A, HAProxy Profile
HAProxy is a high availability, load balancing, and based on TCP (layer IV) and HTTP (seventh floor) agent software applications, HAProxy is completely free, with HAProxy can provide fast and reliable based on TCP and HTTP applications proxy solution.
( 1 ) free, open source, stability is also very good, that I can do some small projects can be seen, the single Haproxy too, is good, and the hardware level stability may F5 comparable;
( 2 ) According to the official document, HAProxy can run over 10Gbps-New Benchmark HAProxy AT 10 Gbps of a using Myricom's 10GbE NICs ( Myri-10G PCI-Express ), this value as a software-level load balancer is pretty amazing;
( 3 ) HAProxy support connection refused: because maintaining a connection to open the overhead is very low, sometimes we really need to limit worms ( Attack bots ), that is to say limit their connection open so as to limit their harm. This has been trapped in a small DDoS developed and has saved many sites of attack sites, this advantage is no other load balancer.
( 4 ) HAProxy support transparent proxy (already have a hardware firewall typical features): You can use client IP to connect to the backend server address or any other address; this feature only in the Linux 2.4 / 2.6 hit kernel cttproxy patch before they can use; this feature also makes while not modify the server for a particular address of the server processing portion flow possible.
( 5 ) HAProxy now more than line Mysql cluster environment, we used to it as MySQL (read) load balancing;
( 6 ) comes with powerful monitoring server status page, the actual environment we combine Nagios mail or SMS alarm;
( 7 ) HAProxy support virtual hosts.
HAProxy especially for those large load of web sites that usually they need to maintain or seven treatment sessions. HAProxy running on current hardware can support thousands of concurrent connections. And its mode of operation makes it really simple to integrate into your current security architecture, while protecting your web server is not exposed to the network.
Functionally, able to proxy achieve reverse proxy mode WEB balanced load, so there are a lot of products. Including LVS , Nginx , ApacheProxy , lighttpd and so on.
The use of domestic production Haproxy lot of companies, such as Taobao CDN system
HAProxy provide high availability, load balancing, and based on TCP and HTTP proxy applications, support for virtual hosts, it's free, fast and reliable a solution. Based on reasonable configuration and optimization, can achieve a single support thousands of concurrent connections.
HAProxy support 2 major proxy modes: the first mode is a Proxy "TCP" , i.e. OSI first network model 4 layer, a transport layer protocol; second proxy mode is " HTTP ", i.e. OSI first network model 7 layer application layer protocol. In tcp mode, HAProxy supports bidirectional forwarding traffic between the client and the server. http mode, HAProxy protocol analysis, can be decided to allow, deny, exchange, add, modify, etc. Strategies for analysis and user configuration.
Two, HAProxy installation
1 , yum install
Step One: Download
[root@ren4 ~]# yum -y install haproxy
Step Two: Start
[root@ren4 ~]# systemctl restart haproxy
Step 3: Check whether a successful start (the default listening 5000 port, can be modified to 80 ports)
[root@ren4 haproxy]# lsof -i :5000
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
haproxy 38195 haproxy 5u IPv4 114916 0t0 TCP *:commplex-main (LISTEN)
haproxy configuration file:
[root@ren4 haproxy]# rpm -qc haproxy
/etc/haproxy/haproxy.cfg
/etc/logrotate.d/haproxy
/etc/sysconfig/haproxy
Three, HAProxy add back-end node
[root@ren4 haproxy]# vim /etc/haproxy/haproxy.cfg
backend app
balance roundrobin
server app5 192.168.11.5:80 weight 1
server app6 192.168.11.6:80 weight 3
[root@ren4 haproxy]# systemctl restart haproxy
[root@ren4 haproxy]# firewall-cmd --add-port=5000/tcp
success
Fourth, the back-end node is ready to test documents and test results
Node 1 : 192.168.11.5
[root@ren5 ~]# echo "this is 5" > /var/www/html/index.html
[root@ren5 ~]# systemctl restart httpd
[root@ren5 ~]# firewall-cmd --add-port=80/tcp
Node 2 : 192.168.11.6
[root@ren6 html]# echo "this is 6" > /var/www/html/index.html
[root@ren6 html]# systemctl restart httpd
[root@ren6 html]# firewall-cmd --add-port=80/tcp
success
Test Results:
Five, HAProxy monitoring web Display Configuration
In the defaults , add the following contents:
1 Defaults 2 stats Refresh # 30s statistics page automatically refresh time 3 stats uri / stats # statistics page url (note the stats are uri) 4 stats realm baison-Test- on Haproxy # statistics page password prompt text box 5 stats auth ADMIN: 123 # statistics page the user name and password 6 stats hide-hide versions version # HAProxy information on the statistics page
Browser to access the results: