三台服务器,一台做代理服务器,两台做web
[root@lamp ~]# hostnamectl set-hostname haproxy
[root@lamp ~]# su
[root@nginx ~]# hostnamectl set-hostname nginx1
[root@nginx ~]# su
[root@nginx1 ~]#
[root@localhost ~]# hostnamectl set-hostname nginx2
[root@localhost ~]# su
[root@nginx2 ~]#
节点服务器安装编译包
[root@nginx1 ~]# yum install pcre-devel zlib-devel gcc gcc-c++ make -y
创建程序用户nginx
[root@nginx1 ~]# useradd -M -s /sbin/nologin nginx
挂载软件包目录解压软件包
[root@nginx1 local]# mkdir /abc
[root@nginx1 local]# mount.cifs //192.168.254.10/linuxs /abc
Password for root@//192.168.254.10/linuxs:
[root@nginx1 local]# cd /abc
[root@nginx1 abc]# cd LNMP-C7/LNMP-C7/
[root@nginx1 LNMP-C7]# ls
Discuz_X3.4_SC_UTF8.zip nginx-1.12.2.tar.gz php-7.1.20.tar.bz2
mysql-boost-5.7.20.tar.gz php-5.6.11.tar.bz2 php-7.1.20.tar.gz
ncurses-5.6.tar.gz php-7.1.10.tar.bz2 zend-loader-php5.6-linux-x86_64_update1.tar.gz
[root@nginx1 LNMP-C7]# tar xzvf nginx-1.12.2.tar.gz -C /opt
configure配置
[root@nginx1 LNMP-C7]# cd /opt/nginx-1.12.2/
[root@nginx1 nginx-1.12.2]# ls
auto CHANGES.ru configure html Makefile objs src
CHANGES conf contrib LICENSE man README
[root@nginx1 nginx-1.12.2]# ./configure --prefix=/usr/local/nginx --user=nginx --group=nginx
[root@nginx1 nginx-1.12.2]# make && make install
[root@nginx1 nginx-1.12.2]# cd /usr/local/nginx/html/
[root@nginx1 html]# echo "this is kgc web" > test.html
/第二个节点html内容不一样,用以验证echo "this is accp web" > test.html
[root@nginx1 html]# ln -s /usr/local/nginx/sbin/nginx /usr/local/sbin/
[root@nginx1 html]# nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@nginx1 html]# nginx
[root@nginx1 html]# systemctl stop firewalld
[root@nginx1 html]# setenforce 0
另外一个节点服务器配置跟第一台节点服务器一样,此时节点配置完毕
接下来配置haproxy服务器
[root@haproxy ~]# yum install pcre-devel bzip2-devel gcc gcc-c++ make -y
挂载解压缩目录
[root@haproxy ~]# mkdir /abc
[root@haproxy ~]# mount.cifs //192.168.254.10/linuxs /abc
Password for root@//192.168.254.10/linuxs:
[root@haproxy ~]# cd /abc
[root@haproxy abc]# tar xzvf haproxy-1.5.19.tar.gz -C /opt
[root@haproxy abc]# cd /opt/haproxy-1.5.19/
[root@haproxy haproxy-1.5.19]# ls
CHANGELOG CONTRIBUTING ebtree include Makefile ROADMAP SUBVERS VERDATE
contrib doc examples LICENSE README src tests VERSION
[root@haproxy haproxy-1.5.19]# make TARGET=linux26
[root@haproxy haproxy-1.5.19]# make install
创建工作目录,把软件包内的样板文件复制进去,然后修改
[root@haproxy haproxy-1.5.19]# mkdir /etc/haproxy
[root@haproxy haproxy-1.5.19]# cp examples/haproxy.cfg /etc/haproxy/
[root@haproxy haproxy-1.5.19]# cd /etc/haproxy/
[root@haproxy haproxy]# ls
haproxy.cfg
[root@haproxy haproxy]# vim haproxy.cfg
# this config needs haproxy-1.1.28 or haproxy-1.2.1
global //全局设置
log 127.0.0.1 local0 //日志格式1
log 127.0.0.1 local1 notice //日志格式2
#log loghost local0 info
maxconn 4096 //连接数是4096
#chroot /usr/share/haproxy //家目录,当前暂时用不到,先注释掉
uid 99 //用户ID
gid 99 //组ID
daemon //进程用户是daemon
#debug
#quiet
defaults //默认配置
log global //日志格式采用全局模式中
mode http
option httplog
option dontlognull
retries 3 //重试三次
#redispatch //这一行注释掉,防止把请求发给有故障的节点
maxconn 2000 //默认最大连接是2000
contimeout 5000 //连接超时是5000毫秒
clitimeout 50000 //客户端的链接超时
srvtimeout 50000 //服务端的连接超时
//listen 是监听,下面可以全部删掉,自己编辑(编辑在下方显示)
listen appli1-rewrite 0.0.0.0:10001
cookie SERVERID rewrite
balance roundrobin
cookie SERVERID insert indirect nocache
server inst1 192.168.114.56:80 cookie server01 check inter 2000 fall 3
server inst2 192.168.114.56:81 cookie server02 check inter 2000 fall 3
capture cookie vgnvisitor= len 32
option httpclose # disable keep-alive
rspidel ^Set-cookie:\ IP= # do not let this cookie tell our internal IP address
listen appli3-relais 0.0.0.0:10003
dispatch 192.168.135.17:80
listen appli4-backup 0.0.0.0:10004
option httpchk /index.html
option persist
balance roundrobin
server inst1 192.168.114.56:80 check inter 2000 fall 3
server inst2 192.168.114.56:81 check inter 2000 fall 3 backup
listen ssl-relay 0.0.0.0:8443
option ssl-hello-chk
balance source
server inst1 192.168.110.56:443 check inter 2000 fall 3
server inst2 192.168.110.57:443 check inter 2000 fall 3
server back1 192.168.120.58:443 backup
listen appli5-backup 0.0.0.0:10005
option httpchk *
balance roundrobin
cookie SERVERID insert indirect nocache
server inst1 192.168.114.56:80 cookie server01 check inter 2000 fall 3
server inst2 192.168.114.56:81 cookie server02 check inter 2000 fall 3
server inst3 192.168.114.57:80 backup check inter 2000 fall 3
capture cookie ASPSESSION len 32
srvtimeout 20000
option httpclose # disable keep-alive
option checkcache # block response if set-cookie & cacheable
rspidel ^Set-cookie:\ IP= # do not let this cookie tell our internal IP address
errorloc 502 http://192.168.114.58/error502.html
errorfile 503 /etc/haproxy/errors/503.http
# this config needs haproxy-1.1.28 or haproxy-1.2.1
global
log 127.0.0.1 local0
log 127.0.0.1 local1 notice
#log loghost local0 info
maxconn 4096
# chroot /usr/share/haproxy
uid 99
gid 99
daemon
#debug
#quiet
defaults
log global
mode http
option httplog
option dontlognull
retries 3
# redispatch
maxconn 2000
contimeout 5000
clitimeout 50000
srvtimeout 50000
listen webcluster 0.0.0.0:80
#监听任意网段的80端口
option httpchk GET /test.html
#http检查是html,检查test.html页面,如果是首页的话,就改成index.html
balance roundrobin
#采用轮询机制
server inst1 192.168.247.161:80 check inter 2000 fall 3
server inst2 192.168.247.210:80 check inter 2000 fall 3
#服务器ip地址:端口号,每过2000毫秒进行一次健康检查,失败三次就不再发送请求
编辑完成,保存退出
复制启动脚本到init里
[root@haproxy haproxy]# cd -
/opt/haproxy-1.5.19
[root@haproxy haproxy-1.5.19]# cp -p /opt/haproxy-1.5.19/examples/haproxy.init /etc/init.d/haproxy
[root@haproxy haproxy-1.5.19]# chmod +x /etc/init.d/haproxy
[root@haproxy haproxy-1.5.19]# chkconfig --add /etc/init.d/haproxy
[root@haproxy haproxy-1.5.19]# ln -s /usr/local/sbin/haproxy /usr/sbin/
[root@haproxy haproxy]# service haproxy start
Starting haproxy (via systemctl): [ 确定 ]
[root@haproxy haproxy]# netstat -natp | grep haproxy
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 36830/haproxy
接下来做日志定义,及日志分离——按级别进行划分
[root@haproxy haproxy]# vim haproxy.cfg
global
log 127.0.0.1 local0 //修改
log 127.0.0.1 local1 notice
#log loghost local0 info
maxconn 4096
# chroot /usr/share/haproxy
uid 99
gid 99
daemon
#debug
#quiet
修改如下
global
log /dev/log local0 info //指定路径,定义级别为info
log /dev/log local1 notice
#log loghost local0 info
maxconn 4096
# chroot /usr/share/haproxy
uid 99
gid 99
