Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

Setting up web Cluster by Haproxy

2025-04-02 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >

Share

Shulou(Shulou.com)06/02 Report--

Setting up web Cluster by Haproxy

Key content 1:

1. Layer-4 load balancer:

1) DNS polling: resolve the same domain name to multiple different ip addresses to achieve load balancing.

2) Nginx load balancing: by defining the upstream group name {server ip:port weight= weight; … } backend service, and then achieve load balancing through the proxy_pass http:// group name.

3) LVS load balancer: VIP (cluster IP) and real server (back-end server) are defined by ipvsadm to call the linux kernel (kernel) module ip_vs to achieve load balancing.

2.haproxy load balancer: define listen (snooping), define back-end web server using server in snooping, and specify scheduling algorithm in balance to achieve load balancer.

3. Seven-tier agent:

1) squid proxy: set up a squid at the front end of the website to speed up user access and provide ACL (access control list) function.

2) nginx proxy: proxy_pass and other parameters implement seven-tier proxy.

3) haproxy proxy: the proxy is implemented by mapping the user to the backend service by listening.

4) apache agents: apache agents are rarely used, mainly because of poor performance.

In short: LVS has the best performance, but the configuration is complex; nginx is not strong in checking the health of cluster nodes, and its performance is not as good as that of haproxy.

Key content 2: HTTP request:

1.http request: accessing the website through URL (uniform Resource Locator) is a http request.

2.http request status code: when URL visits the website, there will be a number indicating the result of the request. If 2xx or 3xx (such as 200amp 301) indicates that the website can be accessed normally, if it is 4xx or 5xx (such as 404Unip 500), it indicates that there is an error visiting the website.

Key content 3: common scheduling algorithms of load balancing and web cluster scheduler:

1. Common scheduling algorithms for load balancer: RR (polling, distributing tasks in turn), LC (minimum connection, which distributes tasks to nodes with a small number of requests according to the number of requests processed by the current cluster node), SH (source access scheduling algorithm, which determines the last visited back-end server of the client according to the ip or cookie of the client and distributes the task to the back-end server)

two。 Common web cluster schedulers: DNS polling, nginx agent, LVS load balancer, haproxy agent, hardware devices (such as F5, barracuda, Green Alliance) load balancer.

Focus 4: deploy HAPROX+nginx:

1. Install nginx

two。 Install haproxy and configure haproxy

Key content 5: Haproxy configuration file: / etc/haproxy/haproxy.cfg

1) Global configuration:

Global # setting of global parameters

Log 127.0.0.1 local2

Log syntax: log [max_level_1] # global logging configuration, using the log keyword to specify the use of local0 logging devices in the syslog service on 127.0.0.1 Log chroot / var/lib/haproxy # change the current working directory pidfile / var/run/haproxy.pid # current process id file maxconn 4000 # maximum number of connections user haproxy # user group haproxy # Group daemon # run haproxystats socket / in daemon mode Var/lib/haproxy/stats # Local file transfer

2) proxies (proxy) configuration parameters:

Mode http

# default mode mode {tcp | http | health}, tcp is layer 4, http is layer 7, and health only returns OK

Log global

# apply global log configuration

Option httplog

Enable logging of HTTP requests. The default haproxy logging is not logging HTTP requests.

Option dontlognull

If this item is enabled, no empty connection will be recorded in the log. The so-called empty connection is that when the upstream load balancer or monitoring system needs to connect regularly or obtain a fixed component or page in order to detect whether the service is alive and available, or to detect whether the scan port is listening or opening is called an empty connection. Official documentation indicates that this parameter is not recommended if there are no other load balancers upstream of the service, as malicious scans or other actions on the Internet will not be recorded.

Option http-server-close

# actively close the http tunnel after each request

Option forwardfor except 127.0.0.0/8

# if the application on the server wants to record the IP address of the client that initiated the request, you need to configure this option on HAProxy, so that HAProxy will send the client's IP information to the server and add the "X-Forwarded-For" field to the HTTP request. Enable X-Forwarded-For, and insert the server sent by the client IP to the backend in the requests header, so that the backend server can get the real IP of the client.

Option redispatch

# when cookie is used, haproxy will insert the serverID of the requested backend server into the cookie to ensure the SESSION persistence of the session. In this case, if the backend server goes down, but the client's cookie will not be refreshed. If this parameter is set, the customer's request will be forcibly directed to another backend server to ensure the normal service.

Retries 3

Define the number of failed reconnections to the backend server. If the number of failed connections exceeds this value, the corresponding backend server will be marked as unavailable.

Timeout http-request 10s # http request timeout

Timeout queue 1m # timeout of a request in the queue

Timeout connect 10s # connection timeout

Timeout client 1m # client timeout

Timeout server 1m # server timeout

Timeout http-keep-alive 10s # sets the timeout for http-keep-alive

Timeout check 10s # detection timeout

Maxconn 3000 # maximum number of connections available per process

Frontend main: 80 # listening address is 80

Acl url_static path_beg-I / static / images / javascript / stylesheets

Acl url_static path_end-I .jpg .gif .png .css .js

Use_backend static if url_static

Default_backend my_webserver

# define a front-end part called my_webserver. The corresponding request is forwarded to the backend here

Backend static

# static dynamic separation is used (access the back end if the url_path matches the .jpg .gif .png .css .js static file)

Balance roundrobin

# load balancing algorithm (# banlance roundrobin polling, balance source saves session value, supports parameters such as static-rr,leastconn,first,uri)

Server static 127.0.0.1:80 check

# static files are deployed locally (can also be deployed on other machines or squid cache servers)

Backend my_webserver

# define a part called my_webserver backend. PS: here my_webserver is just a custom name, but it needs to be consistent with the default_backend value of the configuration item in frontend.

Balance roundrobin # load balancing algorithm

Multiple backends defined by server web01 172.31.2.33 fall 80 check inter 2000 fall 3 weight 30 #

Multiple backends defined by server web02 172.31.2.34 fall 80 check inter 2000 fall 3 weight 30 #

Multiple backends defined by server web03 172.31.2.35 fall 80 check inter 2000 fall 3 weight 30 #

3) detailed explanation of server:

Server [: [port]] [param]

Define each server of the backend host and its options server [: port] [settings.] Default-server [settings...]

Internal name of the server on haproxy; appears in logs and warnings

Server address, hostname is supported

[: [port]]: Port mapping; when omitted, it indicates the port bound to the bind

[param]: parameter

Check: check the health status of the current server, which is only used for layer 4 detection

Note: httpchk, "smtpchk", "mysql-check", "pgsql-check" and "sslhello-chk" are used to define application layer detection methods

Addr: the IP address used for detection

Port: detect against this port

Inter: the time interval between two consecutive tests. Default is 2000ms.

Rise: how many times the test result is "successful" in a row before marking the server as available; default is 2

Fall: how many times the test result is "failed" before marking the server as unavailable; default is 3

Cookie: specify a cookie value for the current server to achieve cookie-based session stickiness

Disabled: marked as unavailable

Redir: redirects requests from all GET and HEAD classes to this server to the specified URL

Weight: weight, default is 1

Maxconn: the maximum number of concurrent connections to the current server

Backlog: the backup queue length when the number of connections in server reaches the upper limit

Backup: sets the current server as the standby server

Default-server [param] sets default options for each server in backend

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Share To

Servers

Wechat

© 2024 shulou.com SLNews company. All rights reserved.

12
Report