Haproxy build a Web cluster
Haproxy and understanding of the deployment environment
Haproxy is a popular scheduling tool
Haproxy and LVS, Nginx compare
LVS: LVS best performance, anti-load capacity, but it is more complex to configure
Nginx: not strong cluster node health check function, performance is not good Haproxy, installation configuration is simple, convenient test, but supports only http and scheduling emil
Haproxy: performance is better than Nginx, support url detect back-end server (mysql server is better than 10 units LVS)
Algorithm (as with LVS)
RR (poll): a scheduler through the "round-robin" scheduling algorithm external requests sequentially assigned to the cluster in turn in the real server, which equally treats each server, and the server regardless of the actual number of connections and system load
WRR (Weighted Round Robin): a scheduler via the "weighted round-robin" scheduling algorithm to schedule the access request depending on the processing capability of the real server, which can ensure a strong server processing power to handle more traffic. Queries scheduler may automatically load the real server, and dynamically adjusts the weight
LC (Least Connection): a scheduler via "least connection" scheduling algorithm dynamically network requests on a minimum number of links the server to schedule established, if the real server cluster systems have similar system performance, a "minimum connection" Scheduling algorithm can better balance the load
WLC (weighted least connections): is large, the dispatcher uses the difference in performance server cluster system "Weighted Least link" scheduling algorithm to optimize load balancing performance, the server having a higher weight value will bear a larger proportion of events connected load. Queries scheduler may automatically load the real server, and dynamically adjusts the weight
Deployed (as shown below)
Jump behind the two servers is achieved by accessing the website 192.168.1.20
Installation configuration Haproxy
1. Install the software dependent
yum install -y pcre-devel bzip2-devel
2. Download and install the compiled source package unzip
make TARGET=linux26
Then make install
3. Profiling
Create a directory and copy the configuration template to the directory
mkdir /etc/haproxy
cp examples/haproxy.cfg /etc/haproxy/
mkdir -p /usr/share/haproxy
4. Path Optimization
cp examples/haproxy.init /etc/init.d/haproxy
chmod +x /etc/init.d/haproxy
ln -s /usr/local/sbin/haproxy /usr/sbin/haproxy
5. Modify the configuration file to start the service
Profile Location: /etc/haproxy/haproxy.cfg
global
log 127.0.0.1 local0 \\配置日志记录,local0为日志设备,默认存放到系统日志
log 127.0.0.1 local1 notice \\notice为日志级别,通常有24个级别
#log loghost local0 info
maxconn 4096 \\最大连接数
chroot /usr/share/haproxy
uid 99 \\用户uid
gid 99 \\用户gid
daemon
#debug
#quiet
defaults
log global \\定义日志为global配置中的日志定义
mode http \\模式为http
option httplog \\采用http日志格式记录日志
option dontlognull \\不记录健康检查的日志信息
retries 3 \\检查节点服务器失败次数
# redispatch \\如果后端有服务器宕机,强制切换到正常服务器
maxconn 2000 \\最大连接数
contimeout 5000 \\连接超时时间
clitimeout 50000 \\客户端超时时间
srvtimeout 50000 \\服务器超时时间
listen web1 0.0.0.0:80
option httpchk /index.html \\检查服务器的index.html文件
balance roundrobin \\算法
# cookie SERVERID insert indirect nocache
server inst1 192.168.1.21:80 check inter 2000 fall 3 \\定义在线节点
server inst2 192.168.1.22:80 check inter 2000 fall 3 \\定义备份节点Detailed profiles
Layout roughly divided into three parts
1.global (Global portion)
2.defaults (default configuration section)
3.listen (application component part)
Global global (parameter is process-level, usually operating system (OS) related)
20480 maxconn : The default maximum number of connections
127.0.0.1 local0 log : log output configuration, all log records are present in the system log, the output local0
Notice 127.0.0.1 local1 log : Notice for the log level, usually have 24 levels (error warringinfo debug)
chroot / var / HAProxy : running path chroot
99 uid : uid user belongs running
99 gid : User group running
daemon : After running the form of table haproxy
1 nbproc : the number of processes (multiple processes can be set up to improve performance)
/var/run/haproxy.pid the PidFile : HAProxy the pid storage path, the user starts the process must have permission to access this file
65535-n-ulimit : ulimit quantity of
Defaults The default configuration settings (using these parameters can be configured to frontend, backend, listen component)
