server-side/haproxy

HAProxy Install

C/H 2017. 4. 28. 08:30

HAProxy vs nginx: Why you should NEVER use nginx for load balancing! 에서 HAProxy는 모니터링 툴을 제공하지만 NGINX는 서버당 $1,900 사용 제품을 사용해야 한다.

Which software load balancer is better: HAProxy or nginx? 에서 2014.05.14 가장 최신글에서는 LB 기능과 healthcheck 기능이 NGINX에 포함되었다고 한다.

HAPROXY vs NGINX - 10,000 requests while killing servers

이 테스트에서는 HAProxy 보다는 Nginx 쪽이 좀 더 선호도가 좋게 결과가 나왔다.

설치

yum install openssl
yum install pcre-devel

yum install haproxy
yum info haproxy
Available Packages
Name        : haproxy
Arch        : x86_64
Version     : 1.5.18
Release     : 3.el7_3.1
Size        : 833 k
Repo        : updates/7/x86_64
Summary     : TCP/HTTP proxy and load balancer for high availability environments
URL         : http://www.haproxy.org/
License     : GPLv2+
Description : HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high
            : availability environments. Indeed, it can:
            :  - route HTTP requests depending on statically assigned cookies
            :  - spread load among several servers while assuring server persistence
            :    through the use of HTTP cookies
            :  - switch to backup servers in the event a main server fails
            :  - accept connections to special ports dedicated to service monitoring
            :  - stop accepting connections without breaking existing ones
            :  - add, modify, and delete HTTP headers in both directions
            :  - block requests matching particular patterns
            :  - report detailed status to authenticated users from a URI
            :    intercepted by the application

yum history undo {number}

Compile Install

# compile
yum -y install make gcc gcc-c++ pcre-devel openssl-devel

# download
wget http://www.haproxy.org/download/1.7/src/haproxy-1.7.5.tar.gz
tar -xvzf haproxy-1.7.5.tar.gz
cd haproxy-1.7.5

# compile, linux2628 for Linux 2.6.28, 3.x, and above (enables splice and tproxy)
make TARGET=linux2628 USE_OPENSSL=1 ADDLIB=-lz CPU=native USE_PCRE=1 USE_LIBCRYPT=1 USE_LINUX_SPLICE=1 USE_LINUX_TPROXY=1

# check ssl
ldd haproxy | grep ssl
	libssl.so.10 => /lib64/libssl.so.10 (0x00007f6983ae0000)

# install binary
make PREFIX=/usr/local/haproxy install
install -d "/usr/local/haproxy/sbin"
install haproxy "/usr/local/haproxy/sbin"
install haproxy-systemd-wrapper "/usr/local/haproxy/sbin"
install -d "/usr/local/haproxy/share/man"/man1
install -m 644 doc/haproxy.1 "/usr/local/haproxy/share/man"/man1
install -d "/usr/local/haproxy/doc/haproxy"
for x in architecture close-options configuration cookie-options intro linux-syn-cookies management network-namespaces proxy-protocol; do \
	install -m 644 doc/$x.txt "/usr/local/haproxy/doc/haproxy" ; \
done

# link
sudo ln -s /usr/local/sbin/haproxy /usr/sbin/haproxy
cp examples/haproxy.init /etc/init.d/haproxy
chmod 755 /etc/init.d/haproxy

defaults 
	# 기본 설정 
	mode http
	option httplog
	option dontlognull
	option redispatch
	option forwardfor
	option http-server-close
	retries 3
	maxconn 20480
	timeout connect 5s
	timeout server 50s
	timeout client 50s
	timeout http-keep-alive 3000

	# HAProxy 상태 확인 URI 설정
	stats enable
	stats auth id:password
	stats refresh 10s
	stats uri /stats

frontend http_frontend
	bind *:80
	reqadd X-Forwarded-Proto:\ http

	# 설정한 backend(web_server) 쪽으로 프록시
	default_backend web_server

# SSL 설정, 필요없으면 스킵
frontend https_frontend
	bind *:443 ssl crt /etc/haproxy/ssl/latest.pem
	mode http
	option httpclose
	option forwardfor
	reqadd X-Forwarded-Proto:\ https
	default_backend web_server

backend web_server
	mode http 
	# 로드 밸런싱 알고리즘 선택
	balance roundrobin
	cookie SERVERID insert indirect nocache
	server s1 127.0.0.1:8080 cookie s1 check inter 5000 fastinter 1000 rise 1 fall 1 weight 1
	server s2 127.0.0.1:8081 cookie s2 check inter 5000 fastinter 1000 rise 1 fall 1 weight 1



# 재시작 등록
systemctl enable haproxy
반응형