Web schema
Describe the purpose of each server:
1, Haproxy to achieve the back-end Web server load Balancing
2, keepalived to achieve the high availability of haproxy
3, Apache static page access to implement
4. Dynamic page access for Aoache dynamics
What is keepalived?
Keepalived is a routing software written in C. The main goal of this project are to provide simple and robust facilities (capability) for loadbalancing and high-availability to Li Nux system and Linux based infrastructures. Loadbalancing Framework relies (dependent) on well-known and widely used Linux Virtual Server (IPVS) kernel module providing Layer 4 loadbalancing. The other hand high-availability are achieved by VRRP protocol.
1, installation keepalived
~# Apt-get Install keepalived
2, Configuration keepalived
A configuration file that features a complete keepalived, and its profile keepalived.conf can contain three blocks of text:
Global definition Block
VRRP Instance definition block
Virtual Server Definition Block
Haproxy
Installation Configuration link
Configuration file:
Global Log/dev/log local0 log/dev/log local1 notice Chroot/var/lib/haproxy pidfile/var/run/haproxy.p ID maxconn 4000 Stats socket/run/haproxy/admin.sock mode 660 level admin stats timeout 30s user Haproxy gr OUP haproxy Daemon # Default SSL material Locations Ca-base/etc/ssl/certs Crt-base/etc/ssl/private # Defa Ult ciphers to use on ssl-enabled listening sockets. # For more information, see Ciphers (1SSL). This list was from: # https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/ssl-default-bind-ciphers ECD h+aesgcm:dh+aesgcm:ecdh+aes256:dh+aes256:ecdh+aes128:dh+aes:ecdh+3des:dh+3des:rsa+aesgcm:rsa+aes:rsa+3des:! anull:! md5:! DSS ssl-default-bind-options no-sslv3defaults Log global mode HTTP option httplog option Dontlo Gnull option http-server-close option forwardfor except 127.0.0.0/8 maxconn 60000 retries 3 Timeout C Onnect 10s Timeout client 1m TimeouT Server 1m timeout check 10s errorfile 400/etc/haproxy/errors/400.http errorfile 403/etc/haproxy/errors/403. HTTP errorfile 408/etc/haproxy/errors/408.http errorfile 500/etc/haproxy/errors/500.http errorfile 502/etc/hap Roxy/errors/502.http errorfile 503/etc/haproxy/errors/503.http errorfile 504/etc/haproxy/errors/504.httplisten STA TS bind 0.0.0.0:1080 Stats refresh 30s stats uri/stats Stats Realm Haproxy Manager stats auth admin:admin Frontend main bind 0.0.0.0:80 ACL url_static path_beg-i/static/images/javascript/stylesheets ACL url_ static path_end-i. jpg. gif. png. css. js ACL url_dynamic path_end-i. jsp use_backend static if Url_static use_ Backend dynamic if url_dynamic default_backend staticbackend static balance Roundrobin server Websrv1 192.168.20. 178:80 Check Maxconn-server websrv2 192.168.20.179:80 check maxconn 1000backend dynamic balance Roundrobin s Erver Dynamic1 192.168.20.177:8080 Inter rise 2 Fall 3 Check maxconn server Dynamic2 192.168.20.181:8080 Inter 3 rise Fall 3 Chec K Maxconn 100
Ubuntu 16.04 Haproxy + keeplive