lvs2种模式和haproxy配置

最新推荐文章于 2025-04-23 14:50:49 发布
原创 最新推荐文章于 2025-04-23 14:50:49 发布 · 348 阅读 · 0 ·
CC 4.0 BY-SA版权
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。

本文详细介绍了LVS的nat模式和dr模式的配置步骤,包括host1和host2的设置,以及调度器的配置。在nat模式下,重点讲解了调度器的配置和测试过程;而在dr模式中,同样涵盖了主机配置和测试环节。此外,还阐述了haproxy的配置,包括haproxy.service文件的编写、启用日志和重启服务的步骤,以实现高可用负载均衡。

摘要生成于 C知道 ,由 DeepSeek-R1 满血版支持, 前往体验 >

lvs配置方法

  • nat模式配置
ip类型ip地址
VIP仅主机模式192.168.96.134
DIP192.168.149.143
host1IP192.168.149.140
host2IP192.168.149.137

host1配置

[root@host1 ~]# systemctl stop firewalld.service 
[root@host1 ~]# setenforce 0
[root@host1 ~]# yum -y install httpd
[root@host1 ~]# systemctl start httpd
[root@host1 ~]# echo "1" > /var/www/html/index.html

生成httpds
[root@host1 ~]# mkdir /etc/pki/CA
[root@host1 ~]# cd /etc/pki/CA
[root@host1 CA]# mkdir private
[root@host1 CA]# (umask 077;openssl genrsa -out private/cakey.pem 2048) 
Generating RSA private key, 2048 bit long modulus (2 primes)
.....................................................................................................+++++
.......+++++
e is 65537 (0x010001)
[root@host1 CA]# openssl req -new -x509 -key private/cakey.pem -out cacert.pem -days 365
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:HB
Locality Name (eg, city) [Default City]:WH
Organization Name (eg, company) [Default Company Ltd]:xkq         
Organizational Unit Name (eg, section) []:xkq
Common Name (eg, your name or your server's hostname) []:xkq.com
Email Address []:1@1.com
[root@host1 CA]# mkdir certs newcerts crl
[root@host1 CA]# touch index.txt && echo 01 > serial
[root@host1 CA]# (umask 077;openssl genrsa -out httpd.key 2048)
Generating RSA private key, 2048 bit long modulus (2 primes)
......+++++
...........................................+++++
e is 65537 (0x010001)
[root@host1 CA]# openssl req -new -key httpd.key -days 365 -out httpd.csr
Ignoring -days; not generating a certificate
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:HB
Locality Name (eg, city) [Default City]:WH
Organization Name (eg, company) [Default Company Ltd]:xkq
Organizational Unit Name (eg, section) []:xkq
Common Name (eg, your name or your server's hostname) []:xkq.com
Email Address []:1@1.com

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
[root@host1 CA]# openssl ca -in httpd.csr -out httpd.crt -days 365
Using configuration from /etc/pki/tls/openssl.cnf
Check that the request matches the signature
Signature ok
Certificate Details:
        Serial Number: 1 (0x1)
        Validity
            Not Before: Jun 14 12:04:15 2021 GMT
            Not After : Jun 14 12:04:15 2022 GMT
        Subject:
            countryName               = CN
            stateOrProvinceName       = HB
            organizationName          = xkq
            organizationalUnitName    = xkq
            commonName                = xkq.com
            emailAddress              = 1@1.com
        X509v3 extensions:
            X509v3 Basic Constraints: 
                CA:FALSE
            Netscape Comment: 
                OpenSSL Generated Certificate
            X509v3 Subject Key Identifier: 
                1E:D6:51:6F:21:A7:7D:A7:FF:06:D4:6D:13:85:11:50:6C:FD:D5:8C
            X509v3 Authority Key Identifier: 
                keyid:2B:BA:85:7C:6B:8E:0C:74:24:B2:E0:CF:83:43:9D:21:C3:8D:DF:95

Certificate is to be certified until Jun 14 12:04:15 2022 GMT (365 days)
Sign the certificate? [y/n]:y


1 out of 1 certificate requests certified, commit? [y/n]y
Write out database with 1 new entries
Data Base Updated

