Shulou(Shulou.com)06/03 Report--

Haproxy is a popular cluster scheduling tool at present. There are many similar cluster scheduling tools, such as LVS and Nginx. Comparatively speaking, LVS has the best performance, but the construction is relatively complex. To build a LVS cluster, please refer to the blog article: build: LVS+Keepalived highly available Web service cluster environment; Nginx's upstream module supports the cluster function, but the health check function of the cluster node is not strong, and the performance is not as good as Haproxy, so it is more used in the enterprise intranet environment. Nginx clusters can refer to the blog article: centos 7 deployment Tomcat and its load balancing configuration details.

The above several web cluster schedulers belong to the software type, there are many hardware cluster schedulers, the hardware is generally more used is F5, but also many companies use some domestic products, such as barracuda, Green League and so on. The hardware cluster scheduler has some obvious shortcomings. if there is a problem, we need the technical support of the manufacturer, and the manufacturer also needs our error log for maintenance. it may have been a month since the problem was solved. If we use a software-based cluster scheduler, then as long as our operation and maintenance personnel are skilled, it will be quick to find problems and solve them.

About the commonly used scheduling algorithms, configuration files and parameter optimization of Haproxy, please refer to the blog post: detailed explanation of haproxy configuration file of centos 7 and haproxy parameter tuning.

Now build a high-availability web cluster for keepalived in the following environment (omitted here, and we will write about how to build a high-availability storage server in a future article), as follows:

1. Preparatory work:

1. Connect the network and the firewall releases the relevant traffic (I turn off the firewall directly here)

2. Prepare the system image and configure the local yum (self-configuration).

3. Download the haproxy source code package, which can be downloaded from the network disk link provided by me using: haproxy download link

Extraction code: 54iv.

4. Web website can be built with apache, Nginx or Tomcat, as long as it can be accessed. Build it here. For testing convenience, I directly use the httpd service that comes with the system image. For web website construction, you can refer to: build Apache website service configuration based on Linux; build Nginx website server based on centos 7

5. I use all centos 7 systems here. Note that this environment is not a production environment. If you are in a production environment, there must be back-end storage to store web pages. The web server reads the web pages on the storage server and returns them to the client. Only in this way can we ensure the consistency of the web page content.

2. Start building:

1. Configure the keepalived+haproxy master server:

[root@haproxy1 ~] # yum-y install keepalived pcre-devel bzip2-devel # Mount the system image Install the relevant software package [root@haproxy1 media] # tar zxf haproxy-1.5.19.tar.gz-C / usr/src/ # unpack [root@haproxy1 media] # cd / usr/src/haproxy-1.5.19/ # and change to the source package directory [root@haproxy1 haproxy-1.5.19] # make TARGET=linux26 & & make install # to compile and install. The TARGET configuration item represents a 64-bit system. Haproxy does not require a. / configure configuration. [root@haproxy1 haproxy-1.5.19] # mkdir / etc/haproxy # create a configuration file directory [root@haproxy1 haproxy-1.5.19] # cp examples/haproxy.cfg / etc/haproxy/ # copy the configuration file directory that comes with the source code package. [root@haproxy1 haproxy-1.5.19] # cd [root@haproxy1 ~] # vim / etc/haproxy/haproxy.cfg # edit the main configuration file according to the current environment Modify the main configuration file as follows: # this config needs haproxy-1.1.28 or haproxy-1.2.1global log / dev/log local0 info log / dev/log local0 notice # log loghost local0 info maxconn 4096 # chroot / usr/share/haproxy # release the line uid 99 gid 99 daemon # debug # quietdefaults Log global mode http option httplog option dontlognull retries 3 redispatch maxconn 2000 contimeout 5000 clitimeout 50000 srvtimeout 50000listen webcluster 0.0.0.0 contimeout 80 # webcluster is the cluster name Can be customized to modify the following port number. Option httpchk / index.html balance roundrobin # indicates a polling algorithm. Server inst1 192.168.1.3 server inst1 80 check inter 2000 fall 3 # web Node 1 server inst2 192.168.1.4 server inst2 80 check inter 2000 fall 3 # web Node 2, pay attention to the relevant port number # Note: there are many listen configuration items under the configuration file, find the listen items that are similar to those we need and copy them to the # defaults configuration item, and then delete all the subsequent configuration items, if not delete There may be an error when the service starts. [root@haproxy1 ~] # cd / usr/src/haproxy-1.5.19/examples/ # switch to the specified directory [root@haproxy1 examples] # cp haproxy.init / etc/init.d/haproxy # replication service control script [root@haproxy1 examples] # ln-s / usr/local/sbin/haproxy / usr/sbin/haproxy# create soft connection [root@haproxy1 examples] # chmod + x / etc/init.d/haproxy # Give file execution permission [root@haproxy1 examples] # chkconfig-- add / etc/init.d/haproxy # add as system service [root@haproxy1 examples] # systemctl restart haproxy # start haproxy service [root@haproxy1 examples] # netstat-anpt | grep 80 # to see if it is listening # haproxy service listens to port 80 tcp 00 0.0.0.0root@haproxy1 examples 800 by default .0.0.0: * LISTEN 12640/haproxy [root@haproxy1 ~] # vim / etc/rsyslog.d/haproxy.conf # configure haproxy log Write the following content if ($programname = = 'haproxy' and $syslogseverity-text = =' info') then-/ var/log/haproxy/haproxy-info.log& ~ if ($programname = = 'haproxy' and $syslogseverity-text = =' notice') then-/ var/log/haproxy/haproxy-notice.log& ~ # after writing, save and exit. [root@haproxy1 ~] # systemctl restart rsyslog # restart the log service # the following section begins to configure keepalived,haproxy has been configured. # now client can visit the server's IP address to see if it can browse to the web pages provided by the two web servers. # it needs to be refreshed several times before the web server prepares different web pages to see the effect. [root@haproxy1 ~] # vim / etc/keepalived/keepalived.conf # Edit keepalived configuration file # just change the configuration items marked below! Configuration File for keepalivedglobal_defs {notification_email {acassen@firewall.loc failover@firewall.loc sysadmin@firewall.loc} notification_email_from Alexandre.Cassen@firewall.loc smtp_server 192.168.200.1 smtp_connect_timeout 30 router_id LVS_DEVEL1 # defines the server name Do not conflict with other server names} vrrp_instance VI_1 {state MASTER interface ens33 # modify the physical Nic virtual_router_id 51 priority 100 advert_int 1 authentication {auth_type PASS auth_pass 1111} virtual_ipaddress {192.168.1.100 # specify the drifting IP address}} # just save and exit the configuration item at this point Delete all subsequent configuration items so as not to affect service startup. [root@haproxy1 ~] # systemctl restart keepalived # restart the keepalived service.

