Shulou(Shulou.com)06/02 Report--

This article is about how to use haproxy to achieve high availability and load balancing in keepalived. I think it is very practical, so I share it with you. I hope you can get something after reading this article. Let's take a look at it.

1.Nginx works above layer 7 of the network and does not support the forwarding of TCP protocol. After 1.9, tcp proxy function can be realized through stream module, but the stability is still lacking. And the company's existing system has part of the protocol is ICE, so if it does not support TCP protocol changes will be relatively large.

2.Nginx does not support health check, although Taobao later issued a nginx_upstream_check_module but need to install additional plug-ins, in addition, this plug-in only supports http and does not support TCP. So there are some limitations.

* what is a health check? To put it simply, the load balancer server periodically calls a HTTP interface of the load server or ping the tpc port to check whether the service is available. This is very useful for achieving high availability of the system. Health inspection can customize scripts to detect back-end services, which is beneficial to those who often fake death and are unable to detect whether the backend is normal by routinely judging the port. For example, RabbitMQ, business program custom check and so on. Currently, HA supports three forms of checking

1) Health detection is carried out through the listening port. In this detection method, haproxy will only check the ports of the backend server, which does not guarantee the real availability of the service.

For example:

Listen http_proxy 0.0.0.0:80

Mode http

Cookie SERVERID

Balance roundrobin

Option httpchk

Server web1 192.168.1.1:80 cookie server01 check

Server web2 192.168.1.2:80 cookie server02 check inter 500 rise 1 fall 2

2) Health examination is carried out through URI. The detection method is to use the web page of the GET backend server in the past, which can basically represent the availability of the backend service.

Listen http_proxy 0.0.0.0:80

Mode http

Cookie SERVERID

Balance roundrobin

Option httpchk GET / index.html

Server web1 192.168.1.1:80 cookie server01 check

Server web2 192.168.1.2:80 cookie server02 check inter 500 rise 1 fall 2

3) the head information obtained by request is matched for health detection. This detection method is based on some advanced and fine monitoring requirements. Through the matching detection of the header information accessed by the backend service.

Listen http_proxy 0.0.0.0:80

Mode http

Cookie SERVERID

Balance roundrobin

Option httpchk HEAD / index.jsp HTTP/1.1\ r\ nHost:\ www.xxx.com

Server web1 192.168.1.1:80 cookie server01 check

Server web2 192.168.1.2:80 cookie server02 check inter 500 rise 1 fall 2

3.haproxy built-in load monitoring interface, you can clearly see the load situation.

This is not to say that Nginx is not as good as Haproyx. It's just that Haproxy provides the functionality we want, and there is no need to install other plug-ins, which is relatively simple. So taking it into consideration, we decided to use Haproyx+keepalive to achieve high availability.

The following figure is the architecture diagram of the entire load balancer:

Haproxy installation:

# download # http://www.haproxy.org/download/1.7/src/haproxy-1.7.8.tar.gz#cd / data/nfs/download#yum install gcc gcc-c++ autoconf automake-y # install haproxytar-axf haproxy-* & & cd. / haproxy-*make TARGET=linux2628 ARCH=x86_64 PREFIX=/usr/local/haproxymake install PREFIX=/usr/local/haproyx successfully, check the version / usr/local/haproyx/sbin/haproxy-v

Copy the haproxy file to / usr/sbin

Because the following haproxy.init startup script will go to / usr/sbin by default, of course, you can also modify it, but it is more troublesome.

Cp / usr/local/haproxy/sbin/haproxy / usr/sbin/

Copy the haproxy script to / etc/init.d

Cp. / examples/haproxy.init / etc/init.d/haproxy

Chmod 755 / etc/init.d/haproxy

Create a system account

Useradd-r haproxy

Create a profile

Mkdir / etc/haproxy

Vi / etc/haproxy/haproxy.cfg

Add the following settings to the configuration file haproxy.cfg:

# Global configuration

Global

# set log

Log 127.0.0.1 local3 info

Chroot / usr/local/haproxy

# users and user groups

User haproxy

Group haproxy

# daemon starts

Daemon

# maximum number of connections

Maxconn 4000

# default configuration

Defaults

Log global

Mode http

Option httplog

Option dontlognull

Timeout connect 5000

Timeout client 50000

Timeout server 50000

# frontend configuration. Http_front name can be customized.

Frontend http_front

# initiating http request channel port 80 will be forwarded to the set ip and port

Bind *: 80

# haproxy's status management page, which is accessed through / haproxy?stats

Stats uri / haproxy?stats

Default_backend http_back

# backend configuration, http_back name can be customized

Backend http_back

# load balancing method

# source based on request source IP

# static-rr according to weight

# leastconn least connectors first

# uri according to the requested uri

# url_param based on the requested url parameter

# rdp-cookie locks and hashes every request according to cookie (name)

# hdr (name) locks each HTTP request according to the HTTP request header

# roundrobin polling method

Balance roundrobin

# set up the health check page

Option httpchk GET / index.html

# pass the real IP of the client

Option forwardfor header X-Forwarded-For

# inter 2000 interval between health check-ups is 2 seconds

# how many times can rise 3 be tested before it is considered normal

# how many times does fall 3 fail before it is considered unavailable

# weight 30 weights

# ip and port to be forwarded

Server node1 192.168.179.131:8081 check inter 2000 rise 3 fall 3 weight 30

Server node2 192.168.179.131:8082 check inter 2000 rise 3 fall 3 weight 30

Keepalive installation

Yum-y install keepalived

Vim / etc/keepalived/keepalived.conf

Global_defs {

Notification_email {

Root@localhost

}

Notification_email_from root@localhost

Smtp_server localhost

Smtp_connect_timeout 30

Router_id NodeA

}

Vrrp_instance VI_1 {

State MASTER # specify that Node An is set to BACKUP on the standby node of the primary node

Interface eth0 # bind the network interface of the virtual IP

Virtual_router_id 51 # VRRP group name, the settings of both nodes must be the same to indicate that each node belongs to the same VRRP group

Priority 100 # priority of the primary node (between 1-254), the standby node must have a lower priority than the primary node

Advert_int 1 # Multicast message sending interval, the settings of the two nodes must be the same

Authentication {# sets verification information. The two nodes must be consistent.

Auth_type PASS

Auth_pass 1111

}

Virtual_ipaddress {# specifies the virtual IP. The settings of the two nodes must be the same.

192.168.1.220

}

}

The name of the network card of interface eth0 must not be mistaken, it should be your own. You can use the ip a command to view

Start keepalive

/ etc/init.d/keepalived start

The above is how to use haproxy to achieve high availability and load balancing in keepalived. The editor believes that there are some knowledge points that we may see or use in our daily work. I hope you can learn more from this article. For more details, please follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.