环境说明
Centos8
| 主机名 | IP地址 | 功能 |
|---|---|---|
| haproxy | 192.168.143.102 | haproxy |
| RS1 | 192.168.143.103 | web1 |
| RS2 | 192.168.143.106 | web2 |
环境 三台主机 systemctl disable --now firewalld setenforce 0 RS1 [root@RS1 ~]# yum install -y httpd [root@RS1 ~]# systemctl enable --now httpd Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service. [root@RS1 ~]# echo "work1" > /var/www/html/index.html [root@RS1 ~]# curl 192.168.143.103 work1 RS2 [root@RS2 ~]# yum install -y httpd [root@RS2 ~]# systemctl enable --now httpd Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service. [root@RS2 ~]# echo "work2" > /var/www/html/index.html [root@RS2 ~]# curl 192.168.143.106 work2 [root@haproxy ~]# wget https://github.com/haproxy/haproxy/archive/refs/tags/v2.4.0.tar.gz [root@haproxy ~]# mv v2.4.0.tar.gz haproxy-2.4.0.tar.gz [root@haproxy ~]# tar xf haproxy-2.4.0.tar.gz [root@haproxy ~]# ls anaconda-ks.cfg haproxy-2.4.0 haproxy-2.4.0.tar.gz [root@haproxy ~]# yum -y install make gcc pcre-devel bzip2-devel openssl-devel systemd-devel [root@haproxy ~]# useradd -r -M -s /sbin/nologin haproxy [root@haproxy ~]# cd haproxy-2.4.0/ [root@haproxy haproxy-2.4.0]# make clean [root@haproxy haproxy-2.4.0]# make -j $(grep 'processor' /proc/cpuinfo |wc -l) TARGET=linux-glibc USE_OPENSSL=1 USE_ZLIB=1 USE_PCRE=1 USE_SYSTEMD=1 [root@haproxy haproxy-2.4.0]# make install prefix=/usr/local/haproxy [root@haproxy ~]# cd /usr/local/sbin/ [root@haproxy sbin]# ls haproxy [root@haproxy sbin]# cd [root@haproxy ~]# which haproxy /usr/local/sbin/haproxy [root@haproxy ~]# echo 'net.ipv4.ip_nonlocal_bind = 1' >> /etc/sysctl.conf [root@haproxy ~]# echo 'net.ipv4.ip_forward = 1' >> /etc/sysctl.conf [root@haproxy ~]# mkdir /etc/haproxy [root@haproxy ~]# cat > /etc/haproxy/haproxy.cfg <Main PID: 17787 (haproxy) Tasks: 3 (limit: 23493) Memory: 7.3M CGroup: /system.slice/haproxy.service ├─17787 /usr/local/sbin/haproxy -Ws -f /etc/haproxy/haproxy.cfg -p /var/run/haproxy.pid └─17792 /usr/local/sbin/haproxy -Ws -f /etc/haproxy/haproxy.cfg -p /var/run/haproxy.pid 10月 17 08:14:57 haproxy systemd[1]: Starting HAProxy Load Balancer... 10月 17 08:14:57 haproxy systemd[1]: Started HAProxy Load Balancer. 10月 17 08:14:57 haproxy haproxy[17787]: [NOTICE] (17787) : New worker #1 (17792) forked [root@102 ~]# ss -antlp State Recv-Q Send-Q Local Address:Port Peer Address:Port Process LISTEN 0 128 0.0.0.0:80 0.0.0.0:* users:(("haproxy",pid=9754,fd=9)) LISTEN 0 128 0.0.0.0:22 0.0.0.0:* users:(("sshd",pid=906,fd=4)) LISTEN 0 128 0.0.0.0:8189 0.0.0.0:* users:(("haproxy",pid=9754,fd=8)) LISTEN 0 128 [::]:22 [::]:* users:(("sshd",pid=906,fd=6)) [root@102 ~]# curl 192.168.143.102 work2 [root@102 ~]# curl 192.168.143.102 work1
在RS1和RS2上面
yum -y install mod_ssl
systemctl restart httpd
ss -anlt
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 :::80 :::*
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
LISTEN 0 128 :::443 :::*
在haproxys上
[root@102 ~]# vim /etc/haproxy/haproxy.cfg
server web01 192.168.143.103:443 check inter 2000 fall 5
server web02 192.168.143.106:443 check inter 2000 fall 5
[root@102 ~]# ss -anlt
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:80 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 *:443 *:* //443端口
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
[root@102 ~]# curl 192.168.143.102
work2
[root@102 ~]# curl 192.168.143.102
work1
