Академический Документы
Профессиональный Документы
Культура Документы
Disclaimer
These instructions are provided for informational
Contents
purposes only. GoGrid does not guarantee the
1 Disclaimer
accuracy or completeness of these instructions and
2 Overview
is not responsible for errors, omissions or 3 Getting Started
inaccuracies. We encourage you to seek additional 3.1 Requirements
information from other sources if needed. 4 Resources
5 Brief StepbyStep
Overview 6 Source Code
6.1 ~/haprep.sh
6.2 /etc/haproxy.cfg.example
This document is intended to assist in expanding the
6.3 /etc/init.d/haproxy
load balancing present in GoGrid. Currently (at the 6.4 /etc/ha.d/authkeys
time of this document) you are limited to three F5 6.5 XForwardedFor header logging
load balancer instances. This document will cover 6.6 Files
using two virtual machines in combination with
HAProxy and Heartbeat (Linux HA) to go beyond
this limitation. This document does not go into advanced configurations or methods available with both
HAProxy and Linux HA Heartbeat.
Getting Started
Requirements
This setup assumes that you will have at least one RedHat/CentOS Linux host (64bit
images are not a requirement, you can use 32bit images as well):
Resources
There are many example scripts and sources available on this document which may be of use. These
https://wiki.gogrid.com/index.php/Customer:Linux_Load_Balancing_with_HAProxy%2BHeartbeat 1/8
10/29/2015 Customer:Linux Load Balancing with HAProxy+Heartbeat GoGrid
scripts are a collection of documents found on the web. The following resources were used in compiling
this document
HAProxy http://haproxy.1wt.eu/
HAProxy Documentation http://haproxy.1wt.eu/#doc1.4
LinuxHA http://www.linuxha.org/wiki/Main_Page
LinuxHA Documentation http://www.linuxha.org/doc/
HowtoForge Guide 1 http://www.howtoforge.com/settingupahighavailabilityloadbalancer
withhaproxykeepalivedondebianlenny
HowtoForge Guide 2 http://www.howtoforge.com/highavailabilityloadbalancerhaproxy
heartbeatdebianetch
WebhostingTalk Guide http://www.webhostingtalk.com/showthread.php?t=627783
Brief StepbyStep
1. Download, rename, and execute haprep.sh as a foundation.
2. Configure eth0 statically.
3. Configure eth1 statically.
4. Set up hostnames for all systems (FQDNs would be recommended).
5. Configure /etc/sysconfig/network.
6. Restart networking.
7. Optional: set up shared private keys between servers for SSH/SFTP/SCP file transfers and logins
for lazy sysadmins.
8. Set up your /etc/hosts file to contain entries for all IP addresses in use.
9. Configure/modify /etc/haproxy.cfg.example to fit your network and hosts, save as
/etc/haproxy.cfg.
10. Configure/modify /etc/ha.d/haresources.example to fit your network and hosts, save as
/etc/ha.d/haresources.
11. Configure/modify /etc/ha.d/ha.cf to fit your network and hosts, save as /etc/ha.d/ha.cf.
12. Configure/modify /etc/ha.d/authkeys if you did not use or do not like the script haprep.sh created
one.
13. Copy /etc/haproxy.cfg, /etc/ha.d/haresources, /etc/ha.d/ha.cf, and /etc/ha.d/authkeys to other
participating server(s).
14. Test configuration files and services.
15. Start heartbeat.
16. Start haproxy.
17. Verify shared IP address exists on one server.
18. Verify heartbeat and haproxy are both running on each system.
19. Modify logging as necessary for Web servers being load balanced.
20. Create a check.txt file in your document root for health checks.
21. Start web servers after configured.
Source Code
The below haprep.sh script acquires necessary packages after updating your system. It will perform only
generic setups. System specific setup will require manual file editing and configuration.
