1. HAproxy configuration
A: Installation (Both Master and Backup)
> wget
> tar zxf haproxy-1.7.9.tar.gz
> cd haproxy-1.7.9
> make TARGET=linux2628 USE_PCRE=1 PREFIX=/usr/local/haproxy
> make install PREFIX=/usr/local/haproxy
> groupadd haproxy
> useradd -g haproxy haproxy -s /bin/false
> mkdir /etc/haproxy/
> mkdir -p /usr/local/haproxy/{log, conf}
> touch /usr/local/haproxy/log/haproxy.log
> touch /usr/local/haproxy/conf/haproxy.cfg
> cp -r haproxy-1.7.9/examples/errorfiles /usr/local/haproxy/
> cp examples/haproxy.init /etc/init.d/haproxy
> chmod +x /etc/init.d/haproxy
> ln -s /usr/local/haproxy/sbin/haproxy /usr/sbin
> ln -s /usr/local/haproxy/conf/haproxy.cfg /etc/haproxy/
B: Log recording (Both Master and Backup)
> Add below lines to file /etc/rsyslog.conf
$ModLoad imudp
$UDPServerRun 514
$UDPServerAddress 127.0.0.1
local0.* /usr/local/haproxy/log/haproxy.log
> Create a new file /etc/logrotate.d/haproxy.cfg and add below lines
/usr/local/haproxy/log/haproxy.log
{
rotate 4
daily
missingok
notifempty
compress
delaycompress
sharedscripts
postrotate
reload rsyslog > /dev/null 2>&1 || true
endscript
}
> /etc/init.d/rsyslog restart
C: Configuration file
C1: Only for Master:
C2: Only for Backup:
2. Keepalived configuration
A: Installation (Both Master and Backup)
> wget
> tar zxf keepalived-1.3.6.tar.gz
> cd keepalived-1.3.6/
> ./configure --prefix=/usr/local/keepalived
> make && make install
> cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
> ln -s /usr/local/keepalived/sbin/keepalived /usr/sbin/keepalived
> mkdir /etc/keepalived
> ln -s /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/
> cp keepalived/etc/init.d/keepalived.rh.init /etc/init.d/keepalived
B: Scripts (Both Master and Backup)
> Create file /etc/keepalived/check_haproxy.sh and add below lines
#########################################################
#!/bin/bash
A=`ps -C haproxy --no-header | wc -l`
if [ $A -eq 0 ]
then
service haproxy start
sleep 3
if [ `ps -C haproxy --no-header | wc -l ` -eq 0 ]
then
service keepalived stop
fi
fi
#########################################################
> ACreate file /etc/keepalived/clean_arp.sh and add below lines
#!/bin/sh
VIP=$1
GATEWAY=10.220.159.1
/sbin/arping -I eth0 -c 5 -s $VIP $GATEWAY &>/dev/null
> chmod +x /etc/keepalived/clean_arp.sh
> chmod +x /etc/keepalived/check_haproxy.sh
C: Configuration file
C1: Only for Master:
C2: Only for Backup:
3. Start the services (Both Master and Backup)
> service haproxy start
> service keepalived start
4. Testing
> ip addr
The IP and VIP are bond in the NIC interface
>
Check the status of web servers
5. (Optional) Kernel Optimization Reference ((Both Master and Backup))
sed -i "s/net.ipv4.ip_forward = 0/net.ipv4.ip_forward = 1/g" '/etc/sysctl.conf'
echo -e "net.core.somaxconn = 262144" >> /etc/sysctl.conf
echo -e "net.core.netdev_max_backlog = 262144" >> /etc/sysctl.conf
echo -e "net.core.wmem_default = 8388608" >> /etc/sysctl.conf
echo -e "net.core.rmem_default = 8388608" >> /etc/sysctl.conf
echo -e "net.core.rmem_max = 16777216" >> /etc/sysctl.conf
echo -e "net.core.wmem_max = 16777216" >> /etc/sysctl.conf
echo -e "net.ipv4.route.gc_timeout = 20" >> /etc/sysctl.conf
echo -e "net.ipv4.ip_local_port_range = 1025 65535" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_retries2 = 5" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_fin_timeout = 30" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_syn_retries = 1" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_synack_retries = 1" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_timestamps = 0" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_tw_recycle = 1" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_tw_reuse = 1" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_keepalive_time = 120" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_keepalive_probes = 3" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_keepalive_intvl = 15" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_max_tw_buckets = 200000" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_max_orphans = 3276800" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_max_syn_backlog = 262144" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_wmem = 8192 131072 16777216" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_rmem = 32768 131072 16777216" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_mem = 94500000 915000000 927000000" >> /etc/sysctl.conf
echo -e "net.ipv4.ip_conntrack_max = 25000000" >> /etc/sysctl.conf
echo -e "net.ipv4.netfilter.ip_conntrack_max = 25000000" >> /etc/sysctl.conf
echo -e "net.ipv4.netfilter.ip_conntrack_tcp_timeout_established = 180" >> /etc/sysctl.conf
echo -e "net.ipv4.netfilter.ip_conntrack_tcp_timeout_time_wait = 1" >> /etc/sysctl.conf
echo -e "net.ipv4.netfilter.ip_conntrack_tcp_timeout_close_wait = 60" >> /etc/sysctl.conf
echo -e "net.ipv4.netfilter.ip_conntrack_tcp_timeout_fin_wait = 120" >> /etc/sysctl.conf
6. (Optional) HAproxy 调度算法
一、roundrobin,表示简单的轮询,这个不多说,这个是负载均衡基本都具备的;
二、static-rr,表示根据权重,建议关注;
三、leastconn,表示最少连接者先处理,建议关注;
四、source,表示根据请求源IP,建议关注;
五、uri,表示根据请求的URI,做cdn需使用;
六、url_param,表示根据请求的URl参数'balance url_param' requires an URL parameter name
七、hdr(name),表示根据HTTP请求头来锁定每一次HTTP请求;
八、rdp-cookie(name),表示根据据cookie(name)来锁定并哈希每一次TCP请求。
其 实这些算法各有各的用法,我们平时应用得比较多的应该是roundrobin、source和lestconn,大家可以重点关注下