log global : global configuration is defined as the log log defined
mode http categories processed (# 7 layer http; 4 layer tcp):
20480 maxconn : maximum number of connections
HTTPLOG the Option : http log format log category
httpclose Option : After completion of each requested channel active close http
dontlognull the Option : Check the log does not record health information
forwardfor the Option : If the back-end server need to get real client ip parameters need to be configured, you can get the client ip from the Http Header
redispatch the Option : after serverId corresponding server hang, forcing directed to other healthy server
abortonclose the Option : When the high server load time, automatic connection off the end of the current queue processing relatively long
Refresh 30 stats : Statistics page refresh interval
3 retries : Connection failed 3 times to think service is not available, you can also set back
the RoundRobin Balance : default load balancing mode, polling
Source Balance : default load-balanced manner, similar nginx's ip_hash
leastconn Balance : default load balancing mode, the minimum connection
5000 contimeout : Connection timed out
50000 clitimeout : Client timeout
50000 srvtimeout : Server timeout
2000 the Check timeout : Timeout heartbeat
Configure the monitoring settings page
Admin_status the listen : Frontend Backend and combinations thereof, the name of the group to monitor, on-demand custom name
0.0.0.0:65532 the bind : listening port
HTTP MODE : HTTP 7-layer model
127.0.0.1 local3 ERR log : Error Logging
Refresh 5S stats : automatically refresh every five seconds to monitor the page
uri stats / ADMIN stats? url monitoring page:
realm itnihao stats \ itnihao : Monitoring page message
auth admin stats: admin : admin password and user monitoring page, you can set up multiple user names
auth admin1 stats: admin1 : monitoring page of user and password admin1
hide-Version stats : Hidden HAproxy version information on the statistics page
ADMIN IF TRUE stats : manually enable / disable, back-end server (after haproxy-1.4.9 version)
errorfile 403 /etc/haproxy/errorfiles/403.http
errorfile 500 /etc/haproxy/errorfiles/500.http
errorfile 502 /etc/haproxy/errorfiles/502.http
errorfile 503 /etc/haproxy/errorfiles/503.http
errorfile 504 /etc/haproxy/errorfiles/504.http
Configure logging HAProxy content settings
capture request header Host len 40
capture request header Content-Length len 10
capture request header Referer len 200
capture response header Server len 40
capture response header Content-Length len 10
capture response header Cache-Control len 8
Website Monitoring listen configuration (monitor monitor state haproxy backend server)
listen site_status
0.0.0.0:1081 the bind : listening port
HTTP MODE : HTTP 7-layer model
log 127.0.0.1 local3 err:[err warning info debug]
uri-Monitor / SITE_STATUS : health monitoring website URL, used to detect whether the site can be managed HAProxy with a normal return 200, 503 does not return to normal
acl site_dead nbsrv (server_web) lt 2 returns true if the number of effective strategies machine down time when the site is defined on the hanging load balancing less than the specified backend table 1:
acl site_dead nbsrv(server_blog) lt 2
acl site_dead nbsrv(server_bbs) lt 2
IF site_dead Fail Monitor : When to meet the return policy 503, online documentation says that 500, 503 for the actual test
NET 192.168.1.21/32-Monitor : log information from 192.168.1.21 will not be recorded and forwarded
monitor-net 192.168.1.22/32: log information from 192.168.1.22 will not be recorded and forwarded
frontend configuration (configuration which can define a plurality of frontend matching operation acl)
http_80_in frontend : Defining Access Port
0.0.0.0:80 the bind : Port monitor port, namely haproxy provide web services, and ports lvs similar vip
HTTP MODE : HTTP 7-layer model
, Ltd. Free Join log : Apply the global logging configuration
HTTPLOG the Option : Enable the log http
httpclose Option : After completion of each active close http request channel, HA-Proxy keep-alive mode is not supported
forwardfor the Option : If the back-end server need to get real IP clients need to configure the time parameters, you will be able to get the client IP from the Http Header
acl policy configuration
