1. 编译安装haproxy
官网: http://www.haproxy.org
1.1 下载haproxy
# wget http://www.haproxy.org/download/1.6/src/haproxy-1.6.14.tar.gz
1.2 解压haproxy
# tar xf haproxy-1.6.14.tar.gz
1.3 查看编译方法
# less README 下面选自README To build haproxy, you have to choose your target OS amongst the following ones and assign it to the TARGET variable : - linux22 for Linux 2.2 - linux24 for Linux 2.4 and above (default) - linux24e for Linux 2.4 with support for a working epoll (> 0.21) - linux26 for Linux 2.6 and above - linux2628 for Linux 2.6.28, 3.x, and above (enables splice and tproxy) - solaris for Solaris 8 or 10 (others untested) - freebsd for FreeBSD 5 to 10 (others untested) - netbsd for NetBSD - osx for Mac OS/X - openbsd for OpenBSD 3.1 and above - aix51 for AIX 5.1 - aix52 for AIX 5.2 - cygwin for Cygwin - generic for any other OS or version. - custom to manually adjust every setting By default, the DEBUG variable is set to '-g' to enable debug symbols. It is not wise to disable it on uncommon systems, because it's often the only way to get a complete core when you need one. Otherwise, you can set DEBUG to '-s' to strip the binary. For example, I use this to build for Solaris 8 : $ make TARGET=solaris CPU=ultrasparc USE_STATIC_PCRE=1 And I build it this way on OpenBSD or FreeBSD : $ gmake TARGET=freebsd USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 And on a classic Linux with SSL and ZLIB support (eg: Red Hat 5.x) : $ make TARGET=linux26 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 And on a recent Linux >= 2.6.28 with SSL and ZLIB support : $ make TARGET=linux2628 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 In order to build a 32-bit binary on an x86_64 Linux system with SSL support without support for compression but when OpenSSL requires ZLIB anyway : $ make TARGET=linux26 ARCH=i386 USE_OPENSSL=1 ADDLIB=-lz
1.4 安装:
# make TARGET=linux2628 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 安装方法是根据自己内核版本来了,具体查看内核的方法: # uname -a # make install PREFIX=/usr/local/haproxy
2. haproxy最简单的配置
2.1 拷贝配置文件
# mkdir -p /usr/local/haproxy/conf/ # cp -a examples/content-sw-sample.cfg /usr/local/haproxy/conf/ # mv /usr/local/haproxy/conf/content-sw-sample.cfg /usr/local/haproxy/conf/http_haproxy.conf
配置配置文件如下
# cat http_haproxy.conf | grep -v "#" global maxconn 100 log 127.0.0.1 local0 uid 501 gid 501 chroot /usr/local/haproxy/var daemon frontend public bind 192.168.31.243:81 name clear mode http default_backend dynamic timeout client 30s backend dynamic mode http timeout connect 5s timeout server 30s timeout queue 30s balance roundrobin server server_01 192.168.31.243:80 minconn 50 maxconn 500 check inter 1000 server server_02 192.168.31.150:80 minconn 50 maxconn 500 check inter 1000 #
2.2 检查语法
# ./haproxy -f /usr/local/haproxy/conf/http_haproxy.conf -c Configuration file is valid #
2.3 测试访问
# netstat -tulnp | grep haproxy tcp 0 0 192.168.31.243:81 0.0.0.0:* LISTEN 2243/./haproxy # # curl -I http://192.168.31.243:81/ HTTP/1.1 200 OK Server: nginx/1.14.2 Date: Mon, 07 Jan 2019 08:10:13 GMT Content-Type: text/html Content-Length: 636 Last-Modified: Tue, 18 Dec 2018 06:51:02 GMT ETag: "5c1898d6-27c" Accept-Ranges: bytes # curl -I http://192.168.31.243:80 HTTP/1.1 200 OK Server: nginx/1.14.2 Date: Mon, 07 Jan 2019 08:10:16 GMT Content-Type: text/html Content-Length: 636 Last-Modified: Tue, 18 Dec 2018 06:51:02 GMT Connection: keep-alive ETag: "5c1898d6-27c" Accept-Ranges: bytes #
3. 出现的问题和解决的办法
3.1 haproxy 默认log不输出的问题
在haproxy配置文件中,指定了 log 输出为 local0 之后,同时也在 /etc/rsyslog.conf 配置了
local0.* /var/log/haproxy.log
发现还是不行,最后发现UDPServer未开启导致的,
# cat /etc/rsyslog.conf | grep "UDPServerRun" $UDPServerRun 514 #
UDPServerRun 514 需要打开
验证是否打开 # netstat -tulnp | grep 514 udp 0 0 0.0.0.0:514 0.0.0.0:* 2772/rsyslogd udp 0 0 :::514 :::* 2772/rsyslogd #