haproxy实验

实验1

部署discuz

1、  不做会话绑定 基于roundrobin

haproxy实验

—————————10.1.72.40|30——————————

安装环境,启动服务

[root@localhost ~]# yum -y install php php-fpm mariadb-server httpd

[root@localhost ~]# systemctl start httpd

[root@localhost ~]# systemctl start mariadb

[root@localhost ~]# cp -a upload/ /var/www/html/

[root@localhost ~]# cd /var/www/html/

测试服务器是否启动成功

haproxy实验

[root@localhost html]# setfacl  -Rm u:apache:rwx upload/           //给安装权限

更改php.ini的时区

创建数据库并授权

MariaDB [(none)]> create database discuz;

MariaDB [(none)]> grant all on discuz.* to 'user'@'localhost' identified by '123';

MariaDB [(none)]> grant all on discuz.* to 'user'@'127.0.0.1' identified by '123';

MariaDB [(none)]> grant all on discuz.* to 'user'@'%' identified by '123';

MariaDB [(none)]> flush privileges;

 

haproxy实验

haproxy实验

 

—————————–10.1.72.60—————————

63       frontend discuz

64         bind :80

 65         defa ult_backend app

 66

 67        backend app

 68         balance roundrobin

 69         maxconn 350

 70         server ser1 10.1.72.30:80 check maxconn 100 maxqueue 20

 71         server ser2 10.1.72.40:80 check maxconn 200 maxqueue 30

 72

 73      listen stats  *:9001

 74         stats enable

 75         stats uri /admin?stats

 76         stats realm "haproxy status"

 77         stats refresh 3s

 78         stats hide-version

 79         stats auth admin:123

 80         stats admin if LOCALHOST

haproxy实验

haproxy实验

 

2、  基于cookie的会话粘性,测试上传图片是否可以访问

frontend discuz

    bind :80

    default_backend app

 

backend app

    balance roundrobin

    maxconn 350

    cookie web insert indirect nocache

    server ser1 10.1.72.30:80 check cookie ser1 maxconn 100 maxqueue 20

        server ser2 10.1.72.40:80 check cookie ser2 maxconn 200 maxqueue 30

haproxy实验

haproxy实验

 

 

 

 

 

 

 

 

 

 

 

实验2

haproxy实验

—————————–10.1.72.40———————————

[root@localhost html]# systemctl start rpcbind

[root@localhost /]# mkdir /var/www/html/upload/data/attachment/forum

[root@localhost ~]# systemctl start nfs

[root@localhost ~]#setfacl –m u:apache:rwx /pic

[root@localhost ~]# vim /etc/exports

/var/www/html/upload/data/attachment/forum 10.1.0.0/16(rw,anonuid=48)

   Vim /etc/nginx/nginx.conf   

 location / {

    root /var/www/html;

        }

———————-10.1.72.30————————–

共享的nfs挂载到discuz上传的目录

[root@centos7 ~]# mount -t nfs 10.1.72.40:/var/www/html/upload/data/attachment/forum/ /var/www/html/upload/data/attachment/forum/

 

 

 

——————10.1.72.60————————–

frontend discuz

        bind :80

        acl static path_reg .*/data/attachment/forum.*

        use_backend upload if static

        default_backend app

backend app

        balance roundrobin

        maxconn 350

        cookie web insert indirect nocache

        server ser1 10.1.72.30:80 check cookie ser1 maxconn 100 maxqueue 20

 

backend upload

        balance roundrobin

        maxconn 350

        server ser1 10.1.72.40:80 check  maxconn 100 maxqueue 20

 

测试:

取消挂载,并刷新页面

———————-10.1.72.30———————

[root@centos7 upload]# umount /var/www/html/upload/data/attachment/forum/

haproxy实验

 

 

 

 

 

 

 

 

 

 

 

 

 

实验3

haproxy实验

 

——————————-10.1.72.50———————————–

[root@localhost varnish]# vim default.vcl

# This is an example VCL file for Varnish.

#

# It does not do anything by default, delegating control to the

# builtin VCL. The builtin VCL is called when there is no explicit

# return statement.

#

# See the VCL chapters in the Users Guide at https://www.varnish-cache.org/docs/

# and http://varnish-cache.org/trac/wiki/VCLExamples for more examples.

 

