基礎知識學習
學習網絡:ccietea.com
CCNA鏈接:http://pan.baidu.com/s/1c1Beq2k 密碼:r1h4
CCNP鏈接:http://pan.baidu.com/s/1cissay 密碼:ksb4
lvs視頻
基于代理的負載均衡
- 正向代理
- 反向代理
unix網絡編程:http://download.csdn.net/download/xumaojun/4680440
1.Apache反向代理
1.1 概述
代理模塊 - mod_proxy
1.2 Apache源碼安裝
yum install -y apr-devel apr-util-devel pcre-devel openssl-devel
cd /usr/local/src
wget http://centos.ustc.edu.cn/apache/httpd/httpd-2.4.27.tar.gz
tar zxf httpd-2.4.27.tar.gz
cd httpd-2.4.27
./configure --prefix=/usr/local/httpd-2.4.27 --enable-so --enable-modules="all"
make && make install
ln -s /usr/local/httpd-2.4.27/ /usr/local/httpd
## 驗證
/usr/local/httpd/bin/apachectl -t
## 啟動
/usr/local/httpd/bin/apachectl -k start
1.3 用nginx配置backend
linux-node1(Listen 8080)
yum install nginx -y
echo linux-node1 > /usr/share/nginx/html/index.html
systemctl start nginx
linux-node2(Listen 8080)
yum install nginx -y
echo linux-node1 > /usr/share/nginx/html/index.html
systemctl start nginx
1.4 Apache反向代理配置
http://httpd.apache.org/docs/2.4/mod/mod_proxy.html
vim /usr/local/httpd/conf/extra/httpd-proxy.conf
#proxy demo
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
LoadModule lbmethod_byrequests_module modules/mod_lbmethod_byrequests.so
LoadModule lbmethod_bytraffic_module modules/mod_lbmethod_bytraffic.so
LoadModule lbmethod_bybusyness_module modules/mod_lbmethod_bybusyness.so
LoadModule slotmem_shm_module modules/mod_slotmem_shm.so
ProxyRequests off
<Proxy balancer://mycluster>
BalancerMember http://192.168.57.100:8080
BalancerMember http://192.168.57.200:8080
</Proxy>
ProxyPass /demo balancer://mycluster
ProxyPassReverse /demo balancer://mycluster
<location /manager>
SetHandler balancer-manager
Order Deny,Allow
Allow from all
</Location>
vim /usr/local/httpd/conf/httpd.conf
Include conf/extra/httpd-proxy.conf
1.5 虛擬主機配置
vim /usr/local/httpd/conf/httpd-proxy.conf
#proxy demo
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
LoadModule lbmethod_byrequests_module modules/mod_lbmethod_byrequests.so
LoadModule lbmethod_bytraffic_module modules/mod_lbmethod_bytraffic.so
LoadModule lbmethod_bybusyness_module modules/mod_lbmethod_bybusyness.so
LoadModule slotmem_shm_module modules/mod_slotmem_shm.so
ProxyRequests off
<Proxy balancer://mycluster>
BalancerMember http://192.168.57.100:8080
BalancerMember http://192.168.57.200:8080
</Porxy>
<location /manager>
SetHandler balancer-manager
Order Deny,Allow
Allow from all
</Location>
<VirtualHost *:80>
ServerAdmin webmaster@fbo.com
DocumentRoot "/opt"
ServerName www.fbo.com
ServerAlias fbo.com
ErrorLog "logs/www.fbo.com-error_log"
CustomLog "logs/www.fbo.com-access_log" common
ProxyPass / balancer://mycluster
ProxyPassReverse / balancer://mycluster
</VirtualHost>
2. Nginx 反向代理
流媒體:
- red5 rtmp協議
- wms fms
2.1 源碼安裝nginx
yum install pcre-devel openssl-devel -y
useradd -s /sbin/nologin -M www
wget http://nginx.org/download/nginx-1.9.12.tar.gz
tar zxf nginx-1.9.12.tar.gz
cd nginx-1.9.12
./configure --prefix=/usr/local/nginx-1.9.12 \
--usr=www --group=www --with-http_ssl_module \
--with-http_stub_status_module --with-file-aio
make && make install
ln -s /usr/local/nginx-1.9.12/ /usr/local/nginx
2.2 配置nginx反向代理
使用http upstream 模塊
http://nginx.org/en/docs/http/ngx_http_upstream_module.html
vim /usr/local/nginx/conf/nginx.conf
- 修改server_name
server_name www.fbo.com;
- 在httpd下添加
upstream backend {
ip_hash;
server 192.168.57.100:8080 weight=1 max_fails=3 fail_timeout=30s;
server 192.168.57.200:8080 weight=2 max_fails=3 fail_timeout=30s;
}
- 在server下location添加
proxy_pass http://backend;
2.3 nginx tcp反向代理
使用"ngx_stream_core_module"模塊,需要在編譯的時候加上'--with-stream'參數
參考配置http://nginx.org/en/docs/stream/ngx_stream_core_module.html
"vim /usr/local/nginx/conf/nginx.conf"
stream {
upstream tcp_proxy {
hash $remote_addr consistent;
