Saturday, March 15, 2014

Compile Source Install HAProxy for Debian Ubuntu

To continue previous HAproxy post.

To use that latest and greatest feature in HAProxy, you’ll probably end up having it to build it yourself.

1. Set up the build environment:

aptitinstall build-essential zlib1g-dev libpcre3-dev libssl-dev


2. Get the latest dev version from http://haproxy.1wt.eu/#down :

wget http://haproxy.1wt.eu/download/1.4/src/haproxy-1.4.24.tar.gz
tar xzvf haproxy-1.4.24.tar.gz
cd haproxy-1.4.24
make TARGET=linux2628 CPU=native USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1
make install


Assuming your Linux kernel version is >= 2.6.28.
his will include OpenSSL and zlib compression support.


Seems preety easy?
It's lot harder to make it works perfect, and here is how:

3. First create Directory for HAproxy :

mkdir -p /etc/haproxy
mkdir -p /var/lib/haproxy/dev


4. Create HAproxy USER :


useradd -d /var/lib/haproxy -s /bin/false haproxy

This will create HAproxy group as well

5. Copy HAproxy Binary and Configure file:

cp ~/haproxy-1.4.24/haproxy /usr/sbin/haproxy
cp /usr/src/haproxy-1.4.24/examples/haproxy.cfg /etc/haproxy


For HTTP errors:


mkdir -p /etc/haproxy/errors/


Add in /etc/haproxy/haproxy.cfg :

errorfile 400 /etc/haproxy/errors/400.http
errorfile 403 /etc/haproxy/errors/403.http
errorfile 408 /etc/haproxy/errors/408.http
errorfile 500 /etc/haproxy/errors/500.http
errorfile 502 /etc/haproxy/errors/502.http
errorfile 503 /etc/haproxy/errors/503.http
errorfile 504 /etc/haproxy/errors/504.http


6. Create Init Service /etc/init.d/haproxy:


#!/bin/sh
### BEGIN INIT INFO
# Provides: haproxy
# Required-Start: $local_fs $network $remote_fs
# Required-Stop: $local_fs $remote_fs
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: fast and reliable load balancing reverse proxy
# Description: This file should be used to start and stop haproxy.
### END INIT INFO

# Author: Arnaud Cornet

PATH=/sbin:/usr/sbin:/bin:/usr/bin
PIDFILE=/var/run/haproxy.pid
CONFIG=/etc/haproxy/haproxy.cfg
HAPROXY=/usr/sbin/haproxy
EXTRAOPTS=
ENABLED=1

test -x $HAPROXY || exit 0

if [ -e /etc/default/haproxy ]; then
. /etc/default/haproxy
fi

test -f "$CONFIG" || exit 0
test "$ENABLED" != "0" || exit 0

[ -f /etc/default/rcS ] && . /etc/default/rcS
. /lib/lsb/init-functions


haproxy_start()
{
start-stop-daemon --start --pidfile "$PIDFILE"
--exec $HAPROXY -- -f "$CONFIG" -D -p "$PIDFILE"
$EXTRAOPTS || return 2
return 0
}

haproxy_stop()
{
if [ ! -f $PIDFILE ] ; then
# This is a success according to LSB
return 0
fi
for pid in $(cat $PIDFILE) ; do
/bin/kill $pid || return 4
done
rm -f $PIDFILE
return 0
}

haproxy_reload()
{
$HAPROXY -f "$CONFIG" -p $PIDFILE -D $EXTRAOPTS -sf $(cat $PIDFILE)
|| return 2
return 0
}

haproxy_status()
{
if [ ! -f $PIDFILE ] ; then
# program not running
return 3
fi

for pid in $(cat $PIDFILE) ; do
if ! ps --no-headers p "$pid" | grep haproxy > /dev/null ; then
# program running, bogus pidfile
return 1
fi
done

