Configure the server Load balancer Web Cluster in Ubuntu

There are many Server Load balancer solutions. The haproxy + keepalived solution is used here.

Introduction

Haproxy Introduction

Haproxy is a high-performance TCP/HTTP load balancing server software with fast speed and high availability. It is applicable to all TCP or HTTP-based applications, especially for busy Web Services. In today's mainstream server configurations, tens of thousands of concurrent connections can be easily supported.

Introduction to keepalived

From the name of keepalived, we can see that it serves as "Keep Alive", so that your system can run normally and never go down. The purpose of keepalived is to detect the status of multiple web servers.

If the server fails, keepalived will soon detect and remove it from the system. After it returns to normal, keepalived will automatically add it to the server group. No manual interference is required throughout the process. All you need to do is to fix faulty nodes.

Benefits of haproxy + keepalived

This cluster solution has many advantages:

Configuration is very convenient.

In case a web server goes down, the system can promptly discover and deliver access requests to healthy servers, so that users will not be able to access the server. This is the embodiment of "high availability.

The server Load balancer server distributes access requests to idle Web servers instead of busy ones. This is an embodiment of "Server Load balancer.

Failover (Failover) is very short. If the status check frequency is set to once per second, once the Server Load balancer server fails, the slave server will immediately become the master server in 1 second.

Haproxy supports sessions, which can better handle session issues. Many websites are session-based, such as forums and shopping carts.
When a session is created on Apache Node 1 during shopping, if Node 2 suddenly takes over your access request, your shopping information will be lost because the session will also be lost. But I
The solutions we adopt will not produce such problems.

Architecture

In this example, there are two Apache nodes and two Server Load balancer nodes. Five IP addresses are required for the four servers. Of course, the four IP addresses are allocated to each of the four servers. The remaining IP address is called "virtual IP Address", which is used to share the two Server Load balancer nodes.

Architecture details

The configuration information is as follows:

Server Load balancer Node 1: lb1.mytest.com (lB1); IP Address: 192.168.1.10;

Server Load balancer Node 2: lb2.mytest.com (LB2); IP Address: 192.168.1.11;

Web Node 1: www1.mytest.com (www1); IP Address: 192.168.1.12;

Web Node 2: www2.mytest.com (www2); IP Address: 192.168.1.13;

Virtual IP Address: 192.168.1.14, used to process access requests.

Architecture implementation

Web Server installation and configuration

1. Install apache2

First, we install apache2 on two web nodes www1 and www2:

$sudo apt-get install apache2

The installer has created a virtual host/etc/apache2/sites-available/default. The default www root directory is/var/www /.

2. Modify apache2.conf

In this solution, we will configure haproxy as a transparent reverse proxy, which will pass the visitor's IP address to the Web server using the X-forwarded-for variable. Of course, we want Apache to record the visitor's IP address in the log, rather than the IP address of the Server Load balancer.

Therefore, modify apache2.conf to change % H in logformat to % {X-forwarded-for} I.

$sudo nano /etc/apache2/apache2.conf

[...]

# Logformat "% H % L % u % t \" % R \ "%> S % B \" % {Referer} I \ "% {User-Agent} I \ "" combined

Logformat "% {X-forwarded-for} I % L % u % t \" % R \ "%> S % B \" % {Referer} I \ "% {User-Agent} I \ "" combined

[...]

3.create a file check.txt

We will use haproxy to monitor the status of Web nodes. Therefore, we need to prepare a file under/var/www/on two web nodes. If haproxy can access this file, it indicates that the Web node is normal; otherwise, it indicates that the Web node is faulty.

The name of the file can be defined. we name the file check.txt;

$sudo touch /var/www/check.txt

4. Modify VM configurations

We do not expect the virtual machine to record the access to check.txt in the log, which will interfere with log analysis. Therefore, we need to modify the configuration file of the VM:

$sudo nano /etc/apache2/sites-available/default

[...]

Setenvif request_uri "^/check \. txt $" dontlog

Custimlog/var/log/apache2/access. Log combined Env =! Dontlog

[...]

Make sure that no other customlog exists in the configuration file.

Finally, restart Apache:

$ Sudo/etc/init. d/apache2 restart

Installation and configuration of haproxy

The following operations are performed on lb1.mytest.com and lb2.mytest.com.