Download and save the following file to your Linux system:
From your system, make the file executable:
https://wiki.gogrid.com/index.php/Customer:Linux_Load_Balancing_with_HAProxy%2BHeartbeat 2/8
10/29/2015 Customer:Linux Load Balancing with HAProxy+Heartbeat GoGrid
[root@localhost ~]# mv haprep.sh.txt haprep.sh
[root@localhost ~]# chmod a+x haprep.sh
Run the script:
[root@localhost ~]# ./haprep.sh
~/haprep.sh
#!/bin/bash
# Update the system
yum ‐y update
sleep 1
# Install Heartbeat (LinuxHA)
yum ‐y install heartbeat
sleep 1
yum ‐y install heartbeat
sleep 1
# Download and install HAProxy
wget http://haproxy.1wt.eu/download/1.4/bin/haproxy‐1.4.8‐pcre‐40kses‐linux‐i586.stripped.gz ‐O haproxy.gz
gunzip haproxy.gz
chmod 775 haproxy
mv haproxy /usr/sbin
# Enable non‐local IP binding
cat >> /etc/sysctl.conf << SYSCTLEDIT
# Allow nonlocal IP binding
net.ipv4.ip_nonlocal_bind = 1
SYSCTLEDIT
sysctl ‐p /etc/sysctl.conf
sleep 1
# Adding config files
touch /etc/haproxy.cfg
touch /etc/ha.d/haresources
touch /etc/ha.d/authkeys
touch /etc/ha.d/ha.cf
# Configure authkeys in a generic fashion
echo "auth 2" >> authkeys
echo "2 sha1 `< /dev/urandom tr ‐dc A‐Za‐z0‐9_ | head ‐c24`" >> authkeys
cp /etc/ha.d/authkeys /etc/ha.d/authkeys.2
chmod 600 /etc/ha.d/authkeys*
# Add an example haproxy.cfg file (/etc/haproxy.cfg.example)
cat > /etc/haproxy.cfg.example << HAPROXYEX
global
log 127.0.0.1 local0
log 127.0.0.1 local1 notice
#log loghost local0 info
#debug
#quiet
maxconn 1024 # Total Max Connections. This is dependent on ulimit
daemon
nbproc 1 # Number of processing cores/cpus.
#user nobody
#group nobody
defaults
log global
mode http
option httplog
option dontlognull
retries 3
clitimeout 50000
https://wiki.gogrid.com/index.php/Customer:Linux_Load_Balancing_with_HAProxy%2BHeartbeat 3/8
10/29/2015 Customer:Linux Load Balancing with HAProxy+Heartbeat GoGrid
srvtimeout 30000
contimeout 4000
redispatch
option httpclose # Disable Keepalive
listen http_proxy 208.1.1.4:80
mode http
stats enable
stats auth root:haproxy
balance roundrobin # Load Balancing algorithm
option forwardfor # This sets X‐Forwarded‐For
option httpchk HEAD /check.txt HTTP/1.0
## Define your servers to balance
server halb1 208.1.1.3:80 weight 1 maxconn 512 check
server halb2 208.1.1.5:80 weight 1 maxconn 512 check
HAPROXYEX
# Add haproxy to the init.d scripts
cat > /etc/init.d/haproxy << HAPROXYINITD
#!/bin/sh
#
# chkconfig: ‐ 85 15
# description: HA‐Proxy is a TCP/HTTP reverse proxy which is particularly suited
# for high availability environments.
# processname: haproxy
# config: /etc/haproxy.cfg
# pidfile: /var/run/haproxy.pid
# Source function library.
if [ ‐f /etc/init.d/functions ]; then
. /etc/init.d/functions
elif [ ‐f /etc/rc.d/init.d/functions ] ; then
. /etc/rc.d/init.d/functions
else
exit 0
fi
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ ${NETWORKING} = "no" ] && exit 0
[ ‐f /etc/haproxy.cfg ] || exit 1
RETVAL=0
start() {
/usr/sbin/haproxy ‐c ‐q ‐f /etc/haproxy.cfg
if [ $? ‐ne 0 ]; then
echo "Errors found in configuration file."
