HAproxy群集

HAproxy群集

  • 常见的集群调度器
  • HAproxy 、nginx、LVS区别
    • HAproxy
    • nginx
    • lvs
  • HAproxy介绍
  • HAproxy特点
  • HAproxy常见的负载均衡策略
  • HAproxy会话保持
  • HAproxy配置实例

常见的集群调度器

常见的web集群调度器分为软件和硬件

软件:LVS Haproxy nginx

硬件: F5 Array 梭子鱼 绿盟

HAproxy 、nginx、LVS区别

HAproxy

HAProxy和Nginx是基于第三方应用实现的软负载均衡;

HAProxy和Nginx都可以实现4层和7层技术,HAProxy可提供TCP和HTTP应用的负载均衡综合解决方案;

而HAProxy在状态监测方面功能更丰富、强大,可支持端口、URL、脚本等多种状态检测方式;

HAProxy功能强大,单纯从效率上来讲HAProxy会比Nginx有更出色的负载均衡速度,在并发处理上也是优于Nginx的。但整体性能低于4层模式的LVS负载均衡;

nginx

基于第三方应用实现软负载均衡,可以实现4层和7层技术;

Nginx主要用于Web服务器或缓存服务器。Nginx的upstream模块虽然也支持群集功能,但是性能没有LVS和Haproxy好,对群集节点健康检查功能不强,只支持通过端口来检测,不支持通过URL来

lvs

LVS基于Linux操作系统内核实现软负载均衡

LVS是可实现4层的IP负载均衡技术,无法实现基于目录、URL的转发

LVS因为工作在ISO模型的第四层,其状态监测功能单一

HAproxy介绍

Haproxy是一款课提供高可用、负载均衡、及基于TCP和http应用的代理软件,通常用于并发大1万以上的web站点。通常这些站点又需要会话保持或七层处理,HAProxy的运行模式使得它可以很简单安全的整合至当前的架构中,同时可以保护web服务器不被暴露到网络上

HAproxy特点

●可靠性和稳定性非常好,可以与硬件级的F5负载均衡设备相媲美;
●最高可以同时维护40000-50000个并发连接,单位时间内处理的最大请求数为20000个,最大处理能力可达10Git/s;
●支持多达8种负载均衡算法
●支持Session会话保持,Cookie的引导;
●支持通过获取指定的url来检测后端服务器的状态;
●支持虚机主机功能,从而实现web负载均衡更加灵活;
●支持连接拒绝、全透明代理等独特的功能;
●拥有强大的ACL支持,用于访问控制;
●支持TCP和HTTP协议的负载均衡转发;
●支持客户端的keepalive功能,减少客户端与haproxy的多次三次握手导致资源浪费,让多个请求在一个tcp连接中完成

HAproxy常见的负载均衡策略

(1)roundrobin----------表示简单的轮询
(2)static-rr----------------表示根据权重
(3)leastconn-------------表示最少连接者先处理
(4)source-----------------表示根据请求源IP
(5)uri——————----表示根据请求的URI,做cdn需使用;
(6)url_param————表示根据请求的URl参数’balance url_param’ requires an URL parameter name
(7)hdr(name)——------表示根据HTTP请求头来锁定每一次HTTP请求;
(8)rdp-cookie(name)–表示根据cookie(name)来锁定并哈希每一次TCP请求。

HAproxy会话保持

HAProxy 提供了3种实现会话保持的方式
1)source(源地址hash)
2)设置cookie
3)会话粘性表stick-table

HAproxy配置实例

web1 192.168.65.104
web2 192.168.65.105
tomcat1 192.168.65.102:8080
tomcat2 192.168.65.102:8081
Haproxy 192.168.65.106

104
[root@localhost ~]# yum -y install nginx (用 nginx.repo安装的)
[root@localhost ~]# cd /usr/share/nginx.html
[root@localhost html]# mkdir static
[root@localhost html]#echo 'this is web1 page!' >static/test.html
[root@localhost ~]#systemctl start nginx

105
[root@localhost ~]# yum -y install nginx (用 nginx.repo安装的)
[root@localhost ~]# cd /usr/share/nginx.html
[root@localhost html]# mkdir static
[root@localhost html]#echo 'this is web2 page!' >static/test.html
[root@localhost ~]#systemctl start nginx