安装ssl模板
[root@host1 ~]# dnf -y install mod_ssl
[root@host1 CA]#  mv httpd.key httpd.crt /etc/httpd/
[root@host1 CA]# cd /etc/httpd/conf.d/
[root@host1 conf.d]# vim ssl.conf
修改路径
......
SSLCertificateFile /etc/httpd/httpd.crt

SSLCertificateKeyFile /etc/httpd/httpd.key
......
重启httpd
[root@host1 conf.d]# systemctl restart httpd

[root@host1 CA]#  mv httpd.key httpd.crt /etc/httpd/
[root@host1 CA]# scp /etc/httpd/httpd.crt 192.168.149.137:/etc/httpd/
root@192.168.149.137's password: 
httpd.crt                                                                        100% 4495     2.5MB/s   00:00    
[root@host1 CA]# scp /etc/httpd/httpd.key 192.168.149.137:/etc/httpd/
root@192.168.149.137's password: 
httpd.key                                                                        100% 1675     1.6MB/s   00:00  

将网关改为调度器的ip
[root@host1 ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens160
TYPE=Ethernet
OTPROTO=static
NAME=ens160
DEVICE=ens160
ONBOOT=yes
IPADDR=192.168.149.140
PREFIX=24
GATEWAY=192.168.149.143
DNS1=114.114.114.114  
[root@host1 ~]# ifdown ens160;ifup ens160

host2配置

[root@host2 ~]# systemctl stop firewalld
[root@host2 ~]# setenforce 0
[root@host2 ~]# yum -y install httpd
[root@host2 ~]# systemctl start httpd
[root@host1 ~]# echo "2" > /var/www/html/index.html

[root@host2 ~]# dnf -y install mod_ssl
[root@host2 ~]# cd /etc/httpd/conf.d/
[root@host2 conf.d]# vim ssl.conf
修改路径
......
SSLCertificateFile /etc/httpd/httpd.crt

SSLCertificateKeyFile /etc/httpd/httpd.key
......
重启httpd
[root@host2 conf.d]# systemctl restart httpd

将网关改为调度器的ip
[root@host2 ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens160
TYPE=Ethernet
OTPROTO=static
NAME=ens160
DEVICE=ens160
ONBOOT=yes
IPADDR=192.168.149.137
PREFIX=24
GATEWAY=192.168.149.143
DNS1=114.114.114.114       
[root@host2 ~]# ifdown ens160;ifup ens160

调度器配置

[root@lb ~]# systemctl stop firewalld
[root@lb ~]# setenforce 0
[root@lb ~]# yum -y install ipvsadm

开启 IP转发 功能
[root@lb ~]# echo 'net.ipv4.ip_forward = 1' > /etc/sysctl.conf
[root@lb ~]# sysctl -p
net.ipv4.ip_forward = 1

添加并保持规则
[root@lb ~]# ipvsadm -A -t 192.168.96.132:443 -s rr
[root@lb ~]# ipvsadm -a -t 192.168.96.132:443 -r 192.168.149.137:443 -m
[root@lb ~]# ipvsadm -a -t 192.168.96.132:443 -r 192.168.149.140:443 -m
[root@lb ~]# ipvsadm -A -t 192.168.96.132:80 -s rr
[root@lb ~]# ipvsadm -a -t 192.168.96.132:80 -r 192.168.149.140:80 -m
[root@lb ~]# ipvsadm -a -t 192.168.96.132:80 -r 192.168.149.137:80 -m
[root@lb ~]# ipvsadm -Sn > /etc/sysconfig/ipvsadm
[root@lb ~]# cat /etc/sysconfig/ipvsadm
-A -t 192.168.96.134:80 -s rr
-a -t 192.168.96.134:80 -r 192.168.149.137:80 -m -w 1
-a -t 192.168.96.134:80 -r 192.168.149.140:80 -m -w 1
-A -t 192.168.96.134:443 -s rr
-a -t 192.168.96.134:443 -r 192.168.149.137:443 -m -w 1
-a -t 192.168.96.134:443 -r 192.168.149.140:443 -m -w 1

测试
在这里插入图片描述
在这里插入图片描述
在这里插入图片描述
在这里插入图片描述

dr模式

ip类型ip地址
VIP虚拟的192.168.149.144
DIP192.168.149.143
host1IP192.168.149.140
host2IP192.168.149.137

host1配置

[root@host1 ~]# systemctl stop firewalld.service 
[root@host1 ~]# setenforce 0
[root@host1 ~]# yum -y install httpd
[root@host1 ~]# systemctl start httpd
[root@host1 ~]# echo "1" > /var/www/html/index.html

