HAProxy详解:基于虚拟主机的HAProxy负载均衡系统配置实例

Posted paul8339

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了HAProxy详解:基于虚拟主机的HAProxy负载均衡系统配置实例相关的知识,希望对你有一定的参考价值。

一.基于虚拟主机的HAProxy负载均衡系统配置实例

    1.通过HAProxy的ACL规则配置虚拟主机:

            下面将通过HAProxy的ACL功能配置一套基于虚拟主机的负载均衡系统。这里操作系统环境为:CentOS release 6.7,HAProxy版本为haproxy-1.4.24,要实现的功能如图:

                    技术分享图片

                本实例有一个电商网站服务器群、一个论坛服务器群、一个博客服务器群和默认服务器群,4个服务器群都由多台服务器组成,而4个服务器群又组成了一个应用服务器群组,在每个服务器群的前端有一个基于HAProxy的负载均衡调度器,整个应用架构要实现的功能为:当客户端通过域名www.tb.com或tb.com访问时,HAProxy将请求提交到电商网站服务器群,进而实现电商网站的负载均衡;当客户端通过域名bbs.tb.com访问时就将请求调度到论坛服务器群,实现论坛的负载均衡;当客户端通过blog.tb.com访问时则将请求调度到博客服务器群中,实现博客的负载均衡;如果客户端通过除上面三种方式外的任意方式请求服务时,就将请求调度到缺省服务器群。

            1.配置HAProxy

                    HAProxy的安装非常简单,这里直接进入HAProxy的配置过程,配置文件如下:                      

                            global

                                    log 127.0.0.1   local0  info

                                    maxconn 4096

                                    user nobody

                                    group nobody

                            

                                    daemon

                                    nbproc  1

                                    pidfile /usr/local/haproxy/logs/haproxy.pid

                            

                            defaults

                                    mode    http

                                    retries 3

                                    timeout connect 5s

                                    timeout client 30s

                                    timeout server 30s

                                    timeout check 2s

                            listen admin_stats

                            

                                    bind 0.0.0.0:19088

                                    mode http

                                    log 127.0.0.1 local0 err

                                    stats refresh 30s

                                    stats uri /haproxy-status

                                    stats realm welcome login Haproxy

                                    stats auth admin:admin

 

                                    stats auth yan:123456

                                    stats hide-version

                                    stats admin if  TRUE

                            frontend www

                                    bind *:80

                                    mode http

                                    option httplog

                                    option forwardfor

                                    log global

                            

                                    acl host_www hdr_reg(host) -i ^(www.tb.com|tb.com)

                                    acl host_bbs hdr_dom(host) -i bbs.tb.com

                                    acl host_blog hdr_beg(host) -i blog.

 

                                    use_backend server_www if host_www

                                    use_backend server_bbs if host_bbs

                                    use_backend server_blog if host_blog

                                    default_backend server_default

                            backend server_default

                                    mode http

                                    option redispatch

                                    option abortonclose

                                    balance roundrobin

                                    cookie SERVERID

                                    option httpchk GET /check_status.html

 

                                    server default1 10.0.0.8:8000 cookie default1 weight 6 check inter 2000 rise 2 fall 3

                                    server default2 10.0.0.7:8000 cookie default2 weight 6 check inter 2000 rise 2 fall 3

                            

                            backend server_www

                                    mode http

                                    option redispatch

                                    option abortonclose

                                    balance source

                                    cookie SERVERID

                                    option httpchk GET /check_status.jsp

 

                                    server www1 10.0.0.18:80 cookie www1 weight 6 check inter 2000 rise 2 fall 3

                                    server www2 10.0.0.17:80 cookie www2 weight 6 check inter 2000 rise 2 fall 3

                                     server www3 10.0.0.16:80 cookie www3 weight 6 check inter 2000 rise 2 fall 3

 

                            backend server_bbs

                                    mode http

                                    option redispatch

                                    option abortonclose

                                    balance source

                                    cookie SERVERID

                                    option httpchk GET /check_status.php

 

                                    server bbs1 10.0.0.28:8080 cookie bbs1 weight 6 check inter 2000 rise 2 fall 3

                                    server bbs2 10.0.0.27:8080 cookie bbs2 weight 6 check inter 2000 rise 2 fall 3

                            backend server_blog

                                    mode http

                                    option redispatch

                                    option abortonclose

                                    balance roundrobin

                                    cookie SERVERID

                                    option httpchk GET /check_blog.php

 

                                    server blog1 10.0.0.38:80 cookie blog1 weight 6 check inter 2000 rise 2 fall 3

                                    server blog2 10.0.0.37:80 cookie blog2 weight 6 check inter 2000 rise 2 fall 3


                    关于HAProxy配置文件中每个选项的含义,这里重点看一下frontend部分中关于ACL配置部分的内容,这个是实现虚拟主机的核心配置部分。另外,这个配置文件定义了server_www、server_bbs、server_blog、server_default 4个backend,分别对应上面的4个服务器群,对于server_www群和server_bbs群,采用了基于请求源IP的负载均衡算法,其他两个群均采用基于权重进行轮叫调度的算法。这也是根据Web应用的特点而定的。每个backend中都定义了httpchk的检测方式,因此要保证这里指定的URL页面是可访问到的。