102
安装jdk
[root@localhost ~]#systemctl stop firewalld.service
[root@localhost ~]#setenforce 0
[root@localhost ~]#cd /opt
[root@localhost opt]#ls
apache-tomcat-8.5.16.tar.gz  jdk-8u91-linux-x64.tar.gz  rh
[root@localhost opt]#tar xf jdk-8u91-linux-x64.tar.gz
[root@localhost opt]#ls
apache-tomcat-8.5.16.tar.gz  jdk1.8.0_91  jdk-8u91-linux-x64.tar.gz  rh
[root@localhost opt]#mv jdk1.8.0_91/ /usr/local/
[root@localhost opt]#ls /usr/local/
bin  etc  games  include  jdk1.8.0_91  lib  lib64  libexec  sbin  share  src
[root@localhost opt]#cd /etc/profile.d/ #环境变量子配置文件
[root@localhost profile.d]#ls
256term.csh                   colorgrep.csh  flatpak.sh  less.sh        vte.sh
256term.sh                    colorgrep.sh   lang.csh    PackageKit.sh  which2.csh
abrt-console-notification.sh  colorls.csh    lang.sh     vim.csh        which2.sh
bash_completion.sh            colorls.sh     less.csh    vim.sh
[root@localhost profile.d]#vim java.sh
export JAVA_HOME=/usr/local/jdk1.8.0_91
export JRE_HOME=$JAVA_HOME/jre
export CLASSPATH=.:$JAVA_HOME/lib:$JRE_HOME
export PATH=$JAVA_HOME/bin:$JRE_HOME/bin:$PATH

[root@localhost profile.d]#source java.sh

部署Tomcat
[root@localhost profile.d]#cd /opt
[root@localhost opt]#ls
apache-tomcat-8.5.16.tar.gz  jdk-8u91-linux-x64.tar.gz  rh
[root@localhost opt]#tar xf apache-tomcat-8.5.16.tar.gz
[root@localhost opt]#ls
apache-tomcat-8.5.16  apache-tomcat-8.5.16.tar.gz  jdk-8u91-linux-x64.tar.gz  rh
[root@localhost opt]#cp -a apache-tomcat-8.5.16 /usr/local/tomcat1
[root@localhost opt]#cp -a apache-tomcat-8.5.16 /usr/local/tomcat2
[root@localhost opt]#ls /usr/local/
bin  games    jdk1.8.0_91  lib64    sbin   src      tomcat2
etc  include  lib          libexec  share  tomcat1
[root@localhost opt]#vim /usr/local/tomcat2/conf/server.xml
//修改tomcat2的配置文件
<Server port="8006" shutdown="SHUTDOWN">		
#22行,修改Server prot,默认为8005 -> 修改为8006
<Connector port="8081" protocol="HTTP/1.1"		
#69行,修改Connector port,HTTP/1.1  默认为8080 -> 修改为8081
[root@localhost opt]#cd /usr/local/tomcat2
[root@localhost tomcat2]#ls
bin  conf  lib  LICENSE  logs  NOTICE  RELEASE-NOTES  RUNNING.txt  temp  webapps  work
[root@localhost tomcat2]#cd bin
[root@localhost bin]#ls
bootstrap.jar                 configtest.bat    setclasspath.sh  tomcat-native.tar.gz
catalina.bat                  configtest.sh     shutdown.bat     tool-wrapper.bat
catalina.sh                   daemon.sh         shutdown.sh      tool-wrapper.sh
catalina-tasks.xml            digest.bat        startup.bat      version.bat
commons-daemon.jar            digest.sh         startup.sh       version.sh
commons-daemon-native.tar.gz  setclasspath.bat  tomcat-juli.jar

[root@localhost bin]#vim startup.sh
export CATALINA_BASE=/usr/local/tomcat2 #Tomcat存放的目录位置
export CATALINA_HOME=/usr/local/tomcat2
export TOMCAT_HOME=/usr/local/tomcat2

[root@localhost bin]#vim shutdown.sh
export CATALINA_BASE=/usr/local/tomcat2
export CATALINA_HOME=/usr/local/tomcat2
export TOMCAT_HOME=/usr/local/tomcat2

