haproxy 配置文件分析

时间:2024-04-13 08:08:12

LOG 功能:

  编辑/etc/rsyslog.conf 配置文件:

# Provides UDP syslog reception
$ModLoad imudp              #需要启用
$UDPServerRun 514           #启动syslog 服务 # Provides TCP syslog reception
#$ModLoad imtcp
#$InputTCPServerRun # Save news errors of level crit and higher in a special file.
uucp,news.crit /var/log/spooler # Save boot messages also to boot.log
local7.* /var/log/boot.log local2.* /var/log/haproxy/haproxy.log #指定 log 输出位置

配置案例一:

#---------------------------------------------------------------------
# Example configuration for a possible web application. See the
# full configuration options online.
#
# http://haproxy.1wt.eu/download/1.4/doc/configuration.txt
#
#--------------------------------------------------------------------- #---------------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------
global #全局配置 ,进程和系统相关
# to have these messages end up in /var/log/haproxy.log you will
# need to:
#
# ) configure syslog to accept network log events. This is done
# by adding the '-r' option to the SYSLOGD_OPTIONS in
# /etc/sysconfig/syslog
#
# ) configure local2 events to go to the /var/log/haproxy.log
# file. A line like the following can be added to
# /etc/sysconfig/syslog
#
# local2.* /var/log/haproxy.log
#
log 127.0.0.1 local2 #日志设定,需要在/etc/rsyslog.conf 配置文件中进行设定。 chroot /var/lib/haproxy #修改haproxy 工作目录
pidfile /var/run/haproxy.pid
maxconn #允许最大连接
user haproxy
group haproxy
daemon #以守护进程方式进行运行,否则在前台进行工作 # turn on stats unix socket
stats socket /var/lib/haproxy/stats #stats 工作目录 #---------------------------------------------------------------------
#Proxies 配置段,代理的配置在这
# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
#---------------------------------------------------------------------
defaults #Proxies 的默认配置
mode http #默认代理模式
log global #全局的syslog 服务器,可以定义多个
option httplog #日志格式
option dontlognull
option http-server-close #代理主动断开超时连接
option forwardfor except 127.0.0.0/ #代理默认向后端插入 X-Forwarded-For ,mode 必须 http
option redispatch
retries
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn #---------------------------------------------------------------------
#stats 配置实例
#---------------------------------------------------------------------

listen stats_test          #配置stats 监听实例
bind *:1080 #绑定监听端口 1080
stats enable #启动stats 功能
stats hide-version #隐藏 haproxy 版本
#stats scope . #指定管理范围
stats uri /haproxyadmin?stats #指定访问路径
stats realm "HAproxy\ Statistics" #指定名称
stats auth zy:zzzzy #指定认证用户名,密码
stats admin if TRUE #启用管理功能
 
#---------------------------------------------------------------------
# main frontend which proxys to the backends
#---------------------------------------------------------------------
frontend http_porxy #前端虚拟负载配置项,定义名称main ,或者别的
bind : #配置监听端口,有多种写法
bind : ssl crt /etc/haproxy/site.pem #监听端口绑定证书 acl url_static path_beg -i /static /images /javascript /stylesheets #acl 规则编辑,acl <aclname> <criterion> [flags] [operator] <value> ...
acl url_static path_end -i .jpg .gif .png .css .js #先定义规则然后在 use_backend 进行引用 use_backend static if url_static #匹配规则,匹配的规则调用值 static 节点池
default_backend app #默认节点池 #---------------------------------------------------------------------
# static backend for serving up images, stylesheets and such
#---------------------------------------------------------------------
backend static #定义static 节点池
# mode tcp
mode http #指定负载模式
# blance static-rr 动态轮询负载
# blance leastconn 最小连接负载
# blance souce 基于源地址 hash 的负载
# blance hdr(Host) 基于访问请求中的Host 的负载
#
balance roundrobin
cookie SERVERID insert nocache indirect #插入 SERVERID cookie name ,并在后续用户访问时,利用cookie 维持会话
server web1 192.68.100.101: check inter rise fall weight maxconn cookie webserver01 #指定server 状态监测,权重,最大连接和cookie 值
server web2 192.68.100.103: check inter rise fall weight maxconn cookie webserver02 #---------------------------------------------------------------------
# round robin balancing between the various backends
#---------------------------------------------------------------------
backend app
balance roundrobin
server app1 127.0.0.1: check
server app2 127.0.0.1: check
server app3 127.0.0.1: check
server app4 127.0.0.1: check

配置案例二:

#通过ACL 进行动静分离的配置

global
log 127.0.0.1 local2 chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn
user haproxy
group haproxy
daemon # turn on stats unix socket
stats socket /var/lib/haproxy/stats defaults
mode http
log global
option httplog
option dontlognull
option http-server-close
option forwardfor except 127.0.0.0/
option redispatch
retries
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn listen stats
mode http
bind 0.0.0.0:
stats enable
stats hide-version
stats uri /haproxyadmin?stats
stats realm Haproxy\ Statistics
stats auth admin:admin
stats admin if TRUE frontend http-in
bind *:
mode http
log global
option httpclose
option logasap
option dontlognull
capture request header Host len
capture request header Referer len
acl url_static path_beg -i /static /images /javascript /stylesheets
acl url_static path_end -i .jpg .jpeg .gif .png .css .js use_backend static_servers if url_static
default_backend dynamic_servers backend static_servers
balance roundrobin
server imgsrv1 172.16.200.7: check maxconn
server imgsrv2 172.16.200.8: check maxconn backend dynamic_servers
cookie srv insert nocache
balance roundrobin
server websrv1 172.16.200.7: check maxconn cookie websrv1
server websrv2 172.16.200.8: check maxconn cookie websrv2
server websrv3 172.16.200.9: check maxconn cookie websrv3

配置案例 MySQL服务的配置示例:

MySQL服务的配置示例

#---------------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------
global
# to have these messages end up in /var/log/haproxy.log you will
# need to:
#
# ) configure syslog to accept network log events. This is done
# by adding the '-r' option to the SYSLOGD_OPTIONS in
# /etc/sysconfig/syslog
#
# ) configure local2 events to go to the /var/log/haproxy.log
# file. A line like the following can be added to
# /etc/sysconfig/syslog
#
# local2.* /var/log/haproxy.log
#
log 127.0.0.1 local2 chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn
user haproxy
group haproxy
daemon defaults
mode tcp
log global
option httplog
option dontlognull
retries
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn listen stats
mode http
bind 0.0.0.0:
stats enable
stats hide-version
stats uri /haproxyadmin?stats
stats realm Haproxy\ Statistics
stats auth admin:admin
stats admin if TRUE frontend mysql
bind *:
mode tcp
log global
default_backend mysqlservers backend mysqlservers
balance leastconn
server dbsrv1 192.168.10.11: check port intval rise fall maxconn
server dbsrv2 192.168.10.12: check port intval rise fall maxconn