基础知识学习
学习网络:ccietea.com
CCNA链接:http://pan.baidu.com/s/1c1Beq2k 密码:r1h4
CCNP链接:http://pan.baidu.com/s/1cissay 密码:ksb4
lvs视频
基于代理的负载均衡
- 正向代理
- 反向代理
unix网络编程:http://download.csdn.net/download/xumaojun/4680440
1.Apache反向代理
1.1 概述
代理模块 - mod_proxy
http://httpd.apache.org/
1.2 Apache源码安装
yum install -y apr-devel apr-util-devel pcre-devel openssl-devel
cd /usr/local/src
wget http://centos.ustc.edu.cn/apache/httpd/httpd-2.4.27.tar.gz
tar zxf httpd-2.4.27.tar.gz
cd httpd-2.4.27
./configure --prefix=/usr/local/httpd-2.4.27 --enable-so --enable-modules="all"
make && make install
ln -s /usr/local/httpd-2.4.27/ /usr/local/httpd
## 验证
/usr/local/httpd/bin/apachectl -t
## 启动
/usr/local/httpd/bin/apachectl -k start
1.3 用nginx配置backend
linux-node1(Listen 8080)
yum install nginx -y
echo linux-node1 > /usr/share/nginx/html/index.html
systemctl start nginx
linux-node2(Listen 8080)
yum install nginx -y
echo linux-node1 > /usr/share/nginx/html/index.html
systemctl start nginx
1.4 Apache反向代理配置
http://httpd.apache.org/docs/2.4/mod/mod_proxy.html
vim /usr/local/httpd/conf/extra/httpd-proxy.conf
#proxy demo
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
LoadModule lbmethod_byrequests_module modules/mod_lbmethod_byrequests.so
LoadModule lbmethod_bytraffic_module modules/mod_lbmethod_bytraffic.so
LoadModule lbmethod_bybusyness_module modules/mod_lbmethod_bybusyness.so
LoadModule slotmem_shm_module modules/mod_slotmem_shm.so
ProxyRequests off
BalancerMember http://192.168.57.100:8080
BalancerMember http://192.168.57.200:8080
ProxyPass /demo balancer://mycluster
ProxyPassReverse /demo balancer://mycluster
SetHandler balancer-manager
Order Deny,Allow
Allow from all
vim /usr/local/httpd/conf/httpd.conf
Include conf/extra/httpd-proxy.conf
1.5 虚拟主机配置
vim /usr/local/httpd/conf/httpd-proxy.conf
#proxy demo
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
LoadModule lbmethod_byrequests_module modules/mod_lbmethod_byrequests.so
LoadModule lbmethod_bytraffic_module modules/mod_lbmethod_bytraffic.so
LoadModule lbmethod_bybusyness_module modules/mod_lbmethod_bybusyness.so
LoadModule slotmem_shm_module modules/mod_slotmem_shm.so
ProxyRequests off
BalancerMember http://192.168.57.100:8080
BalancerMember http://192.168.57.200:8080
SetHandler balancer-manager
Order Deny,Allow
Allow from all
ServerAdmin [email protected]
DocumentRoot "/opt"
ServerName www.fbo.com
ServerAlias fbo.com
ErrorLog "logs/www.fbo.com-error_log"
CustomLog "logs/www.fbo.com-access_log" common
ProxyPass / balancer://mycluster
ProxyPassReverse / balancer://mycluster
2. Nginx 反向代理
商业版: https://www.nginx.com/
官网: http://nginx.org/
流媒体:
- red5 rtmp协议
- wms fms
2.1 源码安装nginx
yum install pcre-devel openssl-devel -y
useradd -s /sbin/nologin -M www
wget http://nginx.org/download/nginx-1.9.12.tar.gz
tar zxf nginx-1.9.12.tar.gz
cd nginx-1.9.12
./configure --prefix=/usr/local/nginx-1.9.12 \
--usr=www --group=www --with-http_ssl_module \
--with-http_stub_status_module --with-file-aio
make && make install
ln -s /usr/local/nginx-1.9.12/ /usr/local/nginx
2.2 配置nginx反向代理
使用http upstream 模块
http://nginx.org/en/docs/http/ngx_http_upstream_module.html
vim /usr/local/nginx/conf/nginx.conf
- 修改server_name
server_name www.fbo.com;
- 在httpd下添加
upstream backend {
ip_hash;
server 192.168.57.100:8080 weight=1 max_fails=3 fail_timeout=30s;
server 192.168.57.200:8080 weight=2 max_fails=3 fail_timeout=30s;
}
- 在server下location添加
proxy_pass http://backend;
2.3 nginx tcp反向代理
使用"ngx_stream_core_module"模块,需要在编译的时候加上'--with-stream'参数
参考配置http://nginx.org/en/docs/stream/ngx_stream_core_module.html
"vim /usr/local/nginx/conf/nginx.conf"
stream {
upstream tcp_proxy {
hash $remote_addr consistent;
server 192.168.57.200:22;
}
server {
listen 2222;
