Linux haproxy and keepalived hot standby

Source: Internet
Author: User
Tags gpg openssl haproxy

HAProxy

It's a free, fast and reliable solution. No, for those Web sites that are loaded with extra load
These sites often require session hold or seven-tier processing
Provides high availability, load balancing, and proxy based on TCP and HTTP applications

Factors that measure the performance of your load balancer
Session Rate:
Number of sessions generated per second
Session concurrency number of concurrent sessions:
The longer the server processes the session, the more concurrent sessions
Data rate:
Measured in MB/s or Mbps, large objects result in increased number of concurrent sessions,
High session count, high data rate requires more memory

Haproxy working mode
Mode http:
Client requests are analyzed in depth and then sent to the server
HTTP Transaction Model:
HRRP Close, the client establishes a TCP connection like a server, and a three-time handshake consumes relatively large system resources with a large delay
Keep-alive, a single connection can transmit multiple requests
Open keep-alive
[Email protected] ~]# vim/etc/httpd/conf/httpd.conf
KeepAlive on
[Email protected] ~]# vim/etc/httpd/conf/httpd.conf
KeepAlive on
pipelining, use keep-alive for pages with a large number of images, reducing network latency between multiple requests
Mode TCP:
A session is established between the client and the server without checking the seventh level of information
Mode Health:
Health Check only, not recommended for use


Example: Configuring Haproxy
[[email protected] ~]# yum-y install pcre pcre-devel (Install development dependency package)
[Email protected] ~]# TAR-XF haproxy-1.4.24.tar.gz
[Email protected] ~]# yum-y install gcc gcc-c++
[email protected] haproxy-1.4.24]# make use_pcre=1 prefix=/usr/local/haproxy target=linux2628 Install (configuration file description kernel version above 2.6 to write kernel version)
[[email protected] ~]# ln-s/usr/local/haproxy/sbin/haproxy//usr/local/sbin/(establish symbolic link)
[Email protected] ~]# mkdir/usr/local/haproxy/conf
[[email protected] haproxy-1.4.24]# CP examples/haproxy.cfg/usr/local/haproxy/conf/(sample files from the copy installation source directory)
Haproxy configuration file Description
Command line: Always has the highest priority
Global section: Setting process-level parameters globally
Proxy declarations section: from Default,listen,frontend and backend
Default: Defaults are set for the rest of the subsequent sections, and the default parameters can be reset by subsequent sections
Frontend: Describes accepting a client listening socket (socket) set
Backend: A server set that describes forwarding links
Listen: A complete statement that combines frontend and backend
[Email protected] ~]# vim/usr/local/haproxy/conf/haproxy.cfg
Global
....
Maxconn 4096 (maximum number of connections)
Chroot/usr/share/haproxy
Pidfile/var/run/haproxy.pid (add PID file)
.......
Defaults
....
Option Redispatch (change to option)
Stats Uri/ha_mon (add URI, the path is freely written)
...
Listen Appli1-rewrite 0.0.0.0:80 (0.0.0.0 equivalent to virtual IP)
Cookie ServerID Rewrite
Balance Roundrobin
Server Web1 192.168.4.2:80 Cookie App1inst1 check Inter 2 rise 5 (server name, IP address)
Server web2 192.168.4.3:80 Cookie App1inst2 check Inter 2 rise 5 (remove the following not configured)
[[email protected] conf]# haproxy-f/usr/local/haproxy/conf/haproxy.cfg (open service)
[[email protected] conf]# NETSTAT-TLNP |grep:80 (view listening port)
TCP 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 13810/haproxy
[[email protected] ~]# Firefox http://192.168.4.4/ha_mon (test access view monitoring)
[[email protected] ~]# kill $ (pidof Haproxy) (Close process)
[Email protected] ~]# pidof haproxy
13810
[[email protected] ~]# haproxy-f/usr/local/haproxy/conf/haproxy.cfg-st 13810 (restart)


——————————————————————————————————————————————————————————————————————————————

Keepalived Hot Spare

Keepalived implements a highly available cluster, originally designed for LVS, specifically monitoring the status of each server node
Later added the VRRP function to prevent single point of failure (VRRP virtual Redundant routing protocol)

Keepalived Operating principle
Keepalived detects each server node state, server node exception or work failure, keepalived remove the failed node from the cluster system,
After the failed node is restored, the keepalived is added to the cluster system
Automatic completion of all work without manual intervention