return 1
fi
echo ‐n "Starting HAproxy: "
daemon /usr/sbin/haproxy ‐D ‐f /etc/haproxy.cfg ‐p /var/run/haproxy.pid
RETVAL=$?
echo
[ $RETVAL ‐eq 0 ] && touch /var/lock/subsys/haproxy
return $RETVAL
}
stop() {
echo ‐n "Shutting down HAproxy: "
killproc haproxy ‐USR1
RETVAL=$?
echo
[ $RETVAL ‐eq 0 ] && rm ‐f /var/lock/subsys/haproxy
[ $RETVAL ‐eq 0 ] && rm ‐f /var/run/haproxy.pid
return $RETVAL
}
restart() {
/usr/sbin/haproxy ‐c ‐q ‐f /etc/haproxy.cfg
if [ $? ‐ne 0 ]; then
https://wiki.gogrid.com/index.php/Customer:Linux_Load_Balancing_with_HAProxy%2BHeartbeat 4/8
10/29/2015 Customer:Linux Load Balancing with HAProxy+Heartbeat GoGrid
echo "Errors found in configuration file, check it with 'haproxy check'."
return 1
fi
stop
start
}
check() {
/usr/sbin/haproxy ‐c ‐q ‐V ‐f /etc/haproxy.cfg
}
rhstatus() {
status haproxy
}
condrestart() {
[ ‐e /var/lock/subsys/haproxy ] && restart || :
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
restart
;;
reload)
restart
;;
condrestart)
condrestart
;;
status)
rhstatus
;;
check)
check
;;
*)
echo $"Usage: haproxy {start|stop|restart|reload|condrestart|status|check}"
RETVAL=1
esac
exit $RETVAL
HAPROXYINITD
# Add HAProxy to the chkconfig settings
chmod 775 /etc/init.d/haproxy
chkconfig ‐‐add haproxy
# Add example ha.cf config file
cat > /etc/ha.d/ha.cf.example << HACFEX
debugfile /var/log/ha‐debug
logfile /var/log/ha‐log
logfacility local0
keepalive 2
deadtime 15
warntime 5
initdead 60
udpport 694
bcast eth1
auto_failback off
node halb1
node halb2
HACFEX
# Add example haresources config file
cat > /etc/ha.d/haresources.example << HARESOURCESEX
halb1 IPAddr::208.1.1.4
HARESOURCESEX
https://wiki.gogrid.com/index.php/Customer:Linux_Load_Balancing_with_HAProxy%2BHeartbeat 5/8
10/29/2015 Customer:Linux Load Balancing with HAProxy+Heartbeat GoGrid
/etc/haproxy.cfg.example
global
log 127.0.0.1 local0
log 127.0.0.1 local1 notice
#log loghost local0 info
#debug
#quiet
maxconn 1024 # Total Max Connections. This is dependent on ulimit
daemon
nbproc 1 # Number of processing cores/cpus.
#user nobody
#group nobody
defaults
log global
mode http
option httplog
option dontlognull
retries 3
clitimeout 50000
srvtimeout 30000
contimeout 4000
redispatch
option httpclose # Disable Keepalive
listen http_proxy 208.1.1.4:80
mode http
stats enable
stats auth root:haproxy
balance roundrobin # Load Balancing algorithm
option forwardfor # This sets X‐Forwarded‐For
option httpchk HEAD /check.txt HTTP/1.0
## Define your servers to balance
server halb1 208.1.1.3:80 weight 1 maxconn 512 check
server halb2 208.1.1.5:80 weight 1 maxconn 512 check
/etc/init.d/haproxy
#!/bin/sh
#
# chkconfig: ‐ 85 15
# description: HA‐Proxy is a TCP/HTTP reverse proxy which is particularly suited
# for high availability environments.
# processname: haproxy
# config: /etc/haproxy.cfg
# pidfile: /var/run/haproxy.pid
# Source function library.
if [ ‐f /etc/init.d/functions ]; then
. /etc/init.d/functions
elif [ ‐f /etc/rc.d/init.d/functions ] ; then
. /etc/rc.d/init.d/functions
else
exit 0
fi
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ ${NETWORKING} = "no" ] && exit 0
[ ‐f /etc/haproxy.cfg ] || exit 1
RETVAL=0
start() {
/usr/sbin/haproxy ‐c ‐q ‐f /etc/haproxy.cfg
if [ $? ‐ne 0 ]; then
echo "Errors found in configuration file."