生成httpds
[root@host1 ~]# mkdir /etc/pki/CA
[root@host1 ~]# cd /etc/pki/CA
[root@host1 CA]# mkdir private
[root@host1 CA]# (umask 077;openssl genrsa -out private/cakey.pem 2048) 
Generating RSA private key, 2048 bit long modulus (2 primes)
.....................................................................................................+++++
.......+++++
e is 65537 (0x010001)
[root@host1 CA]# openssl req -new -x509 -key private/cakey.pem -out cacert.pem -days 365
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:HB
Locality Name (eg, city) [Default City]:WH
Organization Name (eg, company) [Default Company Ltd]:xkq         
Organizational Unit Name (eg, section) []:xkq
Common Name (eg, your name or your server's hostname) []:xkq.com
Email Address []:1@1.com
[root@host1 CA]# mkdir certs newcerts crl
[root@host1 CA]# touch index.txt && echo 01 > serial
[root@host1 CA]# (umask 077;openssl genrsa -out httpd.key 2048)
Generating RSA private key, 2048 bit long modulus (2 primes)
......+++++
...........................................+++++
e is 65537 (0x010001)
[root@host1 CA]# openssl req -new -key httpd.key -days 365 -out httpd.csr
Ignoring -days; not generating a certificate
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:HB
Locality Name (eg, city) [Default City]:WH
Organization Name (eg, company) [Default Company Ltd]:xkq
Organizational Unit Name (eg, section) []:xkq
Common Name (eg, your name or your server's hostname) []:xkq.com
Email Address []:1@1.com

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
[root@host1 CA]# openssl ca -in httpd.csr -out httpd.crt -days 365
Using configuration from /etc/pki/tls/openssl.cnf
Check that the request matches the signature
Signature ok
Certificate Details:
        Serial Number: 1 (0x1)
        Validity
            Not Before: Jun 14 12:04:15 2021 GMT
            Not After : Jun 14 12:04:15 2022 GMT
        Subject:
            countryName               = CN
            stateOrProvinceName       = HB
            organizationName          = xkq
            organizationalUnitName    = xkq
            commonName                = xkq.com
            emailAddress              = 1@1.com
        X509v3 extensions:
            X509v3 Basic Constraints: 
                CA:FALSE
            Netscape Comment: 
                OpenSSL Generated Certificate
            X509v3 Subject Key Identifier: 
                1E:D6:51:6F:21:A7:7D:A7:FF:06:D4:6D:13:85:11:50:6C:FD:D5:8C
            X509v3 Authority Key Identifier: 
                keyid:2B:BA:85:7C:6B:8E:0C:74:24:B2:E0:CF:83:43:9D:21:C3:8D:DF:95

Certificate is to be certified until Jun 14 12:04:15 2022 GMT (365 days)
Sign the certificate? [y/n]:y


1 out of 1 certificate requests certified, commit? [y/n]y
Write out database with 1 new entries
Data Base Updated

安装ssl模板
[root@host1 ~]# dnf -y install mod_ssl
[root@host1 CA]#  mv httpd.key httpd.crt /etc/httpd/
[root@host1 CA]# cd /etc/httpd/conf.d/
[root@host1 conf.d]# vim ssl.conf
修改路径
......
SSLCertificateFile /etc/httpd/httpd.crt

SSLCertificateKeyFile /etc/httpd/httpd.key
......
重启httpd
[root@host1 conf.d]# systemctl restart httpd

将证书传给host2
[root@host1 CA]# scp /etc/httpd/httpd.crt 192.168.149.137:/etc/httpd/
root@192.168.149.137's password: 
httpd.crt                                                                        100% 4495     2.5MB/s   00:00    
[root@host1 CA]# scp /etc/httpd/httpd.key 192.168.149.137:/etc/httpd/
root@192.168.149.137's password: 
httpd.key                                                                        100% 1675     1.6MB/s   00:00 

