网站建设 浙icp 0578,深圳西乡建网站,微网站开发程序,南昌网站建设托管一、HAProxy介绍 专业反向代理,支持双机热备支持虚拟主机,配置简单,拥有非常不错的服务器健康检查功能,当其代理的后端节点出现故障, HAProxy会自动将该服务器摘除,故障恢复后再自动将该服务器加入#xff0c;基于TCP和HTTP应用的代理软件#xff0c;开源免费、快速并且可靠的…一、HAProxy介绍 专业反向代理,支持双机热备支持虚拟主机,配置简单,拥有非常不错的服务器健康检查功能,当其代理的后端节点出现故障, HAProxy会自动将该服务器摘除,故障恢复后再自动将该服务器加入基于TCP和HTTP应用的代理软件开源免费、快速并且可靠的一种方案。 二、HAProxy优点 1、专业做反向代理负载均衡的软件2、负载均衡算法多大概8种3、性能优于nginx4、支持动态管理、通过和haproxy的sock进行通信管理5、有比较丰富的dashboard页面6、强大的七层功能 三、HAProxy应用场景 1、tcp即4层代理大多用于邮件服务器、内部协议通信服务器等 2、HAProxy可以作为MySQL、邮件或其它的非web的负载均衡我们常用于它作为MySQL(读)负载均衡 3、特别适用于负载特大的web站点这些站点通常又需要会话保持或者七层处理 四、HAProxy服务部署 1、环境 #haproxy01
[roothaproxy01 ~]# cat /etc/redhat-release
CentOS release 6.9 (Final)
[roothaproxy01 ~]# uname -r
2.6.32-696.el6.x86_64
[roothaproxy01 ~]# getenforce
Disabled
[roothaproxy01 ~]# /etc/init.d/iptables status
iptables: Firewall is not running.
[roothaproxy01 ~]# hostname -I
172.19.5.3 172.16.1.3 #haproxy02
[roothaproxy02 ~]# cat /etc/redhat-release
CentOS release 6.9 (Final)
[roothaproxy02 ~]# uname -r
2.6.32-696.el6.x86_64
[roothaproxy02 ~]# getenforce
Disabled
[roothaproxy02 ~]# /etc/init.d/iptables status
iptables: Firewall is not running.
[roothaproxy02 ~]# hostname -I
172.19.5.4 172.16.1.4 2、编译安装HAProxy mkdir /server/tools -p
cd /server/tools/
#上传haproxy-1.7.9.tar.gz
tar xf haproxy-1.7.9.tar.gz
cd haproxy-1.7.9
make TARGETlinux26 PREFIX/usr/local/haproxy-1.7.9
make install
cp /usr/local/sbin/haproxy /usr/sbin/
cp /server/tools/haproxy-1.7.9/examples/haproxy.init /etc/init.d/haproxy
chmod x /etc/init.d/haproxy
useradd -r haproxy
mkdir /etc/haproxy
mkdir /var/lib/haproxy 3、设置HAProxy日志(/etc/rsyslog.conf) $ModLoad imudp
$UDPServerRun 514
local3.* /var/log/haproxy.log 4、创建配置文件 ###全局配置###globallog 127.0.0.1 local3 info #日志输出配置chroot /var/lib/haproxy #chroot运行路径user haproxy #运行haproxy用户 group haproxy #运行haproxy所属的组daemon #以后台的形式运行haproxystats socket /var/lib/haproxy/haproxy.sock mode 600 level admin #haproxy动态管理配置stats timeout 2m maxconn 4096 #默认最大连接数###默认配置###defaultslog global #采用全局定义的日志mode http #默认的模式modetcp是4层http是7层option httplog #日志类别option dontlognull #不记录健康检查日志timeout connect 5000ms #连接超时timeout client 50000ms #客户端超时timeout server 50000ms #服务器超时
###前端配置###
frontend web_frontmode http #7层bind *:80 #建议使用bindstats uri /haproxy-status #haproxy监控页面uridefault_backend web_back#acl is_static_reg url_reg /*.(css|jpg|png|js|jpeg|gif)$#use_backend web01_back_backend if is_static_reg
###后端配置###
backend web_backbalance roundrobin #默认负载均衡方式轮询 #balance source #负载均衡方式类似Nginx的ip_hash #balance leastconn #负载均衡方式最小连接数#option httpchk GET /index.html #后端节点健康检查server haproxy01 172.19.5.3:8080 check inter 2000 rise 30 fall 15 #后端服务器定义server haproxy02 172.19.5.4:8080 check inter 2000 rise 30 fall 15 #后端服务器定义 5、实现HAProxy负载均衡 #分别在haproxy01和haproxy02上面装了http服务修改默监听端口为8080
#测试负载均衡数据
[roothaproxy01 ~]# curl 172.19.5.3
http01
[roothaproxy01 ~]# curl 172.19.5.3
http02
[roothaproxy01 ~]# curl 172.19.5.3
http01
[roothaproxy01 ~]# curl 172.19.5.3
http02
[roothaproxy01 ~]# curl 172.19.5.3
http01
[roothaproxy01 ~]# curl 172.19.5.3 [roothaproxy02 ~]# curl 172.19.5.4
http01
[roothaproxy02 ~]# curl 172.19.5.4
http02
[roothaproxy02 ~]# curl 172.19.5.4
http01
[roothaproxy02 ~]# curl 172.19.5.4
http02
[roothaproxy02 ~]# curl 172.19.5.4
http01