server 192.168.57.200:22;
}
server {
listen 2222;
proxy_connect_timeout 1s;
proxy_timeout 3s;
proxy_pass tcp_proxy;
}
}
3. Haproxy 反向代理
- 高性能tcp和http代理
- 豐富的調度算法
- 多種類的回話保持
- 單進程5w-6w并發
- 支持多平臺
nginx:
- 優點:
- Web服務器,比較廣泛
- 7層,location設置復雜的基于HTTP的負載均衡
- 性能強大,網絡依賴小。
- 安裝配置簡單
- 缺點:
- 健康檢查單一
- 負載均衡算法少
- 不能動態管理
- 沒有upstream的轉臺頁面
haproxy:
- 優點:
- 專門做反向代理負載均衡
- 負載均衡算法 》= 8
- 性能 >= Nginx
- 支持動態管理 通過和haproxy的sock進行通信,可以進行管理
- 比較豐富的dashboard
- 比較強大的七層功能
- 缺點:
- 配置沒有Nginx簡單
3.1 源碼安裝haproxy
cd /usr/local/src
wget http://www.haproxy.org/download/1.6/src/haproxy-1.6.3.tar.gz
tar zxf haproxy-1.6.3.tar.gz
cd haproxy-1.6.3
make TARGET=linux2628 PREFIX=/usr/local/haproxy-1.6.3
make install
cp /usr/local/sbin/haproxy /usr/sbin/
haproxy -v
## 啟動腳本
cd /usr/local/src/haproxy-1.6.3
cp examples/haproxy.init /etc/init.d/haproxy
chmod 755 /etc/init.d/haproxy
## Haproxy配置文件
useradd -r haproxy
mkdir /etc/haproxy
mkdir /var/lib/haproxy
mkdir /var/run/haproxy
3.2 Haproxy配置
vim /etc/rsyslog.conf
$Modload imudp
$UDPServerRun 514
local3.* /var/log/haproxy.log
systemctl restart rsyslog
配置文件“/etc/haproxy/haproxy.cfg”
global
log 127.0.0.1 local3 info
chroot /var/lib/haproxy
user haproxy
group haproxy
daemon
defaults
log global
mode http
option httplog
option dontlognull
timeout connect 5000
timeout client 50000
timeout server 50000
frontend www_fbo_com
bind *:80
stats uri /haproxy?stats
default_backend www_fbo_com_backend
backend www_fbo_com_backend
# source cookie SERVERID
option httpchk GET /index.html
option httpchk GET hehe
balance roundrobin
server linux-node1 192.168.57.100:8080 check inter 2000 rise 3 fall 3 weight 1
server linux-node2 192.168.57.200:8080 check inter 2000 rise 3 fall 3 weight 1
訪問http://192.168.57.111/haproxy?stats(監控dashboard)
3.3 Haproxy配置虛擬主機
通過acl來實現虛擬主機配置“vim /etc/haproxy/haproxy.cfg”
global
log 127.0.0.1 local3 info
chroot /var/lib/haproxy
user haproxy
group haproxy
daemon
defaults
log global
mode http
option httplog
option dontlognull
timeout connect 5000
timeout client 50000
timeout server 50000
frontend www_fbo_com
bind *:80
stats uri /haproxy?stats
default_backend www_fbo_com_backend
acl is_other_fbo_com_backend(host) other.fbo.com
use_backend other_fbo_com_backend if is_other_fbo_com_backend
backend www_fbo_com_backend
# source cookie SERVERID
option httpchk GET /index.html
option httpchk GET hehe
balance roundrobin
server linux-node1 192.168.57.100:8080 check inter 2000 rise 3 fall 3 weight 1
backend other_fbo_com_backend
# source cookie SERVERID
option httpchk GET /index.html
option httpchk GET hehe
balance roundrobin
server linux-node2 192.168.57.200:8080 check inter 2000 rise 3 fall 3 weight 1
3.4 Haproxy 在線維護
打開在線管理功能
“vim /etc/haproxy/haproxy.cfg”,在global下添加
stats socket /var/lib/haproxy/haproxy.sock mode 600 level admin
stats timeout 2m
安裝socat工具yum install socat -y
echo "help" | socat stdio /var/lib/haproxy/haproxy.sock
echo "show info" | socat stdio /var/lib/haproxy/haproxy.sock
echo "disable server www_fbo_com_backend/linux-node1" | socat stdio /var/lib/haproxy/haproxy.sock
echo "enable server www_fbo_com_backend/linux-node1" | socat stdio /var/lib/haproxy/haproxy.sock
調優
cat /proc/sys/net/ipv4/ip_local_port_range
cat /proc/sys/net/ipv4/tcp_tw_reuse
cat /proc/sys/net/ipv4/tcp_fin_timeout
4. 常見面試知識點
- apache mpm模塊 http://httpd.apache.org/docs/2.4/mpm.html
- nginx 指南 http://vdisk.weibo.com/s/toebebjFlW
- nginx 優化 http://blog.csdn.net/moxiaomomo/article/details/19442737
- nginx 對后端長連接
5. 壓力測試
- apache打開狀態監控 https://www.unixhot.com/article/17
- 吞吐率 reqs/s 響應時間
- 壓力測試:
ab - 前置條件: 支持多少用戶,支持多少訪問,支持多少并發
- 約定: 用戶-請求,測試多次的平均值,LR(場景 資源), 請求多少次, 并發多少
- 安裝ab工具,
yum install httpd-tools -y ab -n 1000 -c100 http://192.168.57.100:8080/- webbench工具
- io測試
yum install sysstat -y strace -p <pid>