[root@host1 httpd]# ifconfig lo:0 192.168.149.144/32 broadcast 192.168.149.144 up
[root@host1 httpd]# route add -host 192.168.149.144 dev lo:0
[root@host1 ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens160
TYPE=Ethernet
OTPROTO=static
NAME=ens160
DEVICE=ens160
ONBOOT=yes
IPADDR=192.168.149.140
PREFIX=24
GATEWAY=192.168.149.2
DNS1=114.114.114.114      

[root@host1 ~]# cd /etc/httpd/
[root@host1 httpd]# cat >> /etc/sysctl.conf <<EOF
> net.ipv4.conf.all.arp_ignore=1
> net.ipv4.conf.all.arp_announce=2
> EOF
[root@host1 httpd]# sysctl -p
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
[root@host1 ~]# ifdown ens160;ifup ens160

host2配置

[root@host2 ~]# systemctl stop firewalld
[root@host2 ~]# setenforce 0
[root@host2 ~]# yum -y install httpd
[root@host2 ~]# systemctl start httpd
[root@host1 ~]# echo "2" > /var/www/html/index.html
[root@host2 ~]# dnf -y install mod_ssl
[root@host2 ~]# cd /etc/httpd/conf.d/
[root@host2 conf.d]# vim ssl.conf
修改路径
......
SSLCertificateFile /etc/httpd/httpd.crt

SSLCertificateKeyFile /etc/httpd/httpd.key
......
重启httpd
[root@host2 conf.d]# systemctl restart httpd

[root@host2 ~]# ifconfig lo:0 192.168.149.144/32 broadcast 192.168.149.144 up
[root@host2 ~]# route add -host 192.168.149.144 dev lo:0
[root@host2 ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens160
TYPE=Ethernet
OTPROTO=static
NAME=ens160
DEVICE=ens160
ONBOOT=yes
IPADDR=192.168.149.137
PREFIX=24
GATEWAY=192.168.149.2
DNS1=114.114.114.114   

[root@host2 ~]# ifdown ens160;ifup ens160

[root@host2 ~]# cat >> /etc/sysctl.conf <<EOF
> net.ipv4.conf.all.arp_ignore=1
> net.ipv4.conf.all.arp_announce=2
> EOF
[root@host2 ~]# sysctl -p
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2

调度器配置

[root@lb ~]# systemctl stop firewalld
[root@lb ~]# setenforce 0
[root@lb ~]# yum -y install ipvsadm

[root@lb ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens160
TYPE=Ethernet
BOOTPROTO=static
NAME=ens160
DEVICE=ens160
ONBOOT=yes
IPADDR0=192.168.149.143
PREFIX0=24
IPADDR1=192.168.149.144
PREFIX1=24
GATEWAY=192.168.149.2
DNS1=114.114.114.114

[root@lb ~]# ifdown ens160;ifup ens160

添加规则
[root@lb ~]# ipvsadm -A -t 192.168.149.144:80 -s rr
[root@lb ~]# ipvsadm -a -t 192.168.149.144:80 -r 192.168.149.140:80 -g
[root@lb ~]# ipvsadm -a -t 192.168.149.144:80 -r 192.168.149.137:80 -g
[root@lb ~]# ipvsadm -A -t 192.168.149.144:443 -s rr
[root@lb ~]# ipvsadm -a -t 192.168.149.144:443 -r 192.168.149.137:443 -g
[root@lb ~]# ipvsadm -a -t 192.168.149.144:443 -r 192.168.149.140:443 -g
[root@lb ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  192.168.149.144:80 rr
  -> 192.168.149.137:80           Route   1      0          0         
  -> 192.168.149.140:80           Route   1      0          0         
TCP  192.168.149.144:443 rr
  -> 192.168.149.137:443          Route   1      0          0         
  -> 192.168.149.140:443          Route   1      0          0

