Introduction to haproxy
Haproxy provides high availability, load balancing, and proxy based on TCP and HTTP applications, supports virtual hosts, and is a free, fast and reliable solution.HAProxy is particularly useful for web sites that are overloaded and often require session maintenance or seven-tier processing.HAProxy runs on current hardware and can support tens of thousands of concurrent connections.And its mode of operation allows it to be easily and securely integrated into your current architecture while protecting your web server from being exposed to the network.
Configuration of haproxy
The haproxy configuration is divided into five parts, as follows:
1 global: Parameters are process-level, usually operating system-dependent.These parameters are typically set only once and do not need to be modified again if they are configured correctly
2 defaults: Configure default parameters that can be used with frontend, backend, Listen components
3 frontend: Front-end virtual node that receives requests. Frontend has more rules for specifying the backend that uses the backend specifically
4 backend: The configuration of the backend service cluster is a real server, one backend corresponds to one or more entity servers
Combination of 5 Listen Fronted and backend
vim /etc/haproxy/haproxy.cfg #Edit Profile ####################Global Configuration Information########################
#######Parameters are process-level, usually with the operating system ( OS)Relevant#########
global
maxconn 20480 #Default Maximum Connections
log 127.0.0.1 local3 #[err warning info debug]
chroot /var/haproxy #Path to run chroot
uid 99 #Running user uid
gid 99 #Running User Groups
daemon #Run haproxy in the background
nbproc 1 #Number of processes (multiple processes can be set to improve performance)
pidfile /var/run/haproxy.pid #pid store path for haproxy. Users who start the process must have access to this file
ulimit-n 65535 #Limit on the number of ulimit s
#####################Default global settings######################
##These parameters can be configured to frontend,backend,listen assembly##
defaults
log global
mode http #Categories processed (#7-tier http;4-tier tcp)
maxconn 20480 #maximum connection
option httplog #Log Category http Log Format
option httpclose #Actively close the http channel after each request
option dontlognull #Do not log health checks
option forwardfor #Client ip can be obtained from Http Header if the back-end server needs to obtain the parameters that the client's true ip needs to be configured
option redispatch #Force targeting to other healthy servers after serverId's corresponding server hangs up
option abortonclose #Automatically end connections that have been queued for a long time when the server is under heavy load
stats refresh 30 #Statistics page refresh interval
retries 3 #If you fail three times, the service is considered unavailable or you can set it later
balance roundrobin #Default load balancing, polling
#balance source #Default load balancing, like nginx's ip_hash
#balance leastconn #Default load balancing method, minimum connection
contimeout 5000 #connection timed out
clitimeout 50000 #Client Timeout
srvtimeout 50000 #server time-out
timeout check 2000 #Heart beat detection timeout
####################Monitor Page Settings#######################
listen admin_status #Combination of Frontend and Backend, name of monitoring group, customize name on demand
bind 0.0.0.0:65532 #Listening Port
mode http #7-tier mode for http
log 127.0.0.1 local3 err #Error Logging
stats refresh 5s #Automatically refresh monitoring page every 5 seconds
stats uri /admin?stats #Monitor the url of the page
stats realm itnihao\ itnihao #Monitor page prompts
stats auth admin:admin #Monitor the user and password admin of the page to set multiple user names
stats auth admin1:admin1 #Monitor page user and password admin1
stats hide-version #Hide HAproxy version information on Statistics page
stats admin if TRUE #Manually enabled/disabled, back-end server (after haproxy-1.4.9)
errorfile 403 /etc/haproxy/errorfiles/403.http
errorfile 500 /etc/haproxy/errorfiles/500.http
errorfile 502 /etc/haproxy/errorfiles/502.http
errorfile 503 /etc/haproxy/errorfiles/503.http