1. Install haproxy

Okay. Now we will install haproxy:

$ Sudo apt-Get install haproxy

2. Configure haproxy. cfg

The configuration file of haproxy is/etc/haproxy. cfg. We will back up the original file and create a new one:

$sudo mv /etc/haproxy.cfg /etc/haproxy.cfg-back

$sudo nano /etc/haproxy.cfg

Global

Log 127.0.0.1 local0

Log 127.0.0.1 local1 notice

Maxconn 4096

User haproxy

Group haproxy

Ults

Log global

Mode HTTP

Option httplog

Option dontlognull

Retries 3

Redispat ch

Maxconn 2000

Contimeout 5000

Clitimeout 50000

Srvtimeout 50000

Listen webfarm 192.168.1.14: 80

Mode HTTP

Stats enable

Sats auth admin: Password

Balance roundrobin

Cookie JSESSIONID prefix

Option httpclose

Option forwardfor

Option httpchk head/check.txt HTTP/1.0

Server weba 192.168.1.12: 80 cookie a check

Server Webb 192.168.1.13: 80 cookie B check

The retries in the preceding configuration specifies the number of retries, that is, after a web node cannot be accessed, it will retry three more times. The cookie JSESSIONID prefix line is used to process the session.

This configuration enables haproxy to listen to port 80 of the virtual IP address 192.168.1.14, and the following two Web servers are 192.168.1.12 and 192.168.1.13 respectively, with the file/check.txt as the check target.

Haproxy has rich configuration options. For more information, see:

Http://haproxy.1wt.eu/download/1.3/doc/haproxy-en.txt

3. Modify/etc/sysctl. conf

To bind haproxy to a virtual IP address, we need to modify/etc/sysctl. conf:

$sudo nano /etc/sysctl.conf

Add the following line

net.ipv4.ip_nonlocal_bind = 1

Then, make it take effect:

$sudo sysctl -p

4. Enable haproxy to start automatically

Now, modify/etc/default/haproxy so that haproxy can be automatically started at system startup.

$sudo nano /etc/default/haproxy

# Set enabled to 1 if you want the init script to start haproxy.

Enabled = 1

# Add extra flags here.

# Extraopts = "-de-M 16 ″

Install and configure keepalived

We have configured lB1 and LB2 to let haproxy listen to the virtual IP address 192.168.1.14. But should it be lB1 or LB2 that listens to this IP address? This work is done by keepalived.

Keepalived assigns lB1 and LB2 as "master" and "slave". The master server is usually responsible for the work and the slave server is on standby.

1. Install keepalived

Now let's install keepalived:

$sudo apt-get install keepalived

The software is also very small and can be installed soon.

2. Configure keepalived

Now let's configure keepalived. Its configuration file is located in/etc/keepalived. conf.

We use lB1 as the "master server" of Server Load balancer and LB2 as the "slave server ". This is achieved through the priority (priority) in the configuration file. Set priority to 101 on "main service shouting" and "slave server" to 100.

On lB1, set/etc/keepalived. conf:

$sudo nano /etc/keepalived/keepalived.conf

Vrrp_script chk_haproxy {

Script "Kill-0 haproxy"

Interval 2 # Check every 2 seconds

Weight 2

}

Vrrp_instance vi_1 {

Interface eth0

State master

Virtual_router_id 51

Priority 101 #101 is "master", 100 is "slave"

Virtual_ipaddress {

192.168.1.14

}

Track_script {

Chk_haproxy

}

}

Then, run the keepalived service:

$sudo /etc/init.d/keepalived start

On LB2, set/etc/keepalived. conf:

$sudo nano /etc/keepalived/keepalived.conf

Vrrp_script chk_haproxy {

Script "Kill-0 haproxy"

Interval 2 # Check every 2 seconds

Weight 2

}

Vrrp_instance vi_1 {

Interface eth0

State master

Virtual_router_id 51

Priority 100 #101 is "master", 100 is "slave"

Virtual_ipaddress {

192.168.1.14

}

Track_script {

Chk_haproxy

}

}

Then, run the keepalived service:

$sudo /etc/init.d/keepalived start

Now, you can view the IP address information on lB1 and LB2 respectively:

$ip addr sh eth0

On lB1, you can see the virtual IP address 192.168.1.14.

On LB2, you cannot see the virtual IP address 192.168.1.14.

Finally, start haproxy on lB1 and LB2 respectively:

$sudo /etc/init.d/haproxy start