                    为了验证负载均衡的功能,这里需要将后端真实服务器做一个访问标记,这个架构一共加入了9台后端真实服务器,共分为四组,这里将server_www的三台后端服务器默认的Web页面设置如下:

                        [[email protected]]# echo "This is www1 10.0.0.18" > /var/www/html/index.html

                        [[email protected]]# echo "This is www2 10.0.0.17" > /var/www/html/index.html

                        [[email protected]]# echo "This is www3 10.0.0.16" > /var/www/html/index.html

                    同理,将server_bbs的两个后端服务器默认的web页面设置如下:

                        [[email protected]]# echo "This is bbs1 10.0.0.28" > /var/www/html/index.html

                        [[email protected]]# echo "This is bbs2 10.0.0.27" > /var/www/html/index.html

                    接着,将server_blog的两台后端服务器默认的web页面设置如下:

                        [[email protected]]# echo "This is blog1 10.0.0.38" > /var/www/html/index.html

                        [[email protected]]# echo "This is blog2 10.0.0.37" > /var/www/html/index.html

                    最后,将server_default的两台后端服务器默认的Web页面设置如下:

                        [[email protected]]# echo "This is default1 10.0.0.8" > /var/www/html/index.html

                        [[email protected]]# echo "This is default2 10.0.0.7" > /var/www/html/index.html

                    这样就为接下来的测试做好了准备。

            2.启动HAProxy

                  HAProxy安装完成后,会在安装根目录的sbin目录下生成一个可执行的二进制文件haproxy,对HAProxy的启动、关闭、重启等维护操作都是通过这个二进制文件实现的,执行“haproxy -h ”命令即可得到此文件的用法。

                    haproxy    [ -f <配置文件> ]    [ -vdVD ]    [ -n 最大并发连接总数 ]    [ -N 默认的连接数 ]

                    haproxy常用的参数以及含义如表

                            -v    显示当前版本信息,“-vv”显示已知的创建选项。

                            -d    表示让进程运行在debug模式,“-db”表示禁用后台模式,让程序在前台运行

                            -D    让程序以daemon模式启动,此选项ye可以在HAProxy配置文件中设置。

                            -q    表示安静模式,程序运行不输出任何信息。

                            -c    对HAProxy配置文件进行语法检查。此参数非常有用。如果配置文件错误,会输出对应的错误位置和错误信息。

                            -n    设置最大并发连接总数

                            -m    限制可用的内存大小,以MB为单位。

                            -N    设置默认的连接数

                            -p    设置HAProxy的PID文件路径

                            -de    不使用epool模型

                            -ds    不使用speculative epoll

                            -dp    不使用poll模型

                            -sf    程序启动后向PID文件里的进程发送FINISH信号,这个参数需要放在命令行的最后。

                            -st    程序启动后向PID文件里的进程发送TERMINATE信号,这个参数放在命令行的最后,经常用于重启HAProxy进程。

                    开启HAProxy,操作如下:

                            /usr/local/haproxy/sbin/haproxy -f /usr/local/haproxy/conf/haproxy.cfg

                    关闭HAProxy,执行命令:

                            killall -9 haproxy

                    平滑重启,执行命令:

                             /usr/local/haproxy/sbin/haproxy -f /usr/local/haproxy/conf/haproxy.cfg  -st `cat /usr/local/haproxy/logs/haproxy.pid`

                    有时候为了管理和维护方便,也可以把HAProxy的启动与关闭写成一个独立的脚本,脚本内容如下: 

                            #!/bin/bash

                            #config:/usr/local/haproxy/conf/haproxy.cfg

                            #pidfile:/usr/local/haproxy/logs/haproxy.pid

                            

                            #Source function library

                            . /etc/rc.d/init.d/functions

                            

                            #Source networking configuration

                            . /etc/sysconfig/network

                            

                            #Check that networking is up 

                            [ "$NETWORKING" = "no" ] && exit 0

                            

                            config="/usr/local/haproxy/conf/haproxy.cfg"

                            exec="/usr/local/haproxy/sbin/haproxy"

                            prog=$(basename $exec)

                            

                            [ -e /etc/sysconfig/$prog ] && . /etc/sysconfig/$prog

                            lockfile=/var/lock/subsys/haproxy

                            

                            check() {

                                $exec -c -V -f $config

                            }

                            

                            start() {

                                $exec -c -V -f $config

                                if [ $? -ne 0 ];then

                                    echo "Erros in configuration file, check with $prog check."

                                    return 1

                                fi

                            

                                echo -n $"Starting $prog:"

                                #start it up here, usually something like "daemon $exec"

                                daemon $exec -D -f $config -p /usr/local/haproxy/logs/$prog.pid

                                retval=$?

