Shulou(Shulou.com)06/02 Report--

Common Web Cluster Scheduler at present the common Web cluster scheduler is divided into software and hardware, software usually uses open source LVS, Haproxy, Nginx, hardware generally uses F5, and many people use some domestic products, such as barracuda, Green Alliance and other Haproxy application analysis.

■ LVS has strong anti-load ability in enterprise applications, but it has some shortcomings.

LVS does not support regular processing and can not achieve dynamic and static separation. For large websites, the implementation configuration of LVS is complex, and the maintenance cost is relatively high.

■ Haproxy is a software that provides high availability, load balancing, and agents based on TCP and HTTP applications

It is especially suitable for Web sites with heavy load, which can support tens of thousands of concurrent connection requests Haproxy scheduling algorithm on current hardware.

Haproxy supports a variety of scheduling algorithms, of which three are the most commonly used:

The ● RR (Round Robin) RR algorithm is the simplest and most commonly used algorithm, that is, polling scheduling understanding example has three nodes A, B, and C. the first user access is assigned to node A, the second user access is assigned to node B, and the third user access is assigned to the node. The fourth user access continues to be assigned to node A. Polling and allocating access requests to achieve load balancing effect ● LC (Least Connections) LC algorithm, that is, the minimum number of connections algorithm, dynamically allocates front-end requests according to the number of connections at the back end. For example, there are three nodes A, B, C, and the number of connections of each node is 4, 5 and 6, respectively. If there is the first user connection request, it will be assigned to A The second user request will continue to be assigned to A, and the number of connections will become ARV 6, BRV 5, and CRV 6. Another new request will be assigned to B, and each time the new request will be assigned to the client with the least number of connections. Because the number of connections in A, B, C will be released dynamically, it is difficult to have the number of sample connections. Therefore, compared with rr algorithm, this algorithm has a great improvement. It is a widely used algorithm ● SH (Source Hashing) SH, that is, source-based access scheduling algorithm. This algorithm is used in some scenarios where Session sessions are recorded on the server. Cluster scheduling can be done based on the source IP, Cookie, etc. For example, there are three nodes A, B, C, the first user is assigned to A for the first visit, the second user is assigned to B for the first visit, and the second user will continue to be assigned to A for the second visit, and the second user will still be assigned to B for the second visit. As long as the load balancer scheduler does not restart, the first user access will be assigned to A, and the second user access will be assigned to B. the advantage of this scheduling algorithm is to achieve session persistence, but when some IP visits are very large, it will cause excessive visits to some nodes of the load imbalance, which will affect the business to use Haproxy configuration files to explain in detail.

Haproxy configuration files are usually divided into three parts

● global: configure ● defaults for global: configure ● listen for default: configure for application component

Global configuration parameters

● log 127.0.0.1 local0: configure logging, configure logging, ocal0 is the log device, stored in the system log by default ● log 127.0.0.1 local1 notice: notice is the log level usually has 24 levels ● maxconn4096: maximum number of connections ● uid 99: user uid ● gid 99: user gid

Defaults configuration item configuration default parameters, which will be inherited by the application component, if the

With no special declaration in the component, the default configuration parameter settings will be installed

● log global: define logs as logs in global configuration definition ● mode http: mode is http ● option httplog: log is recorded in http log format ● retries 3: check that the node server fails for three times in a row, it is considered that the node is unavailable ● maxconn 2000: maximum number of connections ● contimeout 5000: connection timeout ● clitimeout 50000: client timeout ● srtimeout 50000: server timeout

The listen configuration project is just like configuring application module parameters.

● listen appli4-backup 0.0.0.0appli4-backup 10004: define an appli4-backup application ● option httpchk / index.html: check the index.html file of the server, option persist: force the request to be sent to the server that has been dropped) Balance roundrobin: load balancing scheduling algorithm using polling algorithm ● server inst1 192.168.114. 56:80 check inter 2000 fall3: define online node server inst2 192. 168.114.56 check inter 81 check inter 2000 fall 3 backup: define backup node Haproxy log management

The log of Haproxy is output to the syslog of the system by default, in production

Generally defined separately in the environment

Defined method steps

● modifies the options for log configuration in the Haproxy configuration file to add the configuration: P log / dev/log local0 info. Log / dev/log local0 notice ● modifies rsyslog configuration, defines Haproxy-related configuration to haproxy.conf independently, and puts it under etclrsyslog.d ● to save the configuration file and restart the rsyslog service to complete the rsyslog configuration.

Visit the Haproxy cluster test web page and test the log information

Haproxy optimization parameters

As the load of enterprise websites increases, the optimization of haproxy parameters is very important.

