Read the following for installing and setting HA Proxy
Before Installation
Installation
- tar xfz haproxy-1.4.22.tar.gz
- cd haproxy-1.4.22
- vi Makefile -> "PREFIX = /usr/local" 를 "PREFIX = /usr"로 수정.
- make TARGET=linux26 ARCH=x86_64
- make install
Setting
- groupadd haproxy
- useradd haproxy -g haproxy
vi /etc/haproxy/haproxy.cfg
※ When configuring the proxy server with SSL, refer to and recycle the commendted out 443 and 7002 ports.※ 80 port is for the users (browser) and 7001 port is for the devices.global log /dev/log local0 info log /dev/log local1 notice maxconn 4096 user haproxy group haproxy
defaults log global mode http option tcplog option dontlognull retries 3 option redispatch maxconn 2000 timeout connect 5000 timeout client 50000 timeout server 50000
frontend browser_port bind *:80 mode http option forwardfor option httpclose default_backend web_server_session frontend device_port bind *:7001 mode http option forwardfor option httpclose default_backend web_server_rr
# frontend user_port_ssl # mode http # bind *:443 ssl crt /etc/ssl/MagicInfoCert.pem # acl is_root path -i / # http-request add-header X-Forwarded-Proto https if { ssl_fc } # redirect code 301 location https://10.89.37.68/MagicInfo if is_root # cookie JSESSIONID prefix # option forwardfor # capture request header Referrer len 64 # capture request header Content-Length len 10 # capture request header User-Agent len 64 # stats enable # Enable stats page # stats refresh 30s # stats hide-version # Hide HAProxy version # stats realm Haproxy\ Statistics # Title text for popup window # stats uri /haproxy_stats # Stats URI # stats auth icinga:20Monitor17 # Authentication credentials # default_backend web_server_session
#frontend device_port_ssl # mode http
# bind *:7002 ssl crt /etc/ssl/haproxy/MagicInfo.pem ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA # cookie JSESSIONID prefix # option forwardfor # capture request header Referrer len 64 # capture request header Content-Length len 10 # capture request header User-Agent len 64 # stats enable # Enable stats page # stats refresh 30s # stats hide-version # Hide HAProxy version # stats realm Haproxy\ Statistics # Title text for popup window # stats uri /haproxy_stats
# Stats URI
# stats auth icinga:20Monitor17
# Authentication credentials # http-request add-header X-Forwarded-Proto https if { ssl_fc } # default_backend web_server_rr
backend web_server_session balance source option forwardfor server WEB1 192.168.10.101:80 cookie A check server WEB2 192.168.10.102:80 cookie B check
backend web_server_rr balance roundrobin option forwardfor server WEB1 192.168.10.101:7001 check server WEB2 192.168.10.102:7001 check http-request set-header X-FORWARD-PORT % [dst_port]
frontend magicinfo_rm1 bind *:8000 mode http option httpclose option forwardfor default_backend rm_server1
backend rm_server1 mode http server rm1 192.168.10.101:8000
frontend magicinfo_rm2 bind *:8001 mode http option httpclose option forwardfor default_backend rm_server2
backend rm_server2 mode http server rm2 192.168.10.102:8001
frontend magicinfo_ftp bind *:21 mode tcp option tcplog default_backend ftp_server
backend ftp_server option tcplog mode tcp balance leastconn server FTP1 192.168.10.101 check port 21 inter 10s rise 1 fall 2 server FTP2 192.168.10.102 check port 21 inter 10s rise 1 fall 2
frontend magicinfo_ftps bind *:990 mode tcp option tcplog default_backend ftps_server
backend ftps_server mode tcp balance leastconn server FTP1 192.168.10.101 check port 990 inter 10s rise 1 fall 2 server FTP2 192.168.10.102 check port 990 inter 10s rise 1 fall 2
frontend magicinfo_passive_ftp bind *:17001-17100 mode tcp option tcplog default_backend passive_ftp_server
backend passive_ftp_server mode tcp option tcplog balance leastconn server FTP1 192.168.10.101 server FTP2 192.168.10.102
frontend VNC bind *:5901 mode tcp option tcplog default_backend magicinfo_vnc
backend magicinfo_vnc mode tcp server VNC1 192.168.10.101:5901 check
frontend VNC_Viewer bind *:5500 mode tcp option tcplog default_backend magicinfo_vnc_viewer
backend magicinfo_vnc_viewer mode tcp server VNC1 192.168.10.101:5500 check
vi /etc/hosts
127.0.0.1 localhost.localdomain localhost
::1 localhost6.localdomain6 localhost6
192.168.10.101 webA
192.168.10.102 webB
Firewall off
service iptables stop Register and start the service
cd examples cp haproxy.init /etc/rc.d/init.d/haproxy service haproxy restart
Example of Installation Environment
- OS : CentOS 6.0
- HAProxy version : HAProxy 1.4.22 - Load Balancer Server IP (CentOS) : 192.168.10.100
- MagicInfo Premium Server
Server 1 IP : 192.168.10.101
Server 2 IP : 192.168.10.102
Port: 7001,80 (http), 21(ftp)