haproxy实验

实验1

部署discuz

1、  不做会话绑定 基于roundrobin

haproxy实验

—————————10.1.72.40|30——————————

安装环境,启动服务

[root@localhost ~]# yum -y install php php-fpm mariadb-server httpd

[root@localhost ~]# systemctl start httpd

[root@localhost ~]# systemctl start mariadb

[root@localhost ~]# cp -a upload/ /var/www/html/

[root@localhost ~]# cd /var/www/html/

测试服务器是否启动成功

haproxy实验

[root@localhost html]# setfacl  -Rm u:apache:rwx upload/           //给安装权限

更改php.ini的时区

创建数据库并授权

MariaDB [(none)]> create database discuz;

MariaDB [(none)]> grant all on discuz.* to 'user'@'localhost' identified by '123';

MariaDB [(none)]> grant all on discuz.* to 'user'@'127.0.0.1' identified by '123';

MariaDB [(none)]> grant all on discuz.* to 'user'@'%' identified by '123';

MariaDB [(none)]> flush privileges;

 

haproxy实验

haproxy实验

 

—————————–10.1.72.60—————————

63       frontend discuz

64         bind :80

 65         defa ult_backend app

 66

 67        backend app

 68         balance roundrobin

 69         maxconn 350

 70         server ser1 10.1.72.30:80 check maxconn 100 maxqueue 20

 71         server ser2 10.1.72.40:80 check maxconn 200 maxqueue 30

 72

 73      listen stats  *:9001

 74         stats enable

 75         stats uri /admin?stats

 76         stats realm "haproxy status"

 77         stats refresh 3s

 78         stats hide-version

 79         stats auth admin:123

 80         stats admin if LOCALHOST

haproxy实验

haproxy实验

 

2、  基于cookie的会话粘性,测试上传图片是否可以访问

frontend discuz

    bind :80

    default_backend app

 

backend app

    balance roundrobin

    maxconn 350

    cookie web insert indirect nocache

    server ser1 10.1.72.30:80 check cookie ser1 maxconn 100 maxqueue 20

        server ser2 10.1.72.40:80 check cookie ser2 maxconn 200 maxqueue 30

haproxy实验

haproxy实验

 

 

 

 

 

 

 

 

 

 

 

实验2

haproxy实验

—————————–10.1.72.40———————————

[root@localhost html]# systemctl start rpcbind

[root@localhost /]# mkdir /var/www/html/upload/data/attachment/forum

[root@localhost ~]# systemctl start nfs

[root@localhost ~]#setfacl –m u:apache:rwx /pic

[root@localhost ~]# vim /etc/exports

/var/www/html/upload/data/attachment/forum 10.1.0.0/16(rw,anonuid=48)

   Vim /etc/nginx/nginx.conf   

 location / {

    root /var/www/html;

        }

———————-10.1.72.30————————–

共享的nfs挂载到discuz上传的目录

[root@centos7 ~]# mount -t nfs 10.1.72.40:/var/www/html/upload/data/attachment/forum/ /var/www/html/upload/data/attachment/forum/

 

 

 

——————10.1.72.60————————–

frontend discuz

        bind :80

        acl static path_reg .*/data/attachment/forum.*

        use_backend upload if static

        default_backend app

backend app

        balance roundrobin

        maxconn 350

        cookie web insert indirect nocache

        server ser1 10.1.72.30:80 check cookie ser1 maxconn 100 maxqueue 20

 

backend upload

        balance roundrobin

        maxconn 350

        server ser1 10.1.72.40:80 check  maxconn 100 maxqueue 20

 

测试:

取消挂载,并刷新页面

———————-10.1.72.30———————

[root@centos7 upload]# umount /var/www/html/upload/data/attachment/forum/

haproxy实验

 

 

 

 

 

 

 

 

 

 

 

 

 

实验3

haproxy实验

 

——————————-10.1.72.50———————————–

[root@localhost varnish]# vim default.vcl

# This is an example VCL file for Varnish.

#

# It does not do anything by default, delegating control to the

# builtin VCL. The builtin VCL is called when there is no explicit

# return statement.

#

# See the VCL chapters in the Users Guide at https://www.varnish-cache.org/docs/

# and http://varnish-cache.org/trac/wiki/VCLExamples for more examples.

 