https://wiki.gogrid.com/index.php/Customer:Linux_Load_Balancing_with_HAProxy%2BHeartbeat 6/8
10/29/2015 Customer:Linux Load Balancing with HAProxy+Heartbeat GoGrid
return 1
fi
echo ‐n "Starting HAproxy: "
daemon /usr/sbin/haproxy ‐D ‐f /etc/haproxy.cfg ‐p /var/run/haproxy.pid
RETVAL=$?
echo
[ $RETVAL ‐eq 0 ] && touch /var/lock/subsys/haproxy
return $RETVAL
}
stop() {
echo ‐n "Shutting down HAproxy: "
killproc haproxy ‐USR1
RETVAL=$?
echo
[ $RETVAL ‐eq 0 ] && rm ‐f /var/lock/subsys/haproxy
[ $RETVAL ‐eq 0 ] && rm ‐f /var/run/haproxy.pid
return $RETVAL
}
restart() {
/usr/sbin/haproxy ‐c ‐q ‐f /etc/haproxy.cfg
if [ $? ‐ne 0 ]; then
echo "Errors found in configuration file, check it with 'haproxy check'."
return 1
fi
stop
start
}
check() {
/usr/sbin/haproxy ‐c ‐q ‐V ‐f /etc/haproxy.cfg
}
rhstatus() {
status haproxy
}
condrestart() {
[ ‐e /var/lock/subsys/haproxy ] && restart || :
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
restart
;;
reload)
restart
;;
condrestart)
condrestart
;;
status)
rhstatus
;;
check)
check
;;
*)
echo $"Usage: haproxy {start|stop|restart|reload|condrestart|status|check}"
RETVAL=1
esac
exit $RETVAL
https://wiki.gogrid.com/index.php/Customer:Linux_Load_Balancing_with_HAProxy%2BHeartbeat 7/8
10/29/2015 Customer:Linux Load Balancing with HAProxy+Heartbeat GoGrid
/etc/ha.d/authkeys
auth 2
2 sha1 insertsomethingcompletelyrandom
XForwardedFor header logging
Recommended that you change the combined log as indicated below to harvest the real IP from the
visiting client (/etc/httpd/conf/httpd.conf):
#LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User‐Agent}i\"" combined
LogFormat "%{X‐Forwarded‐For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User‐Agent}i\"" combined
Also recommend setting up a health check. So that this health check doesn't bloat the Apache access log,
you'll want to add a 'check.txt' to your document root and the following to the configuration
(/etc/httpd/conf/httpd.conf):
SetEnvIf Request_URI "^/check\.txt$" dontlog
#CustomLog logs/access_log combined
CustomLog logs/access_log combined env=!dontlog
Files
~/haprep.sh (http://wiki.gogrid.com/wiki/images/b/b0/Haprep.sh.txt)
/etc/haproxy.cfg.example (http://wiki.gogrid.com/wiki/images/7/75/Haproxy.cfg.example.txt)
/etc/init.d/haproxy (http://wiki.gogrid.com/wiki/images/b/b8/Haproxy.initd.txt)
/etc/ha.d/ha.cf.example (http://wiki.gogrid.com/wiki/images/9/92/Ha.cf.example.txt)
/etc/ha.d/authkeys (http://wiki.gogrid.com/wiki/images/b/bb/Authkeys.txt)
/etc/ha.d/haresources.example (http://wiki.gogrid.com/wiki/images/1/14/Haresources.txt)
Retrieved from
"https://wiki.gogrid.com/index.php/Customer:Linux_Load_Balancing_with_HAProxy%2BHeartbeat"
https://wiki.gogrid.com/index.php/Customer:