# Marker to tell the VCL compiler that this VCL has been adapted to the

# new 4.0 format.

vcl 4.0;

 

# Default backend definition. Set this to point to your content server.

backend default {

    .host = "10.1.72.40";

    .port = "80";

}

#probe health_check {

#       .url = "/";

#       .window = 5;

#       .threshold = 4;

#       .interval = 2s;

#       .timeout = 1s;

#}

#backend ser1 {

#    .host = "10.1.72.40";

#    .port = "80";

#    .probe = health_check;

#}

#import directors;

#sub vcl_init {

#    new sers = directors.random();

#    sers.add_backend(ser1);

#}

#acl client_purge {

#       "127.0.0.0"/8;

#       "10.1.72.60";

#}

sub vcl_purge {

        return(synth(200,"clean suss"));

}

sub vcl_recv {

 

# if (req.http.Authorization || req.http.Cookie) {

#        /* Not cacheable by default */

#        return (hash);

#    }

 

#       set req.backend_hint = sers.backend();

    # Happens before we check if we have this in cache already.

    #

    # Typically you clean up the request here, removing cookies you don't need,

    # rewriting the request, etc.

#    if (req.url ~ "^/") {

#       return(pass);

#       }

 #   if (req.method == "PURGE") {

#       if (client.ip ~ client_purge) {

#       return(purge);

#       } else {

#       return(synth(405,"not allow for "+client.ip));

#       }

#       }

#    if (req.url ~ "(?i)\.php$") {

#       } else {

#       set req.backend_hint = default;

#       }

}

sub vcl_deliver {

    if (obj.hits>0) {

        set resp.http.x-ache = "hit via "+server.ip;

        } else {

        set resp.http.x-cache = "miss via "+server.ip;

        }

}

 

sub vcl_backend_response {

    # Happens after we have read the response headers from the backend.

    #

    # Here you clean the response headers, removing silly Set-Cookie headers

    # and other mistakes your backend does.

                if (bereq.url ~ "(?i)\.(jpg|png|jpeg)$") {

                        unset beresp.http.Set-Cookie;

                        set beresp.ttl=10s;

                }

}

 

haproxy实验

—————————10.1.72.60———————————-

vim /etc/haproxy/haproxy.cfg

 

frontend discuz

        bind :80

        acl static path_reg .*/data/attachment/forum.*

        use_backend upload if static

        default_backend app

 

backend app

        balance roundrobin

        maxconn 350

        server ser1 10.1.72.30:80 check  maxconn 100 maxqueue 20

 

backend upload

        balance roundrobin

        maxconn 350

        server ser1 10.1.72.50:6081 check  maxconn 100 maxqueue 20

 

listen stats  *:9001

        stats enable

        stats uri /admin?stats

        stats realm "haproxy status"

        stats refresh 3s

        stats hide-version

        stats auth admin:123

        stats admin if LOCALHOST

 

—————————–10.1.72.40———————————

[root@localhost html]# systemctl start rpcbind

[root@localhost /]# mkdir /var/www/html/upload/data/attachment/forum

[root@localhost ~]# systemctl start nfs

[root@localhost ~]#setfacl –m u:apache:rwx /pic

[root@localhost ~]# vim /etc/exports

/var/www/html/upload/data/attachment/forum 10.1.0.0/16(rw,anonuid=48)

   Vim /etc/nginx/nginx.conf   

 location / {

    root /var/www/html;

        }

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

实验4

haproxy实验

————————————————–10.1.72.60———————————-

[root@centos7clean haproxy]# vim /etc/keepalived/keepalived.conf

global_defs {

   notification_email {

     acassen@firewall.loc

     failover@firewall.loc

     sysadmin@firewall.loc

   }

   notification_email_from Alexandre.Cassen@firewall.loc

   smtp_server 192.168.200.1

   smtp_connect_timeout 30

   router_id LVS_DEVEL

}

 

vrrp_instance VI_1 {

    state MASTER

    interface eno16777736

    virtual_router_id 51

    priority 100

    advert_int 1

    authentication {

        auth_type PASS

        auth_pass 1111

    }

    virtual_ipaddress {

        10.1.72.111

    }

}

 