[root@localhost bin]#cd /usr/local/tomcat1
[root@localhost tomcat1]#ls
bin  conf  lib  LICENSE  logs  NOTICE  RELEASE-NOTES  RUNNING.txt  temp  webapps  work
[root@localhost tomcat1]#cd bin
[root@localhost bin]#ls
bootstrap.jar                 configtest.bat    setclasspath.sh  tomcat-native.tar.gz
catalina.bat                  configtest.sh     shutdown.bat     tool-wrapper.bat
catalina.sh                   daemon.sh         shutdown.sh      tool-wrapper.sh
catalina-tasks.xml            digest.bat        startup.bat      version.bat
commons-daemon.jar            digest.sh         startup.sh       version.sh
commons-daemon-native.tar.gz  setclasspath.bat  tomcat-juli.jar
[root@localhost bin]#vim startup.sh
export CATALINA_BASE=/usr/local/tomcat1
export CATALINA_HOME=/usr/local/tomcat1
export TOMCAT_HOME=/usr/local/tomcat1
[root@localhost bin]#vim shutdown.sh
export CATALINA_BASE=/usr/local/tomcat1
export CATALINA_HOME=/usr/local/tomcat1
export TOMCAT_HOME=/usr/local/tomcat1

[root@localhost bin]#/usr/local/tomcat1/bin/startup.sh
Using CATALINA_BASE:   /usr/local/tomcat1
Using CATALINA_HOME:   /usr/local/tomcat1
Using CATALINA_TMPDIR: /usr/local/tomcat1/temp
Using JRE_HOME:        /usr/local/jdk1.8.0_91/jre
Using CLASSPATH:       /usr/local/tomcat1/bin/bootstrap.jar:/usr/local/tomcat1/bin/tomcat-juli.jar
Tomcat started.
[root@localhost bin]#/usr/local/tomcat2/bin/startup.sh
Using CATALINA_BASE:   /usr/local/tomcat2
Using CATALINA_HOME:   /usr/local/tomcat2
Using CATALINA_TMPDIR: /usr/local/tomcat2/temp
Using JRE_HOME:        /usr/local/jdk1.8.0_91/jre
Using CLASSPATH:       /usr/local/tomcat2/bin/bootstrap.jar:/usr/local/tomcat2/bin/tomcat-juli.jar
Tomcat started.

[root@localhost bin]#netstat -ltnp |grep java
tcp6       0      0 :::8080                 :::*                    LISTEN      40828/java 
tcp6       0      0 :::8081                 :::*                    LISTEN      40885/java 
tcp6       0      0 127.0.0.1:8005          :::*                    LISTEN      40828/java 
tcp6       0      0 127.0.0.1:8006          :::*                    LISTEN      40885/java 
tcp6       0      0 :::8009                 :::*                    LISTEN      40828/java 
tcp6       0      0 :::8010                 :::*                    LISTEN      40885/java 


#编译安装Haproxy
yum install -y zlib-devel openssl-devel pcre-devel systemd-devel

[root@localhost opt]# useradd -M -s /sbin/nologin haproxy
[root@localhost opt]# tar xf haproxy-2.8.3.tar.gz
[root@localhost opt]# ls
haproxy-2.8.3  haproxy-2.8.3.tar.gz  rh
[root@localhost opt]# cd haproxy-2.8.3/
[root@localhost haproxy-2.8.3]# make ARCH=x86_64 TARGET=linux-glibc USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 USE_SYSTEMD=1

[root@localhost haproxy-2.8.3]# make install PREFIX=/usr/local/haproxy
[root@localhost haproxy-2.8.3]# ls
addons       CHANGELOG     examples  LICENSE      reg-tests  tests
admin        CONTRIBUTING  haproxy   MAINTAINERS  scripts    VERDATE
BRANCHES     dev           include   Makefile     src        VERSION
BSDmakefile  doc           INSTALL   README       SUBVERS
[root@localhost haproxy-2.8.3]# cd examples/
[root@localhost examples]# ls
basic-config-edge.cfg  lua                    transparent_proxy.cfg
content-sw-sample.cfg  option-http_proxy.cfg  wurfl-example.cfg
errorfiles             quick-test.cfg
haproxy.init           socks4.cfg
[root@localhost examples]# mkdir /etc/haproxy
[root@localhost examples]# cp quick-test.cfg  /etc/haproxy/haproxy.cfg
[root@localhost examples]# cp haproxy.init  /etc/init.d/haproxy
[root@localhost examples]# cd /etc/haproxy/
[root@localhost haproxy]# ls
haproxy.cfg
[root@localhost haproxy]# cd /etc/init.d/
[root@localhost init.d]# ls
functions  haproxy  netconsole  network  README
[root@localhost init.d]# vim haproxy
[root@localhost init.d]# cd /usr/local/haproxy/
[root@localhost haproxy]# ls
doc  sbin  share
[root@localhost haproxy]# ln -s /usr/local/haproxy/sbin/haproxy /usr/sbin
[root@localhost haproxy]# haproxy -v
HAProxy version 2.8.3-86e043a 2023/09/07 - https://haproxy.org/
Status: long-term supported branch - will stop receiving fixes around Q2 2028.
Known bugs: http://www.haproxy.org/bugs/bugs-2.8.3.html
Running on: Linux 3.10.0-693.el7.x86_64 #1 SMP Tue Aug 22 21:09:27 UTC 2017 x86_64
[root@localhost haproxy]# chmod +x /etc/init.d/haproxy
[root@localhost haproxy]# chkconfig --add haproxy
[root@localhost haproxy]# chkconfig --list haproxy

