global
log 127.0.0.1 local2
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 60000
user haproxy
group haproxy
daemon
# turn on stats unix socket
stats socket /var/lib/haproxy/stats
defaults
mode http
log global
option httplog
option dontlognull
option http-server-close
option forwardfor except 127.0.0.0/8
option redispatch
retries 3
timeout http-request 60s
timeout queue 1m
timeout connect 60s
timeout client 1m
timeout server 1m
timeout http-keep-alive 60s
timeout check 60s
maxconn 45000
stats enable # enable web-stats at /haproxy?stats
stats realm Haproxy\ Statistics
stats auth monitor:monitor # force HTTP Auth to view stats
stats refresh 5s # refresh rate of stats page
frontend landing_page
bind :80
mode http
acl is_web hdr_beg(host) -i giaitri.vn www.giaitri.vn
use_backend http_web_backend if is_web
default_backend http_web_backend
############################################
# giaitri.vn
# loadbalancer
# 192.168.0.100
# / \
# WEB_A WEB_B
# 192.168.0.101:8081 192.168.0.102:8081
# (active) (active)
#
############################################
backend http_web_backend
mode http
balance roundrobin
cookie JSESSIONID prefix
option httpclose
option forwardfor
option httplog
option httpchk GET /httpchk/index.html
server APP1 192.168.0.101:8081 cookie cms01 check inter 2000 rise 2 fall 2 # active node
server APP2 192.168.0.102:8081 cookie cms02 check inter 2000 rise 2 fall 2 # active node
############################################
## loadbalancer
# 192.168.0.100:8672
# / \
# RabbitMQA RabbitMQB
# 192.168.0.101:8672 192.168.0.102:8672
# (active) (passive)
#
############################################
listen tcp_rabbitmq *:8672
mode tcp
balance roundrobin
option tcplog
option httpchk
server rabbit1 192.168.0.101:8672 check port 9672 inter 5000 downinter 500 # active
server rabbit2 192.168.0.102:8672 check port 9672 inter 5000 backup # passive node
Cài đặt Haproxy
tar xzf haproxy-1.5-dev12.tar.gz
cd haproxy-1.5-dev12
Nếu không có openssql được cài sẵn trên hệ thống thì cài gói openssl-1.0.1g.tar.gz
make TARGET=linux26 USE_OPENSSL=1 ADDINC="-I/u01/setup/haproxy/openssl/openssl/include" ADDLIB="-L/u01/setup/haproxy/openssl/openssl/lib"
Cài đặt Openssl vùng không permission
tar -xzf openssl-1.0.1g.tar.gz
cd cd openssl-1.0.1g
cd openssl-1.0.1g
mkdir /openssl
mkdir ../openssl
mkdir ../openssl/bin
mkdir ../openssl/include
mkdir ../openssl/lib
/config --prefix=/u01/setup/haproxy/openssl/openssl --openssldir=/u01/setup/haproxy/openssl/local/ shared
make
make install
Nếu đã cài openssl trên hệ thống rồi
make TARGET=linux26 USE_OPENSSL=1 ADDLIB=-lz
make PREFIX=/u01/haproxy install
Các lỗi thường gặp
[user@localhost sbin]$ ./haproxy -f ../../haproxy/etc/haproxy.cfg
./haproxy: error while loading shared libraries: libssl.so.1.0.0: cannot open shared object file: No such file or directory
[phonesafe@PHONESAFE sbin]$ ldd haproxy
linux-vdso.so.1 => (0x00007fff891b9000)
libcrypt.so.1 => /lib64/libcrypt.so.1 (0x00000031a0c00000)
libssl.so.1.0.0 => not found
libcrypto.so.1.0.0 => not found
libc.so.6 => /lib64/libc.so.6 (0x0000003196800000)
libfreebl3.so => /lib64/libfreebl3.so (0x00000031a1000000)
/lib64/ld-linux-x86-64.so.2 (0x0000003196000000)
libdl.so.2 => /lib64/libdl.so.2 (0x0000003196c00000)
=> Fix như sau:
sudo ln -s /u01/setup/haproxy/openssl/openssl/lib/libssl.so.1.0.0 /usr/lib/libssl.so.1.0.0
sud ln -s /u01/setup/haproxy/openssl/openssl/lib/ libcrypto.so.1.0.0 /usr/lib/libcrypto.so.1.0.0
Không có nhận xét nào:
Đăng nhận xét