proxy_connect_timeout 1s;
proxy_timeout 3s;
proxy_pass tcp_proxy;
}
}
3. Haproxy 反向代理
www.haproxy.com
www.haproxy.org
- 高性能tcp和http代理
- 丰富的调度算法
- 多种类的回话保持
- 单进程5w-6w并发
- 支持多平台
nginx:
- 优点:
- Web服务器,比较广泛
- 7层,location设置复杂的基于HTTP的负载均衡
- 性能强大,网络依赖小。
- 安装配置简单
- 缺点:
- 健康检查单一
- 负载均衡算法少
- 不能动态管理
- 没有upstream的转台页面
haproxy:
- 优点:
- 专门做反向代理负载均衡
- 负载均衡算法 》= 8
- 性能 >= Nginx
- 支持动态管理 通过和haproxy的sock进行通信,可以进行管理
- 比较丰富的dashboard
- 比较强大的七层功能
- 缺点:
- 配置没有Nginx简单
3.1 源码安装haproxy
cd /usr/local/src
wget http://www.haproxy.org/download/1.6/src/haproxy-1.6.3.tar.gz
tar zxf haproxy-1.6.3.tar.gz
cd haproxy-1.6.3
make TARGET=linux2628 PREFIX=/usr/local/haproxy-1.6.3
make install
cp /usr/local/sbin/haproxy /usr/sbin/
haproxy -v
## 启动脚本
cd /usr/local/src/haproxy-1.6.3
cp examples/haproxy.init /etc/init.d/haproxy
chmod 755 /etc/init.d/haproxy
## Haproxy配置文件
useradd -r haproxy
mkdir /etc/haproxy
mkdir /var/lib/haproxy
mkdir /var/run/haproxy
3.2 Haproxy配置
vim /etc/rsyslog.conf
$Modload imudp
$UDPServerRun 514
local3.* /var/log/haproxy.log
systemctl restart rsyslog
配置文件“/etc/haproxy/haproxy.cfg”
global
log 127.0.0.1 local3 info
chroot /var/lib/haproxy
user haproxy
group haproxy
daemon
defaults
log global
mode http
option httplog
option dontlognull
timeout connect 5000
timeout client 50000
timeout server 50000
frontend www_fbo_com
bind *:80
stats uri /haproxy?stats
default_backend www_fbo_com_backend
backend www_fbo_com_backend
# source cookie SERVERID
option httpchk GET /index.html
option httpchk GET hehe
balance roundrobin
server linux-node1 192.168.57.100:8080 check inter 2000 rise 3 fall 3 weight 1
server linux-node2 192.168.57.200:8080 check inter 2000 rise 3 fall 3 weight 1
访问http://192.168.57.111/haproxy?stats(监控dashboard)
3.3 Haproxy配置虚拟主机
通过acl来实现虚拟主机配置“vim /etc/haproxy/haproxy.cfg”
global
log 127.0.0.1 local3 info
chroot /var/lib/haproxy
user haproxy
group haproxy
daemon
defaults
log global
mode http
option httplog
option dontlognull
timeout connect 5000
timeout client 50000
timeout server 50000
frontend www_fbo_com
bind *:80
stats uri /haproxy?stats
default_backend www_fbo_com_backend
acl is_other_fbo_com_backend(host) other.fbo.com
use_backend other_fbo_com_backend if is_other_fbo_com_backend
backend www_fbo_com_backend
# source cookie SERVERID
option httpchk GET /index.html
option httpchk GET hehe
balance roundrobin
server linux-node1 192.168.57.100:8080 check inter 2000 rise 3 fall 3 weight 1
backend other_fbo_com_backend
# source cookie SERVERID
option httpchk GET /index.html
option httpchk GET hehe
balance roundrobin
server linux-node2 192.168.57.200:8080 check inter 2000 rise 3 fall 3 weight 1
3.4 Haproxy 在线维护
打开在线管理功能
“vim /etc/haproxy/haproxy.cfg”,在global下添加
stats socket /var/lib/haproxy/haproxy.sock mode 600 level admin
stats timeout 2m
安装socat工具yum install socat -y
echo "help" | socat stdio /var/lib/haproxy/haproxy.sock
echo "show info" | socat stdio /var/lib/haproxy/haproxy.sock
echo "disable server www_fbo_com_backend/linux-node1" | socat stdio /var/lib/haproxy/haproxy.sock
echo "enable server www_fbo_com_backend/linux-node1" | socat stdio /var/lib/haproxy/haproxy.sock
调优
cat /proc/sys/net/ipv4/ip_local_port_range
cat /proc/sys/net/ipv4/tcp_tw_reuse
cat /proc/sys/net/ipv4/tcp_fin_timeout
4. 常见面试知识点
- apache mpm模块 http://httpd.apache.org/docs/2.4/mpm.html
- nginx 指南 http://vdisk.weibo.com/s/toebebjFlW
- nginx 优化 http://blog.csdn.net/moxiaomomo/article/details/19442737
- nginx 对后端长连接
5. 压力测试
- apache打开状态监控 https://www.unixhot.com/article/17
- 吞吐率 reqs/s 响应时间
- 压力测试:
ab - 前置条件: 支持多少用户,支持多少访问,支持多少并发
- 约定: 用户-请求,测试多次的平均值,LR(场景 资源), 请求多少次, 并发多少
- 安装ab工具,
yum install httpd-tools -y ab -n 1000 -c100 http://192.168.57.100:8080/- webbench工具
- io测试
yum install sysstat -y strace -p