注:该输出结果只显示 SysV 服务,并不包含
原生 systemd 服务。SysV 配置数据
可能被原生 systemd 配置覆盖。

      要列出 systemd 服务,请执行 'systemctl list-unit-files'。
      查看在具体 target 启用的服务请执行
      'systemctl list-dependencies [target]'。

haproxy         0:关    1:关    2:关    3:关    4:关    5:关    6:关
[root@localhost haproxy]# chkconfig --level 35 haproxy on
[root@localhost haproxy]# chkconfig --list haproxy

注:该输出结果只显示 SysV 服务,并不包含
原生 systemd 服务。SysV 配置数据
可能被原生 systemd 配置覆盖。

      要列出 systemd 服务,请执行 'systemctl list-unit-files'。
      查看在具体 target 启用的服务请执行
      'systemctl list-dependencies [target]'。

haproxy         0:关    1:关    2:关    3:开    4:关    5:开    6:关
[root@localhost haproxy]# service haproxy start
Starting haproxy (via systemctl):                          [  确定  ]
[root@localhost haproxy]# netstat -lntp |grep haproxy
tcp        0      0 0.0.0.0:8000            0.0.0.0:*               LISTEN      3110/haproxy
[root@localhost haproxy]# vim haproxy.cfg
global		
    log 127.0.0.1 local0 info
    log 127.0.0.1 local1 warning	
	
    maxconn 30000			            
    #chroot /var/lib/haproxy            
    pidfile     /var/run/haproxy.pid
    user haproxy
    group haproxy
    daemon
    #nbproc 1
    spread-checks 2

defaults   	   
    log     global
    mode    http
    option  http-keep-alive 
    option  forwardfor      
    option  httplog			
    option  dontlognull
    option  redispatch
    option  abortonclose
    maxconn 20000			
    retries 3              
    #contimeout 5000
    #clitimeout 50000
    #srvtimeout 50000
    timeout http-request 2s
    timeout queue 3s
    timeout connect 1s
    timeout client 10s
    timeout server 2s
    timeout http-keep-alive 10s
    timeout check 2s
    
frontend mm-http
    bind 0.0.0.0:80

    acl url_static path_beg -i /static
    acl url_dynamic path_end -i .jsp

    use_backend static_backend if url_static
    use_backend dynamic_backend if url_dynamic
    default_backend static_backend

backend static_backend
   balance roundrobin
   option httpchk GET /index.html
   server static_inst01 192.168.65.104:80 check inter 2000 rise 2 fall 3
   server static_inst02 192.168.65.105:80 check inter 2000 rise 2 fall 3
backend dynamic_backend
   balance roundrobin
   option http-server-close

   server dynamic_inst01 192.168.65.102:8080 check
   server dynamic_inst02 192.168.65.102:8081 check

listen stats
    bind *:1080
    stats enable
    stats refresh 30s
    stats uri /stats
    stats realm HAProxy\ Stats
    stats auth admin:admin
 service haproxy restart
Restarting haproxy (via systemctl):                        [  确定  ]
[root@localhost haproxy]# netstat -lntp |grep haproxy
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      17869/haproxy
tcp        0      0 0.0.0.0:1080            0.0.0.0:*               LISTEN      17869/haproxy
在网页输入以下网址
http://192.168.65.106/static/test.html
http://192.168.65.106/mm/test.jsp

[root@localhost haproxy]# vim haproxy.cfg
backend dynamic_backend
   balance roundrobin
   option http-server-close
   cookie HA_STICKY_dy insert indirect nocache#实现会话保持,不能刷新了
   server dynamic_inst01 192.168.65.102:8080 cookie appserver1 check
   server dynamic_inst02 192.168.65.102:8081 cookie appserver1 check
   
在网页输入以下网址
http://192.168.65.106/static/test.html
http://192.168.65.106/mm/test.jsp

你可能感兴趣的:(云原生)