# Marker to tell the VCL compiler that this VCL has been adapted to the

# new 4.0 format.

vcl 4.0;

 

# Default backend definition. Set this to point to your content server.

backend default {

    .host = "10.1.72.40";

    .port = "80";

}

#probe health_check {

#       .url = "/";

#       .window = 5;

#       .threshold = 4;

#       .interval = 2s;

#       .timeout = 1s;

#}

#backend ser1 {

#    .host = "10.1.72.40";

#    .port = "80";

#    .probe = health_check;

#}

#import directors;

#sub vcl_init {

#    new sers = directors.random();

#    sers.add_backend(ser1);

#}

#acl client_purge {

#       "127.0.0.0"/8;

#       "10.1.72.60";

#}

sub vcl_purge {

        return(synth(200,"clean suss"));

}

sub vcl_recv {

 

# if (req.http.Authorization || req.http.Cookie) {

#        /* Not cacheable by default */

#        return (hash);

#    }

 

#       set req.backend_hint = sers.backend();

    # Happens before we check if we have this in cache already.

    #

    # Typically you clean up the request here, removing cookies you don't need,

    # rewriting the request, etc.

#    if (req.url ~ "^/") {

#       return(pass);

#       }

 #   if (req.method == "PURGE") {

#       if (client.ip ~ client_purge) {

#       return(purge);

#       } else {

#       return(synth(405,"not allow for "+client.ip));

#       }

#       }

#    if (req.url ~ "(?i)\.php$") {

#       } else {

#       set req.backend_hint = default;

#       }

}

sub vcl_deliver {

    if (obj.hits>0) {

        set resp.http.x-ache = "hit via "+server.ip;

        } else {

        set resp.http.x-cache = "miss via "+server.ip;

        }

}

 

sub vcl_backend_response {

    # Happens after we have read the response headers from the backend.

    #

    # Here you clean the response headers, removing silly Set-Cookie headers

    # and other mistakes your backend does.

                if (bereq.url ~ "(?i)\.(jpg|png|jpeg)$") {

                        unset beresp.http.Set-Cookie;

                        set beresp.ttl=10s;

                }

}

 

haproxy实验

—————————10.1.72.60———————————-

vim /etc/haproxy/haproxy.cfg

 

frontend discuz

        bind :80

        acl static path_reg .*/data/attachment/forum.*

        use_backend upload if static

        default_backend app

 

backend app

        balance roundrobin

        maxconn 350

        server ser1 10.1.72.30:80 check  maxconn 100 maxqueue 20

 

backend upload

        balance roundrobin

        maxconn 350

        server ser1 10.1.72.50:6081 check  maxconn 100 maxqueue 20

 

listen stats  *:9001

        stats enable

        stats uri /admin?stats

        stats realm "haproxy status"

        stats refresh 3s

        stats hide-version

        stats auth admin:123

        stats admin if LOCALHOST

 

—————————–10.1.72.40———————————

[root@localhost html]# systemctl start rpcbind

[root@localhost /]# mkdir /var/www/html/upload/data/attachment/forum

[root@localhost ~]# systemctl start nfs

[root@localhost ~]#setfacl –m u:apache:rwx /pic

[root@localhost ~]# vim /etc/exports

/var/www/html/upload/data/attachment/forum 10.1.0.0/16(rw,anonuid=48)

   Vim /etc/nginx/nginx.conf   

 location / {

    root /var/www/html;

        }

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

实验4

haproxy实验

————————————————–10.1.72.60———————————-

[root@centos7clean haproxy]# vim /etc/keepalived/keepalived.conf

global_defs {

   notification_email {

     acassen@firewall.loc

     failover@firewall.loc

     sysadmin@firewall.loc

   }

   notification_email_from Alexandre.Cassen@firewall.loc

   smtp_server 192.168.200.1

   smtp_connect_timeout 30

   router_id LVS_DEVEL

}

 

vrrp_instance VI_1 {

    state MASTER

    interface eno16777736

    virtual_router_id 51

    priority 100

    advert_int 1

    authentication {

        auth_type PASS

        auth_pass 1111

    }

    virtual_ipaddress {

        10.1.72.111

    }

}

 

