F5通过http class实现多域名分流进行服务器负载均衡

武汉通威电子有限公司

陈 波

2012-10-9

Technorati 标签: f5, url, httpclass, loadbalance


一、环境和需求

#---------环境

电子商务平台

BIGIP 1600 LTM 一台,ASA5520 一台

ISP公网ip 5个

IBM服务器刀片10几个

主域名www.aaa.com,二级域名20个(tr.aaa.com/search.aaa.com/……)

#---------需求

由于公网ip有限,不能做到域名和公网ip的一对一绑定,需要通过f5来实现多域名的分流

所有用户都通过域名(80端口)访问业务,而后台每个域名分别为不同端口

每个域名代表一个业务组,后台有多组服务器池对应不同域名


二、设计思路

# 第一步------------------------------------

把5个公网ip的功能进行规划:

IP1=防火墙接口ip

IP2=防火墙预留映射ip,nat给f5的管理ip 443

IP3=业务集合bg

bg_cms.bg.aaa.com

bg_erp.bg.aaa.com

bg_exh.bg.aaa.com

bg_goods.bg.aaa.com

bg_log.bg.aaa.com

bg_member.bg.aaa.com

bg_order.bg.aaa.com

bg_tr.bg.aaa.com

IP4=业务集合main

club.aaa.com

exh.aaa.com

login.aaa.com

member.aaa.com

order.aaa.com

search.aaa.com

tr.aaa.com

www.aaa.com

IP5=业务集合pay

bg_pay.aaa.com

image.aaa.com

pay.aaa.com

# 第二步------------------------------

域名绑定到IP3的一个公网ip上

bg_cms.bg.aaa.com

bg_erp.bg.aaa.com

bg_exh.bg.aaa.com

bg_goods.bg.aaa.com

bg_log.bg.aaa.com

bg_member.bg.aaa.com

bg_order.bg.aaa.com

bg_tr.bg.aaa.com

其他域名类似

# 第三步------------------------------

防火墙做一对一端口映射

其中IP3、4、5映射到F5的3个vs ip 192.168.21.1~3

# 第四步------------------------------

F5上通过http class配置进行对数据包的url进行检查域名来进行分流,到不同的server pool,并把80流量进行目的端口转换到不同业务


三、流量逻辑图

F5通过http class实现多域名分流进行服务器负载均衡_第1张图片


四、相关截图

F5通过http class实现多域名分流进行服务器负载均衡_第2张图片

Vs_bg,vs_main1,vs_pay分别为根据域名url判断的三个分流应用组

Vs forward是内部三层交换

Vs out是服务器主动访问

F5通过http class实现多域名分流进行服务器负载均衡_第3张图片

注:指定网段可以ip forwarding三层交换。

F5通过http class实现多域名分流进行服务器负载均衡_第4张图片

注:不管真实服务器是什么端口,用户都用80端口访问

F5通过http class实现多域名分流进行服务器负载均衡_第5张图片

注:http class的配置,根据vs中接受到包头的url进行判断

F5通过http class实现多域名分流进行服务器负载均衡_第6张图片

注:在vs的resource里面匹配http class


五、配置文件

profile httpclass httpclass {

pool none

redirect none

url rewrite none

asm disable

wa disable

hosts none

paths none

headers none

cookies none

}

profile httpclass bg_cms {

defaults from httpclass

pool pool_bg_cms

redirect none

hosts "cms.bg.aaa.com"

}

profile httpclass bg_erp {

defaults from httpclass

pool pool_bg_erp

redirect none

hosts "erp.bg.aaa.com"

}

profile httpclass bg_exh {

defaults from httpclass

pool pool_bg_exh

redirect none

hosts "exh.bg.aaa.com"

}

profile httpclass bg_goods {

defaults from httpclass

pool pool_bg_goods

redirect none

hosts "goods.bg.aaa.com"

}

profile httpclass bg_log {

defaults from httpclass

pool pool_bg_log

redirect none

hosts "logistics.bg.aaa.com"

}

profile httpclass bg_member {

defaults from httpclass

pool pool_bg_member

redirect none

hosts "member.bg.aaa.com"

}

profile httpclass bg_order {

defaults from httpclass

pool pool_bg_order

redirect none

hosts "order.bg.aaa.com"

}

profile httpclass bg_pay {

defaults from httpclass

pool pool_bg_pay

redirect none

hosts "pay.bg.aaa.com"

}

profile httpclass bg_tr {

defaults from httpclass

pool pool_bg_tr

redirect none

hosts "tr.bg.aaa.com"

}

profile httpclass club {

defaults from httpclass

pool pool_club

redirect none

url rewrite none

hosts "club.aaa.com"

paths none

headers none

cookies none

}

profile httpclass exh {

defaults from httpclass

pool pool_exh

redirect none

url rewrite none

hosts "exh.aaa.com"

paths none

headers none

cookies none

}

profile httpclass image {

defaults from httpclass

pool pool_image1

redirect none

hosts "image1.aaa.com"

