nginx+ keepalived + haproxy 高性能
haproxy简介:HAProxy提供高可用性、负载均衡以及基于TCP和HTTP应用的代理,支持虚拟主机,它是
免费、
快速并且可靠的一种解决方案。HAProxy特别适用于那些负载特大的web站点, 这些站点
通常又需要会话保持或七层处理。
HAProxy运行在当前的硬件上,完全可以支持数以万计的并发连接。
并且它的运行模式使得它可以很简单安全的整合进您当前的架构中, 同时可以保护你的
web服务器不被暴露到网络上。
实验环境
master haproxy+keepalived ip:192.168.1.129
slavehaproxy+keepalived ip :192.168.1.130
webnginx ip :192.168.1.131
#在安装keepalived 之前需要安装kerner-devel openssl-develpopt-devel
yum -y install kerner-devel openssl-develpopt-devel
# tar xf keepalived-1.2.2.tar.gz -C /usr/src
# cd /usr/src/keepalived-1.2.2/
# ./configure --prefix=/ --with-kernerl-
dir=/usr/src/kernels/*
# make
# make install
# cd
# vim /etc/keepalived/keepalived.conf
======================keepalived.conf===========================
! Configuration File for keepalived
global_defs {
notification_email {
acassen
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_instance VI_1 {
interface eth0
virtual_router_id 50
nopreempt
priority 100
advert_int 1
virtual_ipaddress {
192.168.1.254 dev eth0
}
}
virtual_server 192.168.1.254 80 {
delay_loop 6
lb_algo rr
lb_kind NAT
persistence_timeout 50
protocol TCP
real_server 192.168.1.132 80 {
weight 1
HTTP_GET {
url {
path /testurl3/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.1.133 80 {
weight 1
HTTP_GET {
url {
path /testurl3/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
==========================keepalived.conf==========================
#
# service keepalived restart
Stopping keepalived:
Starting keepalived:
#在master服务器上搭建haproxy+keepalived
# tar xf haproxy-1.4.22.tar.gz -C /usr/src
# cd /usr/src/haproxy-1.4.22/
# make TARGET=linux26
PREFIX=/usr/local/haproxy
#rr.o src/lb_map.o src/stream_interface.o src/dumpstats.o src/proto_tcp.o
src/session.o
#src/hdr_idx.o src/ev_select.o src/signal.o src/acl.o src/pattern.o
src/memory.o
#src/freq_ctr.o src/auth.o src/ev_poll.o src/ev_epoll.o src/ev_sepoll.o
#ebtree/ebtree.o ebtree/eb32tree.o ebtree/eb64tree.o ebtree/ebmbtree.o
#ebtree/ebsttree.o ebtree/ebimtree.o ebtree/ebistree.o -lcrypt
#make install PREFIX=/usr/local/haproxy
install -d /usr/local/haproxy/sbin
install haproxy /usr/local/haproxy/sbin
install -d /usr/local/haproxy/share/man/man1
install -m 644 doc/haproxy.1 /usr/local/haproxy/share/man/man1
install -d /usr/local/haproxy/doc/haproxy
for x in configuration architecture haproxy-en haproxy-fr; do \
install -m 644 doc/$x.txt /usr/local/haproxy/doc/haproxy ; \
done
# cd /usr/local/haproxy/
# ls
docsbinshare
#
# mkdir conf
# cp /usr/src/haproxy-1.4.22/examples/haproxy.cfg
/usr/local/haproxy/conf/
====================================================
# vi /usr/local/haproxy/conf/haproxy.cfg
#32行以下全部删除了
#把以下行号修改下
8 chroot /usr/share/haproxy#chroot /usr/local/haproxy 你安
装haproxy的路径
#把 21 行 注释掉
27 listenappli1-rewrite 0.0.0.0:10001#listenappli1-rewrite
192.168.1.129:80
30 serverapp1_1 192.168.34.23:8080 cookie app1inst1 check inter
20 00 rise 2 fall 5
# serverapp1_1 192.168.1.130:80 cookie app1inst1 check
inter 20
#listenappli2-insert 0.0.0.0:10002 #从这里一下 都可以删除了
============================== ================
# ln -s /usr/local/haproxy/sbin//usr/local/sbin
#在slave 上同上 安装配置文件不同
# vim /etc/keepalived/keepalived.conf
======================keepalived.conf===========================
! Configuration File for keepalived
global_defs {
notification_email {
acassen
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_instance VI_2 {
