资源预览内容
第1页 / 共29页
第2页 / 共29页
第3页 / 共29页
第4页 / 共29页
第5页 / 共29页
第6页 / 共29页
第7页 / 共29页
第8页 / 共29页
第9页 / 共29页
第10页 / 共29页
亲,该文档总共29页,到这儿已超出免费预览范围,如果喜欢就下载吧!
资源描述
Layer 4-7,Layer4-7 Switch,Schedule,Basically Hardware/GUI/CLI (Configure method)/HA (Config Sync) Load balance related virtual server/node/pool/pool member Monitors Sorry server Maintenance Mode Load balance method Persistence SNAT/RNAT Server Protection ACL/Content Switch GSLB Performance,We are here,Basically,LB related,Persistence,SNAT/RNAT,Server Protection,ACL/CS,GSLB,Hardware/GUI/CLI/HA,HAProxy Hot Reconfiguration,mv /etc/haproxy/config /etc/haproxy/config.oldmv /var/run/haproxy.pid /var/run/haproxy.pid.oldmv /etc/haproxy/config.new /etc/haproxy/configkill -TTOU $(cat /var/run/haproxy.pid.old)if haproxy -p /var/run/haproxy.pid -f /etc/haproxy/config; thenecho “New instance successfully loaded, stopping previous one.“kill -USR1 $(cat /var/run/haproxy.pid.old)rm -f /var/run/haproxy.pid.oldexit 1elseecho “New instance failed to start, resuming previous one.“kill -TTIN $(cat /var/run/haproxy.pid.old)rm -f /var/run/haproxy.pidmv /var/run/haproxy.pid.old /var/run/haproxy.pidmv /etc/haproxy/config /etc/haproxy/config.newmv /etc/haproxy/config.old /etc/haproxy/configexit 0fi,保存之前状态,停止老的监听,成功,清理老的连接和pid,失败,恢复老的配置,We are here,Basically,LB related,Persistence,SNAT/RNAT,Server Protection,ACL/CS,GSLB,Concepts,virtual server 192.168.101.1:80,pool (name= cgi_boxes),member (server= 10.1.1.3:80),member (server= 10.1.1.2:80),member (server= 10.1.1.1:80),pool (name= asp_boxes),member (server= 10.1.1.6:80),member (server= 10.1.1.5:80),member (server= 10.1.1.4:80),VIP 192.168.101.1,virtual server 192.168.101.1:443,pool (name= ssl_boxes),member (server= 10.1.1.6:443),member (server= 10.1.1.2:443),member (server= 10.1.1.1:443),VIP 192.168.101.2,Load Balancing,Intelligent Traffic Control (look at URL, client IP addr., etc.),Port-based Traffic Direction,IP Addr.-based Traffic Direction,Incoming request,Monitor Availability requirement SNAT/NAT Priority-based member activation ACTION of service down Slow Ramp Time Pool/pool member statistics,Monitors,Monitor类型,自定义monitor,HAProxy Monitor,listen webfarm 192.168.1.1:80mode httpbalance roundrobincookie SERVERID insert indirectoption httpchk HEAD /index.html HTTP/1.0server webA 192.168.1.11:80 cookie A checkserver webB 192.168.1.12:80 cookie B check port 81 inter 2000server webC 192.168.1.13:80 cookie C checkserver webD 192.168.1.14:80 cookie D check,http:/www.chinaunix.net,HAProxy Sorry Server,listen webfarm 192.168.1.1:80mode httpbalance roundrobincookie SERVERID insert indirectoption httpchk HEAD /index.html HTTP/1.0server webA 192.168.1.11:80 cookie A checkserver webB 192.168.1.12:80 cookie B check port 81 inter 2000server webC 192.168.1.13:80 cookie C checkserver webD 192.168.1.14:80 cookie D checkserver bkpA 192.168.1.15:80 cookie A check backupserver bkpB 192.168.1.16:80 cookie B check backup,http:/www.chinaunix.net,HAProxy Maintenance Mode,http:/www.chinaunix.net,Updating.,503 Service Unavailable No server is available to handle this request.,Load balancing algorithm,Round Robin Wrr(Ratio(member), Ratio(Node) Dynamic Ratio:根据对服务器性能的观察来动态设置weight,观察点包括连接数、响应时间等。 Fastest(node) & Fastest(application): 服务器/应用的最快响应时间 LC(Member) & LC(node) Observed(member) & Observed(node) Predictive(member) & Predictive(node) Source URL HASH URL Param,We are here,Basically,LB related,Persistence,SNAT/RNAT,Server Protection,ACL/CS,GSLB,Persistence,Client,Server A,pick server,cookie specifies server,Set-Cookie: SERVERID=A,Cookie: SERVERID=A,Cookie persistence1.1 HTTP Cookie Insert1.2 HTTP Cookie Rewrite1.3 HTTP Cookie Passive1.4 Cookie Hash Destination Address affinity persistence Hash persistence MSRDP persistence SIP persistence(session Initiation protocol) Souce address affnity persistence SSL persistence Universal persistence,insert rewrite prefix,listen webfarm 192.168.1.1:80mode httpbalance roundrobincookie SERVERID insert indirectoption httpchk HEAD /index.html HTTP/1.0server webA 192.168.1.11:80 cookie A checkserver webB 192.168.1.12:80 cookie B checkserver webC 192.168.1.13:80 cookie C checkserver webD 192.168.1.14:80 cookie D check,SNAT & RNAT,External vlan,Internal vlan,VIP:221.238.249.177,MAPPED IP: 10.10.1.1,eth0: 10.10.1.2,eth1: 192.168.1.2,SNAT,RNAT,backend private# Connect to the servers using our 192.168.1.200 source addresssource 192.168.1.200backend transparent_ssl1# Connect to the SSL farm from the clients source addresssource 192.168.1.200 usesrc clientipserver railsA 192.168.1.11:80 source 192.168.1.201 checkserver railsB 192.168.1.12:80 minconn 4 maxconn 12 checkserver railsC 192.168.1.13:80 minconn 4 maxconn 12 check,We are here,Basically,LB related,Persistence,SNAT/RNAT,Server Protection,ACL/CS,GSLB,Server Protection,Attack (SYN Flood) Connection Limit Timeout Surge Queue Slow Start,listen appfarm 192.168.1.1:80mode httpmaxconn 10000option httpcloseoption abortoncloseoption forwardforbalance roundrobinserver railsA 192.168.1.11:80 minconn 4 maxconn 12 checkserver railsB 192.168.1.12:80 minconn 4 maxconn 12 checkserver railsC 192.168.1.13:80 minconn 4 maxconn 12 checkcontimeout 60000,
收藏 下载该资源
网站客服QQ:2055934822
金锄头文库版权所有
经营许可证:蜀ICP备13022795号 | 川公网安备 51140202000112号