負載均衡器之 Haproxy

1. 編譯安裝haproxy

官網: http://www.haproxy.org

1.1 下載haproxy

# wget http://www.haproxy.org/download/1.6/src/haproxy-1.6.14.tar.gz

1.2 解壓haproxy

# tar xf haproxy-1.6.14.tar.gz

1.3 查看編譯方法

# less README

下面選自README
To build haproxy, you have to choose your target OS amongst the following ones
and assign it to the TARGET variable :

  - linux22     for Linux 2.2
  - linux24     for Linux 2.4 and above (default)
  - linux24e    for Linux 2.4 with support for a working epoll (> 0.21)
  - linux26     for Linux 2.6 and above
  - linux2628   for Linux 2.6.28, 3.x, and above (enables splice and tproxy)
  - solaris     for Solaris 8 or 10 (others untested)
  - freebsd     for FreeBSD 5 to 10 (others untested)
  - netbsd      for NetBSD
  - osx         for Mac OS/X
  - openbsd     for OpenBSD 3.1 and above
  - aix51       for AIX 5.1
  - aix52       for AIX 5.2
  - cygwin      for Cygwin
  - generic     for any other OS or version.
  - custom      to manually adjust every setting


By default, the DEBUG variable is set to '-g' to enable debug symbols. It is
not wise to disable it on uncommon systems, because it's often the only way to
get a complete core when you need one. Otherwise, you can set DEBUG to '-s' to
strip the binary.

For example, I use this to build for Solaris 8 :

    $ make TARGET=solaris CPU=ultrasparc USE_STATIC_PCRE=1

And I build it this way on OpenBSD or FreeBSD :

    $ gmake TARGET=freebsd USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1

And on a classic Linux with SSL and ZLIB support (eg: Red Hat 5.x) :

    $ make TARGET=linux26 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1

And on a recent Linux >= 2.6.28 with SSL and ZLIB support :

    $ make TARGET=linux2628 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1

In order to build a 32-bit binary on an x86_64 Linux system with SSL support
without support for compression but when OpenSSL requires ZLIB anyway :

    $ make TARGET=linux26 ARCH=i386 USE_OPENSSL=1 ADDLIB=-lz

1.4 安裝:

# make TARGET=linux2628 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1
安裝方法是根據本身內核版原本了，具體查看內核的方法:
# uname -a

# make install PREFIX=/usr/local/haproxy

2. haproxy最簡單的配置

2.1 拷貝配置文件 

# mkdir -p /usr/local/haproxy/conf/
# cp -a examples/content-sw-sample.cfg /usr/local/haproxy/conf/
# mv /usr/local/haproxy/conf/content-sw-sample.cfg /usr/local/haproxy/conf/http_haproxy.conf

配置配置文件以下

# cat http_haproxy.conf | grep -v "#"

global
        maxconn         100
        log             127.0.0.1 local0
        uid             501
        gid             501
        chroot          /usr/local/haproxy/var
        daemon

frontend public
        bind            192.168.31.243:81 name clear
        mode            http
        default_backend dynamic
        timeout client  30s

backend dynamic
        mode            http
        timeout connect 5s
        timeout server  30s
        timeout queue   30s
        balance         roundrobin
        server          server_01 192.168.31.243:80 minconn 50 maxconn 500 check inter 1000
        server          server_02 192.168.31.150:80 minconn 50 maxconn 500 check inter 1000
# 

2.2 檢查語法

# ./haproxy -f /usr/local/haproxy/conf/http_haproxy.conf -c 
Configuration file is valid
#

2.3 測試訪問

# netstat -tulnp | grep haproxy
tcp        0      0 192.168.31.243:81           0.0.0.0:*                   LISTEN      2243/./haproxy      
#

# curl -I http://192.168.31.243:81/
HTTP/1.1 200 OK
Server: nginx/1.14.2
Date: Mon, 07 Jan 2019 08:10:13 GMT
Content-Type: text/html
Content-Length: 636
Last-Modified: Tue, 18 Dec 2018 06:51:02 GMT
ETag: "5c1898d6-27c"
Accept-Ranges: bytes

# curl -I http://192.168.31.243:80
HTTP/1.1 200 OK
Server: nginx/1.14.2
Date: Mon, 07 Jan 2019 08:10:16 GMT
Content-Type: text/html
Content-Length: 636
Last-Modified: Tue, 18 Dec 2018 06:51:02 GMT
Connection: keep-alive
ETag: "5c1898d6-27c"
Accept-Ranges: bytes

# 

3. 出現的問題和解決的辦法

3.1 haproxy 默認log不輸出的問題

在haproxy配置文件中，指定了 log 輸出爲 local0 以後，同時也在 /etc/rsyslog.conf 配置了

local0.*                                                /var/log/haproxy.log

發現仍是不行，最後發現UDPServer未開啓致使的，

# cat /etc/rsyslog.conf | grep "UDPServerRun"
$UDPServerRun 514
#

UDPServerRun 514 須要打開

驗證是否打開
# netstat -tulnp | grep 514
udp        0      0 0.0.0.0:514                 0.0.0.0:*                               2772/rsyslogd       
udp        0      0 :::514                      :::*                                    2772/rsyslogd       
#