簡介
HAProxy是一個tcp/http反向代理丁溅,它特別適合于高
可用性環(huán)境。事實上,它可以:
——根據(jù)靜態(tài)分配的cookie路由HTTP請求
——在多個服務(wù)器之間傳播負載,并確保服務(wù)器持久性
通過使用HTTP cookie
——在主服務(wù)器失敗的情況下切換到備份服務(wù)器
:接受連接到專用端口的連接,用于服務(wù)監(jiān)視
——停止接受連接而不破壞已有的連接
——在兩個方向上添加、修改和刪除HTTP頭信息
——塊請求匹配特定的模式
——向來自URI的經(jīng)過身份驗證的用戶報告詳細狀態(tài)
下面簡單配置一個haproxy服務(wù)器
[root@localhost haproxy]# vim haproxy.cfg
#---------------------------------------------------------------------
# Example configuration for a possible web application. See the
# full configuration options online.
#
# http://haproxy.1wt.eu/download/1.4/doc/configuration.txt
#
#---------------------------------------------------------------------
#---------------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------
global
# to have these messages end up in /var/log/haproxy.log you will
# need to:
#
# 1) configure syslog to accept network log events. This is done
# by adding the '-r' option to the SYSLOGD_OPTIONS in
# /etc/sysconfig/syslog
#
# 2) configure local2 events to go to the /var/log/haproxy.log
# file. A line like the following can be added to
# /etc/sysconfig/syslog
#
# local2.* /var/log/haproxy.log
#
log 127.0.0.1 local2 # 日志的定義需要在日志服務(wù)器的配置文件中定義
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy
daemon
# turn on stats unix socket
stats socket /var/lib/haproxy/stats
#---------------------------------------------------------------------
# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
#---------------------------------------------------------------------
defaults
mode http
log global
option httplog
option dontlognull
option http-server-close
option forwardfor except 127.0.0.0/8
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 3000
#---------------------------------------------------------------------
# main frontend which proxys to the backends
#---------------------------------------------------------------------
frontend chenxi
bin *:80 #定義客戶端訪問的端口
default_backend webchenxi #定義調(diào)度到的組
backend webchenxi #定義組內(nèi)的信息
balance roundrobin #定義調(diào)度算法 roundrobin表示輪巡也表示加權(quán)輪巡因為
server CX1 172.16.251.61:80 check #定義組內(nèi)的主機彬檀;并做健康檢測
server CX2 172.16.254.74:8o check #定義組內(nèi)的主機;并做健康檢測
#frontend main *:5000
# acl url_static path_beg -i /static /images /javascript /stylesheets
# acl url_static path_end -i .jpg .gif .png .css .js
# use_backend static if url_static
# default_backend app
#---------------------------------------------------------------------
# static backend for serving up images, stylesheets and such
#---------------------------------------------------------------------
#backend static
# balance roundrobin
# server static 127.0.0.1:4331 check
#---------------------------------------------------------------------
# round robin balancing between the various backends
#---------------------------------------------------------------------
#backend app
# balance roundrobin
# server app1 127.0.0.1:5001 check
# server app2 127.0.0.1:5002 check
# server app3 127.0.0.1:5003 check
# server app4 127.0.0.1:5004 check
保存退出
配置日志服務(wù)
# rsyslog configuration file
# For more information see /usr/share/doc/rsyslog-*/rsyslog_conf.html
# If you experience problems, see http://www.rsyslog.com/doc/troubleshoot.html
#### MODULES ####
# The imjournal module bellow is now used as a message source instead of imuxsock.
$ModLoad imuxsock # provides support for local system logging (e.g. via logger command)
$ModLoad imjournal # provides access to the systemd journal
#$ModLoad imklog # reads kernel messages (the same are read from journald)
