Installation and use of Haproxy

In the Internet era, the backend system architecture, often can hear the high-availability cluster, load-balanced cluster and other system architecture solutions, including load balancing hardware-based F5, big-IP, and software-based LVS (based on the Linux operating system implementation, performance and hardware-based performance comparable), Nginx, HAProxy (based on third-party application implementation) and so on, this article describes the installation and configuration of HAProxy use.

Haproxy is a high-performance, open-source load balancing software that supports TCP (fourth level of the ISO Reference Model) and HTTP (seventh layer of the ISO Reference Model) protocol, supports virtual hosts, Haproxy implements an event-driven, single-process model, Up to 4 to 50,000 concurrent connections can be maintained at the same time, supporting multiple load balancing algorithms with session retention, as well as ACLs (Access control list).

Above the support of TCP and HTTP protocol application load Balancing, for the TCP layer, mainly through the analysis of IP layer and TCP/UDP layer of traffic to achieve based on "ip+ Port" load balancing, the product in this layer has LVS and F5, etc. for the HTTP layer, in fact, to support HTTP, FTP, SMTP protocol, in addition to support based on the "ip+ port" load balancing, but also according to the message content, and then the load balancing algorithm to select back-end server, become "content switch", in this layer of products have haproxy, nginx and so on. It can be found that in the HTTP layer to achieve the load balance of the message content, Haproxy need to first establish a TCP connection with the client, and then based on the content of the backend forwarding, here in the Haproxy and back-end machine will also establish a TCP connection, haproxy equivalent to the proxy, and in the TCP layer , the client and the backend server directly establish a TCP connection, haproxy the equivalent of a route.

Haproxy's official website: http://www.haproxy.org

After probably understanding the Haproxy, the following begins to install the use, here download the current latest version (HAPROXY-1.7.1.TAR.GZ):

1. installation files:

　　

2. Unzip: Tar zxf haproxy-1.7.1.tar.gz

3. Go to the installation file directory: CD haproxy-1.7.1

4. Compile: Make target=linux26 prefix=/usr/local/haproxy171

　　

Without errors, proceed to the next step to install:

5. Install: sudo make install prefix=/usr/local/haproxy171

　　

6. Haproxy after installation is no configuration file directory, here manually created:

　　

7. For convenience, the previous configuration file is copied to use, the file content is as follows:

Globallog 127.0.0.1local0 infomaxconn 4096daemon    nbproc 1    pidfile/usr/local/sbin/haproxy.piddefaults    Retries3    Timeout Connect 10s    timeout client 30s    Timeout server 30s    timeout check 5sfrontend www    Bind *:6604    mode http    option httplog    option forwardfor    option httpclose    log Global    Default_backend htmpoolbackend htmpool    mode http    option Redispatch    balance roundrobin        Server APP _update_note app_update_note:8000  check Inter rise 2 Fall 5

8. configuration file parsing:

　　　　Global segment:

The global configuration parameter, which is a process-level configuration, is typically related to the operating system configuration.

　　　　

LOG: Logging configuration, where local0 is a log device followed by logging levels: Err, warning, info, Debug. Haproxy uses the Linux system's Rsyslog service (the CentOS6.3 version no longer uses the syslog, uses the Rsyslog) to record the log, details can go to its official website to understand: http://www.rsyslog.com

　　　　

Maxconn sets the maximum number of concurrent connections that each haproxy process can accept.

Daemon settings Haproxy run in the background.

Nbproc sets the number of processes that can be created at haproxy startup by default of 1, which should be less than the number of CPU cores for the server.

Pidfile configures the PID file path of the process after Haproxy startup.

　　　　Defaults segment:

The default parameter configuration, which covers the frontend segment and the backend segment in this partial parameter scope.

　　　　

Retries configures the number of failed retries to connect to the back-end server and marks the failed backend server as unavailable after more than 3 attempts.

