Article Directory
A, HAProxy (monocytes) What is?
HAProxy is a high availability, load balancing, and (seventh layer) application based on TCP (layer IV) and HTTP proxy software,Support for virtual hosts, it's free, fast and reliable a solution. HAProxy especially for those large load of web sites that usually they need to maintain or seven treatment sessions. HAProxy running on current hardware can support thousands of concurrent connections. And its mode of operation makes it really simple to integrate into your current security architecture, while protecting your web server is not exposed to the network.
Second, load balancing of server monitoring and management haproxy
lab environment
CPU name | IP | service |
---|---|---|
Virtual machine server1 | 172.25.7.1 | haproxy, httpd, the proxy server |
Virtual Machine server2 | 172.25.7.2 | httpd, php, back-end servers |
Virtual Machine server3 | 172.25.7.3 | httpd, php, back-end servers |
Physical machine | 172.25.7.250 | End test |
Set up a basic server haproxy
1, in server1Built above HAProxy server, install haproxy service yum install haproxy -y
view the version of the service
2, change the configuration file:vim /etc/haproxy/haproxy.cfg
listen admin *:8080
stats enable
stats uri /status # 监控页面地址
stats auth admin:westos # 管理帐号和密码
stats refresh 5s #刷新频率
listen ranran *:80 #监听的实例名称,地址和端口
balance roundrobin #负载均衡算法
server web1 172.25.7.2:80 check
server web2 172.25.7.3:80 check
3, open haproxy service on server1
4, in server2 and server3 On the installation and configuration service httpd web resources.
1)yum install httpd -y
2)vim /var/www/html--》server2/server3
3)systemctl start httpd
5、In the physical machine test: curl 172.25.7.1, to achieve load balancing
In the physical test machine inside the browser, enter the monitoring page: 172.25.7.1: 8080 / status
Shoot down server3
Monitoring page will be displayed immediately
server3的服务重启
监控页面又显示正常
三、给haproxy服务器添加日志
1、更改日志监控的配置文件:vim /etc/rsyslog.conf
$ModLoad imudp #接受 haproxy 日志
$UDPServerRun 514
*.info;mail.none;authpriv.none;cron.none;local2.none /var/log/messages
local2.* /var/log/haproxy.log #日志文件位置
2、重启haproxy和rsyslog服务
3、查看日志
四、动静态访问分离
1、更改配置文件:vim /etc/haproxy/haproxy.cfg,重启服务。
frontend ranran *:80
acl url_static path_beg -i /images (以/images开头 默认根目录)
acl url_static path_end -i .jpg .gif .png (以.jpg .gif .png结尾)
use_backend static if url_static
default_backend app
backend static
server web2 172.25.7.3:80 check
backend app
server web1 172.25.7.2:80 check
server local 172.25.7.1:8000 backup
2、在server3的httpd服务的默认发布目录里,新建images目录,放置.jpg的图片。
3、在server1上安装httpd服务,且更改httpd服务的工作端口为8000,添加web服务的资源
5、当我访问静态资源的时候,服务器去找server3
五、页面重定向
5.1 403错误页面重定向
1、更改配置文件:vim /etc/haproxy/haproxy.cfg,重启服务。
frontend ranran *:80
acl url_static path_beg -i /images
acl url_static path_end -i .jpg .gif .png
acl badhost src 172.25.7.250 ##设定物理机不能访问server1
block if badhost
errorloc 403 http://172.25.7.1:8000 ##注意端口不要冲突,如果是403错误就重定向到 172.25.7.1:8000
use_backend static if url_static
default_backend app
backend static
server web2 172.25.7.3:80 check
backend app
server web1 172.25.7.2:80 check
2、更改server1的web页面
3、在物理机测试:172.25.7.1:8000
5.2 任何错误页面重定向
1、更改配置文件:vim /etc/haproxy/haproxy.cfg,重启服务。
frontend ranran *:80
acl url_static path_beg -i /images
acl url_static path_end -i .jpg .gif .png
acl badhost src 172.25.7.250
redirect location http://172.25.7.1:8000 if badhost #如果出现错误访问就重定向,无论什么错误
use_backend static if url_static
default_backend app
backend static
server web2 172.25.7.3:80 check
backend app
server web1 172.25.7.2:80 check
2、为了实验效果明显更改server1的web页面
3、在物理机测试:172.25.7.1:8000
5.3 301永久重定向
- 301 redirect: 301 代表永久性转移(Permanently Moved);302 redirect: 302 代表暂时性转移(Temporarily Moved ),ps:这里也顺带记住了两个比较相近的英语单词(permanently、temporarily)
- 详细来说,301和302状态码都表示重定向,就是说浏览器在拿到服务器返回的这个状态码后会自动跳转到一个新的URL地址,这个地址可以从响应的Location首部中获取(用户看到的效果就是他输入的地址A瞬间变成了另一个地址B)——这是它们的共同点。他们的不同在于。301表示旧地址A的资源已经被永久地移除了(这个资源不可访问了),搜索引擎在抓取新内容的同时也将旧的网址交换为重定向之后的网址;302表示旧地址A的资源还在(仍然可以访问),这个重定向只是临时地从旧地址A跳转到地址B,搜索引擎会抓取新的内容而保存旧的网址。
At this point we are in the physical machine test, we found to be 302 temporary redirect
1, change the configuration file:vim /etc/haproxy/haproxy.cfgTo restart the service.
frontend ranran *:80
acl westos.org hdr_beg(host) -i westos.org
acl 172.25.7.1 hdr_beg(host) -i 172.25.7.1
redirect code 301 location http://www.westos.org if westos.org
###以westos.org访问 自动重定向 www.westos.org)
redirect code 301 location http://www.westos.org if 172.25.7.1
###以172.25.7.1访问 自动重定向 www.westos.org)
use_backend static if url_static
default_backend app
server web1 172.25.7.2:80 check
2, the physical machine browser testing:
172.25.7.1 access to automatically jump to www.westos.org
Westos.org access to automatically jump www.westos.org
Six, Haproxy the separate read and write
1, mounted to server2, and server3 php: yum install php -y
2, to server2 and server3 default upload directory permissions:chmod 777 upload
3, change the configuration file:vim /etc/haproxy/haproxy.cfgTo restart the service.
acl read method GET
acl read method HEAD ##两个read write 只用一个就行
acl write method PUT
acl write method POST
use_backend app if write
default_backend static
backend static
server web2 172.25.7.3:80 check
backend app
server web1 172.25.7.2:80 check
server local 172.25.7.1:8000 backup
4, the physical machine browser testing: 172.25.7.1/index.php
client upload .jpg picture
We will find uploaded to server2