CentOS7 下安装

  • CentOS7 自带的 haproxy 版本太低,这里通过 cheese 源安装最新版本
  • 安装 cheese repo,详细参考这里

    1
    2
    
    wget http://www.nosuchhost.net/~cheese/fedora/packages/epel-7/x86_64/cheese-release-7-1.noarch.rpm
    rpm -Uvh cheese-release-7-1.noarch.rpm
  • 安装 haproxy

    1
    
    yum install haproxy
  • 修改 sysctl.conf

    1
    2
    3
    4
    5
    6
    7
    8
    
    cat >> /etc/sysctl.conf <<-END
    net.ipv4.ip_forward=1
    net.ipv4.tcp_syncookies = 1
    net.ipv4.tcp_tw_reuse = 1
    net.ipv4.tcp_tw_recycle = 1
    net.ipv4.tcp_fin_timeout = 8
    END
    sysctl -p
  • 禁用 selinux

    1
    2
    
    sed -i '/^SELINUX=/cSELINUX=disabled' /etc/selinux/config
    setenforce 0

全局配置

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
global
    log         127.0.0.1 local2 info
    chroot      /var/lib/haproxy # 如果需要外部检查脚本,则需注释该行
    #external-check # 如果需要外部检查脚本,则取消注释
    pidfile     /var/run/haproxy.pid
    maxconn     102400
    user        haproxy
    group       haproxy
    daemon
    stats socket /var/lib/haproxy/stats

默认配置

1
2
3
4
5
6
defaults
    log global
    option dontlognull
    option redispatch
    option abortonclose
    timeout check 8s

tcp 连接多个 ceph-radosgw

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
frontend  ceph-radosgw
    bind *:7480
    timeout client 8s
    default_backend ceph-radosgw
backend ceph-radosgw
    mode tcp
    balance roundrobin
    timeout connect 8s
    timeout server 8s
    retries 2
    #option external-check
    #external-check command /var/lib/haproxy/health_check.sh
    server cpeh240 10.9.10.234:7480 check
    server ceph241 10.9.10.235:7480 check
    server ceph243 10.9.10.236:7480 check

tcp 连接 mysql galera cluster

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
frontend mysql
    bind *:3306
    timeout client 1800s
    default_backend mysql
backend mysql
    balance source
    option tcpka
    timeout connect    8s
    timeout server     1800s
    retries 2
    server  mysql231   10.9.10.231:3306 check inter 4s
    server  mysql232   10.9.10.232:3306 check inter 4s
    server  mysql233   10.9.10.233:3306 check inter 4s

tcp 连接 redis 主库

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
frontend redis
    bind *:6379
    timeout client 1800s
    default_backend redis
backend redis
    balance roundrobin
    timeout connect 8s
    timeout server 1800s
    retries 2
    option tcp-check
    tcp-check connect
    tcp-check send PING\r\n
    tcp-check expect string +PONG
    tcp-check send info\ replication\r\n
    tcp-check expect string role:master
    tcp-check send QUIT\r\n
    tcp-check expect string +OK
    server redis87 10.1.14.87:6379 check inter 4s
    server redis88 10.1.14.88:6379 check inter 4s
    server redis89 10.1.14.89:6379 check inter 4s

状态页面

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
listen admin_stats
    bind 0.0.0.0:10080
    mode http
    maxconn 100
    timeout client 1m
    timeout connect 4s
    timeout server 4s
    stats refresh 30s
    stats uri /
    stats auth username:password
    stats realm haproxy for private user, enter username/password
    stats hide-version

通过 rsyslog 生成日志

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
sed -i -e '/ModLoad imudp/s/^#//' \
    -e '/UDPServerRun 514/s/^#//' /etc/rsyslog.conf
cat > /etc/rsyslog.d/haproxy.conf <<EOF
# haproxy log
template(name="HaproxyTime" type="list"){
    property(name="timereported" dateformat="year")
    constant(value="-")
    property(name="timereported" dateformat="month")
    constant(value="-")
    property(name="timereported" dateformat="day")
    constant(value=" ")
    property(name="timereported" dateformat="hour")
    constant(value=":")
    property(name="timereported" dateformat="minute")
    constant(value=":")
    property(name="timereported" dateformat="second")
    constant(value=" ")
    property(name="msg" droplastlf="on")
    constant(value="\n")
}
template(name="DynFile" type="list"){
    constant(value="/var/log/haproxy/haproxy-")
    property(name="timereported" dateformat="year")
    property(name="timereported" dateformat="month")
    property(name="timereported" dateformat="day")
    constant(value=".log")
}
local2.* action(type="omfile" dynaFile="DynFile" template="HaproxyTime")
EOF
systemctl restart rsyslog
systemctl restart haproxy

参考