setenforce 0 #make the configuration take effect immediately
2.vi / etc / sysconfig / iptables #edit
-A RH-Firewall-1-INPUT -d 224.0.0.18 -j ACCEPT #Allow multicast address communication
-A RH-Firewall-1-INPUT -p vrrp -j ACCEPT #Allow VRRP (Virtual Router Redundancy Association) communication
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT #Allow port 80 to pass through the firewall
: wq! #Save and exit
/etc/init.d/iptables restart #Restart the firewall to make the configuration take effect
Second, install HAProxy
1. Create HAProxy running account and group
groupadd haproxy #Add haproxy group
useradd -g haproxy haproxy -s / bin / false #Create nginx running account haproxy and join the haproxy group, do not allow haproxy users to log in directly to the system
2. Installation:
[[email protected] local] # yum install -y gcc
[[email protected] local] # tar zxvf haproxy-1.6.9.tar.gz
[[email protected] local] # cd haproxy-1.6.9
[[email protected] local] # make TARGET = linux3100 CPU = x86_64 PREFIX = / usr / local / haprpxy #Compile uname -r #View the system kernel version number
[[email protected] local] # make install PREFIX = / usr / local / haproxy #install
# 数 说明 : Number description:
# TARGET = linux3100
#Use uname -r to view the kernel, such as: 2.6.18-371.el5, this parameter is linux26
#kernel greater than 2.6.28: TARGET = linux2628
# CPU = x86_64 #Use uname -r to view system information, such as x86_64 x86_64 x86_64 GNU / Linux, this parameter is x86_64
# PREFIX = / usr / local / haprpxy # / usr / local / haprpxy is the haprpxy installation path
3. Set up HAProxy
mkdir -p / usr / local / haproxy / conf #Create a configuration file directory
vi /usr/local/haproxy/conf/haproxy.cfg #Edit, modify
# ------------------------------------------------- --------------------
# Global settings
# ------------------------------------------------- --------------------
global
log 127.0.0.1 local2 ### [err warning info debug]
chroot / usr / local / haproxy
pidfile /var/run/haproxy.pid ### haproxy's pid storage path, the user who starts the process must have permission to access this file
maxconn 4000 ### Maximum number of connections, default 4000
user haproxy
group haproxy
daemon ### Create a process to run in deamon mode. This parameter requires the operating mode to be set to "daemon"
# ------------------------------------------------- --------------------
# common defaults that all the ‘listen’ and ‘backend’ sections will
# use if not designated in their block
# ------------------------------------------------- --------------------
defaults
mode http ### The default mode mode {tcp | http | health}, tcp is 4 layers, http is 7 layers, health will only return OK
log global ### Use globally defined logs
option dontlognull ### Do not record the log information of health check
option httpclose ### Close the http channel after each request
option httplog ### Log category http log format
option forwardfor ### If the backend server needs to obtain the parameters that the client's real IP needs to be configured, you can obtain the client's IP from the Http Header
option redispatch ### serverId After the server corresponding to hangs up, it is forced to be directed to other healthy servers
timeout connect 10000 #default 10 second timeout if a backend is not found
timeout client 300000 ### Client connection timed out
timeout server 300000 ### Server connection timed out
maxconn 60000 ### Maximum number of connections
retries 3 ### If the connection fails three times, the service is considered unavailable, and it can also be set later.
################################################ ##################
listen stats
bind 0.0.0.0:1080 #listening port
stats refresh 30s #Statistic page automatic refresh time
stats uri / stats #statistic page url
stats realm Haproxy Manager #Statistics page prompt text on the password box
stats auth admin: admin #Statistic page user name and password settings
#stats hide-version #Hide the version information of HAProxy on the statistics page
# ------------------------------------------------- --------------------
# main frontend which proxys to the backends
# ------------------------------------------------- --------------------
frontend main
bind 0.0.0.0:80
acl url_static path_beg -i / static / images / javascript / stylesheets
acl url_static path_end -i .jpg .gif .png .css .js
use_backend static if url_static ### Meet the policy requirements, then respond to the backend page defined by the policy
default_backend dynamic ### If not satisfied, respond to the default page of backend
# ------------------------------------------------- --------------------
# static backend for serving up images, stylesheets and such
# ------------------------------------------------- --------------------
backend static
balance roundrobin ### Load balancing mode polling
server static 127.0.0.1:80 check ### Backend server definition
backend dynamic
balance roundrobin
server websrv1 10.252.97.106:80 check maxconn 2000
server websrv2 10.
117.8.20: 80 check maxconn 2000
# ------------------------------------------------- --------------------
# round robin balancing between the various backends
# ------------------------------------------------- --------------------
#errorloc 503 http://www.osyunwei.com/404.html
errorfile 403 /etc/haproxy/errorfiles/403.http
errorfile 500 /etc/haproxy/errorfiles/500.http
errorfile 502 /etc/haproxy/errorfiles/502.http
errorfile 503 /etc/haproxy/errorfiles/503.http
errorfile 504 /etc/haproxy/errorfiles/504.http
: wq! #Save and exit
service haproxy start #Start
service haproxy stop #Close
service haproxy restart #Restart
5. Set up HAProxy logs
vi /etc/syslog.conf #Edit, add at the bottom
# haproxy.log
local0. * /var/log/haproxy.log
local3. * /var/log/haproxy.log
: wq! #Save and exit
vi / etc / sysconfig / syslog #edit
SYSLOGD_OPTIONS = "-r -m 0" #Receive remote server logs
: wq! #Save and exit
service syslog restart #Restart syslog
5. The browser opens the monitoring page of haproxy as follows:
http://120.55.95.103:1080/stats
// Description: 1080 is the listening port in the haproxy configuration file, and stats is the listening name in the haproxy configuration file
Reference blog:
http://www.osyunwei.com/archives/7512.html
http://www.cnblogs.com/kgdxpr/p/3272861.html
http://www.cnblogs.com/MacoLee/p/5853413.html
Linux (CentOS)-HAProxy installation and configuration
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.