itnihao_web hdr_reg acl (Host) -i ^ (www.itnihao.cn | ww1.itnihao.cn) $ : If the requested domain name to meet the regular expression in the two domain names are case insensitive return true -i
itnihao_blog hdr_dom acl (Host) -i blog.itnihao.cn : If the requested domain name is to meet www.itnihao.cn return true -i to ignore case
HDR itnihao acl (Host) -i itnihao.cn : If the requested domain name is to meet itnihao.cn return true -i to ignore case
= -i killall file_req url_sub ACL : request contained in the url killall =, then this control strategy returns true, false otherwise
-i allow dir_req url_dir ACL : allow the presence of the request as part of the url address path, this control strategy returns true, false otherwise
missing_cl hdr_cnt ACL (Content-length) EQ 0 : request header when the Content-length equal Returns true 0 when
acl matching response strategy
IF missing_cl Block : When the request header Content-length equal to 0 to prevent return request 403
IF file_req || dir_req Block! : Block representation block the request, returns a 403 error, if the current representation does not meet the policy file_req, or to meet the policy dir_req, the request is blocked
IF itnihao_web server_web use_backend : use backend server_web when itnihao_web strategy to meet
IF itnihao_blog server_blog use_backend : when using the backend server_blog meet itnihao_blog strategy
IF http://blog.itniaho.cn prefix code 301 redirect itnihao : When the visit itnihao.cn, with 301 http pick to http://192.168.16.3
server_bbs default_backend : None of the above when using the default server_bbs meet the backend
backend setting (server_web, server_blog, server_bbs)
backend server_web
server_web backend : Server Type
HTTP MODE : HTTP 7-layer model
the RoundRobin Balance : load-balanced manner, roundrobin average way
ServerID cookie : serverid permit insertion in a cookie, may be defined later serverid
GET /index.html httpchk the Option : heartbeat file
Cookie web1 web1 192.168.1.21:80 Check Server Inter 3 1500 Rise Fall weight. 1 3 : server definition, cookie 1 represents serverid as web1, check inter 1500 Rise 3 is detected heartbeat frequency that is three times the correct server is available, fall 3 3 failed think server is unavailable, weight represents the weight
Cookie web2 web2 192.168.1.22:80 Check Server Inter 1500 Rise Fall 3 2 3 weight : server definition, cookie 1 represents serverid as web2, check inter 1500 Rise 3 is detected heartbeat frequency that is three times the correct server is available, fall 3 3 failed think server is unavailable, weight represents the weight
backend server_blog
backend server_blog
HTTP MODE : HTTP 7-layer model
the RoundRobin Balance : load-balanced manner, roundrobin average way
ServerID cookie : serverid permit insertion in a cookie, may be defined later serverid
GET /index.html httpchk the Option : heartbeat file
Cookie blog1 blog1 192.168.1.21:80 Check Server Inter 3 1500 Rise Fall weight. 1 3 : server definition, cookie 1 represents serverid as web1, check inter 1500 Rise 3 is detected heartbeat frequency that is three times the correct server is available, fall 3 3 failed think server is unavailable, weight represents the weight
Cookie blog2 blog2 192.168.1.22:80 Check Server Inter 1500 Rise Fall 3 2 3 weight : server definition, cookie 1 represents serverid as web2, check inter 1500 Rise 3 is detected heartbeat frequency that is three times the correct server is available, fall 3 3 failed think server is unavailable, weight represents the weight
backend server_bbs
backend server_bbs
HTTP MODE : HTTP 7-layer model
the RoundRobin Balance : load-balanced manner, roundrobin average way
ServerID cookie : serverid permit insertion in a cookie, may be defined later serverid
GET /index.html httpchk the Option : heartbeat file
Cookie BBS1 192.168.16.21:80 BBS1 Check Server Inter 3 1500 Rise Fall weight. 1 3 : server definition, cookie 1 represents serverid as web1, check inter 1500 Rise 3 is detected heartbeat frequency that is three times the correct server is available, fall 3 3 failed think server is unavailable, weight represents the weight
Cookie BBS2 BBS2 192.168.1.22:80 Check Server Inter 1500 Rise Fall 3 2 3 weight : server definition, cookie 1 represents serverid as web2, check inter 1500 Rise 3 is detected heartbeat frequency that is three times the correct server is available, fall 3 3 failed think server is unavailable, weight represents the weight