                                echo

                                [ $retval -eq 0 ] && touch $lockfile

                                return $retval

                            }

                            

                            stop() {

                                echo -n "Stopping $prog:"

                                # stop it here, often "killproc $prog"

                                killproc $prog

                                retval=$?

                                echo 

                                [ $retval -eq 0 ] && rm -f $lockfile

                                return $retval

                            }

                            

                            restart() {

                                $exec -c -q -f $config

                                if [ $? -ne 0 ];then

                                    echo "Errors in configuration file, check with $prog check."

                                    return 1

                                fi

                                stop

                                start

                            }

                            

                            reload() {

                                $exec -c -q -f $config

                                if [ $? -ne 0 ];then

                                    echo "Errors in configuration file, check with $prog check."

                                    return 1

                                fi

                                echo -n $"Reloading $prog:"

                                $exec -D -f $config -p /usr/local/haproxy/logs/$prog.pid -sf $(cat /usr/local/haproxy/logs/$prog.pid)

                                retval=$?

                                echo 

                                return $retval

                            }

                            

                            force_reload() {

                                restart

                            }

                            

                            fdr_status() {

                                status $prog

                            }

                            

                            case $1 in 

                                start|stop|restart|reload)

                                    $1

                                    ;;

                                force_reload)

                                    force_reload

                                    ;;

                                checkconfig)

                                    check

                                    ;;

                                status)

                                    fdr_status

                                    ;;

                                condrestart|try-restart)

                                    [ ! -f $lockfile ] || restart

                                    ;;

                                *)

                                    echo $"Usage: $0 {start|stop|status|checkconfig|restart|try-restart|reload|force_reload}"

                                    exit 2

                            esac

                    将此脚本命名为haproxy。放在系统的/etc/init.d/目录下。
    2.测试HAProxy实现虚拟主机和负载均衡功能:

            首先通过不同IP的客户端以www.tb.com或者tb.com域名访问网站,如果访问网站,如果HAProxy运行正常,并且ACL规则设置正确,server_www的三台后端服务器默认的web页面信息将会依次出现,这说明HAProxy对电商网站实现了负载均衡,同时,不会出现其他后端服务器的默认Web页面信息。说明ACL规则生效,实现虚拟主机功能。

            同理,当通过不同IP的客户端以bbs.tb.com访问网站时,server_bbs的两台后端服务器默认的web页面信息将轮换出现。这表示实现了论坛的负载均衡功能,同时,不会出现其他后端服务器的默认web页面信息,说明ACL规则生效,实现虚拟主机功能。

             用同样的方法可以验证blog.tb.com是否实现了虚拟主机功能以及负载均衡功能。最后,当通过HAProxy服务器的IP或者其他方式访问时,访问请求将被调度到server_default指定的两台后端真实服务器上。

    3.测试HAProxy的故障转移功能:

            测试HAProxy的故障转移功能也非常简单,这里假定将server_www组的一台后端服务器10.0.0.17的httpd服务停止,那么当通过www.tb.com或者tb.com域名访问网站时,这个失效的节点将不会被访问到,因为当httpd服务被停止后,HAProxy通过httpchk方式将立刻检测到此节点无法返回数据,从而屏蔽此节点对外提供服务的功能,这样就实现了故障转移功能。

    4.使用HAProxy的web监控平台:

            虽然HAProxy实现了服务的故障转移功能,但是在主机或者服务出现故障的时候,并不能发出通知告知运维人员,这对于及时性要求高的业务系统来说,是非常不便的。不过,HAProxy似乎也考虑到了这一点,在新的版本中HAProxy推出了一个基于Web的监控平台,通过这个平台可以查看此集群系统所有后端服务器的运行状态,在后端服务或服务出现故障时,监控页面会通过不同的颜色来展示故障信息,这在很大程度上解决了后端服务器故障报警的问题,运维人员可通过监控这个页面来第一时间发现节点故障,进而修复故障。如图:

技术分享图片

                在这个监控页面中,详细记录了HAParoxy中配置的frontend、backend等信息。在backend中有各台后端真实服务器的运行状态,正常情况下,所有后端服务器都以浅绿色展示,当某台服务器出现故障时,将以深橙色显示。

                在这个监控页面中,还可以执行关闭自动刷新、隐藏故障状态的节点、手动刷新、导出数据为csv文件等各种操作。在新版的HAProxy中,又增加了对backend后端节点的管理功能,例如,可以在web页面下执行disable、enable、soft stop、soft start 等后端节点来管理操作。  

 

HAProxy详解(三)-闫利朋的博客-51CTO博客
http://blog.51cto.com/6284444/2140563

 

以上是关于HAProxy详解:基于虚拟主机的HAProxy负载均衡系统配置实例的主要内容,如果未能解决你的问题,请参考以下文章

haproxy详解

HAProxy详解

haproxy 配置详解

Haproxy 配置详解

Haproxy 安装配置详解-端口映射

负载均衡之haproxy详解