haproxy安装教程(Centos7)

que_csdn

已于 2023-09-12 10:52:45 修改

阅读量588

点赞数

分类专栏： centos部署文章标签： centos haproxy linux

于 2021-07-07 20:16:06 首次发布

本文链接：https://blog.youkuaiyun.com/que_csdn/article/details/118555945

版权

centos部署专栏收录该内容

4 篇文章

订阅专栏

1.何为haproxy？

liunx自带的免费代理软件

安装命令： $ yum install haproxy -y

配置文件目录：/etc/haproxy/haproxy.cfg

2.用处

为了防止服务器被DDos等网络攻击，通常会使用代理服务器来隐藏服务器的地址和访问端口。通过让客户端访问代理服务器，由代理服务器将消息转发给真实服务器。客户端不知道真实服务器的真实地址。常用的代理代理服务器例子：nginx

3.使用安装haproxy的代理服务器B，实现HTTP和TCP协议转发。

step1: 安装haproxy(见上文)

step2:修改haproxy.cfg配置（见附录）

step3:启动haproxy($ service haproxy start)

附录：

#---------------------------------------------------------------------
# Example configuration for a possible web application.  See the
# full configuration options online.
#
#   http://haproxy.1wt.eu/download/1.4/doc/configuration.txt
#
#---------------------------------------------------------------------

#---------------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------
global
    # to have these messages end up in /var/log/haproxy.log you will
    # need to:
    #
    # 1) configure syslog to accept network log events.  This is done
    #    by adding the '-r' option to the SYSLOGD_OPTIONS in
    #    /etc/sysconfig/syslog
    #
    # 2) configure local2 events to go to the /var/log/haproxy.log
    #   file. A line like the following can be added to
    #   /etc/sysconfig/syslog
    #
    #    local2.*                       /var/log/haproxy.log
    #
    log         127.0.0.1 local2

    chroot      /var/lib/haproxy
    pidfile     /var/run/haproxy.pid
    maxconn     4000
    user        haproxy
    group       haproxy
    nbproc      1		#启动后运行的进程数量,默认为1个
    daemon

    # turn on stats unix socket
    stats socket /var/lib/haproxy/stats

#---------------------------------------------------------------------
# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
#---------------------------------------------------------------------
defaults
    log global
    mode tcp			# 代理的级别（7层http，4层tcp）
    retries 3			# 3次连接失败认为服务不可用，也可以在后面设置
    timeout connect 5s	# 连接超时
    timeout client 1h	# 客户端超时
    timeout server 1h	# 服务器端超时
    option redispatch
    option nolinger
    option dontlognull
   option tcplog
    option log-separate-errors
    maxconn     4000

# TCP协议socket端口转发:0.0.0.0:6666->123.123.123.123:7777
frontend proxy		# 接收端
    bind 0.0.0.0:6666
    mode tcp
    option  clitcpka
    default_backend gateway

backend gateway		# 转发端
    server gateway1 123.123.123.123:7777
    option  srvtcpka

# http协议80端口转发:0.0.0.0:80->123.123.123.123:80
listen web
    bind 0.0.0.0:80
    mode  http
    server  s1 123.123.123.123:80 weight 3 check

# 统计检测数据网站
listen admin_stats
    bind 0.0.0.0:8888
    mode  http							# http网页
    stats refresh 30s					# 定时30s自动刷新
    stats uri   /haproxy				# 访问路径 http://192.168.1.100:8000/haproxy
    stats realm     Global\ statistics    
    stats auth  admin:admin				# 账户名：admin 密码：admin