The road to learning cloud computing - haproxy introduction and practice

haproxy load balancing

1. Introduction to haproxy

haproxy is a high-performance load balancing software. It is mainly used for seven-layer load balancing and also supports four-layer load balancing.
Seven-layer load balancing: uses the seven-layer http protocol;
four-layer load balancing: uses the TCP protocol plus port method.
Because it focuses on load balancing, it is better and more professional than nginx in load balancing.

2. Features of haproxy

As a popular load balancing software, ha-proxy must have its outstanding side. The following introduces the advantages of ha-proxy over load balancing software such as LVS and Nginx.

①Supports load balancing of both tcp/http protocol layers, making its load balancing functions very rich.
② Supports about 8 load balancing algorithms, especially in http mode. There are many very practical ③ load balancing algorithms suitable for various needs.
④The performance is very excellent, based on the event-driven link processing mode and single-process processing mode (similar to Nginx), which makes its performance excellent.
⑤Have a monitoring page with excellent functions to understand the current status of the system in real time.
Powerful ACL support brings great convenience to users.

3. The differences between LVS, Haproxy and Nginx

①LVS implements soft load balancing based on the Linux operating system, while Haproxy and Nginx implement soft load balancing based on third-party applications.
②LVS is an IP load balancing technology that can implement layer 4 and cannot implement forwarding based on directories and URLs. Both Haproxy and Nginx can implement layer 4 and layer 7 technologies. Haproxy can provide comprehensive load balancing solutions for TCP and HTTP applications. ③LVS
works at the fourth layer of the ISO model and has a single status monitoring function, while Haproxy has a single status monitoring function. It has richer and more powerful functions and can support various status monitoring methods such as ports, URLs, scripts, etc.
④Haproxy is powerful, but its overall performance is lower than the LVS load balancing in the 4-layer mode
⑤Nginx is mainly used for web servers or cache servers

4. haproxy scheduling algorithm

Go to the official documentation to view haproxy's load balancing scheduling algorithm

There are many algorithms, here are some commonly used ones:

① roundrobin

Polling based on weight is the most balanced and fair algorithm when the server's processing time remains evenly distributed. This algorithm is dynamic, which means that its weights can be adjusted at runtime. However, by design, each The backend server can only accept up to 4128 connections

② static-rr

Roundrobin based on weight is similar to roundrobin, but it is a static method. Adjusting its server weight at runtime will not take effect. However, it has no limit on the number of back-end server connections.

③ leastconn

New connection requests are dispatched to the backend server with the smallest number of connections.

④ source

The source address of the request is hashed, divided by the total weight of the backend server, and then dispatched to a matching server. This allows requests from the same client IP to always be dispatched to a specific server.

5. Practical combat: Implementation of haproxy load balancing

1. Experimental environment

A total of four virtual machines are required:
virtual machine 1, virtual machine 2 : install nginx as a real web server.
Virtual machine 3 : Install haproxy to achieve load balancing of haproxy.
Virtual Machine 4 : Client, used to test the entire cluster without any configuration.

2. Prepare two web servers

Virtual machine 1 performs the following operations:

Install and start nginx, and write test content in the nginx default release directory

[root@web-1 ~]# yum -y install nginx
[root@web-1 ~]# systemctl start nginx
[root@web-1 ~]# echo web-1 > /usr/share/nginx/html/index.html

Virtual machine 2 performs the following operations:

Same operation as virtual machine 1

[root@web-2 ~]# yum -y install nginx
[root@web-2 ~]# systemctl start nginx
[root@web-2 ~]# echo web-2 > /usr/share/nginx/html/index.html

Virtual machine 4 performs the following operations

Verify whether the two web servers are set up properly

3. Configuration of haproxy load balancing

Virtual machine 3 does the following:

1) Install haproxy

[root@localhost ~]# yum -y install haproxy

2) Modify the configuration file of haproxy

[root@localhost ~]# cp /etc/haproxy/haproxy.cfg /etc/haproxy/haproxy.cfg.bak#Make a backup first
[root@localhost ~]# vim /etc/haproxy/haproxy.cfg

The configuration file content and explanation are as follows:

global  #全局配置
        log 127.0.0.1 local3          #日志配置
        maxconn 4096                  #最大连接限制
        uid nobody
        gid nobody
        daemon                         #守护进程模式
        nbproc 1                       #haproxy进程数
defaults  #默认配置
        log        global              #日志使用全局配置
        mode       http                #使用七层负载均衡时指定为http
        maxconn 2048  #最大连接数
        retries  3                     #健康检测。3次连接失败就认为服务不可用
        option  redispatch             #服务不可用后的操作，重定向到其他健康服务器
        stats   uri  /haproxy          #web页面状态模块功能开启，
        stats auth          zzyy:123   #状态模块认证，设置用户和密码
        contimeout      5000           #定义haproxy将客户端!!!请求!!!转发至后端服务器，所等待的超时时长
        clitimeout      50000          #haproxy作为客户，和后端服务器之间!!!空闲连接!!!的超时时间，到时候发送fin指令
        srvtimeout      50000          #haproxy作为服务器，和用户之间空闲连接的超时时间，到时候发送fin指令
#timeout connect 5000 #上面三条超时设置，也可以替换为下面这三条，作用相同。
#timeout client 50000
#timeout server 50000

