Linux (CentOS)-haproxy installation and configuration

Source: Internet
Author: User
Tags syslog haproxy
Haproxy:
http://pkgs.fedoraproject.org/repo/pkgs/haproxy/

1. Close SElinux and configure firewall

1.vi / etc / selinux / config

# SELINUX = enforcing #Comment out

# SELINUXTYPE = targeted #commented out

SELINUX = disabled #increase

: wq! #Save and exit

setenforce 0 #make the configuration take effect immediately

2.vi / etc / sysconfig / iptables #edit

-A RH-Firewall-1-INPUT -d 224.0.0.18 -j ACCEPT #Allow multicast address communication

-A RH-Firewall-1-INPUT -p vrrp -j ACCEPT #Allow VRRP (Virtual Router Redundancy Association) communication

-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT #Allow port 80 to pass through the firewall

: wq! #Save and exit

/etc/init.d/iptables restart #Restart the firewall to make the configuration take effect

Second, install HAProxy

1. Create HAProxy running account and group

groupadd haproxy #Add haproxy group

useradd -g haproxy haproxy -s / bin / false #Create nginx running account haproxy and join the haproxy group, do not allow haproxy users to log in directly to the system

2. Installation:

[[email protected] local] # yum install -y gcc
[[email protected] local] # tar zxvf haproxy-1.6.9.tar.gz
[[email protected] local] # cd haproxy-1.6.9
[[email protected] local] # make TARGET = linux3100 CPU = x86_64 PREFIX = / usr / local / haprpxy #Compile uname -r #View the system kernel version number
[[email protected] local] # make install PREFIX = / usr / local / haproxy #install

# 数 说明 : Number description:
# TARGET = linux3100
#Use uname -r to view the kernel, such as: 2.6.18-371.el5, this parameter is linux26
#kernel greater than 2.6.28: TARGET = linux2628
# CPU = x86_64 #Use uname -r to view system information, such as x86_64 x86_64 x86_64 GNU / Linux, this parameter is x86_64
# PREFIX = / usr / local / haprpxy # / usr / local / haprpxy is the haprpxy installation path
3. Set up HAProxy

mkdir -p / usr / local / haproxy / conf #Create a configuration file directory

mkdir -p / etc / haproxy #Create a configuration file directory

touch /usr/local/haproxy/conf/haproxy.cfg #Create configuration file

ln -s /usr/local/haproxy/conf/haproxy.cfg /etc/haproxy/haproxy.cfg #Add configuration file soft connection

cp -r /usr/local/src/haproxy-1.6.9/examples/errorfiles / usr / local / haproxy / errorfiles #copy error pages

ln -s / usr / local / haproxy / errorfiles / etc / haproxy / errorfiles #add soft connection

mkdir -p / usr / local / haproxy / log #Create log file directory

touch /usr/local/haproxy/log/haproxy.log #Create log file

ln -s /usr/local/haproxy/log/haproxy.log /var/log/haproxy.log #Add soft connection

cp /usr/local/src/haproxy-1.6.9/examples/haproxy.init /etc/rc.d/init.d/haproxy #copy boot file

chmod + x /etc/rc.d/init.d/haproxy #add script execution permission

chkconfig haproxy on #set boot

ln -s / usr / local / haproxy / sbin / haproxy / usr / sbin #add soft link

4. Configure haproxy.cfg parameters

cp /usr/local/haproxy/conf/haproxy.cfg /usr/local/haproxy/conf/haproxy.cfg-bak #Backup

vi /usr/local/haproxy/conf/haproxy.cfg #Edit, modify

# ------------------------------------------------- --------------------
# Global settings
# ------------------------------------------------- --------------------
global
    log 127.0.0.1 local2 ### [err warning info debug]
    chroot / usr / local / haproxy
    pidfile /var/run/haproxy.pid ### haproxy's pid storage path, the user who starts the process must have permission to access this file
    maxconn 4000 ### Maximum number of connections, default 4000
    user haproxy
    group haproxy
    daemon ### Create a process to run in deamon mode. This parameter requires the operating mode to be set to "daemon"
 