Haproxy

vim haproxy.cfg

frontend discuz

        bind :80

        acl static path_reg .*/data/attachment/forum.*

        use_backend upload if static

        default_backend app

 

backend app

        balance roundrobin

        maxconn 350

        server ser1 10.1.72.30:80 check  maxconn 100 maxqueue 20

 

backend upload

        balance roundrobin

        maxconn 350

        server ser1 10.1.72.50:6081 check  maxconn 100 maxqueue 20

 

listen stats  *:9001

        stats enable

        stats uri /admin?stats

        stats realm "haproxy status"

        stats refresh 3s

        stats hide-version

        stats auth admin:123

        stats admin if TRUE

 

haproxy实验

 

日志:

修改/etc/rsyslog

开启udp 514号端口

haproxy实验

 

错误页:

frontend discuz

        bind :80

        acl static path_reg .*/data/attachment/forum.*

        use_backend upload if static

        default_backend app

        errorfile 503 /var/www/html/index.html

haproxy实验

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

原创文章,作者:landanhero,如若转载,请注明出处:http://www.178linux.com/59250

(0)
landanherolandanhero
上一篇 2016-12-05
下一篇 2016-12-05

相关推荐

  • linux —————-目录配配置【FHS】

    linux 目录配配置【FHS】 /根目录的意义与内容 根目录是整个系统最重要的一个目录;根目录与开机、还原、系统修复等操作有关 FHS建议标准: 根目录所在的分区应该越小越好,且应用程序所安装的软件最好不要与根目录放在同一个分区内,保持根目录越小越好 FHS定义的目录含义 /bin :系统存放执行文件的目录,但是bin比较特殊【bin放置的是在单用户维护模…

    Linux干货 2017-04-17
  • Linux终端类型

    前言 终端是一个很重要的外设,用过终端设备的人都知道如果设备类型不对就会有乱字符,也可用仿真终端软件如netterm试验一下,Linux的终端信息放在 /usr/share/terminfo下,在这个目录的子目录v下就有许多的如vt100,vt102,vt200等,看一下就知道了。 终端类型的区别与概念 1、 pty(虚拟终端): 但是如果我们远程telne…

    Linux干货 2016-10-14
  • shell脚本基础

    编程基础 v程序:指令+数据 v程序编程风格: 过程式:以指令为中心,数据服务于指令(适合小型程序) 对象式:以数据为中心,指令服务于数据(适合大型程序) vshell程序:提供了编程能力,解释执行 程序的执行方式 v计算机:运行二进制指令; v编程语言: 低级:汇编 高级: 编译:高级语言–>编译器–>目标代码 java…

    Linux干货 2016-08-15
  • ntp时间服务器

    前言   ntp(Network Time protocol)是网络时间协议,是用来使网络中的各个计算机时间同步的一种协议。 ntp配置  1)ntp是由ntp软件提供,如果没有可以使用yum进行安装  2)ntp配置文件介绍:/etc/ntp.conf   利用restrict来管理权限控制;语法格式:restric…

    Linux干货 2015-06-24
  • 马哥教育网络班21期-第七周课程练习

    1、创建一个10G分区,并格式为ext4文件系统;    (1) 要求其block大小为2048, 预留空间百分比为2, 卷标为MYDATA, 默认挂载属性包含acl;    (2) 挂载至/data/mydata目录,要求挂载时禁止程序自动运行,且不更新文件的访问时间戳; [root@localhost ~…

    Linux干货 2016-08-29
  • Linux 文件管理常用基本命令

    马哥教育网络班21期+第二周练习 目录管理 ls (list):列出目录及内容 ls [OPTION]… [FILE]…     -l:长格式显示文件的详细属性信息         -rwxr-xr-x.&nbs…

    Linux干货 2016-07-17