● maxconn: maximum number of connections, adjusted according to the actual situation of the application. It is recommended to use 10240 ● daemon: daemon mode, Haproxy can be started using non-daemon mode, it is recommended to use daemon mode to start ● nbproc: number of concurrent processes of load balancing, recommended equal to or twice the number of CPU cores of the current server: number of retries, mainly used to check cluster nodes, if there are many nodes and large concurrency Set to 2 or 3 ● option http-server-close: actively disable http request option. It is recommended to use this option in production environment: ● timeout http-keep-alive: persistent connection timeout. You can set persistent connection timeout to 10s ● timeout http-request: http request timeout. It is recommended to set this time to 5-10s to increase the http connection release speed ● timeout client: client timeout. If the number of visits is too large and the response of the node is slow, you can set this time to be shorter. It is recommended to set it to 1min or so to demonstrate the case.

Experimental requirements

1. One Haproxy scheduling server, two Nginx servers, one windows7 as the client; 2. Three servers are CentOS 7.364-bit system; 3. All host network cards are set to host-only mode, binding static address; 4. The client can access the two node servers by accessing the scheduling server without the need to access the real server address.

Host role IP address Haproxy server 192.168.100.210Nginx server 1192.168.100.201Nginx server 2192.168.100.202windows7 client 192.168.100.50 first step: build a Haproxy scheduling server

1. Install the compilation tool using yum

[root@haproxy ~] # yum install bzip2-devel pcre-devel gcc gcc-c++ make-y

two。 Modify the Nic to host-only mode and bind a static address

[root@haproxy ~] # vim / etc/sysconfig/network-scripts/ifcfg-ens33# replace dhcp with staticBOOTPROTO=static# append IP address\ subnet mask\ gateway IPADDR=192.168.100.210NETMASK=255.255.255.0GATEWAY=192.168.100.1 [root@haproxy ~] # service network restart Restarting network (via systemctl): [OK]

3. Remotely share and mount the haproxy source package to the local server

[root@haproxy] # smbclient-L / 192.168.100.1 Sharename Type Comment-haproxy Disk LNMP Disk

4. Extract the haproxy source package and compile

[root@haproxy ~] # cd / mnt# decompress haproxy source package to .opt directory [root@haproxy mnt] # tar zxvf haproxy-1.5.19.tar.gz-C / opt [root@haproxy mnt] # cd / opt [root@haproxy opt] # lshaproxy-1.5.19 rh# switch to haproxy directory [root@haproxy opt] # cd haproxy-1.5.19/# to view system version number 3100 [root@haproxy haproxy-1.5.19] # uname-aLinux haproxy 3.10.0-693.el7.x86_64 # 1 SMP Tue Aug 22 21:09:27 UTC 2017 x86 "64 GNU/Linux# compilation haproxy [root@haproxy haproxy-1.5.19] # make TARGET=linux3100# compilation installation [root@haproxy haproxy-1.5.19] # make install

5. Modify the haproxy.cfg configuration file and start the service

# create haproxy file directory [root@haproxy haproxy-1.5.19] # mkdir / etc/haproxy# copy template file to haproxy directory [root@haproxy haproxy-1.5.19] # cp examples/haproxy.cfg / etc/haproxy/# modify haproxy.cfg file [root@haproxy haproxy-1.5.19] # vim / etc/haproxy/haproxy.cfg# comment chroot and redispatch entry Prevent startup failure global log 127.0.0.1 local0 log 127.0.0.1 local1 notice # log loghost local0 info maxconn 4096 # chroot / usr/share/haproxy uid 99 gid 99 daemon # debug # quietdefaults log global mode http option httplog option dontlognull retries 3 # redispatch maxconn 2000 contimeout 5000 clitimeout 50000 srvtimeout 5000 delete all existing listen entries Add the following entry listen webcluster 0.0.0.0test.html balance roundrobin server inst1 80 option httpchk GET / test.html balance roundrobin server inst1 192.168.100.201 check inter 2000 fall 3 server inst2 192.168.100.202 test.html balance roundrobin server inst1 80 check inter 2000 fall copy haproxy startup script to the system startup process [root@haproxy haproxy-1.5.19] # cp examples/haproxy.init / etc/init.d/haproxy# grants script execution Permission [root@haproxy haproxy-1.5.19] # chmod + x / etc/init.d/haproxy# add script to service management entry [root@haproxy haproxy-1.5.19] # chkconfig-- add haproxy# establish script command soft link [root@haproxy haproxy-1.5.19] # ln-s / usr/local/sbin/haproxy / usr/sbin/haproxy# startup service [root@haproxy haproxy-1.5.19] # service haproxy startStarting haproxy (via systemctl ): [OK] # turn off firewall and security features [root@Haproxy haproxy-1.5.19] # systemctl stop firewalld.service [root@Haproxy haproxy-1.5.19] # setenforce 0 step 2: set up a Nginx server

