haproxy反向代理

本文主要是介绍haproxy反向代理，希望对大家解决编程问题提供一定的参考价值，需要的开发者们随着小编来一起学习吧！

实验环境

主机名                IP           版本
haproxy        192.168.14.210    1.5.18    
web1           192.168.14.211    nginx/1.12.2
web2           192.168.14.212    nginx/1.12.2

一、haproxy

1、关闭防火墙和selinux

[root@haproxy ~]# systemctl stop firewalld
[root@haproxy ~]# systemctl disable  firewalld
[root@haproxy ~]# sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config

2、yum安装haproxy

[root@haproxy ~]# yum install -y haproxy
[root@haproxy ~]# systemctl start haproxy
[root@haproxy ~]# systemctl enable  haproxy

3、开启haproxy日志记录

#查看proxy配置文件，提示添加-r和日志保存路径
[root@haproxy ~]# vim /etc/haproxy/haproxy.cfg
global# to have these messages end up in /var/log/haproxy.log you will# need to:## 1) configure syslog to accept network log events.  This is done#    by adding the '-r' option to the SYSLOGD_OPTIONS in#    /etc/sysconfig/syslog## 2) configure local2 events to go to the /var/log/haproxy.log#   file. A line like the following can be added to#   /etc/sysconfig/syslog##    local2.*                       /var/log/haproxy.log#log         127.0.0.1 local2#添加-r
[root@haproxy ~]# vim /etc/sysconfig/rsyslog 
# Options for rsyslogd
# Syslogd options are deprecated since rsyslog v3.
# If you want to use them, switch to compatibility mode 2 by "-c 2"
# See rsyslogd(8) for more details
SYSLOGD_OPTIONS="-r"[root@haproxy ~]# vim /etc/rsyslog.conf
#由于haproxy的日志是用udp传输的，所以要启用rsyslog的udp监听
# Provides UDP syslog reception
$ModLoad imudp
$UDPServerRun 514#启用级别为local2的设备，并将该设备的所有级别的日志全部输出到/var/log/haproxy.log
local2.*                                                /var/log/haproxy.log#haproxy日志文件不会自动创建，需要手动添加
[root@haproxy ~]# touch /var/log/haproxy.log#重启服务
[root@haproxy ~]# systemctl restart rsyslog

4、修改配置文件（直接复制，修改后端主机IP）

[root@haproxy ~]# cat /etc/haproxy/haproxy.cfg 
#---------------------------------------------------------------------
# Example configuration for a possible web application.  See the
# full configuration options online.
#
#   http://haproxy.1wt.eu/download/1.4/doc/configuration.txt
#
#---------------------------------------------------------------------#---------------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------
global# to have these messages end up in /var/log/haproxy.log you will# need to:## 1) configure syslog to accept network log events.  This is done#    by adding the '-r' option to the SYSLOGD_OPTIONS in#    /etc/sysconfig/syslog## 2) configure local2 events to go to the /var/log/haproxy.log#   file. A line like the following can be added to#   /etc/sysconfig/syslog##    local2.*                       /var/log/haproxy.log#log         127.0.0.1 local2chroot      /var/lib/haproxypidfile     /var/run/haproxy.pidmaxconn     4000user        haproxygroup       haproxydaemon# turn on stats unix socketstats socket /var/lib/haproxy/stats#---------------------------------------------------------------------
# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
#---------------------------------------------------------------------
defaultsmode                    httplog                     globaloption                  httplogoption                  dontlognulloption http-server-closeoption forwardfor       except 127.0.0.0/8option                  redispatchretries                 3timeout http-request    10stimeout queue           1mtimeout connect         10stimeout client          1mtimeout server          1mtimeout http-keep-alive 10stimeout check           10smaxconn                 3000
listen statsmode httpbind 0.0.0.0:1080        #图形化管理页面端口stats enablestats hide-versionstats uri     /haproxyadmin?stats    #图形化管理页面stats realm   Haproxy\ Statisticsstats auth    admin:admin            #管理用户名和密码stats admin if TRUEfrontend http-inbind *:80mode httplog globaloption httpcloseoption logasapoption dontlognullcapture request  header Host len 20capture request  header Referer len 60default_backend serversfrontend healthcheckbind :1099mode httpoption httpcloseoption forwardfordefault_backend serversbackend servers    #后端主机组balance roundrobin    #负载server websrv1 192.168.14.211:80 check maxconn 2000server websrv2 192.168.14.212:80 check maxconn 2000

二、web1

#关闭防火墙和selinux
[root@web1 ~]# systemctl stop  firewalld
[root@web1 ~]# systemctl disable   firewalld
[root@web1 ~]# sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config#安装nginx并启动
[root@web1 ~]# yum install -y nginx
[root@web1 ~]# systemctl start nginx
[root@web1 ~]# systemctl enable nginx#修改主页面
[root@web1 ~]# echo "nginx web1" > /usr/share/nginx/html/index.html

三、web2

#关闭防火墙和selinux
[root@web2 ~]# systemctl stop  firewalld
[root@web2 ~]# systemctl disable   firewalld
[root@web2 ~]# sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config#安装nginx并启动
[root@web2 ~]# yum install -y nginx
[root@web2 ~]# systemctl start nginx
[root@web2 ~]# systemctl enable nginx#修改主页面
[root@web1 ~]# echo "nginx web2" > /usr/share/nginx/html/index.html

四、客户端

1、访问haproxy

[root@client ~]# curl http://192.168.14.210
nginx web1
[root@client ~]# curl http://192.168.14.210
nginx web2
[root@client ~]# curl http://192.168.14.210
nginx web1

2、管理页面192.168.14.210:1080/haproxyadmin?stats