본문 바로가기

리눅스

[리눅스] HAProxy 설치 및 구성

728x90

haproxy 설치 및 구성

diagram

이미지 출처 : https://shrestharohit.com.np/using-ha-proxy-load-balancer/

haproxy 설치

$ yum install -y haproxy

$ haproxy -v
HA-Proxy version 1.5.18 2016/05/10
Copyright 2000-2016 Willy Tarreau <willy@haproxy.org>

haproxy 설정 파일

- /etc/haproxy/haproxy.cfg

haproxy.cfg 편집(default)

$ cat /etc/haproxy/haproxy.cfg
#---------------------------------------------------------------------
# Example configuration for a possible web application.  See the
# full configuration options online.
#
#   http://haproxy.1wt.eu/download/1.4/doc/configuration.txt
#
#---------------------------------------------------------------------

#---------------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------
global
    # to have these messages end up in /var/log/haproxy.log you will
    # need to:
    #
    # 1) configure syslog to accept network log events.  This is done
    #    by adding the '-r' option to the SYSLOGD_OPTIONS in
    #    /etc/sysconfig/syslog
    #
    # 2) configure local2 events to go to the /var/log/haproxy.log
    #   file. A line like the following can be added to
    #   /etc/sysconfig/syslog
    #
    #    local2.*                       /var/log/haproxy.log
    #
    log         127.0.0.1 local2

    chroot      /var/lib/haproxy
    pidfile     /var/run/haproxy.pid
    maxconn     4000
    user        haproxy
    group       haproxy
    daemon

    # turn on stats unix socket
    stats socket /var/lib/haproxy/stats

#---------------------------------------------------------------------
# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
#---------------------------------------------------------------------
defaults
    mode                    http
    log                     global
    option                  httplog
    option                  dontlognull
    option http-server-close
    option forwardfor       except 127.0.0.0/8
    option                  redispatch
    retries                 3
    timeout http-request    10s
    timeout queue           1m
    timeout connect         10s
    timeout client          1m
    timeout server          1m
    timeout http-keep-alive 10s
    timeout check           10s
    maxconn                 3000

#---------------------------------------------------------------------
# main frontend which proxys to the backends
#---------------------------------------------------------------------
frontend  main *:5000
    acl url_static       path_beg       -i /static /images /javascript /stylesheets
    acl url_static       path_end       -i .jpg .gif .png .css .js

    use_backend static          if url_static
    default_backend             app

frontend kibana *:
    use_backend static          if url_static
    default_backend             app
#---------------------------------------------------------------------
# static backend for serving up images, stylesheets and such
#---------------------------------------------------------------------
backend static
    balance     roundrobin
    server      static 127.0.0.1:4331 check

#---------------------------------------------------------------------
# round robin balancing between the various backends
#---------------------------------------------------------------------
backend app
    balance     roundrobin
    server  app1 127.0.0.1:5001 check
    server  app2 127.0.0.1:5002 check
    server  app3 127.0.0.1:5003 check
    server  app4 127.0.0.1:5004 check

haproxy.cfg 편집

- kibana 설정

  http://localhost/ 접근 시 backend kibana5601 -> 192.168.0.101:5601

- elasticsearch 설정

  http://localhost/es/ 접근 시 backendelasticsearch9200(/es/ 생략) -> 192.168.0.101:9200

$ vim /etc/haproxy/haproxy.cfg
...
#---------------------------------------------------------------------
frontend www-lb
    mode http
    bind *:80
    http-request set-header X-Forwarded-Proto http
    log global
    option httplog
    acl acl_elasticsearc path_beg -i /es
    use_backend elasticsearch9200 if acl_elasticsearc
    default_backend kibana5601


#---------------------------------------------------------------------
backend kibana5601
    mode http
    option httpchk GET /
    option httplog
    http-check expect status 302
    #default-server inter 10s downinter 5s rise 2 fall 2 slowstart 60s maxconn 250 maxqueue 256 weight 100
    server datanode01 192.168.0.101:5601 check inter 3000 rise 2 fall 5

backend elasticsearch9200
    mode http
    balance roundrobin
    option httpclose
    option forwardfor
    option httplog
    option httpchk GET _cluster/health
    reqrep ^([^\ ]*)\ /es[/]?(.*) \1\ /\2
    server datanode01 192.168.0.101:9200 check inter 3000 rise 2 fall 5
    server datanode02 192.168.0.102:9200 check inter 3000 rise 2 fall 5
    server datanode03 192.168.0.103:9200 check inter 3000 rise 2 fall 5


#---------------------------------------------------------------------
listen stats *:9000
    mode http
    stats enable
    stats hide-version
    stats refresh 30s
    stats show-node
    stats realm HAProxy Statistics
    stats uri /
    stats auth admin:admin
$ haproxy -f /etc/haproxy/haproxy.cfg -c
Configuration file is valid

통계 보고서 페이지 : http://localhost:9000

admin / admin

Elasticsearch 보안 기능 활성화 HAProxy Elasticsearch Healthcheck
X-Pack 미적용 option httpchk GET _cluster/health
X-Pack 적용 # echo -n elastic:password | base64
option httpchk GET / HTTP/1.0\r\nAuthorization:\ Basic\ ZWxhc3RpYzplbGFzdGlj
http-check expect string lucene_version

 

https://www.haproxy.com/support/technical-notes/an-0007-en-rewriting-http-requests/

 

 

 

728x90