3.3. 设置 HAProxy 负载均衡器和 PostgreSQL 数据库

使用以下步骤设置 HAProxy 负载均衡器和 PostgreSQL 数据库。

前提条件

已安装 Podman 或 Docker CLI。

流程

在前两个系统上，q01 和 q02，安装 HAProxy 负载均衡器和 PostgreSQL 数据库。这会将 HAProxy 配置为在其他系统上运行的以下服务的访问点和负载均衡器：
- Red Hat Quay ( B 系统上的端口 80 和 443)
- Redis ( B 系统中的端口 6379)
- RADOS (C 系统上的端口 7480)

打开 SELinux 中的所有 HAProxy 端口以及防火墙中所选 HAProxy 端口：

setsebool -P haproxy_connect_any=on
firewall-cmd --permanent --zone=public --add-port=6379/tcp --add-port=7480/tcp
firewall-cmd --reload

# setsebool -P haproxy_connect_any=on
# firewall-cmd --permanent --zone=public --add-port=6379/tcp --add-port=7480/tcp
success
# firewall-cmd --reload
success

Copy to Clipboard

Toggle word wrap

配置 /etc/haproxy/haproxy.cfg，以指向提供 Red Hat Quay、Redis 和 Ceph RADOS 服务的系统和端口。以下是默认值和添加的 frontend 和 backend 设置示例：

common defaults that all the 'listen' and 'backend' sections will
use if not designated in their block
main frontend which proxys to the backends

#---------------------------------------------------------------------
# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
#---------------------------------------------------------------------
defaults
    mode                    tcp
    log                     global
    option                  httplog
    option                  dontlognull
    option http-server-close
    option forwardfor       except 127.0.0.0/8
    option                  redispatch
    retries                 3
    timeout http-request    10s
    timeout queue           1m
    timeout connect         10s
    timeout client          1m
    timeout server          1m
    timeout http-keep-alive 10s
    timeout check           10s
    maxconn                 3000

#---------------------------------------------------------------------
# main frontend which proxys to the backends
#---------------------------------------------------------------------

frontend  fe_http *:80
    default_backend             be_http
frontend  fe_https *:443
    default_backend             be_https
frontend fe_redis *:6379
   default_backend              be_redis
frontend  fe_rdgw *:7480
    default_backend             be_rdgw
backend be_http
    balance     roundrobin
    server quay01 quay01:80 check
    server quay02 quay02:80 check
    server quay03 quay03:80 check
backend be_https
    balance     roundrobin
    server quay01 quay01:443 check
    server quay02 quay02:443 check
    server quay03 quay03:443 check
backend be_rdgw
    balance     roundrobin
    server ceph01 ceph01:7480 check
    server ceph02 ceph02:7480 check
    server ceph03 ceph03:7480 check
backend be_redis
server quay01 quay01:6379 check inter 1s
server quay02 quay02:6379 check inter 1s
server quay03 quay03:6379 check inter 1s

Copy to Clipboard

Toggle word wrap

新的 haproxy.cfg 文件就位后，请输入以下命令重启 HAProxy 服务：

systemctl restart haproxy

# systemctl restart haproxy

Copy to Clipboard

Toggle word wrap

输入以下命令为 PostgreSQL 数据库创建文件夹：
```
mkdir -p /var/lib/pgsql/data
```
```
$ mkdir -p /var/lib/pgsql/data
```
Copy to Clipboard Toggle word wrap
为 /var/lib/pgsql/data 文件夹设置以下权限：
```
chmod 777 /var/lib/pgsql/data
```
```
$ chmod 777 /var/lib/pgsql/data
```
Copy to Clipboard Toggle word wrap

输入以下命令启动 PostgreSQL 数据库：

sudo podman run -d --name postgresql_database \
    -v /var/lib/pgsql/data:/var/lib/pgsql/data:Z  \
    -e POSTGRESQL_USER=quayuser -e POSTGRESQL_PASSWORD=quaypass \
    -e POSTGRESQL_DATABASE=quaydb -p 5432:5432 \
    registry.redhat.io/rhel8/postgresql-13:1-109

$ sudo podman run -d --name postgresql_database \
    -v /var/lib/pgsql/data:/var/lib/pgsql/data:Z  \
    -e POSTGRESQL_USER=quayuser -e POSTGRESQL_PASSWORD=quaypass \
    -e POSTGRESQL_DATABASE=quaydb -p 5432:5432 \
    registry.redhat.io/rhel8/postgresql-13:1-109

Copy to Clipboard

Toggle word wrap

注意

容器的数据将存储在主机系统上的 /var/lib/pgsql/data 目录中。

输入以下命令列出可用的扩展：

sudo podman exec -it postgresql_database /bin/bash -c 'echo "SELECT * FROM pg_available_extensions" | /opt/rh/rh-postgresql96/root/usr/bin/psql'

$ sudo podman exec -it postgresql_database /bin/bash -c 'echo "SELECT * FROM pg_available_extensions" | /opt/rh/rh-postgresql96/root/usr/bin/psql'

Copy to Clipboard

Toggle word wrap

输出示例

   name    | default_version | installed_version |           comment
-----------+-----------------+-------------------+----------------------------------------
 adminpack | 1.0             |                   | administrative functions for PostgreSQL
...

   name    | default_version | installed_version |           comment
-----------+-----------------+-------------------+----------------------------------------
 adminpack | 1.0             |                   | administrative functions for PostgreSQL
...