#$ModLoad immark # provides --MARK-- message capability
# Provides UDP syslog reception
$ModLoad imudp 注釋去掉啟用
$UDPServerRun 514 注釋去掉啟用
# Provides TCP syslog reception
#$ModLoad imtcp
#$InputTCPServerRun 514
#### GLOBAL DIRECTIVES ####
# Where to place auxiliary files
$WorkDirectory /var/lib/rsyslog
# Use default timestamp format
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
# File syncing capability is disabled by default. This feature is usually not required,
# not useful and an extreme performance hit
#$ActionFileEnableSync on
# Include all config files in /etc/rsyslog.d/
$IncludeConfig /etc/rsyslog.d/*.conf
# Turn off message reception via local log socket;
# local messages are retrieved through imjournal now.
$OmitLocalLogging on
# File to store the position in the journal
$IMJournalStateFile imjournal.state
#### RULES ####
# Log all kernel messages to the console.
# Logging much else clutters up the screen.
#kern.* /dev/console
# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
*.info;mail.none;authpriv.none;cron.none /var/log/messages
# The authpriv file has restricted access.
authpriv.* /var/log/secure
# Log all the mail messages in one place.
mail.* -/var/log/maillog
# Log cron stuff
cron.* /var/log/cron
# Everybody gets emergency messages
*.emerg :omusrmsg:*
# Save news errors of level crit and higher in a special file.
uucp,news.crit /var/log/spooler
# Save boot messages also to boot.log
local7.* /var/log/boot.log
local2.* /var/log/haproxy.log #定義日志
# ### begin forwarding rule ###
# The statement between the begin ... end define a SINGLE forwarding
# rule. They belong together, do NOT split them. If you create multiple
# forwarding rules, duplicate the whole block!
# Remote Logging (we use TCP for reliable delivery)
#
# An on-disk queue is created for this action. If the remote host is
# down, messages are spooled to disk and sent when it is up again.
#$ActionQueueFileName fwdRule1 # unique name prefix for spool files
#$ActionQueueMaxDiskSpace 1g # 1gb space limit (use as much as possible)
#$ActionQueueSaveOnShutdown on # save messages to disk on shutdown
#$ActionQueueType LinkedList # run asynchronously
#$ActionResumeRetryCount -1 # infinite retries if host is down
# remote host is: name/ip:port, e.g. 192.168.0.1:514, port optional
#*.* @@remote-host:514
# ### end of the forwarding rule ###
保存退出后重啟日志服務(wù)
[root@localhost haproxy]# systemctl restart rsyslog.service
啟動服務(wù)
systemctl start haproxy.service
[root@localhost haproxy]# ss -lnt
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:80 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 10 127.0.0.1:6082 *:*
