메타 데이터의 끝으로 건너뛰기
메타 데이터의 시작으로 이동

This document describes the steps to install and set up HA Proxy.

Before Installation

Download the HA Proxy by using below command.

wget http://www.haproxy.org/download/1.8/src/haproxy-1.4.22.tar.gz


Installation

Install the HA Proxy by using below command.

  1. tar xfz haproxy-1.4.22.tar.gz
  2. cd haproxy-1.4.22
  3. vi Makefile → change "PREFIX = /usr/local" to "PREFIX = /usr".
  4. make TARGET=linux26 ARCH=x86_64
  5. make install

Setting

Setup the configurations for HA Proxy as described below.

  1. groupadd haproxy
  2. useradd haproxy -g haproxy

  3. vi /etc/haproxy/haproxy.cfg
    ※ When configuring the proxy server with SSL, refer to and recycle the commendted out 443 and 7002 ports.
    ※ 80 port is for the users (browser) and 7001 port is for the devices.

    global    log  /dev/log local0 info    log  /dev/log local1 notice    maxconn 4096    user haproxy    group haproxy

    defaults    log global    mode http    option tcplog    option dontlognull    retries 3    option redispatch    maxconn 2000    timeout connect 5000    timeout client 50000    timeout server 50000  

    frontend browser_port    bind *:80    mode  http    option  forwardfor    option  httpclose    default_backend web_server_session frontend device_port    bind *:7001    mode  http    option  forwardfor    option  httpclose    default_backend web_server_rr

    # frontend user_port_ssl #    mode http #    bind *:443 ssl crt /etc/ssl/MagicInfoCert.pem #    acl is_root path -i / #    http-request add-header X-Forwarded-Proto https if { ssl_fc } #    redirect code 301 location https://10.89.37.68/MagicInfo if is_root #    cookie JSESSIONID prefix #    option forwardfor #    capture request header Referrer len 64 #    capture request header Content-Length len 10 #    capture request header User-Agent len 64 #    stats enable  # Enable stats page #    stats refresh 30s #    stats hide-version  # Hide HAProxy version #    stats realm Haproxy\ Statistics  # Title text for popup window #    stats uri /haproxy_stats  # Stats URI #    stats auth icinga:20Monitor17  # Authentication credentials #    default_backend web_server_session

    #frontend device_port_ssl #    mode http

    #    bind *:7002 ssl crt /etc/ssl/haproxy/MagicInfo.pem ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA #    cookie JSESSIONID prefix #    option forwardfor #    capture request header Referrer len 64 #    capture request header Content-Length len 10 #    capture request header User-Agent len 64 #    stats enable  # Enable stats page #    stats refresh 30s #    stats hide-version  # Hide HAProxy version #    stats realm Haproxy\ Statistics  # Title text for popup window #    stats uri /haproxy_stats 

    # Stats URI

    #    stats auth icinga:20Monitor17 

    # Authentication credentials #    http-request add-header X-Forwarded-Proto https if { ssl_fc } #    default_backend web_server_rr

    backend web_server_session     balance source     option forwardfor     server WEB1 192.168.10.101:80 cookie A check     server WEB2 192.168.10.102:80 cookie B check

    backend web_server_rr     balance roundrobin      option forwardfor     server WEB1 192.168.10.101:7001 check     server WEB2 192.168.10.102:7001 check      http-request set-header X-FORWARD-PORT % [dst_port] 

    frontend magicinfo_rm1      bind *:8000      mode  http      option  httpclose      option  forwardfor      default_backend rm_server1

    backend rm_server1      mode http      server rm1 192.168.10.101:8000

    frontend magicinfo_rm2      bind *:8001      mode  http      option  httpclose      option  forwardfor      default_backend rm_server2

    backend rm_server2      mode http      server rm2 192.168.10.102:8001

    frontend magicinfo_ftp    bind *:21    mode   tcp    option   tcplog    default_backend ftp_server

    backend ftp_server      option tcplog      mode tcp      balance leastconn      server FTP1 192.168.10.101 check port 21 inter 10s rise 1 fall 2       server FTP2 192.168.10.102 check port 21 inter 10s rise 1 fall 2

    frontend magicinfo_ftps      bind *:990      mode tcp      option tcplog      default_backend ftps_server

    backend ftps_server      mode tcp      balance leastconn      server FTP1 192.168.10.101 check port 990 inter 10s rise 1 fall 2       server FTP2 192.168.10.102 check port 990 inter 10s rise 1 fall 2

    frontend magicinfo_passive_ftp      bind *:17001-17100      mode tcp      option tcplog      default_backend passive_ftp_server

    backend passive_ftp_server      mode tcp      option tcplog      balance leastconn      server FTP1 192.168.10.101      server FTP2 192.168.10.102

    frontend VNC       bind *:5901      mode tcp      option tcplog      default_backend magicinfo_vnc

    backend magicinfo_vnc      mode tcp      server VNC1 192.168.10.101:5901 check

    frontend VNC_Viewer       bind *:5500      mode tcp      option tcplog      default_backend magicinfo_vnc_viewer

    backend magicinfo_vnc_viewer      mode tcp      server VNC1 192.168.10.101:5500 check

  4. vi /etc/hosts

    127.0.0.1 localhost.localdomain localhost

    ::1 localhost6.localdomain6 localhost6

    192.168.10.101 webA

    192.168.10.102 webB

  5. Firewall off

    service iptables stop

  6. Register and start the service

    cd examples cp haproxy.init /etc/rc.d/init.d/haproxy service haproxy restart


Example of Installation Environment  

- OS : CentOS 6.0

- HAProxy version : HAProxy 1.4.22 - Load Balancer Server IP (CentOS) : 192.168.10.100

- MagicInfo Premium Server 

   Server 1 IP : 192.168.10.101  

   Server 2 IP : 192.168.10.102

   Port: 7001,80 (http), 21(ftp)