Example: Configure a highly available Web cluster (two Web servers do the same)
[[email protected] ~]# yum-y install gcc gcc-c++ openssl-devel popt popt-devel (Installation dependent)
[Email protected] ~]# TAR-XF keepalived-1.3.6.tar.gz
[Email protected] keepalived-1.2.7]#/configure--sysconf=/etc
[[email protected] keepalived-1.2.7]# make
[[email protected] keepalived-1.2.7]# make install
[Email protected] ~]# ln-s/usr/local/sbin/keepalived/usr/sbin/
[Email protected] ~]# vim/etc/keepalived/keepalived.conf
Vrrp_instance Vi_1 {
State Master (master server, another write secondary server)
Interface Eth0 (the network card being used)
VIRTUAL_ROUTER_ID 51 (Virtual router ID number)
Priority 100 (precedence)
Advert_int 1 (Notification interval)
Authentication {
Auth_type Pass (password authentication method)
Auth_pass 1111 (two sets of passwords)
}
virtual_ipaddress {
192.168.4.200 (IP address provided externally)
}
} (all dd at the bottom of the configuration)
[Email protected] ~]# vim/etc/keepalived/keepalived.conf
Vrrp_instance Vi_1 {
State SLAVE (secondary server)
Interface eth0
VIRTUAL_ROUTER_ID 51
Priority 90 (lower precedence than primary server)
Advert_int 1
Authentication {
Auth_type PASS
Auth_pass 1111
}
virtual_ipaddress {
192.168.4.200
}
}
[[Email protected] ~]# service keepalived start
[[email protected] ~]# Firefox http://192.168.4.200 (Access test)

Example: Building a highly available load-balanced Web cluster
Environment: Put two keepalived stop to implement the DR mode, so the Web service still configures the VIP on Lo
Still need to adjust the parameters to remove the VIP on the first LVS
Empty the LVS rule on the first scheduler
Then prepare a scheduler with the hostname LVS2,IP address of 192.168.4.4
Installing LVS on the second scheduler (IPVSADM)

Remove the VIP on the LVs and empty the LVS rules
[Email protected] network-scripts]# RM-RF ifcfg-eth0:0
[Email protected] ~]#/etc/init.d/network restart
[Email protected] ~]# ipvsadm-d-t 192.168.4.100:80
Installing LVS
[Email protected] ~]# Vim/etc/yum.repos.d/rhel6.repo
[Rhel]
Name=linux NSD
Baseurl=file:///root/myiso/loadbalancer (need to add this path, yum defaults to find the server this library)
Enabled=1
Gpgcheck=1
Gpgkey=file:///etc/pki/rpm-gpg/rpm-gpg-key-redhat-release
[Email protected] ~]# yum-y install Ipvsadm
Installation dependent, install keepalived (two LVS do the same operation)
[Email protected] ~]# yum-y install gcc gcc-c++ openssl-devel popt-devel
[Email protected] ~]# TAR-XF keepalived-1.2.7.tar.gz
[Email protected] keepalived-1.2.7]#/configure--sysconf=/etc/
[[email protected] keepalived-1.2.7]# make
[[email protected] keepalived-1.2.7]# make install
[Email protected] keepalived-1.2.7]# ln-s/usr/local/sbin/keepalived/usr/sbin/
[Email protected] keepalived-1.2.7]# vim/etc/keepalived/keepalived.conf
Global_defs {
Notification_email {
[Email protected] (the server has a problem will send mail to this mailbox)
}
Notification_email_from [email protected] (who sent the email)
Smtp_server 127.0.0.1 (e-mail address)
Smtp_connect_timeout 30
router_id Lvs_devel
}
Vrrp_instance Vi_1 {
State Master (master server, another LVs to write Vice-server)
Interface eth0
VIRTUAL_ROUTER_ID 51
Priority 100
Advert_int 1
Authentication {
Auth_type PASS
Auth_pass 1111
}
virtual_ipaddress {
192.168.4.100

}
}
Virtual_server 192.168.4.100 80 {(Virtual IP of lo:0 on real machine)
Delay_loop 6
Lb_algo RR (RR algorithm)
Lb_kind Dr (Dr Mode)
Nat_mask 255.255.255.0
Persistence_timeout 50
Protocol TCP

Real_server 192.168.4.2 80 {(Real server address)
Weight 1
Tcp_check {(default is SSL, changed to TCP)
Connect_timeout 3
Nb_get_r Etry 3
Delay_before_retry 3
}
}
Real_server 192.168.4.3 80 {(Real server address)
Weight 1
Tcp_check {(default is SS here) L, change to TCP)
Connect_timeout 3
Nb_get_retry 3
delay_before_retry 3
}
}
} (The following configuration file all dd)
[[email& Nbsp;protected] keepalived-1.2.7]# scp/etc/keepalived/keepalived.conf 192.168.4.5:/etc/keepalived/ (Copy the configured service to the LVS2 configuration directory)
[[email protected] keepalived-1.2.7]# vim/etc/keepalived/keepalived.conf
Vrrp_ Instance vi_1 {
State SLAVE (changed to secondary server)
Interface eth0
virtual_router_id {
Priority 90 (precedence)
[[email  ;p rotected] ~]# service keepalived start; Chkconfig keepalived on
[[email protected] ~]# ipvsadm-ln (authentication)
[[email protected] ~]# Firefox/http/ 192.168.4.100/bbs (Access test)

——————————————————————————————————————————————————————————————————————————————— —————————————-

Linux haproxy and keepalived hot spares

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.