haproxy实验

目录

为什么要用haproxy？

haproxy的基本部署实验：

环境准备：

详细步骤：

haproxy-多进程与多线程实验：

haproxy的全局global配置实验：

---

为什么要用haproxy？

LVS：没有后端检测，当后端出现问题时，LVS仍然会去访问服务停止的主机。

优点：速度快，体积小

缺点：没有后端检测，不能实现七层负载

haproxy：可以实现当后端出现问题时，会把所以流量达到正常的主机上。即可实现四层负载也可实现七层负载。

haproxy的基本部署实验：

环境准备：

需要三台虚拟机

rhel9克隆：haproxy(172.25.254.100)、webserver1(172.25.254.10)、webserver2(172.25.254.20)

详细步骤：

vmset.sh为设置IP及解析

[root@haproxy ~]# cat /bin/vmset.sh
#!/bin/bash
rm -fr /etc/NetworkManager/system-connections/$1.nmconnection
cat > /etc/NetworkManager/system-connections/$1.nmconnection <<EOF
[connection]
id=$1
type=ethernet
interface-name=$1
[ipv4]
address1=$2/24,172.25.254.2
method=manual
dns=114.114.114.114;
EOF
 
chmod 600 /etc/NetworkManager/system-connections/$1.nmconnection
nmcli connection reload
nmcli connection up $1
 
hostnamectl hostname $3
 
cat > /etc/hosts <<EOF
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
$2	$3
EOF

haproxy部分

#haproxy部分：
#vmset.sh eth0 172.25.254.100 haproxy.company.org
[root@haproxy ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:0c:29:cc:d6:59 brd ff:ff:ff:ff:ff:ff
    altname enp3s0
    altname ens160
    inet 172.25.254.100/24 brd 172.25.254.255 scope global noprefixroute eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::e9d9:e029:7f5a:84bf/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
[root@haproxy ~]# 
#此处是在下面的webserver1和webserver2的nginx部分做完后，进行测试的
[root@haproxy ~]# curl 172.25.254.10
webserver1 - 172.25.254.10
[root@haproxy ~]# curl 172.25.254.20
webserver2 - 172.25.254.20


#haproxy实现LVS轮询调度
[root@haproxy ~]# dnf install haproxy -y
Complete!
[root@haproxy ~]# rpm -qc haproxy 
/etc/haproxy/haproxy.cfg
/etc/logrotate.d/haproxy
/etc/sysconfig/haproxy
[root@haproxy ~]# 
[root@haproxy ~]# vim /etc/haproxy/haproxy.cfg 
[root@haproxy ~]# systemctl enable haproxy.service 
Created symlink /etc/systemd/system/multi-user.target.wants/haproxy.service → /usr/lib/systemd/system/haproxy.service.
[root@haproxy ~]# systemctl restart haproxy.service 
[root@haproxy ~]# curl 172.25.254.100
webserver1 - 172.25.254.10
[root@haproxy ~]# curl 172.25.254.100
webserver2 - 172.25.254.20
[root@haproxy ~]# curl 172.25.254.100
webserver1 - 172.25.254.10

编写配置文件：

vim /etc/haproxy/haproxy.cfg

大约在69行左右，添加以下内容，选择其中一种方式，即可实现haproxy的轮询效果

webserver1部分

#webserver1部分：
#vmset.sh eth0 172.25.254.10 webserver1.company.org
[root@webserver1 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:0c:29:03:5f:47 brd ff:ff:ff:ff:ff:ff
    altname enp3s0
    altname ens160
    inet 172.25.254.10/24 brd 172.25.254.255 scope global noprefixroute eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::b947:4cf:357d:b67e/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
[root@webserver1 ~]# 
[root@webserver1 ~]# dnf install nginx -y
Complete!
[root@webserver1 ~]# echo webserver1 - 172.25.254.10 > /usr/share/nginx/html/index.html
[root@webserver1 ~]# systemctl enable --now nginx.service 
Created symlink /etc/systemd/system/multi-user.target.wants/nginx.service → /usr/lib/systemd/system/nginx.service.
#之后进出haproxy进行curl测试

webserver2部分

#webserver2部分：
#vmset.sh eth0 172.25.254.20 webserver2.company.org
[root@webserver2 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:0c:29:f6:d1:9e brd ff:ff:ff:ff:ff:ff
    altname enp3s0
    altname ens160
    inet 172.25.254.20/24 brd 172.25.254.255 scope global noprefixroute eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::d9bf:66c4:33ab:9efa/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
[root@webserver2 ~]# 
[root@webserver2 ~]# dnf install nginx -y
Complete!
[root@webserver2 ~]# echo webserver2 - 172.25.254.20 > /usr/share/nginx/html/index.html
[root@webserver2 ~]# systemctl enable --now nginx.service 
Created symlink /etc/systemd/system/multi-user.target.wants/nginx.service → /usr/lib/systemd/system/nginx.service.
#之后进出haproxy进行curl测试

haproxy-多进程与多线程实验：

多进程：

[root@haproxy ~]# vim /etc/haproxy/haproxy.cfg 
[root@haproxy ~]# systemctl restart haproxy.service 
[root@haproxy ~]# pstree -p | grep haproxy
           |-haproxy(1586)-+-haproxy(1588)
           |               `-haproxy(1589)

多线程：

[root@haproxy ~]# vim /etc/haproxy/haproxy.cfg 
[root@haproxy ~]# systemctl restart haproxy.service 
[root@haproxy ~]# pstree -p | grep haproxy
           |-haproxy(1569)---haproxy(1571)---{haproxy}(1572)

haproxy的全局global配置实验：

[root@haproxy ~]# vim /etc/haproxy/haproxy.cfg 
[root@haproxy ~]# systemctl restart haproxy.service 
[root@haproxy ~]# vim /etc/rsyslog.conf 
[root@haproxy ~]# ll /var/log/haproxy.log 
-rw------- 1 root root 5436 Aug  7 16:34 /var/log/haproxy.log