|
|
haproxy简介:
HAProxy提供高可用性、负载均衡以及基于TCP和HTTP应用的代理,支持虚拟主机,它是
免费、
快速并且可靠的一种解决方案。HAProxy特别适用于那些负载特大的web站点, 这些站点
通常又需要会话保持或七层处理。
HAProxy运行在当前的硬件上,完全可以支持数以万计的并发连接。
并且它的运行模式使得它可以很简单安全的整合进您当前的架构中, 同时可以保护你的
web服务器不被暴露到网络上。
实验环境
master haproxy+keepalived ip:192.168.1.129
slave haproxy+keepalived ip :192.168.1.130
web nginx ip :192.168.1.131
#在安装keepalived 之前需要安装kerner-devel openssl-devel popt-devel
yum -y install kerner-devel openssl-devel popt-devel
[root@localhost ~]# tar xf keepalived-1.2.2.tar.gz -C /usr/src
[root@localhost ~]# cd /usr/src/keepalived-1.2.2/
[root@localhost keepalived-1.2.2]# ./configure --prefix=/ --with-kernerl-
dir=/usr/src/kernels/*
[root@localhost keepalived-1.2.2]# make
[root@localhost keepalived-1.2.2]# make install
[root@localhost keepalived-1.2.2]# cd
[root@localhost ~]# vim /etc/keepalived/keepalived.conf
======================keepalived.conf===========================
! Configuration File for keepalived
global_defs {
notification_email {
acassen
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_instance VI_1 {
interface eth0
virtual_router_id 50
nopreempt
priority 100
advert_int 1
virtual_ipaddress {
192.168.1.254 dev eth0
}
}
virtual_server 192.168.1.254 80 {
delay_loop 6
lb_algo rr
lb_kind NAT
persistence_timeout 50
protocol TCP
real_server 192.168.1.132 80 {
weight 1
HTTP_GET {
url {
path /testurl3/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.1.133 80 {
weight 1
HTTP_GET {
url {
path /testurl3/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
==========================keepalived.conf==========================
[root@localhost ~]#
[root@localhost ~]# service keepalived restart
Stopping keepalived: [FAILED]
Starting keepalived: [ OK ]
#在master服务器上搭建haproxy+keepalived
[root@localhost ~]# tar xf haproxy-1.4.22.tar.gz -C /usr/src
[root@localhost ~]# cd /usr/src/haproxy-1.4.22/
[root@localhost haproxy-1.4.22]# make TARGET=linux26
PREFIX=/usr/local/haproxy
#rr.o src/lb_map.o src/stream_interface.o src/dumpstats.o src/proto_tcp.o
src/session.o
#src/hdr_idx.o src/ev_select.o src/signal.o src/acl.o src/pattern.o
src/memory.o
#src/freq_ctr.o src/auth.o src/ev_poll.o src/ev_epoll.o src/ev_sepoll.o
#ebtree/ebtree.o ebtree/eb32tree.o ebtree/eb64tree.o ebtree/ebmbtree.o
#ebtree/ebsttree.o ebtree/ebimtree.o ebtree/ebistree.o -lcrypt
[root@localhost haproxy-1.4.22]#make install PREFIX=/usr/local/haproxy
install -d /usr/local/haproxy/sbin
install haproxy /usr/local/haproxy/sbin
install -d /usr/local/haproxy/share/man/man1
install -m 644 doc/haproxy.1 /usr/local/haproxy/share/man/man1
install -d /usr/local/haproxy/doc/haproxy
for x in configuration architecture haproxy-en haproxy-fr; do \
install -m 644 doc/$x.txt /usr/local/haproxy/doc/haproxy ; \
done
[root@www haproxy-1.4.22]# cd /usr/local/haproxy/
[root@www haproxy]# ls
doc sbin share
[root@www haproxy]#
[root@www haproxy]# mkdir conf
[root@www haproxy]# cp /usr/src/haproxy-1.4.22/examples/haproxy.cfg
/usr/local/haproxy/conf/
====================================================
[root@www haproxy]# vi /usr/local/haproxy/conf/haproxy.cfg
#32行以下全部删除了
#把以下行号修改下
8 chroot /usr/share/haproxy # chroot /usr/local/haproxy 你安
装haproxy的路径
#把 21 行 注释掉
27 listen appli1-rewrite 0.0.0.0:10001 # listen appli1-rewrite
192.168.1.129:80
30 server app1_1 192.168.34.23:8080 cookie app1inst1 check inter
20 00 rise 2 fall 5
