yunvnadmin 发表于 2015-9-5 00:34:59

Haproxy完整部署文档2015-07-27

  一:安装
mkdir -p /tools && cd /tools
useradd -s /sbin/nologin www
yum install -y gcc
wget http://www.haproxy.org/download/1.5/src/haproxy-1.5.10.tar.gz
tar zcvf haproxy-1.5.10.tar.gz
cd haproxy-1.5.10
make TARGET=linux26 PREFIX=/usr/local/haproxy-1.5.10
make install PREFIX=/usr/local/haproxy-1.5.10
cp -a examples/errorfiles /usr/local/haproxy-1.5.10/
mkdir -p /usr/local/haproxy-1.5.10/conf
mkdir -p /data/logs
  vim /usr/local/haproxy-1.5.10/conf/haproxy.cfg
#---------------------------------------------------------------------------------------------
# cat haproxy.cfg
global
      chroot /usr/local/haproxy-1.5.10/
      daemon
      group www
      user www
      #日志输出配置 所有日志都记录在本机 通过local0输出#
      log 127.0.0.1 local3
      pidfile /usr/local/haproxy-1.5.10/haproxy.pid
      maxconn 20000
      spread-checks 3
      nbproc 1
  defaults
      log   global
      mode    http
      #日志文件的输出定向
      #log 127.0.0.1 local3
      retries 3
      timeout connect 5000
      timeout client 50000
      timeout server 50000
      option abortonclose#当服务器负载很高的时候,自动结束掉当前队列处理比较久的链接
      option forwardfor   #将客户真实IP转发给后端服务器
      option redispatch      #当serverId对应的服务器挂掉后,强制定向到其他健康的服务器
      option httpclose      #每次请求完毕后主动关闭http通道
      optiondontlognull   #保证HAProxy不记录上级负载均衡发送过来的用于检测状态没有数据的心跳包
      optionhttplog
      stats enable
      stats refresh 60s
      stats hide-version
      stats uri /?&status
      stats auth admin:kptsdszs
      stats realmHichao\ monitor
  #定义错误状态码返回信息
      errorfile 403 /usr/local/haproxy-1.5.10/errorfiles/403.http
      errorfile 500 /usr/local/haproxy-1.5.10/errorfiles/500.http
      errorfile 502 /usr/local/haproxy-1.5.10/errorfiles/502.http
      errorfile 503 /usr/local/haproxy-1.5.10/errorfiles/503.http
      errorfile 504 /usr/local/haproxy-1.5.10/errorfiles/504.http
  frontend mall
      bind :80
         
      #定义日志格式
      capture request header Host len 40
      capture request header Content-Length len 10
      capture request header Referer len 200
      capture response header Server len 40
      capture response header Content-Length len 10
      capture response header Cache-Control len 8
  acl mall hdr_reg(host) -i ^(b2c-admin.hichao.com|ecshop.hichao.com)$
      acl sa hdr_reg(host) -i ^(sa.hichao.com|sa1.hichao.com)$
      use_backend mall_pool if mall
      use_backend sa_pool if sa
      default_backend default_pool
  backend mall_pool
      balance roundrobin
      cookie SERVERID
      option httpchk HEAD /index.html HTTP/1.0
      server web-01 192.168.0.113 check port 80 inter 1500 rise 2 fall 3 weight 1
      server web-02 192.168.0.114 check port 80 inter 1500 rise 2 fall 3 weight 1
      server web-03 192.168.0.115 check port 80 inter 1500 rise 2 fall 3 weight 1
  backend default_pool
      balance roundrobin
      cookie SERVERID
      option httpchk HEAD /index.html HTTP/1.0
      server web-01 192.168.0.113 check port 80 inter 1500 rise 2 fall 3 weight 1
  
  backend sa_pool
      balance roundrobin
      cookie SERVERID
      #option httpchk HEAD /index.html HTTP/1.0
      server sa-01 192.168.1.17:81 check port 81 inter 1500 rise 2 fall 3 weight 1
#---------------------------------------------------------------------------------------------
  配置启动脚本:
vim /usr/local/haproxy-1.5.10/haproxy.sh
#---------------------------------------------------------------------------------------------
# cat ../haproxy.sh
#!/bin/bash
#date:2015-01-02
#author:zhangluya
  HA_DIR="/usr/local/haproxy-1.5.10"
RETVAL=0
[ -f ${HA_DIR}/conf/haproxy.cfg ] || exit 1
  start() {
${HA_DIR}/sbin/haproxy -c -q -f ${HA_DIR}/conf/haproxy.cfg
if [ $? -ne 0 ]; then
    echo "Errors found in configuration file,Please check haproxy.cfg"
    return 1
fi
  if [ ! -e ${HA_DIR}/haproxy.pid ];then
      echo -e "Starting Haproxy ^_^ \n"
      ${HA_DIR}/sbin/haproxy -D -f ${HA_DIR}/conf/haproxy.cfg -p ${HA_DIR}/haproxy.pid
else
      /bin/mv ${HA_DIR}/haproxy.pid /tmp
      echo -e "Starting Haproxy ^_^ \n"
      ${HA_DIR}/sbin/haproxy -D -f ${HA_DIR}/conf/haproxy.cfg -p ${HA_DIR}/haproxy.pid
fi
}
  stop() {
      