LISTEN 0 128 :::80 :::*
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
客戶端測試
[root@root ~]# curl 172.16.253.147
<h1> chenxi r2 </h1>
[root@root ~]# curl 172.16.253.147
<h1>chenxi1</h1>
[root@root ~]# curl 172.16.253.147
<h1> chenxi r2 </h1>
[root@root ~]# curl 172.16.253.147
<h1>chenxi1</h1>
[root@root ~]# curl 172.16.253.147
<h1> chenxi r2 </h1>
使用下一個調(diào)度方法
#---------------------------------------------------------------------
# Example configuration for a possible web application. See the
# full configuration options online.
#
# http://haproxy.1wt.eu/download/1.4/doc/configuration.txt
#
#---------------------------------------------------------------------
#---------------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------
global
# to have these messages end up in /var/log/haproxy.log you will
# need to:
#
# 1) configure syslog to accept network log events. This is done
# by adding the '-r' option to the SYSLOGD_OPTIONS in
# /etc/sysconfig/syslog
#
# 2) configure local2 events to go to the /var/log/haproxy.log
# file. A line like the following can be added to
# /etc/sysconfig/syslog
#
# local2.* /var/log/haproxy.log
#
log 127.0.0.1 local2 # 日志的定義需要在日志服務(wù)器的配置文件中定義
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy
daemon
# turn on stats unix socket
stats socket /var/lib/haproxy/stats
#---------------------------------------------------------------------
# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
#---------------------------------------------------------------------
defaults
mode http
log global
option httplog
option dontlognull
option http-server-close
option forwardfor except 127.0.0.0/8
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 3000
#---------------------------------------------------------------------
# main frontend which proxys to the backends
#---------------------------------------------------------------------
frontend chenxi
bind *:80 #定義客戶端訪問的端口
default_backend webchenxi #定義調(diào)度到的組
backend webchenxi #定義組內(nèi)的信息
balance first #定義調(diào)度算法次此算法是當多臺主機存在
server CX1 172.16.251.61:80 check maxconn 3 #定義組內(nèi)的主機瞬女;并做健康檢測 定義maxconn的并發(fā)連接數(shù)
server CX2 172.16.254.74:80 check #定義組內(nèi)的主機窍帝;并做健康檢測
#frontend main *:5000
# acl url_static path_beg -i /static /images /javascript /stylesheets
# acl url_static path_end -i .jpg .gif .png .css .js
# use_backend static if url_static
# default_backend app
#---------------------------------------------------------------------
# static backend for serving up images, stylesheets and such
#---------------------------------------------------------------------
#backend static
# balance roundrobin
# server static 127.0.0.1:4331 check
#---------------------------------------------------------------------
# round robin balancing between the various backends
#---------------------------------------------------------------------
#backend app
# balance roundrobin
# server app1 127.0.0.1:5001 check
# server app2 127.0.0.1:5002 check
# server app3 127.0.0.1:5003 check
# server app4 127.0.0.1:5004 check
客戶端測試
[root@root ~]# ab -c 10 -n 1000 http://172.16.253.147/
This is ApacheBench, Version 2.3 <$Revision: 655654 $>
Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/
Licensed to The Apache Software Foundation, http://www.apache.org/
Benchmarking 172.16.253.147 (be patient)
Completed 100 requests
Completed 200 requests
Completed 300 requests
Completed 400 requests
Completed 500 requests
Completed 600 requests
Completed 700 requests
Completed 800 requests
Completed 900 requests
Completed 1000 requests
Finished 1000 requests
Server Software: Apache/2.2.15
Server Hostname: 172.16.253.147
Server Port: 80
Document Path: /
Document Length: 17 bytes
Concurrency Level: 10
Time taken for tests: 1.029 seconds
Complete requests: 1000
Failed requests: 515
(Connect: 0, Receive: 0, Length: 515, Exceptions: 0)
Write errors: 0
Total transferred: 286060 bytes
HTML transferred: 19060 bytes
Requests per second: 972.22 [#/sec] (mean)
Time per request: 10.286 [ms] (mean)
Time per request: 1.029 [ms] (mean, across all concurrent requests)
Transfer rate: 271.59 [Kbytes/sec] received
Connection Times (ms)
min mean[+/-sd] median max
Connect: 0 2 4.6 1 62
Processing: 1 8 7.3 5 75
Waiting: 1 7 6.8 5 72
Total: 2 10 9.4 7 101