return 0
}


case "$1" in
start)
log_daemon_msg "Starting haproxy" "haproxy"
haproxy_start
ret=$?
case "$ret" in
0)
log_end_msg 0
;;
1)
log_end_msg 1
echo "pid file '$PIDFILE' found, haproxy not started."
;;
2)
log_end_msg 1
;;
esac
exit $ret
;;
stop)
log_daemon_msg "Stopping haproxy" "haproxy"
haproxy_stop
ret=$?
case "$ret" in
0|1)
log_end_msg 0
;;
2)
log_end_msg 1
;;
esac
exit $ret
;;
reload|force-reload)
log_daemon_msg "Reloading haproxy" "haproxy"
haproxy_reload
ret=$?
case "$ret" in
0|1)
log_end_msg 0
;;
2)
log_end_msg 1
;;
esac
exit $ret
;;
restart)
log_daemon_msg "Restarting haproxy" "haproxy"
haproxy_stop
haproxy_start
ret=$?
case "$ret" in
0)
log_end_msg 0
;;
1)
log_end_msg 1
;;
2)
log_end_msg 1
;;
esac
exit $ret
;;
status)
haproxy_status
ret=$?
case "$ret" in
0)
echo "haproxy is running."
;;
1)
echo "haproxy dead, but $PIDFILE exists."
;;
*)
echo "haproxy not running."
;;
esac
exit $ret
;;
*)
echo "Usage: /etc/init.d/haproxy {start|stop|reload|restart|status}"
exit 2
;;
esac

:


7. Automatic start HAproxy after boot

Edit Default /etc/default/haproxy

# Set ENABLED to 1 if you want the init script to start haproxy.
ENABLED=1


Edit Init job: /etc/init.d/haproxy

HAPROXY=/usr/sbin/haproxy
EXTRAOPTS=
ENABLED=1


8. Log file and Log Rotation

/etc/rsyslog.d/haproxy.conf


# Create an additional socket in haproxy's chroot in order to allow logging via
# /dev/log to chroot'ed HAProxy processes
$AddUnixListenSocket /var/lib/haproxy/dev/log

# Send HAProxy messages to a dedicated logfile
if $programname startswith 'haproxy' then /var/log/haproxy.log
&~


/etc/logrotate.d/haproxy


/var/log/haproxy.log {
daily
rotate 52
missingok
notifempty
compress
delaycompress
postrotate
invoke-rc.d rsyslog rotate >/dev/null 2>&1 || true
endscript
}


9. Start / Stop HAproxy


service haproxy start
service haproxy stop


10. Check log:


cat /var/log/haproxy.log


Most of these settings came from debian wheezy backports haproxy package.

If you found any missing step, plead kindly let me know.

4 comments:

  1. This design is steller! You obviously know how to keep a
    reader entertained. Between your wit and your
    videos, I was almost moved to start my own blog (well, almost...HaHa!) Wonderful job.
    I really loved what you had to say, and more than that, how you presented
    it. Too cool!

    Look at my webpage facebbooking60.com

    ReplyDelete
  2. I need to configure a url into HAProxy for load balancing. the URL is like http://x.x.x.x/zabbix/ How do I configure this URL without port no.

    I have addd like below in /etc/haproxy/haproxy.cfg file. (below IP's are just for ex:)

    # [HTTP Site Configuration]
    listen http_web 10.10.10.10/zabbix
    mode http
    balance roundrobin # Load Balancing algorithm
    option httpchk
    option forwardfor
    server zabbixServe-0 10.10.10.20/zabbix check
    server zabbixServe-1 10.10.10.30/zabbix check

    ReplyDelete
  3. you can use the following options to match against a URL path:

    path
    Returns true when the path part of the request, which starts at the first
    slash and ends before the question mark, equals one of the strings. It may be
    used to match known files, such as /favicon.ico.

    path_beg
    Returns true when the path begins with one of the strings. This can be used
    to send certain directory names to alternative backends.

    There are also other options like path_end and path_reg. These can be used to create acls to choose the appropriate backend server.

    Hope this helps!

    ReplyDelete
  4. Pretty! This has been an incredibly wonderful post. Many thanks
    for supplying this information.

    ReplyDelete