Haproxy

vim haproxy.cfg

frontend discuz

        bind :80

        acl static path_reg .*/data/attachment/forum.*

        use_backend upload if static

        default_backend app

 

backend app

        balance roundrobin

        maxconn 350

        server ser1 10.1.72.30:80 check  maxconn 100 maxqueue 20

 

backend upload

        balance roundrobin

        maxconn 350

        server ser1 10.1.72.50:6081 check  maxconn 100 maxqueue 20

 

listen stats  *:9001

        stats enable

        stats uri /admin?stats

        stats realm "haproxy status"

        stats refresh 3s

        stats hide-version

        stats auth admin:123

        stats admin if TRUE

 

haproxy实验

 

日志:

修改/etc/rsyslog

开启udp 514号端口

haproxy实验

 

错误页:

frontend discuz

        bind :80

        acl static path_reg .*/data/attachment/forum.*

        use_backend upload if static

        default_backend app

        errorfile 503 /var/www/html/index.html

haproxy实验

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

原创文章,作者:landanhero,如若转载,请注明出处:http://www.178linux.com/59250

(0)
landanherolandanhero
上一篇 2016-12-05
下一篇 2016-12-05

相关推荐

  • 马哥教育网络班20期+第4周课程练习

    1、复制/etc/skel目录为/home/tuser1,要求/home/tuser1及其内部文件的属组和其它用户均没有任何访问权限。 [root@localhost ~]# cp -r /etc/skel/ /home/tuser1 [root@localhost ~]# chmod&n…

    系统运维 2016-07-07
  • Linux中的账号管理之命令的使用(中)

    linux中账号管理的命令非常多,我这里主要介绍最常见的几个命令,这些命令分别是针对用户和组的管理 主要介绍对用户管理的命令: 一、用户创建:useradd useradd命令用于Linux中创建的新的系统用户。useradd可用来建立用户帐号。帐号建好之后,再用passwd设定帐号的密码.而可用userdel删除帐号。使用useradd指令所建立的帐号,实…

    Linux干货 2016-08-07
  • N26 – 第一周作业

    一、计算机组成及其功能     如图,计算机由硬件和软件组成。其中硬件可划分为控制器、运算器、存储器,以及输入和输出设备;软件则分为直接与硬件通信的系统软件,以及运行在其上的各类应用软件。      二、Linux发行版的不同系列     …

    Linux干货 2016-12-28
  • linux网络管理

    在 /etc/udev/rules.d/路径下有个70-persistent-ipoib.rules文件,;里边有关于网卡信息的配置,,,在里边可以更改网卡的名字 注意:修改完之后要在/etc/sysconfig/network-scripts/ifcfg-eth0中修改,不然不能使用。 在Centos6以后有一个服务NetworkManager,他可以自动…

    Linux干货 2016-09-06
  • 运维工程师技能需求排行

    这是我今天在拉勾网搜索运维,翻完了4四页也招聘信息之后得到的,我的目的是想要看看之后的学习,哪个更应该成为重点,有些在我意料之中,有些还真的没想到,算是努力了一个小时的收获吧,分享给大家。
    注意:其中的看法仅代表个人观点,很多都是依靠我自己的学习经验和工作经验累积的

    Linux干货 2017-12-12
  • CentOS 6.5 LVM磁盘管理学习笔记

    在系统运维和服务器管理过程中,经常遇到服务器磁盘容量不足,需要在线扩容的情况。普通磁盘分区的管理方式在逻辑分区划好之后就无法改变其大小。而LVM可以实现Linux服务器下面磁盘空间的在线扩容和动态管理,相对于普通的磁盘分区有很大的灵活性。一、LVM简介    LVM是 Logical VolumeManager(逻辑卷管理)的简…

    Linux干货 2016-08-29