Percentage of the requests served within a certain time (ms)
50% 7
66% 9
75% 11
80% 14
90% 19
95% 25
98% 35
99% 47
100% 101 (longest request)
后端1 的測試日志結(jié)果
[root@chenxiyue ~]# tail /var/log/httpd/access_log
172.16.253.147 - - [28/Aug/2017:18:20:49 +0800] "GET / HTTP/1.0" 200 17 "-" "ApacheBench/2.3"
172.16.253.147 - - [28/Aug/2017:18:20:49 +0800] "GET / HTTP/1.0" 200 17 "-" "ApacheBench/2.3"
172.16.253.147 - - [28/Aug/2017:18:20:49 +0800] "GET / HTTP/1.0" 200 17 "-" "ApacheBench/2.3"
172.16.253.147 - - [28/Aug/2017:18:20:49 +0800] "GET / HTTP/1.0" 200 17 "-" "ApacheBench/2.3"
172.16.253.147 - - [28/Aug/2017:18:20:49 +0800] "GET / HTTP/1.0" 200 17 "-" "ApacheBench/2.3"
172.16.253.147 - - [28/Aug/2017:18:20:49 +0800] "GET / HTTP/1.0" 200 17 "-" "ApacheBench/2.3"
172.16.253.147 - - [28/Aug/2017:18:20:49 +0800] "GET / HTTP/1.0" 200 17 "-" "ApacheBench/2.3"
172.16.253.147 - - [28/Aug/2017:18:20:49 +0800] "GET / HTTP/1.0" 200 17 "-" "ApacheBench/2.3"
172.16.253.147 - - [28/Aug/2017:18:20:49 +0800] "GET / HTTP/1.0" 200 17 "-" "ApacheBench/2.3"
172.16.253.147 - - [28/Aug/2017:18:20:49 +0800] "GET / HTTP/1.0" 200 17 "-" "ApacheBench/2.3"
后端2 測試后日志結(jié)果
[root@chenxi ~]# tail /var/log/httpd/access_log
172.16.253.147 - - [28/Aug/2017:18:20:50 +0800] "GET / HTTP/1.0" 200 21 "-" "ApacheBench/2.3"
172.16.253.147 - - [28/Aug/2017:18:20:50 +0800] "GET / HTTP/1.0" 200 21 "-" "ApacheBench/2.3"
172.16.253.147 - - [28/Aug/2017:18:20:50 +0800] "GET / HTTP/1.0" 200 21 "-" "ApacheBench/2.3"
172.16.253.147 - - [28/Aug/2017:18:20:50 +0800] "GET / HTTP/1.0" 200 21 "-" "ApacheBench/2.3"
172.16.253.147 - - [28/Aug/2017:18:20:50 +0800] "GET / HTTP/1.0" 200 21 "-" "ApacheBench/2.3"
172.16.253.147 - - [28/Aug/2017:18:20:50 +0800] "GET / HTTP/1.0" 200 21 "-" "ApacheBench/2.3"
172.16.253.147 - - [28/Aug/2017:18:20:50 +0800] "GET / HTTP/1.0" 200 21 "-" "ApacheBench/2.3"
172.16.253.147 - - [28/Aug/2017:18:20:50 +0800] "GET / HTTP/1.0" 200 21 "-" "ApacheBench/2.3"
172.16.253.147 - - [28/Aug/2017:18:20:50 +0800] "GET / HTTP/1.0" 200 21 "-" "ApacheBench/2.3"
172.16.253.147 - - [28/Aug/2017:18:20:50 +0800] "GET / HTTP/1.0" 200 21 "-" "ApacheBench/2.3"
另一種算法的設(shè)置
#---------------------------------------------------------------------
# Example configuration for a possible web application. See the
# full configuration options online.
#
# http://haproxy.1wt.eu/download/1.4/doc/configuration.txt
#
#---------------------------------------------------------------------
#---------------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------
global
# to have these messages end up in /var/log/haproxy.log you will
# need to:
#
# 1) configure syslog to accept network log events. This is done
# by adding the '-r' option to the SYSLOGD_OPTIONS in
# /etc/sysconfig/syslog
#
# 2) configure local2 events to go to the /var/log/haproxy.log
# file. A line like the following can be added to
# /etc/sysconfig/syslog
#
# local2.* /var/log/haproxy.log
#
log 127.0.0.1 local2 # 日志的定義需要在日志服務(wù)器的配置文件中定義
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy
daemon
# turn on stats unix socket
stats socket /var/lib/haproxy/stats
#---------------------------------------------------------------------
# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
#---------------------------------------------------------------------
defaults
mode http
log global
option httplog
option dontlognull
option http-server-close
option forwardfor except 127.0.0.0/8
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 3000
#---------------------------------------------------------------------
# main frontend which proxys to the backends
#---------------------------------------------------------------------
frontend chenxi
bind *:80 #定義客戶端訪問的端口
default_backend webchenxi #定義調(diào)度到的組
backend webchenxi #定義組內(nèi)的信息
balance uri #定義調(diào)度算法 Uri 目標
server CX1 172.16.251.61:80 check maxconn 3 #定義組內(nèi)的主機;并做健康檢測
server CX2 172.16.254.74:80 check #定義組內(nèi)的主機诽偷;并做健康檢測
hash-type consistent 對URI最目標目標地址哈希
#frontend main *:5000
# acl url_static path_beg -i /static /images /javascript /stylesheets
# acl url_static path_end -i .jpg .gif .png .css .js
# use_backend static if url_static
# default_backend app
#---------------------------------------------------------------------
