1、解决lua环境
下载地址:www.lua.org/ftp/
安装基础命令及编译依赖环境:(内网环境挂载本地源安装)
yum install gcc readline-devel -y
解压缩并安装:
[root@db02 ~]# tar zxf lua-5.4.4.tar.gz [root@db02 ~]# cd lua-5.4.4/ [root@db02 ~]# make linux
查看lua版本
[root@db02 lua-5.4.4]# pwd /root/lua-5.4.4 [root@db02 lua-5.4.4]# ./src/lua -v Lua 5.4.4 Copyright (C) 1994-2020 Lua.org, PUC-Rio
2、安装Haproxy
haproxy官网:www.haproxy.org/
将下载好的haproxy软件上传到linux上
安装基础命令及编译依赖环境:
yum -y install gcc openssl-devel pcre-devel systemd-devel
解压缩并安装:
[root@db02 ~]# tar zxf haproxy-2.8.1.tar.gz [root@db02 ~]# cd haproxy-2.8.1/
USE_PROMEX=1为内置的Prometheus exposes metrics
参考INSTALL文件进行编译安装:
make -j 4 TARGET=linux-glibc USE_OPENSSL=1 USE_ZLIB=1 USE_PCRE=1 USE_SYSTEMD=1 USE_LUA=1 USE_PROMEX=1 LUA_INC=/usr/local/src/lua-5.4.4/src LUA_LIB=/usr/local/src/lua-5.4.4/src
make install PREFIX=/usr/local/haproxy
ln -s /usr/local/haproxy/sbin/haproxy /usr/sbin/
3、验证Haproxy版本
/usr/sbin/haproxy -v
4、创建配置文件
mkdir /etc/haproxy
vi /etc/haproxy/haproxy.cfg
global
log 127.0.0.1 local0 info
#log loghost local0 info
maxconn 20480
#chroot /usr/local/haproxy
#pidfile /var/run/haproxy.pid
pidfile /var/lib/haproxy/haproxy.pid
#maxconn 4000
user haproxy
group haproxy
daemon
#---------------------------------------------------------------------
#common defaults that all the 'listen' and 'backend' sections will
#use if not designated in their block
#---------------------------------------------------------------------
defaults
mode http
log global
option dontlognull
option httpclose
option httplog
#option forwardfor
option redispatch
balance roundrobin
timeout connect 10s
timeout client 10s
timeout server 10s
timeout check 10s
maxconn 60000
retries 3
#--------------统计页面配置------------------
listen stat
bind 0.0.0.0:8888
mode http
http-request use-service prometheus-exporter if { path /metrics }
stats enable
stats refresh 30s
stats uri /stats
stats realm Haproxy\ Statistics
stats auth admin:admin
stats hide-version
#---------------web设置-----------------------
listen webcluster
bind 0.0.0.0:80
mode http
#option httpchk GET /index.html
log global
maxconn 3000
balance roundrobin
cookie SESSION_COOKIE insert indirect nocache
server web01 192.168.212.52:8080 check inter 2000 fall 5
#server web01 192.168.80.102:80 cookie web01 check inter 2000 fall 5
创建socket文件的目录: [root@db02 ~]# mkdir /var/lib/haproxy/ 创建运行haproxy的用户: [root@db02 ~]# useradd -r -s /sbin/nologin -d /var/lib/haproxy haproxy 将haproxy的帮助文档,加入到帮助里边 [root@db02 ~]# tree /usr/local/haproxy/share/man/ [root@db02 ~]# vi /etc/man_db.conf MANDATORY_MANPATH /usr/local/haproxy/share/man/ 更新man的数据库: [root@db02 ~]# mandb
5、设置linux内核参数
vi /etc/sysctl.conf
#添加如下配置 net.ipv4.ip_nonlocal_bind = 1 net.ipv4.ip_forward = 1
[root@localhost haproxy-2.1.3]# sysctl -p net.ipv4.ip_nonlocal_bind = 1 net.ipv4.ip_forward = 1
6、配置HAProxy服务
vi /usr/lib/systemd/system/haproxy.service
[Unit]
Description=HAProxy Load Balancer
After=syslog.target network.target
Documentation=man:haproxy(1)
Documentation=file:/usr/local/haproxy/doc/haproxy/configuration.txt
[Service]
ExecStartPre=/usr/sbin/haproxy -f /etc/haproxy/haproxy.cfg -c -q
ExecStart=/usr/sbin/haproxy -Ws -f /etc/haproxy/haproxy.cfg -p /var/lib/haproxy/haproxy.pid
ExecReload=/bin/kill -USR2 $MAINPID
[Install]
WantedBy=multi-user.target
6、刷新配置,设置开机启动
systemctl daemon-reload
systemctl enable haproxy.service
#查看端口是否开启
[root@localhost ~]# ss -anlt
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:80 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 0.0.0.0:8189 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
7、配置日志信息
[root@localhost ~]# vi /etc/rsyslog.conf
Log anything (except mail) of level info or higher.
Don't log private authentication messages!
*.info;mail.none;authpriv.none;cron.none /var/log/messages
local0.* /var/log/haproxy.log #添加此行内容
The authpriv file has restricted acc
[root@localhost ~]# systemctl restart rsyslog.service
[root@localhost ~]# systemctl enable rsyslog.service
[root@localhost ~]# systemctl restart haproxy.service
[root@localhost ~]# systemctl enable haproxy.service
关闭防火墙systemctl stop firewalld.service
关闭开机制动启动systemctl disable firewalld.service
访问haproxy自带监控界面