[roothaproxy02 ~]# curl 172.19.5.4
http02 五、HAProxy动态管理 1、安装socat命令 yum install -y socat 2、使用方法 [roothaproxy01 ~]# echo help|socat stdio /var/lib/haproxy/haproxy.sock
Unknown command. Please enter one of the following commands only :help : this messageprompt : toggle interactive mode with promptquit : disconnectset maxconn global : change the per-process maxconn settingset rate-limit : change a rate limiting valueset timeout : change a timeout settingshow env [var] : dump environment variables known to the processshow stat resolvers [id]: dumps counters from all resolvers section andassociated name serversadd acl : add acl entryclear acl id : clear the content of this acldel acl : delete acl entryget acl : report the patterns matching a sample for an ACLshow acl [id] : report available acls or dump an acls contentsadd map : add map entryclear map id : clear the content of this mapdel map : delete map entryget map : report the keys and values matching a sample for a mapset map : modify map entryshow map [id] : report available maps or dump a maps contentsshow pools : report information about the memory pools usageshow sess [id] : report the list of current sessions or dump this sessionshutdown session : kill a specific sessionshutdown sessions server : kill sessions on a serverclear counters : clear max statistics counters (add all for all counters)show info : report information about the running processshow stat : report counters for each proxy and servershow errors : report last request and response errors for each proxyclear table : remove an entry from a tableset table [id] : update or create a table entrys datashow table [id]: report table usage stats or dump this tables contentsdisable frontend : temporarily disable specific frontendenable frontend : re-enable specific frontendset maxconn frontend : change a frontends maxconn settingshow servers state [id]: dump volatile server information (for backend id)show backend : list backends in the current running configshutdown frontend : stop a specific frontenddisable agent : disable agent checks (use set server instead)disable health : disable health checks (use set server instead)disable server : disable a server for maintenance (use set server instead)enable agent : enable agent checks (use set server instead)enable health : enable health checks (use set server instead)enable server : enable a disabled server (use set server instead)set maxconn server : change a servers maxconn settingset server : change a servers state, weight or addressget weight : report a servers current weightset weight : change a servers weight (deprecated)3、监控数据 [roothaproxy01 ~]# echo show info|socat stdio /var/lib/haproxy/haproxy.sock
Name: HAProxy
Version: 1.7.9
Release_date: 2017/08/18
Nbproc: 1
Process_num: 1
Pid: 3897
Uptime: 0d 2h57m54s
Uptime_sec: 10674
Memmax_MB: 0
PoolAlloc_MB: 0
PoolUsed_MB: 0
PoolFailed: 0
Ulimit-n: 4031
Maxsock: 4031
Maxconn: 2000
Hard_maxconn: 2000
CurrConns: 0
CumConns: 3563
CumReq: 3575
Maxpipes: 0
PipesUsed: 0
PipesFree: 0
ConnRate: 1
ConnRateLimit: 0
MaxConnRate: 2
SessRate: 1
SessRateLimit: 0
MaxSessRate: 2
CompressBpsIn: 0
CompressBpsOut: 0
CompressBpsRateLim: 0
Tasks: 5
Run_queue: 1
Idle_pct: 100