# static backend for serving up images, stylesheets and such
#---------------------------------------------------------------------
#backend static
# balance roundrobin
# server static 127.0.0.1:4331 check
#---------------------------------------------------------------------
# round robin balancing between the various backends
#---------------------------------------------------------------------
#backend app
# balance roundrobin
# server app1 127.0.0.1:5001 check
# server app2 127.0.0.1:5002 check
# server app3 127.0.0.1:5003 check
# server app4 127.0.0.1:5004 check
[root@localhost haproxy]# systemctl reload haproxy.service 重啟服務(wù)
r1的設(shè)置
[root@chenxiyue ~]# cd /var/www/html/
[root@chenxiyue html]# mkdir chenxidy
[root@chenxiyue html]# echo "r1serve" > chenxidy/index.html
[root@chenxiyue html]# cat index.html
<h1>chenxi1</h1>
[root@chenxiyue html]# cat chenxidy/index.html
r1serve
r2 的相關(guān)設(shè)置
[root@chenxi ~]# cd /var/www/html/
[root@chenxi html]# mkdir chenxidy
[root@chenxi html]# echo "server 2" chenxidy/index.html
server 2 chenxidy/index.html
[root@chenxi html]# echo "server 2" > chenxidy/index.html
客戶端測試
[root@root ~]# curl 172.16.253.147/chenxidy/index.html
r1serve
[root@root ~]# curl 172.16.253.147/chenxidy/index.html
r1serve
[root@root ~]# curl 172.16.253.147/chenxidy/index.html
r1serve
[root@root ~]# curl 172.16.253.147/chenxidy/index.html
r1serve
[root@root ~]# curl 172.16.253.147/chenxidy/index.html
r1serve
[root@root ~]# curl 172.16.253.147/chenxidy/index.html
r1serve
[root@root ~]# curl 172.16.253.147/chenxidy/index.html
r1serve
[root@root ~]# curl 172.16.253.147/chenxidy/index.html
r1serve
瀏覽器只要相同的就發(fā)給同一臺主機 坤学;啟用壓縮
#---------------------------------------------------------------------
# Example configuration for a possible web application. See the
# full configuration options online.
#
# http://haproxy.1wt.eu/download/1.4/doc/configuration.txt
#
#---------------------------------------------------------------------
#---------------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------
global
# to have these messages end up in /var/log/haproxy.log you will
# need to:
#
# 1) configure syslog to accept network log events. This is done
# by adding the '-r' option to the SYSLOGD_OPTIONS in
# /etc/sysconfig/syslog
#
# 2) configure local2 events to go to the /var/log/haproxy.log
# file. A line like the following can be added to
# /etc/sysconfig/syslog
#
# local2.* /var/log/haproxy.log
#
log 127.0.0.1 local2 # 日志的定義需要在日志服務(wù)器的配置文件中定義
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy
daemon
# turn on stats unix socket
stats socket /var/lib/haproxy/stats
#---------------------------------------------------------------------
# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
#---------------------------------------------------------------------
defaults
mode http
log global
option httplog
option dontlognull
option http-server-close
option forwardfor except 127.0.0.0/8
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 3000
#---------------------------------------------------------------------
# main frontend which proxys to the backends
#---------------------------------------------------------------------
frontend chenxi
bind *:80
compression algo gzip
compression type text/html text/plain application/xml application/javascript
default_backend webchenxi
backend webchenxi
balance hdr(User-Agent)
server CX1 172.16.251.61:80 check maxconn 3
server CX2 172.16.254.74:80 check
hash-type consistent
#frontend main *:5000
# acl url_static path_beg -i /static /images /javascript /stylesheets
# acl url_static path_end -i .jpg .gif .png .css .js
# use_backend static if url_static
# default_backend app
#---------------------------------------------------------------------
# static backend for serving up images, stylesheets and such
#---------------------------------------------------------------------
#backend static
# balance roundrobin
# server static 127.0.0.1:4331 check
#---------------------------------------------------------------------
# round robin balancing between the various backends
#---------------------------------------------------------------------
#backend app
# balance roundrobin
# server app1 127.0.0.1:5001 check
# server app2 127.0.0.1:5002 check
# server app3 127.0.0.1:5003 check
# server app4 127.0.0.1:5004 check