errorfile 504 /etc/haproxy/errorfiles/504.http
#################HAProxy Logging Content Settings###################
capture request header Host len 40
capture request header Content-Length len 10
capture request header Referer len 200
capture response header Server len 40
capture response header Content-Length len 10
capture response header Cache-Control len 8
#######################Site Monitoring listen To configure#####################
###########This usage is primarily for monitoring haproxy Monitoring status of back-end server############
listen site_status
bind 0.0.0.0:1081 #Listening Port
mode http #7-tier mode for http
log 127.0.0.1 local3 err #[err warning info debug]
monitor-uri /site_status #Web site health check URL to check if a HAProxy-managed Web site is available, returns 200 normally, 503 abnormally
acl site_dead nbsrv(server_web) lt 2 #Policy for defining site down load returns true when the number of active machines hanging in the specified backend on load balancing is less than 1
acl site_dead nbsrv(server_blog) lt 2
acl site_dead nbsrv(server_bbs) lt 2
monitor fail if site_dead #Return 503 when meeting policy, online documentation says 500, actual test 503
monitor-net 192.168.16.2/32 #Log information from 192.168.16.2 will not be recorded and forwarded
monitor-net 192.168.16.3/32
########frontend To configure############
#####Be careful, frontend Configuration can define multiple acl Perform matching operations########
frontend http_80_in
bind 0.0.0.0:80 #Listening Port, the port where haproxy provides web services, is similar to the vip port of lvs
mode http #7-tier mode for http
log global #Apply global log configuration
option httplog #log with http enabled
option httpclose #HA-Proxy does not support keep-alive mode when the http channel is actively closed after each request is completed
option forwardfor #Client IP can be obtained from Http Header if the back-end server needs to configure secondary parameters to obtain the client's true IP
########acl Policy Configuration#############
acl itnihao_web hdr_reg(host) -i ^(www.itnihao.cn|ww1.itnihao.cn)$
#Returns true-I if the requested domain name satisfies two of the domain names in the regular expression, ignoring case
acl itnihao_blog hdr_dom(host) -i blog.itnihao.cn
#Returning true-I if the requested domain name satisfies www.itnihao.cn ignores case
#acl itnihao hdr(host) -i itnihao.cn
#Return true-I if the requested domain name satisfies itnihao.cn ignores case
#acl file_req url_sub -i killall=
#If killall= is included in the request url, this control strategy returns true, otherwise false
#acl dir_req url_dir -i allow
#If allow exists as part of the address path in the request url, this control strategy returns true, otherwise it returns false
#acl missing_cl hdr_cnt(Content-length) eq 0
#Returns true when Content-length equals 0 in the requested header
########acl Policy Matching Corresponds#############
#block if missing_cl
#Prevent the request from returning 403 when Content-length in the header equals 0 in the request
#block if !file_req || dir_req
#Block means to block the request, returning a 403 error, and currently means to block the request if the policy file_req or dir_req is not satisfied
use_backend server_web if itnihao_web
#Use backend of server_web when itnihao_web's policy is met
use_backend server_blog if itnihao_blog
#Use server_blog's backend when itnihao_blog's policy is met
#redirect prefix http://blog.itniaho.cn code 301 if itnihao
#When visiting itnihao.cn, use HTTP 301 to pick to http://192.168.16.3
default_backend server_bbs
#Use backend of default server_bbs when none of the above is satisfied
##########backend Settings for##############
#Next, I'll set up three sets of servers, server_web, server_blog, server_bbs
#########################backend server_web###########################
backend server_web
mode http #7-tier mode for http
balance roundrobin #Load Balancing, roundrobin Average
cookie SERVERID #Allows insertion of serverid s into cookie s, which can be defined later
option httpchk GET /index.html #Files for Heart Rate Detection
server web1 192.168.16.2:80 cookie web1 check inter 1500 rise 3 fall 3 weight 1