1. Both Nginx servers use yum to install the compilation tool

[root@haproxy ~] # yum install zlib-devel pcre-devel gcc gcc-c++ make-y

two。 Modify the Nic to host-only mode and bind a static address

[root@nginx1 ~] # vim / etc/sysconfig/network-scripts/ifcfg-ens33# replace dhcp with staticBOOTPROTO=static# append IP address\ subnet mask\ gateway IPADDR=192.168.100.201NETMASK=255.255.255.0GATEWAY=192.168.100.1 [root@nginx1 ~] # service network restart Restarting network (via systemctl): [OK] [root@nginx2 ~] # vim / etc/sysconfig/network-scripts/ifcfg-ens33# will Replace dhcp with staticBOOTPROTO=static# to append IP address\ subnet mask\ gateway IPADDR=192.168.100.202NETMASK=255.255.255.0GATEWAY=192.168.100.1 [root@nginx2 ~] # service network restart Restarting network (via systemctl): [OK]

3. Remote share mounts the Nginx source package to the local server

[root@nginx1 ~] # mount.cifs / / 192.168.100.1/LNMP / mntPassword for root@//192.168.100.1/LNMP:

4. Extract the source package and create an administrative user

[root@nginx1 ~] # cd / mnt# decompress Nginx source code package to / opt directory root@nginx1 mnt] # tar zxvf nginx-1.12.0.tar.gz-C / opt# create Nginx management user root@nginx1 mnt] # cd / opt [root@nginx1 opt] # useradd-M-s / sbin/nologin nginx

5. Configure Nginx

[root@nginx1 opt] # cd nginx-1.12.0/ [root@nginx1 nginx-1.12.0] #. / configure-prefix=/usr/local/nginx-user=nginx-group=nginx

6. Compilation and installation

[root@nginx1 nginx-1.12.0] # make & & make install

7. Create a test web page

[root@nginx1 nginx-1.12.0] # cd / usr/local/nginx/html/ [root@nginx1 html] # echo "this is kgc web" > test.html [root@nginx2 nginx-1.12.0] # cd / usr/local/nginx/html/ [root@nginx2 html] # echo "this is accp web" > test.html

8. Create a Nginx command soft link to the system

[root@nginx1 html] # ln-s / usr/local/nginx/sbin/nginx / usr/local/sbin/

9. Turn off the firewall and security features and start the service

[root@nginx1 html] # systemctl stop firewalld.service [root@nginx1 html] # setenforce 0 [root@nginx1 html] # nginx

10. Use the client to access the web page and enter 192.168.100.210/test/html in the browser to access it

Thus it is demonstrated that using Haproxy to build Web cluster uses polling mechanism to configure haproxy log # restart haproxy service [root@haproxy etc] # service haproxy restart Restarting haproxy (via systemctl): [OK] # create [root@haproxy haproxy-1.5.19] # touch / etc/rsyslog.d/haproxy.conf [root@haproxy haproxy-1.5.19] # vim / etc/rsyslog.d/haproxy.conf# definition haproxy letter If ($programname = = 'haproxy' and $syslogseverity-text = =' info') then-/ var/log/haproxy/haproxy-info.log&~# defines the haproxy notification log if ($programname = = 'haproxy' and $syslogseverity-text = =' notice') then-/ var/log/haproxy/haproxy-notice.log&~# restart the log service [root@haproxy etc] # systemctl restart rsyslog.service# switch to the log directory to view the haproxy log file [root@haproxy etc] # cd / var / log/haproxy/ [root@haproxy haproxy] # lshaproxy-info.log# View the log file [root@haproxy haproxy] # cat haproxy-info.logNov 30 16: 53: 30 Haproxy haproxy [119165]: 192.168.100.50: 49191 [30/Nov/2019:16: 53: 30.100webcluster. Webcluster/inst2 168 Haproxy haproxy 0 Nov 0 Nov 169 200 252---1 30/Nov/2019: 16:53: 42.290: webcluster 30 16:53: 42 Haproxy haproxy [119165]: 192.168.100.50: 49191 Webcluster/inst1 159 / test.html HTTP/1.1 0 GET / test.html HTTP/1.1 thank you for reading!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.