Shulou(Shulou.com)06/02 Report--

HAproxy enterprise applications, TCP/HTTP dynamic and static separation

HAProxy is a free, open source tcp/http reverse proxy tool, load balancer, is a very fast and reliable secure solution for enterprises, providing high availability, high concurrency, load balancing and proxy to TCP and HTTP-based applications. It is especially suitable for websites with very high traffic. It has become a de facto standard open source load balancer and is now available with most mainstream Linux distributions. It is also a widely used and popular third-party tool in the Internet field.

In the actual application environment of enterprises, different requests are often redirected to designated back-end servers according to business requests, for example, customer static resource requests are handed over to the back-end static resource server for processing, php requests are handed over to the back-end dynamic resource Apache service for processing, and jsp requests are handed over to the back-end dynamic resource tomcat service for processing, that is, the business application requests are separated. We can achieve this goal by using acl matching rules through haproxy, so as to achieve the effect of static and dynamic separation. In addition to haproxy, in fact, you can also be fully realized through nginx's acl rules, but these powerful tools are often run on the Linux server to achieve the best performance, in fact, these things are very simple to install and configure, as long as you have a basic Linux, understand some basic Linux commands can completely achieve powerful functions, I am also in the "Linux should learn this tree introduction to Linux, very suitable for beginners.

Now many enterprises buy load balancer hardware equipment, in fact, these hardware devices are achieved by sneaking into the software, the performance may not be so good, haproxy to achieve tcp and http load balancing is very reliable, our enterprise now imports hundreds of thousands of concurrency, the front-end deployment of Linux servers for a few days to install haproxy is completely pressure-free, and the effect is very obvious When the haproxy is not used at first, users always report that the access is very slow, because at the beginning, it is very difficult to access the Windows server, which is not secure and puts great pressure on the business server, and may also cause the business to collapse directly. Haproxy user load balancer runs very well on the Linux server. Fast session rate, high session concurrency and fast data conversion rate are some of the performance advantages of haproxy.

Below, we use a simple case to achieve the static and dynamic separation effect of HAproxy. The requirements are as follows:

1. The request for static page is sent to web1.

2. The request for dynamic page is sent to web2.

one。 Application static and dynamic separation based on haproxy

Haproxy static and dynamic separation case topology diagram

Considerations before haproxy deployment:

(1) operating system version: centos 7.4 (64 bit)

(2) functional roles and server ip related information:

Role name

Ip information

Haproxy server

Eth0:172.51.96.233/24 & & eth2:192.168.3.22/24

Static server

Eth2:192.168.3.24/24

Php server

Eth2:192.168.3.9/24

Tomcat server

Eth2:192.168.3.9/24

II. Operational deployment

1. Download the haproxy-1.8.9.tar.gz installation package on the official website (you need to go to the wall)

# wget http://www.haproxy.org/download/1.8/src/haproxy-1.8.9.tar.gz

2. Create a haproxy running user

# groupadd-r haproxy

# useradd-g haproxy-M-s / sbin/nologin haproxy

3. Compile and install haproxy with source code:

# tar zxvf haproxy-1.8.9.tar.gz

# cd haproxy-1.8.9/

# make TARGET=linux2628 PREFIX=/usr/local/haproxy

# make install PREFIX=/usr/local/haproxy

Note: TARGET=Linux31 uses uname-a to check the Linux kernel version. If the kernel is greater than 2.6.28, use TARGET=linux2628.

# cd / usr/local/haproxy/

[root@web-3-22 haproxy] # ll

Total 0

Drwxr-xr-x 3 root root 21 May 23 15:56 doc

Drwxr-xr-x 2 root root 21 May 23 15:56 sbin

Drwxr-xr-x 3 root root 17 May 23 15:56 share

4. Yum installation:

[root@web-3-22 haproxy] # yum install haproxy.x86_64

[root@web-3-22 haproxy] # mkdir etc

[root@web-3-22 haproxy] # cd etc/

5. Haproxy configuration

[root@web-3-22 etc] # vim haproxy.cfg

Global

Maxconn 500000 # Max simultaneous connections from an upstream server

Spread-checks 5 # Distribute health checks with some randomness

Chroot / usr/local/haproxy

Daemon

Nbproc 2

User haproxy

Group haproxy

Log 127.0.0.1 local0

Log 127.0.0.1 local1 notice

Description haproxy server

Defaults

Log global

Mode http

Maxconn 10000

Option httplog

Option httpclose

Option dontlognull

Option forwardfor except 127.0.0.0/8

Retries 3

Option redispatch

Balance roundrobin

Timeout http-request 10s

Timeout queue 1m

Timeout client 1m

Timeout server 1m

Listen adimin_stats

Bind-process 1

Mode http

Stats enable

Stats hide-version

Bind: 8888

Stats uri / admin?stats

Stats realm Haproxy\ Statistics

Stats auth hadmin:yhXV2WAbybXd1euzEXbEADAe

Stats refresh 30s

Stats admin if TRUE

Listen www

Bind *: 80

Maxconn 50000

Mode http

Log global

Option httplog

Option httpclose

Option forwardfor

Log global

Default_backend default # sets the default access resource page

# define the acl rules for transferring the request to the static resource server when the requested content is static (picture, video, js, css, html)

Acl url_static path_beg-I / static / images / img / javascript / stylesheets

Acl url_static path_end-I .jpg .gif .png .css .js .html

Acl host_static hdr_beg (host)-I img. Video. Download. Ftp. Imags. Videos.

# define acl rules for handing over the request to the php dynamic resource server when the content of the request is php content

Acl url_php path_end-I. php

# define acl rules for handing over requests to tomcat dynamic resource servers when the content of the request is .jsp or .do content

Acl url_jsp path_end-I .jsp .do

# referencing acl matching rules of haproxy

Use_backend static_pool if url_static or host_static

Use_backend php_pool if url_php

Use_backend tomcat_pool if url_jsp

# define backend backend server

Backend static_pool

Option httpchk GET / index.html

Server static1 192.168.3.24:80 cookie id1 check inter 2000 rise 2 fall 3

Backend php_pool

Option httpchk GET / index.php

Server php1 192.168.3.9:80 cookie id1 check inter 2000 rise 2 fall 3

Backend tomcat_pool

Option httpchk GET / index.jsp

Server tomcat1 192.168.3.9:8080 cookie id2 check inter 2000 rise 2 fall 3

#

Backend default

Mode http

Option httpchk GET / index.html

Server default 192.168.3.24:80 cookie id1 check inter 2000 rise 2 fall 3 maxconn 5000

# chown-R haproxy:haproxy / usr/local/haproxy/

# service haproxy start

# starting haproxy reported an error, which may be caused by a port conflict. Check the haproxy listen configuration. My configuration file listens for port 80. The port 80 of this host is occupied by httpd. Stop the httpd service and start haproxy again.

# netstat-ntlp | grep haproxy

6. Service status

Service haproxy start / / start the service

Service haproxy stop / / stop service

Service haproxy status / / Service status

Chkconfig haproxy on / / Boot start

3. The test results of haproxy are as follows:

1. Default page:

Http://192.168.3.22

2. Test html static resources

Http://192.168.3.22/index.html

3. Test php dynamic resources

Http://192.168.3.22/index.php

4. Test jsp dynamic resources

Http://192.168.3.22/index.jsp

5. Haproxy backend monitoring page

Http://192.168.3.22:8888/admin?stats

Hadmin/yhXV2WAbybXd1euzEXbEADAe

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.