Este contenido no está disponible en el idioma seleccionado.

A.4. Install and Configure HAProxy


Perform the following procedure on your two HAProxy nodes:
  1. Install haproxy.
    # yum install haproxy
    Copy to Clipboard Toggle word wrap
  2. Configure haproxy for SELinux and HTTP.
    # vim /etc/firewalld/services/haproxy-http.xml
    Copy to Clipboard Toggle word wrap
    Add the following lines:
    <?xml version="1.0" encoding="utf-8"?>
    <service>
    <short>HAProxy-HTTP</short>
    <description>HAProxy load-balancer</description>
    <port protocol="tcp" port="80"/>
    </service>
    
    Copy to Clipboard Toggle word wrap
    As root, assign the correct SELinux context and file permissions to the haproxy-http.xml file.
    # cd /etc/firewalld/services
    # restorecon haproxy-http.xml
    # chmod 640 haproxy-http.xml
    Copy to Clipboard Toggle word wrap
  3. If you intend to use HTTPS, configure haproxy for SELinux and HTTPS.
    # vim /etc/firewalld/services/haproxy-https.xml
    Copy to Clipboard Toggle word wrap
    Add the following lines:
    <?xml version="1.0" encoding="utf-8"?>
    <service>
    <short>HAProxy-HTTPS</short>
    <description>HAProxy load-balancer</description>
    <port protocol="tcp" port="443"/>
    </service>
    
    Copy to Clipboard Toggle word wrap
    As root, assign the correct SELinux context and file permissions to the haproxy-https.xml file.
    # cd /etc/firewalld/services
    # restorecon haproxy-https.xml
    # chmod 640 haproxy-https.xml
    Copy to Clipboard Toggle word wrap
  4. If you intend to use HTTPS, generate keys for SSL. If you do not have a certificate, you may use a self-signed certificate. For information on generating keys and on self-signed certificates, see the Red Hat Enterprise Linux System Administrator's Guide.
    Finally, put the certificate and key into a PEM file.
    # cat example.com.crt example.com.key > example.com.pem
    # cp example.com.pem /etc/ssl/private/
    Copy to Clipboard Toggle word wrap
  5. Configure HAProxy.
    # vim /etc/haproxy/haproxy.cfg
    Copy to Clipboard Toggle word wrap
    The global and defaults sections of haproxy.cfg may remain unchanged. After the defaults sections, you will need to configure frontend and backend sections, as in the following example:
    frontend http_web *:80
        mode http
        default_backend rgw
    
    frontend rgw­-https
      bind <insert vip ipv4>:443 ssl crt /etc/ssl/private/example.com.pem
      default_backend rgw
    
    backend rgw
        balance roundrobin
        mode http
        server  rgw1 10.0.0.71:80 check
        server  rgw2 10.0.0.80:80 check
    
    Copy to Clipboard Toggle word wrap
  6. Enable/start haproxy
    # systemctl enable haproxy
    # systemctl start haproxy
    Copy to Clipboard Toggle word wrap
Volver arriba
Red Hat logoGithubredditYoutubeTwitter

Aprender

Pruebe, compre y venda

Comunidades

Acerca de la documentación de Red Hat

Ayudamos a los usuarios de Red Hat a innovar y alcanzar sus objetivos con nuestros productos y servicios con contenido en el que pueden confiar. Explore nuestras recientes actualizaciones.

Hacer que el código abierto sea más inclusivo

Red Hat se compromete a reemplazar el lenguaje problemático en nuestro código, documentación y propiedades web. Para más detalles, consulte el Blog de Red Hat.

Acerca de Red Hat

Ofrecemos soluciones reforzadas que facilitan a las empresas trabajar en plataformas y entornos, desde el centro de datos central hasta el perímetro de la red.

Theme

© 2025 Red Hat