startSLAVE
interface eth0
virtual_router_id 50
nopreempt
priority 50
advert_int 1
virtual_ipaddress {
192.168.1.254 dev eth0
}
}
virtual_server 192.168.1.254 80 {
delay_loop 6
lb_algo rr
lb_kind NAT
persistence_timeout 50
protocol TCP
real_server 192.168.1.130 80 {
weight 1
HTTP_GET {
url {
path /testurl3/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.1.133 80 {
weight 1
HTTP_GET {
url {
path /testurl3/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
========================keepalived.conf==============================
# vim /usr/local/haproxy/conf/haproxy.cfg
========================haproxy.cfg==========================
global
log 127.0.0.1 local0
log 127.0.0.1 local1 notice
#log loghost local0 info
maxconn 4096
chroot /usr/local/haproxy
uid 99
gid 99
daemon
#debug
#quiet
defaults
log global
mode http
optionhttplog
optiondontlognull
retries 3
#redispatch
maxconn 2000
contimeout 5000
clitimeout 50000
srvtimeout 50000
listenappli1-rewrite 0.0.0.0:80
cookieSERVERID rewrite
balance roundrobin
serverapp1_1 192.168.1.130:80 cookie app1inst1 check inter 2000
rise 2 fall 5
========================haproxy.cfg==========================
#web nginx 安装
yum -y install pcre-devel zlib-devel
useradd -M -s /sbin/nologin nginx
# tar xf nginx-1.6.2.tar.gz -C /usr/src
# cd /usr/src/nginx-1.6.2/
# ./configure --prefix=/usr/local/nginx --user=nginx
--group=nginx --with-http_stub_status_module
# make
# make install
root@www nginx-1.6.2]# ln -s /usr/local/nginx/sbin/nginx /usr/local/sbin
# nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
#
# echo "www.linux.com" > /usr/local/nginx/html/index.html
vim /usr/local/nginx/conf/nginx.conf
=======================nginx.conf==============================
usernginx;
worker_processes1;
error_loglogs/error.log;
#error_loglogs/error.lognotice;
#error_loglogs/error.loginfo;
pid logs/nginx.pid;
events {
worker_connections1024;
}
http {
include mime.types;
default_typeapplication/octet-stream;
log_formatmain'$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_loglogs/access.logmain;
sendfile on;
#tcp_nopush on;
#keepalive_timeout0;
keepalive_timeout65;
#gzipon;
server {
listen 80;
server_namewww.linux.com;
charset utf-8;
access_loglogs/nginx.access.logmain;
location / {
root html;
indexindex.html index.htm;
}
#error_page404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504/50x.html;
location = /50x.html {
root html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_indexindex.php;
# fastcgi_paramSCRIPT_FILENAME/scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# denyall;
#}
}
# another virtual host using mix of IP-, name-, and port-based
configuration
#
# HTTPS server
#
#server {
# listen 443 ssl;
# server_namelocalhost;
# ssl_certificate cert.pem;
# ssl_certificate_keycert.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout5m;
# ssl_ciphersHIGH:!aNULL:!MD5;
# ssl_prefer_server_cipherson;
# location / {
# root html;
# indexindex.html index.htm;
# }
#}
}
========================nginx.conf=====================================
# nginx
# netstat -anpt |grep :80
tcp 0 0 0.0.0.0:80 0.0.0.0:*
LISTEN 5794/nginx: master
#
#最后所有的服务重启下
master: service keepalived restart
haproxy -f /usr/local/haproxy/conf/haproxy.cfg
slave : service keepalived restart
haproxy -f /usr/local/haproxy/conf/haproxy.cfg
http://192.168.1.254
页:
[1]