}

profile httpclass login {

defaults from httpclass

pool pool_login

redirect none

hosts "login.aaa.com"

}

profile httpclass member {

defaults from httpclass

pool pool_member

redirect none

hosts "member.aaa.com"

}

profile httpclass order {

defaults from httpclass

pool pool_order

redirect none

hosts "order.aaa.com"

}

profile httpclass pay {

defaults from httpclass

pool pool_pay

redirect none

hosts "pay.aaa.com"

}

profile httpclass search {

defaults from httpclass

pool pool_search

redirect none

hosts "search.aaa.com"

}

profile httpclass tr {

defaults from httpclass

pool pool_tr

redirect none

hosts "tr.aaa.com"

}

profile httpclass www {

defaults from httpclass

pool pool_www

redirect none

hosts "www.aaa.com"

}

pool pool_bg_cms {

monitor all tcp8180

members 192.168.8.121:8180 {}

}

pool pool_bg_erp {

monitor all tcp8080

members 192.168.8.121:webcache {}

}

pool pool_bg_exh {

monitor all tcp8280

members 192.168.8.121:8280 {}

}

pool pool_bg_goods {

monitor all tcp8380

members 192.168.8.121:cruise-update {}

}

pool pool_bg_log {

monitor all tcp8780

members 192.168.8.121:8780 {}

}

pool pool_bg_member {

monitor all tcp8480

members 192.168.8.121:8480 {}

}

pool pool_bg_order {

monitor all tcp8580

members 192.168.8.121:8580 {}

}

pool pool_bg_pay {

monitor all tcp9180

members 192.168.8.221:9180 {}

}

pool pool_bg_tr {

monitor all tcp8680

members 192.168.8.121:8680 {}

}

pool pool_club {

monitor all tcp8080

members {

192.168.8.131:webcache {}

192.168.8.132:webcache {}

192.168.8.133:webcache {}

192.168.8.134:webcache {}

}

}

pool pool_exh {

monitor all tcp8280

members {

192.168.8.131:8280 {}

192.168.8.132:8280 {}

192.168.8.133:8280 {}

192.168.8.134:8280 {}

}

}

pool pool_image1 {

monitor all http

members 192.168.8.161:http {}

}

pool pool_internet {

monitor all gateway_icmp

members 192.168.21.254:any {}

}

pool pool_login {

monitor all tcp8380

members {

192.168.8.131:cruise-update {}

192.168.8.132:cruise-update {}

192.168.8.133:cruise-update {}

192.168.8.134:cruise-update {}

}

}

pool pool_member {

monitor all tcp8480

members {

192.168.8.131:8480 {}

192.168.8.132:8480 {}

192.168.8.133:8480 {}

192.168.8.134:8480 {}

}

}

pool pool_order {

monitor all tcp8580

members {

192.168.8.131:8580 {}

192.168.8.132:8580 {}

192.168.8.133:8580 {}

192.168.8.134:8580 {}

}

}

pool pool_pay {

monitor all tcp9080

members 192.168.8.221:glrpc {}

}

pool pool_search {

monitor all tcp8680

members {

192.168.8.131:8680 {}

192.168.8.132:8680 {}

192.168.8.133:8680 {}

192.168.8.134:8680 {}

}

}

pool pool_tr {

monitor all tcp8780

members {

192.168.8.131:8780 {}

192.168.8.132:8780 {}

192.168.8.133:8780 {}

192.168.8.134:8780 {}

}

}

pool pool_www {

monitor all tcp8180

members {

192.168.8.131:8180 {}

192.168.8.132:8180 {}

192.168.8.133:8180 {}

192.168.8.134:8180 {}

}

}

virtual address any {

mask 0.0.0.0

}

virtual address 192.168.5.0 {

mask 255.255.255.0

}

virtual address 192.168.6.0 {

mask 255.255.255.0

}

virtual address 192.168.8.0 {

mask 255.255.255.0

}

virtual vs_bg {

destination 192.168.21.2:http

ip protocol tcp

httpclass {

bg_cms

bg_erp

bg_exh

bg_goods

bg_log

bg_member

bg_order

bg_tr

}

persist source_addr

profiles {

http {}

tcp {}

}

}

virtual vs_forward {

ip forward

destination 192.168.8.0:any

mask 255.255.255.0

}

virtual vs_forward1 {

ip forward

destination 192.168.6.0:any

mask 255.255.255.0

}

virtual vs_forward2 {

ip forward

destination 192.168.5.0:any

mask 255.255.255.0

}

virtual vs_main1 {

destination 192.168.21.1:http

ip protocol tcp

httpclass {

club

exh

login

member

order

search

tr

www

}

persist source_addr

profiles {

http {}

tcp {}

}

}

virtual vs_out {

snat automap

pool pool_internet

destination any:any

mask 0.0.0.0

}

virtual vs_pay {

destination 192.168.21.3:http

ip protocol tcp

httpclass {

bg_pay

image

pay

}

persist source_addr

profiles {

http {}

tcp {}

}

}