在这里插入图片描述
在这里插入图片描述
在这里插入图片描述
在这里插入图片描述

haproxy配置

[root@lb ~]# yum -y install make gcc pcre-devel bzip2-devel openssl-devel systemd-devel
[root@lb ~]# useradd -r -M -s /sbin/nologin haproxy
[root@lb ~]# useradd -r -M -s /sbin/nologin haproxy
[root@lb ~]# tar xf haproxy-v2.3.0.tar.gz 
[root@lb ~]#  cd haproxy-2.3.0/
[root@lb haproxy-2.3.0]# make clean
[root@lb haproxy-2.3.0]# make -j $(grep 'processor' /proc/cpuinfo |wc -l)  \
> TARGET=linux-glibc  \
> USE_OPENSSL=1  \
> USE_ZLIB=1  \
> USE_PCRE=1  \
> USE_SYSTEMD=1
[root@lb haproxy-2.3.0]# make install PREFIX=/usr/local/haproxy
[root@lb haproxy-2.3.0]#  echo "export PATH=/usr/local/haproxy/sbin:$PATH">/etc/profile.d/haproxy.sh
[root@lb haproxy-2.3.0]# . /etc/profile.d/haproxy.sh
[root@lb haproxy-2.3.0]# which haproxy 
/usr/local/haproxy/sbin/haproxy
[root@lb haproxy-2.3.0]# echo 'net.ipv4.ip_nonlocal_bind = 1' >>  /etc/sysctl.conf
[root@lb haproxy-2.3.0]# echo 'net.ipv4.ip_forward = 1' >> /etc/sysctl.conf 
[root@lb haproxy-2.3.0]# sysctl  -p 
net.ipv4.ip_forward = 1
net.ipv4.ip_nonlocal_bind = 1
[root@lb haproxy-2.3.0]# mkdir /etc/haproxy
[root@lb haproxy-2.3.0]# cat > /etc/haproxy/haproxy.cfg <<EOF
> #--------------全局配置----------------
> global
>     log 127.0.0.1 local0  info
>     #log loghost local0 info
>     maxconn 20480
> #chroot /usr/local/haproxy
>     pidfile /var/run/haproxy.pid
>     #maxconn 4000
>     user haproxy
>     group haproxy
>     daemon
> #---------------------------------------------------------------------
> #common defaults that all the 'listen' and 'backend' sections will
> #use if not designated in their block
> #---------------------------------------------------------------------
> defaults
>     mode http
>     log global
>     option dontlognull
>     option httpclose
>     option httplog
>     #option forwardfor
>     option redispatch
>     balance roundrobin
>     timeout connect 10s
>     timeout client 10s
>     timeout server 10s
>     timeout check 10s
>     maxconn 60000
>     retries 3
> #--------------统计页面配置------------------
> listen admin_stats
>     bind 0.0.0.0:8189
>     stats enable
>     mode http
>     log global
>     stats uri /haproxy_stats
>     stats realm Haproxy\ Statistics
>     stats auth admin:admin
>     #stats hide-version
>     stats admin if TRUE
>     stats refresh 30s
> #---------------web设置-----------------------
> listen webcluster
>     bind 0.0.0.0:80
>     mode http
>     #option httpchk GET /index.html
>     log global
>     maxconn 3000
>     balance roundrobin
>     cookie SESSION_COOKIE insert indirect nocache
>     server web01 192.168.149.140:80 check inter 2000 fall 5
>     server web02 192.168.149.137:80 check inter 2000 fall 5
> EOF
  • haproxy.service文件编写
[root@lb haproxy-2.3.0]# cat > /usr/lib/systemd/system/haproxy.service <<EOF
> [Unit]
> Description=HAProxy Load Balancer
> After=syslog.target network.target
> 
> [Service]
> ExecStartPre=/usr/local/haproxy/sbin/haproxy -f /etc/haproxy/haproxy.cfg   -c -q
> ExecStart=/usr/local/haproxy/sbin/haproxy -Ws -f /etc/haproxy/haproxy.cfg  -p /var/run/haproxy.pid
> ExecReload=/bin/kill -USR2 $MAINPID
> 
> [Install]
> WantedBy=multi-user.target
> EOF

[root@lb haproxy-2.3.0]# systemctl daemon-reload
  • 启用日志
[root@lb haproxy-2.3.0]# vim /etc/rsyslog.conf
local0.*                                                /var/log/boot.log
[root@lb haproxy-2.3.0]# systemctl restart rsyslog
  • 重启服务
[root@lb haproxy-2.3.0]# systemctl restart haproxy
[root@lb haproxy-2.3.0]# ss -antl
State        Recv-Q       Send-Q             Local Address:Port              Peer Address:Port       Process       
LISTEN       0            128                      0.0.0.0:80                     0.0.0.0:*                        
LISTEN       0            128                      0.0.0.0:22                     0.0.0.0:*                        
LISTEN       0            128                      0.0.0.0:8189                   0.0.0.0:*                        
LISTEN       0            128                         [::]:22                        [::]:*

