文章分类
文章存档
2012年(3)
(45)
相关博文
- ·
- ·
- ·
- ·
- ·
- ·
- ·
- ·
- ·
- ·
分类: 系统运维
2011-12-15 11:05:36
原创作品,允许转载,转载时请务必以超链接形式标明文章 原始出处 、作者信息和本声明。否则将追究法律责任。
细数下来,算是东莞的项目的话,haproxy keepalived我差不多也有三套在线上跑了,另外,这套web方案也是我的一拍网的备份方案之一,目前也在测试,如果速度和稳定性够强劲的话,我也考虑将lvs keepalived换成haproxy keepalived,关于haproxy的语法和安装步骤请参考我的专题系列文章,另外,此篇文章跟刘天斯的不一样,我主要用其作为web级别的负载均衡(七层应用)。
一、线上跑的haproxy配置文件,代码如下:
- global
- log 127.0.0.1 local0
- maxconn 65535
- chroot /usr/local/haproxy
- uid 99
- gid 99
- daemon
- nbproc 8
- pidfile /usr/local/haproxy/haproxy.pid
- debug
- defaults
- log 127.0.0.1 local3
- mode http
- option httplog
- option httpclose
- option dontlognull
- option forwardfor
- option redispatch
- retries 2
- maxconn 2000
- balance source
- stats uri /web-status
- contimeout 5000
- clitimeout 50000
- srvtimeout 50000
- listen
- bind *:80
- mode http
- option httplog
- log global
- option httpchk head /index.jsp http/1.0
- server web1 203.93.236.147:80 weight 5 check inter 2000 rise 2 fall 3
- server web2 203.93.236.146:80 weight 3 check inter 2000 rise 2 fall 3
二、haproxy的启动、关闭和重启脚本,代码如下:
- #!/bin/sh
- # chkconfig 35 on
- # description: haproxy is a tcp/http reverse proxy which is particularly suited for high availability environments.
- # source function library.
- if [ -f /etc/init.d/functions ]; then
- . /etc/init.d/functions
- elif [ -f /etc/rc.d/init.d/functions ] ; then
- . /etc/rc.d/init.d/functions
- else
- exit 0
- fi
- # source networking configuration.
- . /etc/sysconfig/network
- # check that networking is up.
- [ ${networking} = "no" ] && exit 0
- [ -f /usr/local/haproxy/conf/haproxy.cfg ] || exit 1
- retval=0
- start() {
- /usr/local/haproxy/sbin/haproxy -c -q -f /usr/local/haproxy/conf/haproxy.cfg
- if [ $? -ne 0 ]; then
- echo "errors found in configuration file."
- return 1
- fi
- echo -n "starting haproxy: "
- daemon /usr/local/haproxy/sbin/haproxy -d -f /usr/local/haproxy/conf/haproxy.cfg -p /var/run/haproxy.pid
- retval=$?
- echo
- [ $retval -eq 0 ] && touch /var/lock/subsys/haproxy
- return $retval
- }
- stop() {
- echo -n "shutting down haproxy: "
- killproc haproxy -usr1
- retval=$?
- echo
- [ $retval -eq 0 ] && rm -f /var/lock/subsys/haproxy
- [ $retval -eq 0 ] && rm -f /var/run/haproxy.pid
- return $retval
- }
- restart() {
- /usr/local/haproxy/sbin/haproxy -c -q -f /usr/local/haproxy/conf/haproxy.cfg
- if [ $? -ne 0 ]; then
- echo "errors found in configuration file, check it with 'haproxy check'."
- return 1
- fi
- stop
- start
- }
- check() {
- /usr/local/haproxy/sbin/haproxy -c -q -v -f /usr/local/haproxy/conf/haproxy.cfg
- }
- rhstatus() {
- status haproxy
- }
- condrestart() {
- [ -e /var/lock/subsys/haproxy ] && restart || :
- }
- # see how we were called.
- case "$1" in
- start)
- start
- ;;
- stop)
- stop
- ;;
- restart)
- restart
- ;;
- reload)
- restart
- ;;
- condrestart)
- condrestart
- ;;
- status)
- rhstatus
- ;;
- check)
- check
- ;;
- *)
- echo $"usage: haproxy {start|stop|restart|reload|condrestart|status|check}"
- retval=1
- esac
- exit $retval
三、haproxy的监控脚本我没有做,这个实施起来也简单,我们可以用curl -s --head | awk '/http/ {print $2}'的方法,判断是否返回了正常的200代码。
四、加上日志支持,代码如下:
- #vim /etc/syslog.conf
- 添加:
- local3.* /var/log/haproxy.log
- local0.* /var/log/haproxy.log
- #vim /etc/sysconfig/syslog
- 修改:
- syslogd_options="-r -m 0"
- service syslog restart
五、大家需要注意的几个地方是:
1)haproyx采用的是balance source机制,它跟nginx的ip_hash机制原理类似,是让客户机访问时始终访问后端的某一台真实的web服务器,这样让session就固定下来了;
2)option httpchk head /index.jsp http/1.0 是网页监控,如果haproxy检测不到web的根目录下没有index.jsp,就会产生503报错。
3)有网友说haproxy必须采用listen 203.93.236.141:80这样类似的格式,这样其实不好,做集群时会导致从机启动不了,我们可以用bind *:80的方式代替。
4)haproxy的并发监控和日志收集分析是下一步考虑的事情。