우분투에 HAProxy를 설치하는 방법

우분투에 HAProxy를 설치하는 방법

• APT 패키지 목록 업데이트

sudo apt-get update

• APT 패키지의 세부 정보 확인

sudo apt show haproxy

$ sudo apt show haproxy    
Package: haproxy
Version: 2.4.24-0ubuntu0.22.04.1
Priority: optional
Section: net
Origin: Ubuntu
Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
Original-Maintainer: Debian HAProxy Maintainers <team+haproxy@tracker.debian.org>
Bugs: https://bugs.launchpad.net/ubuntu/+filebug
Installed-Size: 3,700 kB
Pre-Depends: dpkg (>= 1.17.14), init-system-helpers (>= 1.54~)
Depends: libc6 (>= 2.34), libcrypt1 (>= 1:4.1.0), liblua5.3-0, libpcre2-8-0 (>= 10.22), libssl3 (>= 3.0.0~~alpha1), libsystemd0, adduser, lsb-base (>= 3.0-6)
Suggests: vim-haproxy, haproxy-doc
Homepage: http://www.haproxy.org/
Download-Size: 1,648 kB
APT-Sources: https://mirror.kakao.com/ubuntu jammy-updates/main amd64 Packages
Description: fast and reliable load balancing reverse proxy
 HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high
 availability environments. It features connection persistence through HTTP
 cookies, load balancing, header addition, modification, deletion both ways. It
 has request blocking capabilities and provides interface to display server
 status.

N: There are 2 additional records. Please use the '-a' switch to see them.

sudo systemctl 재시작 haproxy.service

 

• HAProxy 패키지 설치

sudo apt-get install -y haproxy

• HAProxy 버전 정보 확인

haproxy -v

$ haproxy -v
HAProxy version 2.4.24-0ubuntu0.22.04.1 2023/10/31 - https://haproxy.org/
Status: long-term supported branch - will stop receiving fixes around Q2 2026.
Known bugs: http://www.haproxy.org/bugs/bugs-2.4.24.html
Running on: Linux 5.15.0-92-generic #102-Ubuntu SMP Wed Jan 10 09:33:48 UTC 2024 x86_64

• HAProxy 구성 파일의 유효성 검사

sudo haproxy -c -f /etc/haproxy/haproxy.cfg

• HAProxy 서비스 시작 및 활성화

sudo systemctl --now enable haproxy.service

HAProxy 설정 파일

• haproxy
• haproxy.cfg

$ cat /etc/default/haproxy 
# Defaults file for HAProxy
#
# This is sourced by both, the initscript and the systemd unit file, so do not
# treat it as a shell script fragment.

# Change the config file location if needed
#CONFIG="/etc/haproxy/haproxy.cfg"

# Add extra flags here, see haproxy(1) for a few options
#EXTRAOPTS="-de -m 16"

$ cat /etc/haproxy/haproxy.cfg 
global
        log /dev/log    local0
        log /dev/log    local1 notice
        chroot /var/lib/haproxy
        stats socket /run/haproxy/admin.sock mode 660 level admin expose-fd listeners
        stats timeout 30s
        user haproxy
        group haproxy
        daemon

        # Default SSL material locations
        ca-base /etc/ssl/certs
        crt-base /etc/ssl/private

        # See: https://ssl-config.mozilla.org/#server=haproxy&server-version=2.0.3&config=intermediate
        ssl-default-bind-ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
        ssl-default-bind-ciphersuites TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256
        ssl-default-bind-options ssl-min-ver TLSv1.2 no-tls-tickets

defaults
        log     global
        mode    http
        option  httplog
        option  dontlognull
        timeout connect 5000
        timeout client  50000
        timeout server  50000
        errorfile 400 /etc/haproxy/errors/400.http
        errorfile 403 /etc/haproxy/errors/403.http
        errorfile 408 /etc/haproxy/errors/408.http
        errorfile 500 /etc/haproxy/errors/500.http
        errorfile 502 /etc/haproxy/errors/502.http
        errorfile 503 /etc/haproxy/errors/503.http
        errorfile 504 /etc/haproxy/errors/504.http

HAProxy 통계 보고서 페이지 설정(WEB 페이지)

• proxy_stat 설정

sudo vim /etc/haproxy/haproxy.cfg

listen stats
    bind :9000   # 통계를 제공할 포트 설정
    mode http    # HTTP 모드 설정
    stats enable # 통계 활성화
    stats uri /haproxy_stats  # 통계 페이지 URL 설정
    stats realm Haproxy\ Statistics  # 인증을 위한 realm 설정
    stats auth admin:admin   # 인증 정보 설정

 

$ sudo haproxy -c -f /etc/haproxy/haproxy.cfg
Configuration file is valid

 

sudo systemctl restart haproxy.service

 

http://haproxy_server_ip:9000/haproxy_stats

HAProxy_proxy_stat