测试
在这里插入图片描述
在这里插入图片描述
在这里插入图片描述

B_memory
关注
lvs+HAproxy/nginx+keepalived构造高并发解决方案
yshisu的博客
07-01 1586
lvs+haproxy/nginx+keepalived 实现高性能,高可用的服务集群
一文详解 LVS、Nginx 及 HAProxy 工作原理
m0_67698950的博客
08-16 787
当前大多数的互联网系统都使用了服务器集群技术,集群是将相同服务部署在多台服务器上构成一个集群整体对外提供服务,这些集群可以是 Web 应用服务器集群,也可以是数据库服务器集群,还可以是分布式缓存服务器集群等等。在实际应用中,在 Web 服务器集群之前总会有一台负载均衡服务器,负载均衡设备的任务就是作为 Web 服务器流量的入口,挑选最合适的一台 Web 服务器,将客户端的请求转发给它处理,实现客户端到真实服务端的透明转发。...
lvs+haproxy的一种方式
IOT之无线网络传输技术
03-24 7353
去年看见淘宝章博士的PPT里面讲过淘宝的CDN架构,觉得简单使用。 我也一直觉得haproxy比较简洁的,另外画了一个图,可以给应用做好负载均衡。不过我这个图里两个LVS只是一主一倍,也可以作为相互备份,这样更能提高利用率。 这个基本是照着淘宝的这个架构搞的。但是其实里面有些细节地方可以仔细说一下。这个实现过程是 最最外面做LVS的机器上绑定一堆公网的IP。假
LVS+HAProxy配置
tz_sz的专栏
05-27 1839
一、安装 http://blog.sina.com.cn/s/blog_704836f401011u3x.html IP:192.168.1.61 [root@haproxy_node1 ~]# wget http://haproxy.1wt.eu/download/1.4/src/haproxy-1.4.20.tar.gz [root@haproxy_node1 ~]# tar xvzf
LVS+Haproxy
fyb012811的博客
09-16 997
Haproxy 是一个使用C语言编写的自由及开放源代码软件,其提供高可用性、负载均衡,以及基于TCPHTTP的应用程序代理。默认haproxy的日志是输出到系统的syslog中,查看起来不是非常方便,为了更好的管理haproxy的日志,我们在生产环境中一般单独定义出来。需要将haproxy的info及notice日志分别记录到不同的日志文件中。需要修改rsyslog配置,为了便于管理。
LVSHAProxy
qq_62414482的博客
04-01 1116
配置LVS的DR模式:当用户访问192.168.88.15时被调度器lvs的子接口接收到该访问,然后通过算法由本机网卡地址192.168.88.5向真实服务器的192.168.88.100/200发送命令,然后该服务器通过lo:0子接口192.168.88.15回答客户端的访问。DIP:指定地址,LVS服务器上与真实服务器通信的地址。有两个真实服务器一个虚拟服务器,用户服务器访问 虚拟服务器,虚拟服务器把数据转发给其中一个真实服务器,当该服务器出现故障时,虚拟服务器就会把数据转发给另一台完好的服务器。
LVSHaproxy的相互配合
下一个艺术家
11-05 1005
本博客主要详细介绍了如何使用NginxHaproxy工具,搭建一个通过算法来访问不同的节点的高可用的网站架构。
linux服务器之LVS、NginxHAProxy负载均衡器对比总结
09-15
本篇文章将对比三种常用的Linux服务器负载均衡器:LVS、NginxHAProxy,探讨其各自的特点、适用场景常用算法。 LVS(Linux Virtual Server)是基于IP层的负载均衡器,它具有以下显著特点: 1. 高抗负载能力:...
HAproxy负载均衡部署与LVS的比较
weixin_55015185的博客
11-22 914
多敲多练
nginx,lvs,haproxy+keepalived区别
最新发布
wxjlkh的博客
04-23 809
Keepalived的作用是检测web服务器的状态,如果有一台web服务器死机,或工作出现故障,Keepalived将检测到,并将有故障的web服务器从系统中剔除,当web服务器工作正常后Keepalived自动将web服务器加入到服务器群中,这些工作全部自动完成,不需要人工干涉,需要人工做的只是修复故障的web服务器。具体的应用还得 具体分析,如果是比较小的网站(日 PV 小于 1000 万),用 Nginx 就完全可以了,如果机器也不少,可以用DNS 轮询, LVS 所耗费的机器还是比较多 的;
