본문 바로가기

리눅스

CentOS 7에서 HAProxy를 설치하고 구성하는 방법

728x90

CentOS 7에서 HAProxy를 설치하고 구성하는 방법

다이어그램(diagram)

출처-https://shrestharohit.com.np/using-ha-proxy-load-balancer/

1. HAProxy 설치

HAProxy를 설치합니다.

sudo yum install -y haproxy
$ haproxy -v
HA-Proxy version 1.5.18 2016/05/10
Copyright 2000-2016 Willy Tarreau <willy@haproxy.org>

2. HAProxy 구성 파일 편집

/etc/haproxy/haproxy.cfg 파일을 편집하여 로드 밸런서를 구성합니다.

 

  • haproxy.cfg 편집(default)
$ cat /etc/haproxy/haproxy.cfg
#---------------------------------------------------------------------
# Example configuration for a possible web application.  See the
# full configuration options online.
#
#   http://haproxy.1wt.eu/download/1.4/doc/configuration.txt
#
#---------------------------------------------------------------------

#---------------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------
global
    # to have these messages end up in /var/log/haproxy.log you will
    # need to:
    #
    # 1) configure syslog to accept network log events.  This is done
    #    by adding the '-r' option to the SYSLOGD_OPTIONS in
    #    /etc/sysconfig/syslog
    #
    # 2) configure local2 events to go to the /var/log/haproxy.log
    #   file. A line like the following can be added to
    #   /etc/sysconfig/syslog
    #
    #    local2.*                       /var/log/haproxy.log
    #
    log         127.0.0.1 local2

    chroot      /var/lib/haproxy
    pidfile     /var/run/haproxy.pid
    maxconn     4000
    user        haproxy
    group       haproxy
    daemon

    # turn on stats unix socket
    stats socket /var/lib/haproxy/stats

#---------------------------------------------------------------------
# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
#---------------------------------------------------------------------
defaults
    mode                    http
    log                     global
    option                  httplog
    option                  dontlognull
    option http-server-close
    option forwardfor       except 127.0.0.0/8
    option                  redispatch
    retries                 3
    timeout http-request    10s
    timeout queue           1m
    timeout connect         10s
    timeout client          1m
    timeout server          1m
    timeout http-keep-alive 10s
    timeout check           10s
    maxconn                 3000

#---------------------------------------------------------------------
# main frontend which proxys to the backends
#---------------------------------------------------------------------
frontend  main *:5000
    acl url_static       path_beg       -i /static /images /javascript /stylesheets
    acl url_static       path_end       -i .jpg .gif .png .css .js

    use_backend static          if url_static
    default_backend             app

frontend kibana *:
    use_backend static          if url_static
    default_backend             app
#---------------------------------------------------------------------
# static backend for serving up images, stylesheets and such
#---------------------------------------------------------------------
backend static
    balance     roundrobin
    server      static 127.0.0.1:4331 check

#---------------------------------------------------------------------
# round robin balancing between the various backends
#---------------------------------------------------------------------
backend app
    balance     roundrobin
    server  app1 127.0.0.1:5001 check
    server  app2 127.0.0.1:5002 check
    server  app3 127.0.0.1:5003 check
    server  app4 127.0.0.1:5004 check
728x90

haproxy.cfg 편집

  • kibana 설정
    • http://localhost/ 접근 시 backend kibana5601 -> 192.168.0.101:5601
  • elasticsearch 설정
    •  http://localhost/es/ 접근 시 backendelasticsearch9200(/es/ 생략) -> 192.168.0.101:9200
vim /etc/haproxy/haproxy.cfg
global
    log /dev/log local0
    log /dev/log local1 notice
    chroot /var/lib/haproxy
    stats socket /run/haproxy/admin.sock mode 660 level admin
    stats timeout 30s
    user haproxy
    group haproxy
    daemon

defaults
    log global
    mode http
    option httplog
    option dontlognull
    timeout connect 5000
    timeout client 50000
    timeout server 50000

#---------------------------------------------------------------------
frontend www-lb
    mode http
    bind *:80
    http-request set-header X-Forwarded-Proto http
    log global
    option httplog
    acl acl_elasticsearc path_beg -i /es
    use_backend elasticsearch9200 if acl_elasticsearc
    default_backend kibana5601


#---------------------------------------------------------------------
backend kibana5601
    mode http
    option httpchk GET /
    option httplog
    http-check expect status 302
    #default-server inter 10s downinter 5s rise 2 fall 2 slowstart 60s maxconn 250 maxqueue 256 weight 100
    server datanode01 192.168.0.101:5601 check inter 3000 rise 2 fall 5

backend elasticsearch9200
    mode http
    balance roundrobin
    option httpclose
    option forwardfor
    option httplog
    option httpchk GET _cluster/health
    reqrep ^([^\ ]*)\ /es[/]?(.*) \1\ /\2
    server datanode01 192.168.0.101:9200 check inter 3000 rise 2 fall 5
    server datanode02 192.168.0.102:9200 check inter 3000 rise 2 fall 5
    server datanode03 192.168.0.103:9200 check inter 3000 rise 2 fall 5


#---------------------------------------------------------------------
listen stats *:9000
    mode http
    stats enable
    stats hide-version
    stats refresh 30s
    stats show-node
    stats realm HAProxy Statistics
    stats uri /
    stats auth admin:admin

frontend 및 backend 섹션을 편집하여 필요한 로드 밸런싱 설정을 정의합니다. Round Robin 방식을 사용하여 요청을 웹 서버 사이에 분배합니다.

3. 구성 검증

HAProxy 구성 파일을 검증하려면 다음 명령을 실행합니다:

sudo haproxy -c -f /etc/haproxy/haproxy.cfg
$ haproxy -c -f /etc/haproxy/haproxy.cfg
Configuration file is valid

4. HAProxy 서비스 시작 및 자동 시작 설정

HAProxy 서비스를 시작하고 부팅 시 자동으로 시작하도록 설정합니다.

sudo systemctl start haproxy
sudo systemctl enable haproxy

5. 로그 확인

HAProxy 로그를 확인하여 문제가 있는지 확인하고 필요한 조치를 취합니다. 로그 파일은 /var/log/haproxy.log에 저장됩니다.

HAProxy의 통계 페이지

HAProxy의 상태 및 성능 정보를 모니터링할 수 있습니다.

통계 페이지 URL(사용자 이름 : admin, 암호 : admin)

http://localhost:9000

h1

Elasticsearch 보안 기능 활성화 HAProxy Elasticsearch Healthcheck
X-Pack 미적용 option httpchk GET _cluster/health
X-Pack 적용 # echo -n elastic:password | base64
option httpchk GET / HTTP/1.0\r\nAuthorization:\ Basic\ ZWxhc3RpYzplbGFzdGlj
http-check expect string lucene_version

 

참고URL

- HAProxy ALOHA Load Balancer Rewriting HTTP requests : https://www.haproxy.com/support/technical-notes/an-0007-en-rewriting-http-requests/

 

728x90