Haproxy+keepalived Building a Web cluster

Source: Internet
Author: User
Tags install openssl node server haproxy rsyslog

haproxy+keepalived Build WEB Cluster

We have learned two Web cluster software nginx and LVS, they have their own characteristics, this chapter will introduce another cluster software haproxy, we will be on its scheduling algorithm, cluster environment, as well as the configuration of the cluster to explain.

Haporxy is currently a more popular scheduling tool, the previous study of the LVS configuration is relatively complex, nginx can not achieve health check performance is not haproxy good. The official site is located in htp://haproxy.1wt.eu/.

Today we will introduce the use of Haproxy to build a set of web clusters

I. Case Overview 1, pre-case Knowledge point 1) HTTP request

Web sites are accessed through URLs using the HTTP protocol, which is commonly referred to as HTTP requests, the way the HTTP requests are divided, the Get and post methods. The status code is returned based on the request, and normally the 2XX,3XX error is returned when the request is successful 4xx,5xx

2) load Balancing scheduling algorithm

LVS, nginx the most common algorithm is the three kinds are:

RR (round robin). RR algorithm is the simplest algorithm, that is, polling scheduling, according to the order of the allocation of requests

LC (Lease Connections). LC is the minimum number of connections, the scheduler is dynamically allocated based on the load of the current server node, the node is small, and the scheduler allocates requests to that node.

SH (Source hsahing). SH is based on the original address scheduling algorithm, this algorithm is often used to require authentication of the site, the first user's first request to the first node server, the second user's first request to the second node server, when the first user's second request is sent to the first node to process. This scheduling algorithm application scenarios such as requiring user name password login site, if the customer is the first node server response, the second request has been assigned to the second node server, then the customer must enter a verification information to reach the purpose of access, this method is not advisable. In addition to SH we can also use a caching mechanism to implement Memchack.

3. Case Environment

Today we need four hosts to

650) this.width=650; "title=" clip_image002 "style=" border-top:0px; border-right:0px; Background-image:none; border-bottom:0px; padding-top:0px; padding-left:0px; border-left:0px; margin:0px; padding-right:0px "border=" 0 "alt=" clip_image002 "src=" Http://s3.51cto.com/wyfs02/M02/77/B2/wKiom1ZsCl6Dc1ZmAABn_ Zpa1j4643.jpg "" 644 "height=" 378 "/>

Figure 1

II. implementation of the case 1, compile and install Haproxy

The first haproxy is 192.168.1.1 centos1.lzg.com

Deployment Haproxy requires Pcre-devel Bzip2-devel package support, so advanced installation related packages

[Email protected] ~]# yum-y install Pcre-devel bzip2-devel

[Email protected] ~]# tar zxf haproxy-1.4.24.tar.gz

[Email protected] ~]# CD haproxy-1.4.24

[[email protected] haproxy-1.4.24]# make target=linux26//64-bit system

[[email protected] haproxy-1.4.24]# make install

2. Add Service Script

[email protected] haproxy-1.4.24]# CP Examples/haproxy.init/etc/init.d/haproxy

[Email protected] haproxy-1.4.24]# chkconfig--add haproxy

[Email protected] haproxy-1.4.24]# chkconfig haproxy on

[Email protected] haproxy-1.4.24]# ln-s/usr/local/sbin/*/usr/sbin/

[Email protected] haproxy-1.4.24]# chmod +x/etc/init.d/haproxy

3. Haproxy Configuration

1) Set up Haproxy configuration file

[Email protected] haproxy-1.4.24]# Mkdir/etc/haproxy

[email protected] haproxy-1.4.24]# CP examples/haproxy.cfg/etc/haproxy/

2) Introduction of Haproxy configuration file

The Haproxy configuration file is divided into three sections. That is, global, default, listen. Global is globally configured, defaults is the default configuration, listen is configured for application components

The global configuration usually consists of the configuration parameters

Global

Log/dev/log local0 Info

log/dev/log local0 notice// device and record level for log storage

Maxconn 4096//maximum number of connections

UID 99//UID of program user

GID 99//GID of program user group

Daemon//Background run

RETRIEE 3//Retry count

option Http-server-close// Active shutdown http Request Options

Timeout http-keep-alive// Maximum Connection time-out

Timeout Http-requota//http request time-out period

Timeout client// Client Timeout Time

pidfile/var/run/haproxy.pid//pid path to file and filename

#debug

#quiet

#chroot/usr/share/haproxy

The above configuration Red section is added, the green part is modified, the blue part is the comment section, the black part is the default part.

Defaults configuration items, which are typically inherited by the application component, are used by default if there is no special declaration in the application component.

Defaults

Log Global//apply the global configuration to the logging format

Mode HTTP//pattern for HTTP

Option Httplog//log format with HTTP

Retries 3//Check the number of nodes

Maxconn 2000//Maximum number of connections

Contimeout 5000//Connection time-out (seconds)

Clitimeout 50000//Client time-out

Srvtimeout 50000//server time-out

option Httpclose// Turn off client requests

In addition to the newly added line, all the rest is the default configuration, can be modified according to the actual situation