node: haproxy014、管理后端节点 ①后端节点正常状态 ②关闭后端节点haproxy01 echo disable server web_back/haproxy01|socat stdio /var/lib/haproxy/haproxy.sock ③打开后端节点haproxy01又恢复正常 [roothaproxy01 ~]# echo enable server web_back/haproxy01|socat stdio /var/lib/haproxy/haproxy.sock 六、HAProxy结合Keepalived实现高可用 1、安装keepalived yum install keepalived -y 2、keepalived配置文件 #HAProxy01-keepalived配置# global_defs { router_id HAProxy-HA01 } vrrp_instance HAProxy_1 { state MASTER interface eth0 virtual_router_id 55 priority 150 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 172.19.5.16/24 172.19.5.17/24 } } #HAProxy02-keepalived配置# global_defs { router_id HAProxy-HA02 } vrrp_instance HAProxy_1 { state BACKUP interface eth0 virtual_router_id 55 priority 100 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 172.19.5.16/24 172.19.5.17/24 } } 3、使用tcpdump检测主发包 [roothaproxy01 ~]# tcpdump -n host 224.0.0.18
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
16:22:52.240031 IP 172.19.5.3 224.0.0.18: VRRPv2, Advertisement, vrid 55, prio 150, authtype simple, intvl 1s, length 24
16:22:53.241106 IP 172.19.5.3 224.0.0.18: VRRPv2, Advertisement, vrid 55, prio 150, authtype simple, intvl 1s, length 24
16:22:54.242203 IP 172.19.5.3 224.0.0.18: VRRPv2, Advertisement, vrid 55, prio 150, authtype simple, intvl 1s, length 24
16:22:55.243301 IP 172.19.5.3 224.0.0.18: VRRPv2, Advertisement, vrid 55, prio 150, authtype simple, intvl 1s, length 24
16:22:56.244382 IP 172.19.5.3 224.0.0.18: VRRPv2, Advertisement, vrid 55, prio 150, authtype simple, intvl 1s, length 24
16:22:57.245453 IP 172.19.5.3 224.0.0.18: VRRPv2, Advertisement, vrid 55, prio 150, authtype simple, intvl 1s, length 24
16:22:58.245809 IP 172.19.5.3 224.0.0.18: VRRPv2, Advertisement, vrid 55, prio 150, authtype simple, intvl 1s, length 24
16:22:59.246893 IP 172.19.5.3 224.0.0.18: VRRPv2, Advertisement, vrid 55, prio 150, authtype simple, intvl 1s, length 24
16:23:00.247984 IP 172.19.5.3 224.0.0.18: VRRPv2, Advertisement, vrid 55, prio 150, authtype simple, intvl 1s, length 24
16:23:01.249098 IP 172.19.5.3 224.0.0.18: VRRPv2, Advertisement, vrid 55, prio 150, authtype simple, intvl 1s, length 24 4、测试keepalived的高可用故障切换 ①使用vip访问测试 [rootm01 ~]# curl 172.19.5.16
http01
[rootm01 ~]# curl 172.19.5.16
http02
[rootm01 ~]# curl 172.19.5.17
http01
[rootm01 ~]# curl 172.19.5.17
http02 ②haproxy01上查看vip [roothaproxy01 ~]# ip a s eth0
2: eth0: BROADCAST,MULTICAST,UP,LOWER_UP mtu 1500 qdisc pfifo_fast state UP qlen 1000link/ether 02:63:31:57:80:01 brd ff:ff:ff:ff:ff:ffinet 172.19.5.3/24 brd 172.19.5.255 scope global eth0inet 172.19.5.16/24 scope global secondary eth0inet 172.19.5.17/24 scope global secondary eth0inet6 fe80::63:31ff:fe57:8001/64 scope link valid_lft forever preferred_lft forever ③停掉haproxy01的keepalived服务 [roothaproxy01 ~]# /etc/init.d/keepalived stop
Stopping keepalived: [ OK ] ④haproxy02上查看vip [roothaproxy02 ~]# ip a s eth0
2: eth0: BROADCAST,MULTICAST,UP,LOWER_UP mtu 1500 qdisc pfifo_fast state UP qlen 1000link/ether f6:4f:56:db:f5:d8 brd ff:ff:ff:ff:ff:ffinet 172.19.5.4/24 brd 172.19.5.255 scope global eth0inet 172.19.5.16/24 scope global secondary eth0inet 172.19.5.17/24 scope global secondary eth0inet6 fe80::f44f:56ff:fedb:f5d8/64 scope link valid_lft forever preferred_lft forever 转载于:https://www.cnblogs.com/yanxinjiang/p/7929889.html