    if [ -e ${HA_DIR}/haproxy.pid ];then
      echo -n "Shutting Haproxy -_-!"
      killall haproxy
      RETVAL=$?
      echo
      [ $RETVAL -eq 0 ] && rm -f ${HA_DIR}/haproxy.pid
      return $RETVAL
    else
      echo -e "-------------------------------------------------------------------"
      echo -e "\033[1;33m Haproxy process is nof found -_-! \033[0m"
      echo -e "-------------------------------------------------------------------"
    fi
}
  restart() {
${HA_DIR}/sbin/haproxy -c -q -f ${HA_DIR}/conf/haproxy.cfg
if [ $? -ne 0 ]; then
    echo "Errors found in configuration file,Please check haproxy.cfg"
    return 1
fi
stop
start
}
  check() {
${HA_DIR}/sbin/haproxy -c -q -V -f ${HA_DIR}/conf/haproxy.cfg
}
  case "$1" in
start)
    start
    ;;
stop)
    stop
    ;;
restart)
    restart
    ;;
check)
    check
    ;;
*)
    echo $"Usage: $0 {start|stop|restart|check}"
    exit 1
esac
#---------------------------------------------------------------------------------------------
chmod a+x/usr/local/haproxy-1.5.10/haproxy.sh
  日志配置:
日志的level: local0~local7 16~23保留为本地使用
emerg 0 系统不可用
alert 1 必须马上采取行动的事件
crit 2 关键的事件
err 3 错误事件
warning 4 警告事件
notice 5 普通但重要的事件
info 6 有用的信息
debug 7 调试信息
  3.加上日志支持
vim /etc/rsyslog.conf#在最下边增加
#------------------------------------------------
local3.*         /data/logs/haproxy.log
  #打开如下两行注释:
$ModLoad imudp
$UDPServerRun 514
#------------------------------------------------
  vim /etc/sysconfig/rsyslog#修改为如下
#------------------------------------------------
SYSLOGD_OPTIONS="-r -m 0"
#------------------------------------------------
  重启日志服务:
/etc/init.d/rsyslog restart
  日志切割:
vim /usr/local/haproxy-1.5.10/cut_haproxy_log.sh
#------------------------------------------------------------------------------------------------------
#!/bin/bash
#date:2014-01-03
  LOG="/data/logs"
/bin/mv ${LOG}/haproxy.log ${LOG}/haproxy_`date -d "yesterday" +"%Y-%m-%d"`.log
/etc/init.d/rsyslog restart
  rm -f ${LOG}/haproxy_$(date -d "7 days ago" +"%Y-%m-%d").log
#------------------------------------------------------------------------------------------------------
chmod a+x/usr/local/haproxy-1.5.10/cut_haproxy_log.sh
  vim /etc/sysctl.conf
#------------------------------------------------------------------------------------------------------
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_keepalive_time = 1200
net.ipv4.ip_local_port_range = 1024 65000
net.ipv4.tcp_max_syn_backlog = 8192
net.ipv4.tcp_max_tw_buckets = 80000
net.core.somaxconn = 32768
net.ipv4.tcp_keepalive_probes = 5
net.ipv4.tcp_keepalive_intvl = 20
net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.ipv4.tcp_rmem = 4096 87380 16777216
net.ipv4.tcp_wmem = 4096 65536 16777216
net.core.netdev_max_backlog = 32768
net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_syn_retries = 2
net.ipv4.tcp_retries2 = 5
net.ipv4.tcp_mem = 41943040 73400320 94371840
net.ipv4.tcp_max_orphans = 3276800
fs.file-max = 1300000
#------------------------------------------------------------------------------------------------------
  HAProxy常用的算法有如下8种:
balance roundrobin,表示简单的轮询,建议关注;
balance static-rr,表示根据权重,建议关注;
balance leastconn,表示最少连接者先处理,建议关注;
balance source,表示根据请求源IP,跟Nginx的ip_hash算法相似,建议关注;
balance uri,表示根据请求的URI;
balance url_param,表示根据请求的URl参数;
balance hdr(name),表示根据HTTP请求头来锁定每一次HTTP请求;
balance rdp-cookie(name),表示根据据cookie(name)来锁定并哈希每一次TCP请求。
页: [1]
查看完整版本: Haproxy完整部署文档2015-07-27