daemon
#debug
#quiet
保存退出,重启服务
[root@haproxy haproxy]# service haproxy restart
Restarting haproxy (via systemctl): [ 确定 ]
然后在系统日志文件内创建一个haproxy配置文件
[root@haproxy haproxy]# cd /etc/rsyslog.d/
[root@haproxy rsyslog.d]# ls
listen.conf
[root@haproxy rsyslog.d]# touch /etc/rsyslog.d/haproxy.conf
[root@haproxy rsyslog.d]# vim haproxy.conf
if ($programname == 'haproxy' and $syslogseverity-text == 'info')
then -/var/log/haproxy/haproxy-info.log
&~
if ($programname == 'haproxy' and $syslogseverity-text == 'notice')
then -/var/log/haproxy/haproxy-notice.log
&~
重启系统日志服务
[root@haproxy rsyslog.d]# systemctl restart rsyslog.service
[root@haproxy rsyslog.d]#
去查看日志
[root@haproxy rsyslog.d]# cd /var/log/
[root@haproxy log]# ls
anaconda dmesg messages-20200209 spooler-20200103
audit dmesg.old ntpstats spooler-20200209
boot.log firewalld pluto sssd
boot.log-20191218 gdm ppp tallylog
boot.log-20191219 glusterfs qemu-ga tuned
boot.log-20191227 grubby_prune_debug rhsm vmware-vgauthsvc.log.0
boot.log-20200103 lastlog sa vmware-vmsvc.log
boot.log-20200209 libvirt samba vmware-vmusr.log
btmp maillog secure wpa_supplicant.log
btmp-20200209 maillog-20191218 secure-20191218 wtmp
chrony maillog-20191227 secure-20191227 Xorg.0.log
cron maillog-20200103 secure-20200103 Xorg.0.log.old
cron-20191218 maillog-20200209 secure-20200209 Xorg.1.log
cron-20191227 messages speech-dispatcher Xorg.9.log
cron-20200103 messages-20191218 spooler yum.log
cron-20200209 messages-20191227 spooler-20191218 yum.log-20200103
cups messages-20200103 spooler-20191227
[root@haproxy log]#
可以发现没有haproxy目录,去到浏览器访问一下,发现出现haproxy目录
[root@haproxy log]# ls
anaconda dmesg messages-20200103 spooler-20191227
audit dmesg.old messages-20200209 spooler-20200103
boot.log firewalld ntpstats spooler-20200209
boot.log-20191218 gdm pluto sssd
boot.log-20191219 glusterfs ppp tallylog
boot.log-20191227 grubby_prune_debug qemu-ga tuned
boot.log-20200103 haproxy rhsm
进入查看
[root@haproxy log]# cd haproxy/
[root@haproxy haproxy]# ls
haproxy-info.log
[root@haproxy haproxy]# cat haproxy-info.log
Feb 9 13:54:24 haproxy haproxy[17101]: 192.168.247.1:54219 [09/Feb/2020:13:54:24.354] webcluster webcluster/inst2 1/0/6/1/8 200 253 - - ---- 2/2/0/1/0 0/0 "GET /test.html HTTP/1.1"
Feb 9 13:54:24 haproxy haproxy[17101]: 192.168.247.1:54219 [09/Feb/2020:13:54:24.363] webcluster webcluster/inst1 509/0/1/1/511 200 252 - - ---- 2/2/0/1/0 0/0 "GET /test.html HTTP/1.1"
Feb 9 13:54:25 haproxy haproxy[17101]: 192.168.247.1:54219 [09/Feb/2020:13:54:24.874] webcluster webcluster/inst2 407/0/1/0/409 200 253 - - ---- 2/2/0/1/0 0/0 "GET /test.html HTTP/1.1"
Feb 9 13:54:25 haproxy haproxy[17101]: 192.168.247.1:54219 [09/Feb/2020:13:54:25.283] webcluster webcluster/inst1 310/0/1/1/312 200 252 - - ---- 2/2/0/1/0 0/0 "GET /test.html HTTP/1.1"
9 13:54:25 haproxy haproxy[17101]: 192.168.247.1:54219 [09/Feb/2020:13:54:24.874] webcluster webcluster/inst2 407/0/1/0/409 200 253 - - ---- 2/2/0/1/0 0/0 “GET /test.html HTTP/1.1”
Feb 9 13:54:25 haproxy haproxy[17101]: 192.168.247.1:54219 [09/Feb/2020:13:54:25.283] webcluster webcluster/inst1 310/0/1/1/312 200 252 - - ---- 2/2/0/1/0 0/0 “GET /test.html HTTP/1.1”