Listen configuration items are typically configured to apply module parameters

Listen Webcluster 0.0.0.0:80//listening address and port

Option Httpchk get/index.html//Health Check page file

Balance Roundrobin//polling algorithm

Server Web1 192.168.1.3:80 check Inter fall 3

Server web2 192.168.1.4:80 check Inter fall 3

The above two defines the server pool and health Check 3 times

The following is a configured complete configuration

Global

Log/dev/log local0 Info

Log/dev/log local0 Notice

Maxconn 4096

UID 99

GID 99

Daemon

Nbproc 2

Pidfile/var/run/haproxy.pid

Option Http-server-close

#debug

#quiet

# Chroot/usr/share/haproxy

Defaults

Log Global

Mode http

Option Httplog

Option Dontlognull

Retries 3

Redispatch

Maxconn 2000

Contimeout 5000

Clitimeout 50000

Srvtimeout 50000

Option Httpclose

Listen Webcluster 0.0.0.0:80

Option Httpchk get/index.html

Balance Roundrobin

Server Web1 192.168.1.3:80 check Inter fall 3

Server Web 2 192.168.1.4:80 check Inter fall 3

4. Modify Rsyslog Configuration

[Email protected] haproxy-1.4.24]# vim/etc/rsyslog.d/haproxyconf

if ($programname = = ' Haproxy ' and $syslogseverity-text = =

' Info ') then-/var/log/haproxy/haproxy.info

& ~

if ($programname = = ' Haproxy ' and $syslogseverity-text = =

' notice ') then-/var/log/haproxy/haproxy.notice

& ~

5. Start the service

[[Email protected] haproxy-1.4.24]# service Haproxy start

[Email protected] haproxy-1.4.24]# service Rsyslog restart

Rsyslog will create the relevant files under/var/log/haproxy after startup

There are some hints when starting haproxy because no surviving nodes are detected, so we'll deploy the node next

6, establish firewall rules, allow 80 port inbound

[[email protected] haproxy-1.4.24]# iptables-i input-p TCP--dport 80-j ACCEPT

7, Nginx installation 192.168.1.3

[Email protected] ~]# yum-y install Pcre-devel zlib-devel

[Email protected] ~]# tar zxf nginx-1.6.2.tar.gz

[Email protected] ~]# CD nginx-1.6.2

[Email protected] nginx-1.6.2]#/configure--prefix=/usr/local/nginx--user=nginx--group=nginx && Make & & Make Install

[Email protected] nginx-1.6.2]# useradd-m-s/sbin/nologin nginx

[Email protected] nginx-1.6.2]# ln-s/usr/local/nginx/sbin/*/usr/local/sbin/

[Email protected] nginx-1.6.2]# echo "Node_1" >/usr/local/nginx/html/index.html

Start the NGNX service

[Email protected] nginx-1.6.2]# Nginx

Establish firewall rules

[[email protected] nginx-1.6.2]# iptables-i input-p TCP--dport 80-j ACCEPT

As with the rest of the node configuration, it is recommended that the contents of the test page not be consistent in order to see the effect during testing

Restart Haproxy of Services

8, Configuration keepalived

[Email protected] ~]# yum-y install openssl-devel kernel-devel popt-devel

[Email protected] ~]# tar zxf keepalived-1.2.13.tar.gz

[Email protected] ~]# CD keepalived-1.2.13

[Email protected] keepalived-1.2.13]#/configure--prefix=/--with-kernel-dir=/usr/src/kernels/2.6.32-431.el6.x86 _64/&& make && make install

[Email protected] keepalived-1.2.13]#

[Email protected] keepalived-1.2.13]# chmod +x/etc/init.d/keepalived

[Email protected] keepalived-1.2.13]# chkconfig--add keepalived

[Email protected] keepalived-1.2.13]# chkconfig keepalived on

[Email protected] keepalived-1.2.13]# vim/etc/keepalived/keepalived.conf

Lobal_defs {

Notification_email {

[Email protected]

}

Notification_email_from [email protected]

Smtp_server 127.0.0.1

Smtp_connect_timeout 30

router_id R1

}

Vrrp_instance Vi_1 {

State MASTER

Interface eth0

VIRTUAL_ROUTER_ID 1

Priority 100

Advert_int 1

Authentication {

Auth_type PASS

Auth_pass 123.ABC

}

virtual_ipaddress {

192.168.1.254

[[Email protected] keepalived-1.2.13]# service keepalived start

[Email protected] keepalived-1.2.13]#

Vim/etc/sysconfig/network-scripts/ifcfg-eth0

Nm_controlled=no

[Email protected] keepalived-1.2.13]# service network restart

[Email protected] keepalived-1.2.13]# iptables-i input-p ip-d 224.0.0.18-j ACCEPT

[[Email protected] keepalived-1.2.13]# service Iptables Save

The above is the configuration of 192.168.1.1 keepalived

From the rest of the scheduler, there are three places in the master configuration file that cannot be the same

router_id R2

State BACKUP

Priority 99

Note: Start the service, firewall rules, network card configuration

Verify:

650) this.width=650; "title=" clip_image004 "style=" border-top:0px; border-right:0px; Background-image:none; border-bottom:0px; padding-top:0px; padding-left:0px; border-left:0px; margin:0px; padding-right:0px "border=" 0 "alt=" clip_image004 "src=" http://s3.51cto.com/wyfs02/M00/77/B2/wKiom1ZsCr_ Hdwvzaabcek02m74577.jpg "644" height= "353"/>650) this.width=650; "title=" clip_image006 "style=" border-top:0px; border-right:0px; Background-image:none; border-bottom:0px; padding-top:0px; padding-left:0px; border-left:0px; padding-right:0px "border=" 0 "alt=" clip_image006 "src=" http://s3.51cto.com/wyfs02/M02/77/B2/ Wkiom1zscshifemraaa6tti-5tm536.jpg "" 598 "height=" 353 "/>

OK, today's goal is finished.

Haproxy+keepalived Building a Web cluster

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.