#Server definition, cookie 1 means serverid is web1, check inter 1500 is to detect heart rate rise 3 is to correctly think server is available,
#fall 3 is a three-time failure to consider the server unavailable, weight represents weight
server web2 192.168.16.3:80 cookie web2 check inter 1500 rise 3 fall 3 weight 2
#Server definition, cookie 1 means serverid is web2, check inter 1500 is to detect heart rate rise 3 is to correctly think server is available,
#fall 3 is a three-time failure to consider the server unavailable, weight represents weight
#############################backend server_blog#################################
backend server_blog
mode http #7-tier mode for http
balance roundrobin #Load Balancing, roundrobin Average
cookie SERVERID #Allows insertion of serverid s into cookie s, which can be defined later
option httpchk GET /index.html #Files for Heart Rate Detection
server blog1 192.168.16.2:80 cookie blog1 check inter 1500 rise 3 fall 3 weight 1
#Server definition, cookie 1 indicates serverid is web1, check inter 1500 detects heartbeat rate rise 3 correctly regards server as available, fall 3 correctly regards server as unavailable, weight represents weight
server blog2 192.168.16.3:80 cookie blog2 check inter 1500 rise 3 fall 3 weight 2
#Server definition, cookie 1 indicates serverid is web2, check inter 1500 detects heartbeat rate rise 3 correctly regards server as available, fall 3 correctly regards server as unavailable, weight represents weight
########################backend server_bbs############################
backend server_bbs
mode http #7-tier mode for http
balance roundrobin #Load Balancing, roundrobin Average
cookie SERVERID #Allows insertion of serverid s into cookie s, which can be defined later
option httpchk GET /index.html #Files for Heart Rate Detection
server bbs1 192.168.16.2:80 cookie bbs1 check inter 1500 rise 3 fall 3 weight 1
#Server definition, cookie 1 indicates serverid is web1, check inter 1500 detects heartbeat rate rise 3 correctly regards server as available, fall 3 correctly regards server as unavailable, weight represents weight
server bbs2 192.168.16.3:80 cookie bbs2 check inter 1500 rise 3 fall 3 weight 2
#Server definition, cookie 1 indicates serverid is web2, check inter 1500 detects heartbeat rate rise 3 correctly regards server as available, fall 3 correctly regards server as unavailable, weight represents weight Configure haproxy load balancing
Installation:
yum install haproxy -y
whereis haproxy #Find Configuration File
Edit Profile
vim /etc/haproxy/haproxy.cfg
global
maxconn 20480
log 127.0.0.1 local3
chroot /var/lib/haproxy
uid 188
gid 188
daemon
nbproc 1
pidfile /var/run/haproxy.pid
ulimit-n 65535
defaults
log global
mode http
maxconn 20480
option httplog
option httpclose
option dontlognull
option forwardfor
option redispatch
option abortonclose
stats refresh 30
retries 3
balance roundrobin
contimeout 5000
clitimeout 50000
srvtimeout 50000
timeout check 2000
listen admin_status
bind 0.0.0.0:65532
mode http
log 127.0.0.1 local3 err
stats refresh 5s
stats uri /admin?stats
stats realm itnihao\ itnihao
stats auth admin:admin
stats auth admin1:admin1
stats hide-version
stats admin if TRUE
listen site_status
bind 0.0.0.0:1081
mode http
log 127.0.0.1 local3 err
monitor-uri /site_status
acl site_dead nbsrv(server_web) lt 2
monitor fail if site_dead
frontend http_80_in
bind 0.0.0.0:80
mode http
log global
option httplog
option httpclose
option forwardfor
acl web hdr_reg(host) -i www.westos.org
acl bbs hdr_dom(host) -i bbs.westos.org
use_backend server_web if web
use_backend server_bbs if bbs
default_backend server_web
backend server_web
mode http
balance roundrobin
cookie SERVERID
option httpchk GET /index.html
server web1 172.25.38.2:80 cookie web1 check inter 1500 rise 3 fall 3 weight 1
server web2 172.25.38.3:80 cookie web2 check inter 1500 rise 3 fall 3 weight 2
backend server_bbs
mode http
balance roundrobin
cookie SERVERID
option httpchk GET /index.html
server bbs1 172.25.38.3:80 cookie bbs1 check inter 1500 rise 3 fall 3 weight 1
server bbs2 172.25.38.2:80 cookie bbs2 check inter 1500 rise 3 fall 3 weight 2test
web server server2, server3 open http services
After domain name resolution 