HAProxy+Keepalived+LVS实现负载平衡高可用集群最佳实践
01-16
HAProxy+Keepalived+LVS实现负载平衡高可用集群最佳实践
HAProxy Keepalived+LVS负载平衡高可用集群最佳实践部署
11-21
HAProxy Keepalived+LVS负载平衡高可用集群最佳实践部署
web群集调度器之Haproxy群集的搭建
qq_41786285的博客
11-05 648
一、常见的Web集群调度器: ■目前常见的Web集群调度器分为软件硬件 ■软件通常使用开源的LVSHaproxy、 Nginx ■硬件一般使用比较多的是F5,也有很多人使用国内的一 些产品,如梭子鱼、绿盟等 LVS群集搭建见这三篇 LVS+NAT模式 LVS+DR模式 LVS+keepalived 二、Haproxy应用分析 ■LVS在企业应用中抗负载能力很强,但存在不足 LVS不支持正则处理,不能实现动静分离 对于大型网站,LVS的实施配置复杂,维护成本相对较高 ■Haproxy是一款可提供高可用性、
详解 LVS、Nginx 及 HAProxy 工作原理
天行健,君子以自强不息;地势坤,君子以厚德载物。
04-12 379
阅读文本大概需要8分钟。当前大多数的互联网系统都使用了服务器集群技术,集群是将相同服务部署在多台服务器上构成一个集群整体对外提供服务,这些集群可以是Web应用服务器集...
LVS + HAProxy实现跨网负载均衡
weixin_30474613的博客
11-29 232
转载于:https://www.cnblogs.com/zhouhaibing/p/7913474.html
lvs集群】HAProxy搭建Web集群
wang_dian1的博客
06-12 1674
HAProxy是可提供高可用性、负载均衡以及基于TCPHTTP应用的代理,是免费、快速并且可靠的一种解决方案。HAProxy非常适用于并发大(并发达1w以上)web站点,这些站点通常又需要会话保持或七层处理。HAProxy的运行模式使得它可以很简单安全的整合至当前的架构中,同时可以保护web服务器不被暴露到网络上。
七层负载均衡HAproxy生产环境LVS+Keepalived+HAproxy(三)
weixin_56903457的博客
12-21 3422
LB-Haproxy/Nginx ???? 解析:七层负载均衡器,为与七层模型上的应用层,通过URL地址(应用层)进行负载均衡。 优点:详细地址,数据精准定位 缺点:地址长、范围广 一、HAproxy 原理解析 别名:七层负载均衡、应用程序负载、URL负载、动静分离技术 用80端口 简介: 免费、快速可靠、高性能的负载均衡软件 亲缘性: 后方有三台Web服务器,用户进行数据请求,当用户访问Web1时(一些特定的敏感话题会进行认证) 当我们的用户再次访问时,请求分发到我们的Web2上,又要进行认证。 所
LVS】4、HAProxy搭建web集群
Mo_nor的博客
08-21 435
LVS抗负载能力强,但不支持正则表达式、不能实现动静分离;大型网站,LVS实施配置复杂,维护成本相对较高;一般在上百台集群中使用HAProxy是一款可提供高可用性负载均衡,基于TCP(四层)HTTP(七层)应用的代理的软件适用于负载大的web站点,运行再硬件上,可以支持上万条并发连接的连接请求。
Haproxy配合Nginx搭建Web集群
零下二度的博客
04-07 350
目录环境1、编译安装Nginx服务器 环境 主机 操作系统 IP地址 所需软件/安装包/工具 Haproxy-Server CentOS7 192.168.109.55 haproxy-1.5.19.tar.gz Nginx-Server1 CentOS7 192.168.109.66 nginx-1.12.0.tar.gz Nginx-Server2 CentOS7 192.168.109.77 nginx-1.12.0.tar.gz 客户端 Win10 192.168.109
评论 1
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值