目录
为什么要用haproxy?
LVS:没有后端检测,当后端出现问题时,LVS仍然会去访问服务停止的主机。
优点:速度快,体积小
缺点:没有后端检测,不能实现七层负载
haproxy:可以实现当后端出现问题时,会把所以流量达到正常的主机上。即可实现四层负载也可实现七层负载。
haproxy的基本部署实验:
环境准备:
需要三台虚拟机
rhel9克隆:haproxy(172.25.254.100)、webserver1(172.25.254.10)、webserver2(172.25.254.20)
详细步骤:
vmset.sh为设置IP及解析
bash
[root@haproxy ~]# cat /bin/vmset.sh
#!/bin/bash
rm -fr /etc/NetworkManager/system-connections/$1.nmconnection
cat > /etc/NetworkManager/system-connections/$1.nmconnection <<EOF
[connection]
id=$1
type=ethernet
interface-name=$1
[ipv4]
address1=$2/24,172.25.254.2
method=manual
dns=114.114.114.114;
EOF
chmod 600 /etc/NetworkManager/system-connections/$1.nmconnection
nmcli connection reload
nmcli connection up $1
hostnamectl hostname $3
cat > /etc/hosts <<EOF
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
$2 $3
EOFhaproxy部分
bash
#haproxy部分:
#vmset.sh eth0 172.25.254.100 haproxy.company.org
[root@haproxy ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:cc:d6:59 brd ff:ff:ff:ff:ff:ff
altname enp3s0
altname ens160
inet 172.25.254.100/24 brd 172.25.254.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
inet6 fe80::e9d9:e029:7f5a:84bf/64 scope link noprefixroute
valid_lft forever preferred_lft forever
[root@haproxy ~]#
#此处是在下面的webserver1和webserver2的nginx部分做完后,进行测试的
[root@haproxy ~]# curl 172.25.254.10
webserver1 - 172.25.254.10
[root@haproxy ~]# curl 172.25.254.20
webserver2 - 172.25.254.20
#haproxy实现LVS轮询调度
[root@haproxy ~]# dnf install haproxy -y
Complete!
[root@haproxy ~]# rpm -qc haproxy
/etc/haproxy/haproxy.cfg
/etc/logrotate.d/haproxy
/etc/sysconfig/haproxy
[root@haproxy ~]#
[root@haproxy ~]# vim /etc/haproxy/haproxy.cfg
[root@haproxy ~]# systemctl enable haproxy.service
Created symlink /etc/systemd/system/multi-user.target.wants/haproxy.service → /usr/lib/systemd/system/haproxy.service.
[root@haproxy ~]# systemctl restart haproxy.service
[root@haproxy ~]# curl 172.25.254.100
webserver1 - 172.25.254.10
[root@haproxy ~]# curl 172.25.254.100
webserver2 - 172.25.254.20
[root@haproxy ~]# curl 172.25.254.100
webserver1 - 172.25.254.10编写配置文件:
vim /etc/haproxy/haproxy.cfg
大约在69行左右,添加以下内容,选择其中一种方式,即可实现haproxy的轮询效果
webserver1部分
bash
#webserver1部分:
#vmset.sh eth0 172.25.254.10 webserver1.company.org
[root@webserver1 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:03:5f:47 brd ff:ff:ff:ff:ff:ff
altname enp3s0
altname ens160
inet 172.25.254.10/24 brd 172.25.254.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
inet6 fe80::b947:4cf:357d:b67e/64 scope link noprefixroute
valid_lft forever preferred_lft forever
[root@webserver1 ~]#
[root@webserver1 ~]# dnf install nginx -y
Complete!
[root@webserver1 ~]# echo webserver1 - 172.25.254.10 > /usr/share/nginx/html/index.html
[root@webserver1 ~]# systemctl enable --now nginx.service
Created symlink /etc/systemd/system/multi-user.target.wants/nginx.service → /usr/lib/systemd/system/nginx.service.
#之后进出haproxy进行curl测试webserver2部分
bash
#webserver2部分:
#vmset.sh eth0 172.25.254.20 webserver2.company.org
[root@webserver2 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:f6:d1:9e brd ff:ff:ff:ff:ff:ff
altname enp3s0
altname ens160
inet 172.25.254.20/24 brd 172.25.254.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
inet6 fe80::d9bf:66c4:33ab:9efa/64 scope link noprefixroute
valid_lft forever preferred_lft forever
[root@webserver2 ~]#
[root@webserver2 ~]# dnf install nginx -y
Complete!
[root@webserver2 ~]# echo webserver2 - 172.25.254.20 > /usr/share/nginx/html/index.html
[root@webserver2 ~]# systemctl enable --now nginx.service
Created symlink /etc/systemd/system/multi-user.target.wants/nginx.service → /usr/lib/systemd/system/nginx.service.
#之后进出haproxy进行curl测试haproxy-多进程与多线程实验:
多进程:
bash
[root@haproxy ~]# vim /etc/haproxy/haproxy.cfg
[root@haproxy ~]# systemctl restart haproxy.service
[root@haproxy ~]# pstree -p | grep haproxy
|-haproxy(1586)-+-haproxy(1588)
| `-haproxy(1589)
多线程:
bash
[root@haproxy ~]# vim /etc/haproxy/haproxy.cfg
[root@haproxy ~]# systemctl restart haproxy.service
[root@haproxy ~]# pstree -p | grep haproxy
|-haproxy(1569)---haproxy(1571)---{haproxy}(1572)
haproxy的全局global配置实验:
bash
[root@haproxy ~]# vim /etc/haproxy/haproxy.cfg
[root@haproxy ~]# systemctl restart haproxy.service
[root@haproxy ~]# vim /etc/rsyslog.conf
[root@haproxy ~]# ll /var/log/haproxy.log
-rw------- 1 root root 5436 Aug 7 16:34 /var/log/haproxy.log
