Read the following to install and set up HA Proxy
Before Installation
Download the HA Proxy by using below command.
wget http://www.haproxy.org/download/1.8/src/haproxy-1.4.22.tar.gz
Installation
Install the HA Proxy by using below command.
- tar xfz haproxy-1.4.22.tar.gz
- cd haproxy-1.4.22
- vi Makefile → change "PREFIX = /usr/local" to "PREFIX = /usr".
- make TARGET=linux26 ARCH=x86_64
- make install
Setting
Setup the configurations for HA Proxy like below.
- groupadd haproxy
- useradd haproxy -g haproxy
vi /etc/haproxy/haproxy.cfg
※ When configuring the proxy server with SSL, refer to and recycle the commendted out 443 and 7002 ports.
※ 80 port is for the users (browser) and 7001 port is for the devices.global log /dev/log local0 info log /dev/log local1 notice maxconn 4096 user haproxy group haproxy
defaults log global mode http option tcplog option dontlognull retries 3 option redispatch maxconn 2000 timeout connect 5000 timeout client 50000 timeout server 50000
frontend browser_port bind *:80 mode http option forwardfor option httpclose default_backend web_server_session frontend device_port bind *:7001 mode http option forwardfor option httpclose default_backend web_server_rr
# frontend user_port_ssl # mode http # bind *:443 ssl crt /etc/ssl/MagicInfoCert.pem # acl is_root path -i / # http-request add-header X-Forwarded-Proto https if { ssl_fc } # redirect code 301 location https://10.89.37.68/MagicInfo if is_root # cookie JSESSIONID prefix # option forwardfor # capture request header Referrer len 64 # capture request header Content-Length len 10 # capture request header User-Agent len 64 # stats enable # Enable stats page # stats refresh 30s # stats hide-version # Hide HAProxy version # stats realm Haproxy\ Statistics # Title text for popup window # stats uri /haproxy_stats # Stats URI # stats auth icinga:20Monitor17 # Authentication credentials # default_backend web_server_session
#frontend device_port_ssl # mode http
# bind *:7002 ssl crt /etc/ssl/haproxy/MagicInfo.pem ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA # cookie JSESSIONID prefix # option forwardfor # capture request header Referrer len 64 # capture request header Content-Length len 10 # capture request header User-Agent len 64 # stats enable # Enable stats page # stats refresh 30s # stats hide-version # Hide HAProxy version # stats realm Haproxy\ Statistics # Title text for popup window # stats uri /haproxy_stats
# Stats URI
# stats auth icinga:20Monitor17
# Authentication credentials # http-request add-header X-Forwarded-Proto https if { ssl_fc } # default_backend web_server_rr
backend web_server_session balance source option forwardfor server WEB1 192.168.10.101:80 cookie A check server WEB2 192.168.10.102:80 cookie B check
backend web_server_rr balance roundrobin option forwardfor server WEB1 192.168.10.101:7001 check server WEB2 192.168.10.102:7001 check http-request set-header X-FORWARD-PORT % [dst_port]
frontend magicinfo_rm1 bind *:8000 mode http option httpclose option forwardfor default_backend rm_server1
backend rm_server1 mode http server rm1 192.168.10.101:8000
frontend magicinfo_rm2 bind *:8001 mode http option httpclose option forwardfor default_backend rm_server2
backend rm_server2 mode http server rm2 192.168.10.102:8001
frontend magicinfo_ftp bind *:21 mode tcp option tcplog default_backend ftp_server
backend ftp_server option tcplog mode tcp balance leastconn server FTP1 192.168.10.101 check port 21 inter 10s rise 1 fall 2 server FTP2 192.168.10.102 check port 21 inter 10s rise 1 fall 2
frontend magicinfo_ftps bind *:990 mode tcp option tcplog default_backend ftps_server
backend ftps_server mode tcp balance leastconn server FTP1 192.168.10.101 check port 990 inter 10s rise 1 fall 2 server FTP2 192.168.10.102 check port 990 inter 10s rise 1 fall 2
frontend magicinfo_passive_ftp bind *:17001-17100 mode tcp option tcplog default_backend passive_ftp_server
backend passive_ftp_server mode tcp option tcplog balance leastconn server FTP1 192.168.10.101 server FTP2 192.168.10.102
frontend VNC bind *:5901 mode tcp option tcplog default_backend magicinfo_vnc
backend magicinfo_vnc mode tcp server VNC1 192.168.10.101:5901 check
frontend VNC_Viewer bind *:5500 mode tcp option tcplog default_backend magicinfo_vnc_viewer
backend magicinfo_vnc_viewer mode tcp server VNC1 192.168.10.101:5500 check
vi /etc/hosts
127.0.0.1 localhost.localdomain localhost
::1 localhost6.localdomain6 localhost6
192.168.10.101 webA
192.168.10.102 webB
Firewall off
service iptables stop Register and start the service
cd examples cp haproxy.init /etc/rc.d/init.d/haproxy service haproxy restart
Example of Installation Environment
- OS : CentOS 6.0
- HAProxy version : HAProxy 1.4.22 - Load Balancer Server IP (CentOS) : 192.168.10.100
- MagicInfo Premium Server
Server 1 IP : 192.168.10.101
Server 2 IP : 192.168.10.102
Port: 7001,80 (http), 21(ftp)