Use haproxy to implement HTTP and TCP reverse proxy and load balancing (entry-level and technical verification)

System Access traffic has encountered performance bottlenecks. The solution is generally to scale up and out in two directions. Scale-up is applicable to systems with a lot of money, because scale-up is actually a direct upgrade of hardware. If the CPU, memory, and Io resources are insufficient, they will be upgraded, with the upgrading of computing power, the system capacity will naturally come up. But why is scale up only applicable to rich people? The more advanced the hardware is, the more expensive it is, and not just linear growth, because sometimes double Io performance may cost you 10 times, and scale up is not conducive to the old ("poor") principle, are all the obsolete hardware environments used for development and testing ?. In the cloud era, we will not discuss the scale up method in detail. Let's take a look at the scale out solution. The scale out solution has a low entry threshold and can be fully utilized in the old environment, because scale out is a scale-out, and the system is under pressure, you only need to fight the machine (not the fight dad ).

The HTTP-based scale-out solution has a lot of good performance and reputation for nginx, and the application request router directly supported by IIS Microsoft on Windows is quite good, in bingocc, you can also directly place an order to order HTTP's elastic support for load balancing. However, the customer's requirements are unlimited. In the past two days, the customer hoped that we could support both HTTP and TCP load balancing, because the customer had a message PUSH Service developed based on the TCP protocol, it is troublesome to convert HTTP to HTTP. Nginx was used previously, but nginx's TCP support module is not included in the native release package, so it is not considered for the moment. In addition, we found haproxy and prepared to test and verify whether the requirements were met.

1. Verify environment considerations

The Open World of Warcraft private server with Web site + TCP port is a good verification environment, because the private server requires a website registered with an account and a TCP link for the game client to log on to the game.

Web site: PhP registration website with port 8888 Enabled

Verification Service: Port 3724

Game service: Port 8085

2. Build the environment:

Purchase two Windows Servers

After the order is placed, the parameters of the two servers are purchased.

Status: Running storage: (none) On Demand: 1.00 RMB/hour Private IP: 172.167.1.238 Public IP: (none) bound

Status: Running storage: (none) On Demand: 1.00 RMB/hour Private IP: 172.167.1.239 Public IP: (none) bound

2.1 configure the wow test Server

The Wow server I used to test is a trinitycore environment downloaded from the Internet. It can be used to build MySQL, web, and game servers in one click, the following configuration only changes the configuration according to the requirements of the test environment.

After one-click installation, the system automatically starts the Apache PHP environment. If you access http: // localhost: 8888 through IE, you can see the registration page of the game account.

2.2 configure MySQL

To test that multiple servers share a set of user data, you must allow the MySQL account to be accessed by multiple machines. Therefore, execute the following command in "allow:

Grant All Privileges On*.*To 'Delimiterity'@'%'IdentifiedBy 'Delimiterity' With Grant Option; Flush rivileges;

2.3 modify the authserver and world server configurations of wow

 
Configuration in authserver. conf
 

 
Logindatabaseinfo ="Wagner. 0.0.1; 3306; Trinity; Logon"
 

To:

 
Logindatabaseinfo ="172.167.1.239; 3306; Trinity; Logon"
 

Modify the configuration of worldserver. conf

Logindatabaseinfo ="172.167.1.239; 3306; Trinity; Logon"Worlddatabaseinfo ="172.167.1.239; 3306; Trinity; World"Characterdatabaseinfo ="172.167.1.239; 3306; Trinity; chars"
 

2.4 connecting a Linux server to a public IP Address

Because we use the two Windows servers behind the haproxy reverse proxy in Linux, we only need one public IP address.

Linux server configuration information:

Status: Running storage: (none)

Package day: 10.00 RMB/day

Private IP: 172.167.1.237

Public IP: China Telecom exclusive 2 m 113.108.230.97

2.5haproxy Configuration

Use Putty to link to the cent OS Server:

CD/tmp

Wget http://haproxy.1wt.eu/download/1.4/src/haproxy-1.4.22.tar.gz

Tar zxvf haproxy-1.4.22.tar.gz

CD haproxy-1.4.22.tar.gz

Make install

CD examples

Mkdir/etc/haproxy

CP haproxy. cfg/etc/haproxy/

CD/ECT/haproxy

Vim haproxy. cfg

Then, change the configuration to the following parts as needed.

HTTP configuration

Listen appli1-rewrite 0.0.0.0: 80

Option httplog

Cookie serverid rewrite

Balance roundrobin

Server app1_1 172.167.1.238: 8888 cookie app1inst1 check inter 2000 rise 2 fall 5

Server app1_1 172.167.1.239: 8888 cookie app1inst1 check inter 2000 rise 2 fall 5

TCP configuration method. TCP has two configurations because it involves authentication port and game port.

Verify port configuration

Listen wowauth 0.0.0.0: 3724

Mode TCP

Option tcplog

TCP/IP request inspect-delay 5S

Server appwow 172.167.1.238: 3724

Server appwow2 172.167.1.239: 3724

Game port configuration

Listen wow 0.0.0.0: 8085

Mode TCP

Option tcplog

TCP/IP request inspect-delay 5S

Option tcpka

Server appwow 172.167.1.238: 8085

Server appwow2 172.167.1.239: 8085

2.6 start haproxy

Haproxy-F haproxy. cfg-P Hap. PID

Note:-p parameter, because the next time you update the configuration, you can use haproxy-F haproxy. CFG-P Hap. PID-SF $ (cathap. PID) command line implementation. If not, you need to manually kill

3. Verify

Verify Web

Visit http: // 113.108.230.97. We can see the registration interface of the game account. Port 8888 is configured on the Windows server. After haproxy is used, we can access it through port 80, reverse Proxy successful

Verify the game server

Start wow.exe and enter the account and password you just registered. The logon is successful.

Let another colleague log on to the server, and the login was successful. Unfortunately, trinitycore does not support scale out, haproxy assigned my colleague's game account to another wow world server. Although he could add my account as a friend, we couldn't receive the call in the world at the same time. It can be seen that haproxy can help you balance TCP requests to different servers.

4. Test Results

Haproxy can easily complete load balancing tasks by configuring reverse proxies for Web and TCP. Unfortunately, the wow server does not support data synchronization between servers (maybe because the game itself has a high requirement on real-time data ), otherwise, we can create tens of thousands of online servers through horizontal scaling of cloud hosts.

5. Tips

Because you have not purchased an Internet IP address for the two backend Windows servers, you cannot use RDP to link to the server. You cannot install the wow server. You can

1. Buy an on-demand IP address and bind it to the server. Release it after use. In this way, you can do it within one hour, and you only need to spend one RMB.
2. Haproxy is used as the reverse proxy of the Remote Desktop port, so that you can use an IP address to link two Windows servers.

Remote Desktop RDP configuration for Windows

Listen remotedesktop 0.0.0.0: 3389

Mode TCP

Option tcplog

TCP/IP request inspect-delay 5S

TCP-request content accept if rdp_cookie

Persist RDP-cookie

Balance RDP-cookie

Option tcpka

Server apprd 172.167.1.238: 3389

 

Listen remotedesktop 0.0.0.0: 5000

Mode TCP

Option tcplog

TCP/IP request inspect-delay 5S

TCP-request content accept if rdp_cookie

Persist RDP-cookie

Balance RDP-cookie

Option tcpka

Server apprd 172.167.1.239: 3389