페이지 이력
HAProxy를 설치하고 설정할 수 있습니다.
설치준비
설치
- tar xfz haproxy-1.4.22.tar.gz
- cd haproxy-1.4.22
- vi Makefile -> "PREFIX = /usr/local" 를 "PREFIX = /usr"로 수정.
- make TARGET=linux26 ARCH=x86_64
- make install
설정
- groupadd haproxy
- useradd haproxy -g haproxy
vi /etc/haproxy/haproxy.cfg
※ Proxy server를 SSL 로 서버를 구성할 경우 주석된 443, 7002 포트를 참고 및 재활용한다.
※ 80 port는 사용자(브라우저)포트, 7001 port는 장치(LFD) 포트.global log /dev/log local0 info log /dev/log local1 notice maxconn 4096 user haproxy group haproxy
defaults log global mode http option tcplog option dontlognull retries 3 option redispatch maxconn 2000 timeout connect 5000 timeout client 50000 timeout server 50000
frontend browser_port bind *:80 mode http option forwardfor option httpclose default_backend web_server_session
frontend device_port bind *:7001 mode http option forwardfor option httpclose default_backend web_server_rr# frontend user_port_ssl
# mode http
# bind *:443 ssl crt /etc/ssl/MagicInfoCert.pem
# acl is_root path -i /
# http-request add-header X-Forwarded-Proto https if { ssl_fc }
# redirect code 301 location https://10.89.37.68/MagicInfo if is_root
# cookie JSESSIONID prefix
# option forwardfor
# capture request header Referrer len 64
# capture request header Content-Length len 10
# capture request header User-Agent len 64
# stats enable
# Enable stats page
# stats refresh 30s
# stats hide-version
# Hide HAProxy version
# stats realm Haproxy\ Statistics
# Title text for popup window
# stats uri /haproxy_stats
# Stats URI
# stats auth icinga:20Monitor17
# Authentication credentials
# default_backend web_server_session
#frontend device_port_ssl
# mode http# bind *:7002 ssl crt /etc/ssl/haproxy/MagicInfo.pem ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA
# cookie JSESSIONID prefix
# option forwardfor
# capture request header Referrer len 64
# capture request header Content-Length len 10
# capture request header User-Agent len 64
# stats enable
# Enable stats page
# stats refresh 30s
# stats hide-version
# Hide HAProxy version
# stats realm Haproxy\ Statistics
# Title text for popup window
# stats uri /haproxy_stats# Stats URI
# stats auth icinga:20Monitor17
# Authentication credentials
# http-request add-header X-Forwarded-Proto https if { ssl_fc }
# default_backend web_server_rrbackend web_server_session
balance source
option forwardfor
server WEB1 192.168.10.101:80 cookie A check
server WEB2 192.168.10.102:80 cookie B checkbackend web_server_rr
balance roundrobin
option forwardfor
server WEB1 192.168.10.101:7001 check
server WEB2 192.168.10.102:7001 check
http-request set-header X-FORWARD-PORT % [dst_port]
frontend magicinfo_rm1
bind *:8000
mode http
option httpclose
option forwardfor
default_backend rm_server1backend rm_server1
mode http
server rm1 192.168.10.101:8000
frontend magicinfo_rm2
bind *:8001
mode http
option httpclose
option forwardfor
default_backend rm_server2
backend rm_server2
mode http
server rm2 192.168.10.102:8001
frontend magicinfo_ftp bind *:21 mode tcp option tcplog default_backend ftp_serverbackend ftp_server
option tcplog
mode tcp
balance leastconn
server FTP1 192.168.10.101 check port 21 inter 10s rise 1 fall 2
server FTP2 192.168.10.102 check port 21 inter 10s rise 1 fall 2frontend magicinfo_ftps
bind *:990
mode tcp
option tcplog
default_backend ftps_serverbackend ftps_server
mode tcp
balance leastconn
server FTP1 192.168.10.101 check port 990 inter 10s rise 1 fall 2
server FTP2 192.168.10.102 check port 990 inter 10s rise 1 fall 2frontend magicinfo_passive_ftp
bind *:17001-17100
mode tcp
option tcplog
default_backend passive_ftp_serverbackend passive_ftp_server
mode tcp
option tcplog
balance leastconn
server FTP1 192.168.10.101
server FTP2 192.168.10.102frontend VNC
bind *:5901
mode tcp
option tcplog
default_backend magicinfo_vncbackend magicinfo_vnc
mode tcp
server VNC1 192.168.10.101:5901 check
frontend VNC_Viewer
bind *:5500
mode tcp
option tcplog
default_backend magicinfo_vnc_viewerbackend magicinfo_vnc_viewer
mode tcp
server VNC1 192.168.10.101:5500 checkvi /etc/hosts
127.0.0.1 localhost.localdomain localhost
::1 localhost6.localdomain6 localhost6
192.168.10.101 webA
192.168.10.102 webB
- 방화벽 해제
service iptables stop 서비스 등록 및 시작
cd examples
cp haproxy.init /etc/rc.d/init.d/haproxy
service haproxy restart
정보 |
---|
설치 예제 환경 - OS : CentOS 6.0 - HAProxy version : HAProxy 1.4.22 - Load Balancer Server IP (CentOS) : 192.168.10.100 - MagicInfo Premium Server - Server 1 IP : 192.168.10.101 - Server 2 IP : 192.168.10.102 - Port: 7001,80 (http), 21(ftp) |
관련 문서
레이블별 문서 | ||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
페이지 속성 | ||
---|---|---|
| ||
|