# ------------------------------------------------- --------------------
# common defaults that all the ‘listen’ and ‘backend’ sections will
# use if not designated in their block
# ------------------------------------------------- --------------------
defaults
    mode http ### The default mode mode {tcp | http | health}, tcp is 4 layers, http is 7 layers, health will only return OK
    log global ### Use globally defined logs
    option dontlognull ### Do not record the log information of health check
    option httpclose ### Close the http channel after each request
    option httplog ### Log category http log format
    option forwardfor ### If the backend server needs to obtain the parameters that the client's real IP needs to be configured, you can obtain the client's IP from the Http Header
    option redispatch ### serverId After the server corresponding to hangs up, it is forced to be directed to other healthy servers
    timeout connect 10000 #default 10 second timeout if a backend is not found
    timeout client 300000 ### Client connection timed out
    timeout server 300000 ### Server connection timed out
    maxconn 60000 ### Maximum number of connections
    retries 3 ### If the connection fails three times, the service is considered unavailable, and it can also be set later.
################################################ ##################
listen stats
        bind 0.0.0.0:1080 #listening port
        stats refresh 30s #Statistic page automatic refresh time
        stats uri / stats #statistic page url
        stats realm Haproxy Manager #Statistics page prompt text on the password box
        stats auth admin: admin #Statistic page user name and password settings
        #stats hide-version #Hide the version information of HAProxy on the statistics page
# ------------------------------------------------- --------------------
# main frontend which proxys to the backends
# ------------------------------------------------- --------------------
frontend main
    bind 0.0.0.0:80
    acl url_static path_beg -i / static / images / javascript / stylesheets
    acl url_static path_end -i .jpg .gif .png .css .js
 
    use_backend static if url_static ### Meet the policy requirements, then respond to the backend page defined by the policy
    default_backend dynamic ### If not satisfied, respond to the default page of backend
 
# ------------------------------------------------- --------------------
# static backend for serving up images, stylesheets and such
# ------------------------------------------------- --------------------
 
backend static
    balance roundrobin ### Load balancing mode polling
    server static 127.0.0.1:80 check ### Backend server definition
     
backend dynamic
    balance roundrobin
    server websrv1 10.252.97.106:80 check maxconn 2000
    server websrv2 10.
117.8.20: 80 check maxconn 2000
 
# ------------------------------------------------- --------------------
# round robin balancing between the various backends
# ------------------------------------------------- --------------------
#errorloc 503 http://www.osyunwei.com/404.html

errorfile 403 /etc/haproxy/errorfiles/403.http

errorfile 500 /etc/haproxy/errorfiles/500.http

errorfile 502 /etc/haproxy/errorfiles/502.http

errorfile 503 /etc/haproxy/errorfiles/503.http

errorfile 504 /etc/haproxy/errorfiles/504.http

: wq! #Save and exit

service haproxy start #Start

service haproxy stop #Close

service haproxy restart #Restart

5. Set up HAProxy logs

vi /etc/syslog.conf #Edit, add at the bottom

# haproxy.log

local0. * /var/log/haproxy.log

local3. * /var/log/haproxy.log

: wq! #Save and exit

vi / etc / sysconfig / syslog #edit

SYSLOGD_OPTIONS = "-r -m 0" #Receive remote server logs

: wq! #Save and exit

service syslog restart #Restart syslog

 

5. The browser opens the monitoring page of haproxy as follows:

http://120.55.95.103:1080/stats

// Description: 1080 is the listening port in the haproxy configuration file, and stats is the listening name in the haproxy configuration file

 
Reference blog:

http://www.osyunwei.com/archives/7512.html

http://www.cnblogs.com/kgdxpr/p/3272861.html

 http://www.cnblogs.com/MacoLee/p/5853413.html

Linux (CentOS)-HAProxy installation and configuration
Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.