# server app1_1 192.168.1.130:80 cookie app1inst1 check
inter 20
#listen appli2-insert 0.0.0.0:10002 #从这里一下 都可以删除了
==============================================
[root@localhost ~]# ln -s /usr/local/haproxy/sbin/ /usr/local/sbin
#在slave 上同上 安装 配置文件不同
[root@localhost ~]# vim /etc/keepalived/keepalived.conf
======================keepalived.conf===========================
! Configuration File for keepalived
global_defs {
notification_email {
acassen
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_instance VI_2 {
start SLAVE
interface eth0
virtual_router_id 50
nopreempt
priority 50
advert_int 1
virtual_ipaddress {
192.168.1.254 dev eth0
}
}
virtual_server 192.168.1.254 80 {
delay_loop 6
lb_algo rr
lb_kind NAT
persistence_timeout 50
protocol TCP
real_server 192.168.1.130 80 {
weight 1
HTTP_GET {
url {
path /testurl3/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.1.133 80 {
weight 1
HTTP_GET {
url {
path /testurl3/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
========================keepalived.conf==============================
[root@localhost ~]# vim /usr/local/haproxy/conf/haproxy.cfg
========================haproxy.cfg==========================
global
log 127.0.0.1 local0
log 127.0.0.1 local1 notice
#log loghost local0 info
maxconn 4096
chroot /usr/local/haproxy
uid 99
gid 99
daemon
#debug
#quiet
defaults
log global
mode http
option httplog
option dontlognull
retries 3
#redispatch
maxconn 2000
contimeout 5000
clitimeout 50000
srvtimeout 50000
listen appli1-rewrite 0.0.0.0:80
cookie SERVERID rewrite
balance roundrobin
server app1_1 192.168.1.130:80 cookie app1inst1 check inter 2000
rise 2 fall 5
========================haproxy.cfg==========================
#web nginx 安装
yum -y install pcre-devel zlib-devel
useradd -M -s /sbin/nologin nginx
[root@www ~]# tar xf nginx-1.6.2.tar.gz -C /usr/src
[root@www ~]# cd /usr/src/nginx-1.6.2/
[root@www nginx-1.6.2]# ./configure --prefix=/usr/local/nginx --user=nginx
--group=nginx --with-http_stub_status_module
[root@www nginx-1.6.2]# make
[root@www nginx-1.6.2]# make install
root@www nginx-1.6.2]# ln -s /usr/local/nginx/sbin/nginx /usr/local/sbin
[root@www ~]# nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@www ~]#
[root@www ~]# echo "www.linux.com" > /usr/local/nginx/html/index.html
vim /usr/local/nginx/conf/nginx.conf
=======================nginx.conf==============================
user nginx;
worker_processes 1;
error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
server {
listen 80;
server_name www.linux.com;
charset utf-8;
access_log logs/nginx.access.log main;
location / {
root html;
index index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# another virtual host using mix of IP-, name-, and port-based
configuration
#
# HTTPS server
#
#server {
# listen 443 ssl;
# server_name localhost;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
#}
}
========================nginx.conf=====================================
[root@www ~]# nginx
[root@www ~]# netstat -anpt |grep :80
tcp 0 0 0.0.0.0:80 0.0.0.0:*
LISTEN 5794/nginx: master
[root@www ~]#
#最后所有的服务重启下
master: service keepalived restart
haproxy -f /usr/local/haproxy/conf/haproxy.cfg
slave : service keepalived restart
haproxy -f /usr/local/haproxy/conf/haproxy.cfg
http://192.168.1.254
www.linux.com
|
|
|
|
|
|
|
|
|
QQ群⑧:
窥视卡
雷达卡
发表于 2018-11-14 10:18:02
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