Copy to Clipboard

Toggle word wrap

输入以下命令创建 pg_trgm 扩展：

sudo podman exec -it postgresql_database /bin/bash -c 'echo "CREATE EXTENSION IF NOT EXISTS pg_trgm;" | /opt/rh/rh-postgresql96/root/usr/bin/psql -d quaydb'

$ sudo podman exec -it postgresql_database /bin/bash -c 'echo "CREATE EXTENSION IF NOT EXISTS pg_trgm;" | /opt/rh/rh-postgresql96/root/usr/bin/psql -d quaydb'

Copy to Clipboard

Toggle word wrap

输入以下命令确认 pg_trgm 已创建：

sudo podman exec -it postgresql_database /bin/bash -c 'echo "SELECT * FROM pg_extension" | /opt/rh/rh-postgresql96/root/usr/bin/psql'

$ sudo podman exec -it postgresql_database /bin/bash -c 'echo "SELECT * FROM pg_extension" | /opt/rh/rh-postgresql96/root/usr/bin/psql'

Copy to Clipboard

Toggle word wrap

输出示例

 extname | extowner | extnamespace | extrelocatable | extversion | extconfig | extcondition
---------+----------+--------------+----------------+------------+-----------+--------------
 plpgsql |       10 |           11 | f              | 1.0        |           |
 pg_trgm |       10 |         2200 | t              | 1.3        |           |
(2 rows)

 extname | extowner | extnamespace | extrelocatable | extversion | extconfig | extcondition
---------+----------+--------------+----------------+------------+-----------+--------------
 plpgsql |       10 |           11 | f              | 1.0        |           |
 pg_trgm |       10 |         2200 | t              | 1.3        |           |
(2 rows)

Copy to Clipboard

Toggle word wrap

更改 Postgres 用户 quayuser 的权限，并为他们授予 超级用户 角色，授予用户对数据库的不受限制的访问权限：

sudo podman exec -it postgresql_database /bin/bash -c 'echo "ALTER USER quayuser WITH SUPERUSER;" | /opt/rh/rh-postgresql96/root/usr/bin/psql'

$ sudo podman exec -it postgresql_database /bin/bash -c 'echo "ALTER USER quayuser WITH SUPERUSER;" | /opt/rh/rh-postgresql96/root/usr/bin/psql'

Copy to Clipboard

Toggle word wrap

输出示例

ALTER ROLE

ALTER ROLE

Copy to Clipboard

Toggle word wrap

如果您的系统中有一个 firewalld 服务，请运行以下命令使 PostgreSQL 端口可以通过防火墙使用：
```
firewall-cmd --permanent --zone=trusted --add-port=5432/tcp
```
```
# firewall-cmd --permanent --zone=trusted --add-port=5432/tcp
```
Copy to Clipboard Toggle word wrap
```
firewall-cmd --reload
```
```
# firewall-cmd --reload
```
Copy to Clipboard Toggle word wrap
可选。如果您没有安装 postgres CLI 软件包，请输入以下命令安装它：
```
yum install postgresql -y
```
```
# yum install postgresql -y
```
Copy to Clipboard Toggle word wrap

使用 psql 命令测试到 PostgreSQL 数据库的连接。

注意

要验证您可以远程访问该服务，请在远程系统中运行以下命令：

psql -h localhost quaydb quayuser

# psql -h localhost quaydb quayuser

Copy to Clipboard

Toggle word wrap

输出示例

Password for user test:
psql (9.2.23, server 9.6.5)
WARNING: psql version 9.2, server version 9.6.
         Some psql features might not work.
Type "help" for help.

test=> \q

Password for user test:
psql (9.2.23, server 9.6.5)
WARNING: psql version 9.2, server version 9.6.
         Some psql features might not work.
Type "help" for help.

test=> \q

Copy to Clipboard

Toggle word wrap

3.3. 设置 HAProxy 负载均衡器和 PostgreSQL 数据库

学习

尝试、购买和销售

社区

关于红帽文档

让开源更具包容性

關於紅帽

Theme

Red Hat legal and privacy links

Red Hat legal and privacy links