2. Configure keepalived+haproxy backup server:

[root@haproxy2 ~] # systemctl stop firewalld # disable the firewall [root@haproxy2 ~] # yum-y install keepalived pcre-devel bzip2-devel# mount the system image Install the related software package [root@haproxy2 media] # tar zxf haproxy-1.5.19.tar.gz-C / usr/src # unpack [root@haproxy2 media] # cd / usr/src/haproxy-1.5.19/ [root@haproxy2 haproxy-1.5.19] # make TARGET=linux26 & & make install # install [root@haproxy2 haproxy-1.5.19] # cd [root@haproxy2 ~] # mkdir / etc/haproxy # Create a profile directory [root@haproxy2 ~] # scp root@192.168.1.1:/etc/haproxy/haproxy.cfg / etc/haproxy/# directly copy the haproxy configuration file of the primary server to root@192.168.1.1 s password: # enter the user password of the primary server haproxy.cfg 100% 566 460.5KB/s 00:00 [root@haproxy2 ~] # scp root@192.168.1.1:/etc/init.d/haproxy / etc/init.d/haproxyroot@192.168.1.1s password: haproxy 2553 2.1MB/s 00:00 [root@haproxy2 ~] # ln-s / usr/local/sbin/haproxy / usr/sbin/haproxy # create a link file [root@haproxy2 ~ ] # chkconfig-- add / etc/init.d/haproxy # added as a system service [root@haproxy2 ~] # systemctl start haproxy # Startup Service [root@haproxy1 examples] # netstat-anpt | grep 80 # to see if you are listening # haproxy service listens to port 80 tcp 00 0.0.0.0 etc/init.d/haproxy 80 0.0.0.0 tcp by default * LISTEN 12640/haproxy [root@haproxy1 ~] # vim / etc/rsyslog.d/haproxy.conf # configure haproxy Log Write the following content if ($programname = = 'haproxy' and $syslogseverity-text = =' info') then-/ var/log/haproxy/haproxy-info.log& ~ if ($programname = = 'haproxy' and $syslogseverity-text = =' notice') then-/ var/log/haproxy/haproxy-notice.log& ~ # and save and exit. [root@haproxy2 ~] # systemctl restart rsyslog # restart the log service [root@haproxy2 ~] # scp root@192.168.1.1:/etc/keepalived/keepalived.conf / etc/keepalived/# copy the keepalived configuration file of the master server to root@192.168.1.1s password: # enter the user password of the master server keepalived.conf 622.3KB/s 00:00 [root@haproxy2 ~] # vim / etc/keepalived/keepalived.conf # modify the following three configuration items: .router _ id LVS_DEVEL2 # change the server name Do not conflict with the primary server. State BACKUP # change the status to BACKUP .priority 90 # change the priority to be lower than the primary server # change the above three lines and save and exit. [root@haproxy2 ~] # systemctl start keepalived # start the keepalived service

At this point, the keepalived+haproxy is configured, and you can use client for access testing, simulating the downtime of the master server and other problems, and the test is highly available.

[root@haproxy1 ~] # tail-f / var/log/haproxy/haproxy-info.log # View haproxy access Log

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.