HAproxy implements reverse proxy, Server Load balancer cluster, and web dynamic/static Separation

1. Introduction to HAproxy

HAproxy is a high-performance proxy server. It provides Lay4 and Lay7 proxies, featuring Healthcheck, Server Load balancer, and access control. It can support tens of thousands of concurrent connections with excellent performance. In addition, the HAproxy operating mode enables it to be easily and securely integrated into the current architecture, while protecting the web servers in the background from being exposed to the network.

Ii. experiment environment and Configuration

1. Environment

System Environment: centos6.4-i386

Haproxy: 1.4.22-3-i686

Installation: yum-yinstallhaproxy

2. Configuration File

Global # global segment log 127.0.0.1 local2chroot/var/lib/haproxypidfile/var/run/haproxy. pidmaxconn 4000 user haproxygroup haproxydaemondefaults # The default configuration is globally valid.) mode http # works in http, tcp, and health based on that mode) log global # define log option httplog # detailed record http log option dontlognull # do not record Health Check log information option http-server-closeoption forwardfor Login T 127.0.0.0/8 option redispatchretries 3 option httplogoption dontlognulloption -server-closeoption forwardfor failed t 127.0.0.0/8 option redispatch # After the server corresponding to ServerID goes down, force redirect to retries 3 of another normal server # The service fails to be connected three times and the service is considered unavailable timeout http-request 10 s # Response Message timeout queue 1 m # queue timeout timeout connect 10 s # connection timeout client 1 m # client timeout server 1 m # server timeout http-keep-alive 10 s # long connection timeout check 10 s # Health Check timeout maxconn 3000 # maximum number of connections frontend webserver # backend appservers # backend server listen stats # The listen segment can be used independently, equivalent to frontend + backend)

Iii. Reverse Proxy

Global configuration and default configuration are the same as above

Frontend webserver # define frontend service bind *: 80default_backend appserverbackend appserver # define backend Service server yxm23 172.16.15.23: 80 check # service name IP: PORT Health check

650) this. width = 650; "title =" Unnamed 1.png "src =" http://www.bkjia.com/uploads/allimg/131227/20410SI1-0.png "alt =" 161353479.png"/>

Implement reverse proxy using the listen segment

listen  webserverbind *:80server yxm23      172.16.15.23:80 check

Define two groups of services (listen, frontend, and backend). bind ports cannot be the same.

Access: 172.16.15.18: 8080 to install the IP address of the haproxy Server

frontend  webserverbind *:80default_backend    appserverbackend appserverserver yxm23      172.16.15.23:80 checklisten staticserverbind *:8080server yxm14    172.16.15.14:80 check

4. Provide status page

Listen statsbind *: 8088 define any port) stats enable # default path of the startup status page http: // 172.16.15.18: 8080/haproxy? Statsstats hide-version # hide version Bbackend) Ddefaults) Llisten) stats realm Haproxy \ yxm # provide authentication to access the User Password required) B D Lstats auth yxm: yxm # authenticate the user name and password B d Lstats admin if TRUE # The administrator must first pass the authentication) l B stats url/hyxm modify the default path D L B

650) this. width = 650; "title =" Unnamed 2.png "src =" http://www.bkjia.com/uploads/allimg/131227/20410Q404-1.png "alt =" 161437864.png"/>

650) this. width = 650; "title =" Unnamed 3.png "src =" http://www.bkjia.com/uploads/allimg/131227/20410V911-2.png "alt =" 161509310.png"/>

5. Load Balancing

1. Scheduling Algorithm

Roundrobin: Weighted Round Robin

Static-rr: rotation, static scheduling algorithm

Sourceuri

Hash-type: map-based static

Hash-type: consistent dynamic

2. features supported by Dynamic Scheduling Algorithms

<1> adjust the weight during service running

<2> support for slow start

Load Balancing using static scheduling algorithms

Frontend webserver bind *: 80 default_backend appservers backend appservers server yxm23 172.16.15.23: 80 check # Two backend services: server yxm14 172.16.15.14: 80 check

650) this. width = 650; "title =" Unnamed 4.png "src =" http://www.bkjia.com/uploads/allimg/131227/20410S625-3.png "alt =" 161547826.png"/>

Dynamic Scheduling Algorithm for Load Balancing

Backend appservers balance source # scheduling algorithm source, uri: Applicable to cache servers) hash-type consistent # hash type, consistent hash algorithm server yxm23 172.16.15.23: 80 check weight 2 # default service, after the service is down, the service will be started later. After the service is repaired, the Service server yxm14 172.16.15.14: 80 check weight 3 #

6. Use ACL to implement web dynamic/static Separation

1. ACL Syntax Parsing

ACLfronedlistenbackend) scope of use

Syntax acl <aclname> <criterior> [flags] [operator] <value>

Aclacl name standard flag operator Value

Flag:-I: case insensitive

Value Type: ranges: range, number 1024: 65535 # port 1024 to 65535

Operators: ge, eq, lt, le, gt

Strings string

Regularexpression Regular Expression

IPaddressesandnetworksIP address or network address

Criterior: Standard

Dst <IP>, dst_port, src, src_port

Path: access path

Path_beg: the path starts #####

Eg: aclstaticpath_end.htmlend with .html

Path_end: the path ends ####

Path_reg: Regular Expression matching is slower than string matching)

Url, url_beg, url_end

Hdr_beg (host): The host name starts ####

2. web dynamic/static Separation

Frontend webserver bind *: 80 acl static path_beg-I/static/images/javascript/stylesheets acl static path_end-I. jpg. png. jpeg. gif. swf. css. js use_backend staticserve if static default_backend appservers backend static banlance roundrobin server yxm14 172.16.15.14: 80 check weight 1 maxconn 2000 # backend server yxm18 127.0.0.1 check weight 1 backup # local host as backup host backend appservers banlance roundrobin server yxm23 172.16.15.23: 80 check weight 1 maxconn 1000 # backend server yxm18 127.0.0.1 check weight 1 backup # local host as backup host

This article is from the "cloud overlooking" blog, please be sure to keep this source http://dreamwolf.blog.51cto.com/6365503/1303972