Timeout Connect configuration The maximum wait time to successfully connect to a server, the default unit is milliseconds, or you can specify your own units

Timeout client configures the maximum wait time when the connection client sends data, the default unit is milliseconds, or the unit can be specified by itself.

The timeout server configures the server side to respond to the maximum wait time when the client data is sent, the default unit is milliseconds, or you can specify your own units.

The timeout check configures the detection time-out for the backend server, which is the default unit of milliseconds or the unit you specify.

　　　　Frontend segments (ACL rules are also configured in this section):

Front-end Listener server configuration

　　　　

This defines a front-segment virtual node for a "www" name.

BIND is configured with a listening address and port, which is set to "*" to indicate all IPV4 addresses for the current system, and port recommendations are greater than 1024.

Mode is configured in HTTP mode so that client requests are parsed for content before being forwarded to the backend server.

Option Httplog configures enable logging to log HTTP requests, and Haproxy only logs the TCP logs by default.

Option Forwoardfor configures the backend server to obtain the client's real IP, which records the client IP by adding "x-forwarded-for".

Option Httpclose Configure the Haproxy to actively close this TCP connection after the client and server have completed a connection request.

The log global configuration uses a global logging configuration.

Default_backend the backend group used by the Htmpool configuration.

　　　　Backend segment:

A back-end server cluster configuration that truly handles user requests for a server group.

　　　　

This defines a back-end unit with a "Htmpool" name.

Mode is configured for HTTP modes

Option Redispatch is used in a cookie-keeping environment, this parameter is suggested to be added.

The balance Roundrobin configuration uses an algorithm based on weights for round-robin scheduling, which is recommended in a more uniform server performance distribution. There are several other algorithms:

--STATIC-RR (also based on the weight of the rotation scheduling, but is a static method, the runtime adjusts the backend unit weight will not use the new weight)

--Source (hash operation based on request source IP to match back-end unit)

--Leastconn (not suitable for short session environments, such as HTTP-based applications)

--URI (hash operation of the entire URI)

--Uri_param (forwards the parameters in the URI)

--HDR (<name>): forwarded based on HTTP header, without which the header is converted to use Roundrobin

Server specifies backend machine, format: Server < custom name, easy to identify host > < host IP or name >:< port > [params ...]

[Params ...] Parameters:

Check indicates health checks on back-end servers

Inter 2000 health Check time interval is 2000 milliseconds

Rise 2 Number of successful checks required to transition from a failed state to a normal state

Fall 5 Number of times a back-end server needs to be checked from normal to failed state

Optional:

Weight: Weight, default 1, maximum of 265,0 means not participating in load balancing

9. Log configuration (Prerequisite: HAPROXY.CFG configuration of the log module)

9.1 Check if Rsyslog is installed

　　　　

9.2 Edit the file/etc/rsyslog.conf, and modify it as follows:

　　　　

9.3 Modify/etc/sysconfig/rsyslog File

　　　　　　

9.4 Restart Rsyslog services: sudo service rsyslog restart

10. Start Haproxy

You can check the help of Haproxt:

　　

Start:

　　

Start complete.

To balance the restart: sudo./haproxy-f. /conf/haproxy.cfg-st

　　

11. Test:

http://192.168.0.193:6604

　　

In fact, the real source address for this page is: http://182.*.2*.**:80, which indicates that Haproxy has run successfully.

Look at the log file:

　　

To view the browser developer mode output:

　　

has indeed achieved our purpose.

13. Configuring Haproxy Monitoring

To modify the configuration file, add the following:

　　

To restart Haproxy, visit the following:

　　

Through this site, you can view the Load Balancer cluster host running state, when the back-end server cluster failure, the corresponding change in color to prompt operations personnel, convenient timely detection and repair.

14. Extensions:

You can add ACL configuration rules and use algorithms based on the actual needs of other back-end servers, where only the rotation algorithm is used.

Installation and use of Haproxy