,则取消注释
pidfile /var/run/haproxy.pid
maxconn 102400
user haproxy
group haproxy
daemon
stats socket /var/lib/haproxy/stats
```
# 默认配置
```
defaults
log global
option dontlognull
option redispatch
option abortonclose
timeout check 8s
```
# tcp 连接多个 ceph-radosgw
```
frontend ceph-radosgw
bind *:7480
timeout client 8s
default_backend ceph-radosgw
backend ceph-radosgw
mode tcp
balance roundrobin
timeout connect 8s
timeout server 8s
retries 2
#option external-check
#external-check command /var/lib/haproxy/health_check.sh
server cpeh240 10.9.10.234:7480 check
server ceph241 10.9.10.235:7480 check
server ceph243 10.9.10.236:7480 check
```
# tcp 连接 mysql galera cluster
```
frontend mysql
bind *:3306
timeout client 1800s
default_backend mysql
backend mysql
balance source
option tcpka
timeout connect 8s
timeout server 1800s
retries 2
server mysql231 10.9.10.231:3306 check inter 4s
server mysql232 10.9.10.232:3306 check inter 4s
server mysql233 10.9.10.233:3306 check inter 4s
```
# tcp 连接 redis 主库
```
frontend redis
bind *:6379
timeout client 1800s
default_backend redis
backend redis
balance roundrobin
timeout connect 8s
timeout server 1800s
retries 2
option tcp-check
tcp-check connect
tcp-check send PING\r\n
tcp-check expect string +PONG
tcp-check send info\ replication\r\n
tcp-check expect string role:master
tcp-check send QUIT\r\n
tcp-check expect string +OK
server redis87 10.1.14.87:6379 check inter 4s
server redis88 10.1.14.88:6379 check inter 4s
server redis89 10.1.14.89:6379 check inter 4s
```
# 状态页面
```
listen admin_stats
bind 0.0.0.0:10080
mode http
maxconn 100
timeout client 1m
timeout connect 4s
timeout server 4s
stats refresh 30s
stats uri /
stats auth username:password
stats realm haproxy for private user, enter username/password
stats hide-version
```
# 通过 rsyslog 生成日志
```bash
sed -i -e '/ModLoad imudp/s/^#//' \
-e '/UDPServerRun 514/s/^#//' /etc/rsyslog.conf
cat > /etc/rsyslog.d/haproxy.conf <<EOF
# haproxy log
template(name="HaproxyTime" type="list"){
property(name="timereported" dateformat="year")
constant(value="-")
property(name="timereported" dateformat="month")
constant(value="-")
property(name="timereported" dateformat="day")
constant(value=" ")
property(name="timereported" dateformat="hour")
constant(value=":")
property(name="timereported" dateformat="minute")
constant(value=":")
property(name="timereported" dateformat="second")
constant(value=" ")
property(name="msg" droplastlf="on")
constant(value="\n")
}
template(name="DynFile" type="list"){
constant(value="/var/log/haproxy/haproxy-")
property(name="timereported" dateformat="year")
property(name="timereported" dateformat="month")
property(name="timereported" dateformat="day")
constant(value=".log")
}
local2.* action(type="omfile" dynaFile="DynFile" template="HaproxyTime")
EOF
systemctl restart rsyslog
systemctl restart haproxy
```
# 参考
- [详解地址](http://blog.haohtml.com/archives/7959)
- [官网](https://www.haproxy.com/documentation/hapee/1-5r2/traffic-management/health-checking/)
Reference in New Issue View Git Blame Copy Permalink