zoukankan      html  css  js  c++  java

  • 编译安装haproxy开启支持SSL

    1、下载程序包

    # wget http://www.haproxy.org/download/1.7/src/haproxy-1.7.5.tar.gz
# tar xvf haproxy-1.7.5.tar.gz -C /usr/local/src
# cd /usr/local/src/haproxy-1.7.5

    2、编译安装,开启支持SSL

    # yum groupinstall -y "Development Tools"
# yum install -y openssl openssl-devel
# uname -a
# make TARGET=linux31 USE_OPENSSL=1 ADDLIB=-lz
# make install PREFIX=/usr/local/haproxy

    3、查看版本号和编译参数

    -vv:Display HAProxy's version and all build options.

# /usr/local/haproxy/sbin/haproxy -vv
HA-Proxy version 1.7.5 2017/04/03
Copyright 2000-2017 Willy Tarreau <willy@haproxy.org>

Build options :
  TARGET  = linux31
  CPU     = generic
  CC      = gcc
  CFLAGS  = -O2 -g -fno-strict-aliasing -Wdeclaration-after-statement
  OPTIONS = USE_POLL=default USE_OPENSSL=1

Default settings :
  maxconn = 2000, bufsize = 16384, maxrewrite = 1024, maxpollevents = 200

Encrypted password support via crypt(3): no
Built without compression support (neither USE_ZLIB nor USE_SLZ are set)
Compression algorithms supported : identity("identity")
Built with OpenSSL version : OpenSSL 1.0.1e-fips 11 Feb 2013
Running on OpenSSL version : OpenSSL 1.0.1e-fips 11 Feb 2013
OpenSSL library supports TLS extensions : yes
OpenSSL library supports SNI : yes
OpenSSL library supports prefer-server-ciphers : yes
Built without PCRE support (using libc's regex instead)
Built without Lua support
Built with transparent proxy support using: IP_TRANSPARENT IP_FREEBIND

Available polling systems :
       poll : pref=200,  test result OK
     select : pref=150,  test result OK
Total: 2 (2 usable), will use poll.

Available filters :
	[COMP] compression
	[TRACE] trace
	[SPOE] spoe

    4、创建用户和组

    # groupadd -r -g 149 haproxy
# useradd -r -u 149 -g haproxy -s /sbin/nologin haproxy

    5、提供配置文件(略)

    # mkdir -pv /etc/haproxy

    6、配置服务日志

    # vim /etc/sysconfig/rsyslog
SYSLOGD_OPTIONS="-r -m 0 -c 2"

# vim /etc/rsyslog.conf
# Save haproxy.log
local3.*                                                /mnt/haproxy_logs/haproxy.log

# vim /etc/haproxy/haproxy.cfg
global
        log 127.0.0.1 local3 info

# systemctl restart rsyslog

    7、检查配置文件

    -c:Only checks config file and exits with code 0 if no error was found, or exits with code 1 if a syntax error was found.

# /usr/local/haproxy/sbin/haproxy -c -f /etc/haproxy/haproxy.cfg
Configuration file is valid

    8:启动haproxy

    # /usr/local/haproxy/sbin/haproxy -f /etc/haproxy/haproxy.cfg

    9、导出环境变量

    # vim /etc/profile.d/haproxy.sh
export PATH=$PATH:/usr/local/haproxy/sbin
# source /etc/profile.d/haproxy.sh
  • 相关阅读:
    [Functional Programming] Building a Timer UI by Composing Callbacks
    [Debug] Use Chrome DevTools console utilities to make debugging easier
    [Debug] Copy a network request as fetch or cURL with Chrome DevTools
    [CSS] Use CSS Variables with Calc and HSL to Implement Dark Mode
    [Kotlin] Adding functions to existing classes (extension functions)
    [Kotlin] Unit testing throws exception
    [Kotlin] Try resource, use {} block
    少儿编程教学环境开发之架构选型篇
    分布式系统理论之Quorum机制
    存储基本概念(lun,volume,HBA,DAS,NAS,SAN,iSCSI,IPSAN)
  • 原文地址:https://www.cnblogs.com/keithtt/p/6716277.html
Copyright © 2011-2022 走看看