frontend http-in                       #前端配置块。面对用户侧
        bind 0.0.0.0:80                #面对用户监听地址和端口
        mode http                      #http模式的负载均衡
        log global                     #日志使用全局配置
        option httplog                 #默认日志格式非常简陋，仅包括源地址、目标地址和实例名称，而“option httplog参数将会使得日志格式变得丰富许多，其通常包括但不限于HTTP请求、连接计时器、会话状态、连接数、捕获的首部及cookie、“frontend”、“backend”及服务器名称，当然也包括源地址和端口号等。
        option httpclose               #每次请求完毕后，关闭http通道
        acl html url_reg  -i  \.html$     #1. acl访问控制列表的名称设置为html。url_reg -i 指定规则：要求访问以html结尾的url时
        use_backend html-server if  html  #2.如果满足acl html规则，则推送给后端服务器 html-server
        default_backend html-server       #3：默认的后端服务器是 html-server

backend html-server                      #后端服务器名称为html-server
        mode http                        #设置为七层的负载均衡http
        balance roundrobin               #调度算法，rr轮叫调度
        option httpchk GET /index.html   #允许用http协议检查server 的健康
        cookie SERVERID insert indirect nocache  #轮询的同时，根据插入的cookie SERVERID  的值来做会话保持,将相同的用户请求，转发给相同的真实服务器。
        server html-A 192.168.58.155:80 weight 1 cookie 3 check inter 2000 rise 2 fall 5
        server html-B 192.168.58.162:80 weight 1 cookie 4 check inter 2000 rise 2 fall 5   #cookie 3 服务器ID，避免rr算法将客户机请求转发给其他服务器 ,对后端服务器的健康状况检查间隔为2000毫秒，连续2次健康检查成功，则认为是有效的，连续5次健康检查失败，则认为服务器宕机

3) Turn on haproxy

[root@localhost ~]# systemctl start haproxy

4)Verification

Use virtual machine 4 to verify.

Access the IP address of the haproxy load balancing server. The contents of the two web servers are displayed in a loop, indicating that the haproxy load balancing is successful.

4. Enable haproxy logs

① Define the log object in the haproxy configuration file, syntax: log 127.0.0.1 (receiver IP) local3 (object) , which has been defined in the above configuration file

② Modify the log configuration file /etc/rsyslog.conf (enable UDP and TCP interface, and add log rules: object.level storage location)

[root@localhost ~]# vim /etc/rsyslog.conf

③Restart the log service and haproxy

[root@localhost ~]# systemctl restart rsyslog [root@localhost ~]# systemctl restart haproxy

④When accessing the haproxy load balancing server, access logs will be generated

6. Practical combat: Keepalived+haproxy

Using Keepalived to achieve high availability of haproxy load balancing

1. Experimental environment

A total of five virtual machines are required.
Virtual machine 1, virtual machine 2 : install nginx as a real web server.
Virtual machine 3, virtual machine 4 : 1. Install haproxy to achieve load balancing of haproxy. 2. Install keepalived to achieve load balancing of high-availability
virtual machine 5 : client, used to test the entire cluster without any configuration.

2. Construction of web server

Configure real web servers in virtual machine 1 and virtual machine 2, which are the same as the actual configuration in Part 5.

3. Configuration of haproxy load balancing

The configuration of virtual machine 3 is the same as that in the actual combat in Part 5, and the configuration of virtual machine 4 is the same as that of virtual machine 3.

4. keepalived implements haproxy high availability

On the basis of the above, virtual machine 3 and virtual machine 4 install keepalived to achieve high availability of haproxy load balancing. Virtual machine 3 and virtual machine 4 operate as follows:

1) Install keepalived

[root@haproxy-master ~]# yum -y install keepalived

2)Write configuration file

[root@haproxy-master ~]# cp /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak#Backup first
[root@haproxy-master ~]# vim /etc/keepalived/keepalived.conf

The configuration file content of the master server is:

! Configuration File for keepalived

global_defs {
    
    
   router_id directory1
}

vrrp_instance VI_1 {
    
    
    state MASTER
    interface ens33
    nopreempt
    virtual_router_id 80
    priority 100
    advert_int 1
    authentication {
    
    
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
    
    
        192.168.58.140/24
    }
}

The configuration file content of the backup server is:

! Configuration File for keepalived

global_defs {
    
    
   router_id directory2
}

vrrp_instance VI_1 {
    
    
    state BACKUP
    interface ens33
    nopreempt
    virtual_router_id 80
    priority 50
    advert_int 1
    authentication {
    
    
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
    
    
        192.168.58.140/24
    }
}

3) Turn on keepalived

[root@haproxy-master ~]# systemctl start keepalived

4)Verification

The access is successful, and the high-availability layer of haproxy load balancing is successfully established.

5. keepalived implements haproxy high availability

Write a health detection script. The function of the script is to turn off keepalived when haproxy goes down to realize VIP drift. Both virtual machine 3 and virtual machine 4 complete the following operations.

1) Write the script and grant execution permissions

[root@haproxy-master ~]# vim /etc/keepalived/check_haproxy_status.sh
[root@haproxy-master ~]# ls /etc/keepalived/check_haproxy_status.sh

Script meaning:
 After haproxy crashes, restart haproxy first. If it cannot restart, close keepalived.

The script content is:

#!/bin/bash
count=`ps -C haproxy --no-heading | wc -l`
if [ $count -eq 0 ];then
        systemctl start haproxy
        count=`ps -C haproxy --no-heading | wc -l`
        if [ $count -eq 0 ];then
                systemctl stop keepalived
        fi
fi

2) Introduce the health detection module into the keepalived configuration file

[root@haproxy-master ~]# vim /etc/keepalived/keepalived.conf

3) Restart keepalived

[root@haproxy-master ~]# systemctl restart keepalived

4)Verification

Close haproxy, simulate haproxy downtime, the script takes effect, and restart haproxy.

Deliberately correct the configuration file of haproxy to simulate the situation where haproxy cannot be restarted.

The health detection script takes effect. When haproxy goes down and cannot be restarted, the master shuts down the keeplaived service to realize VIP drift.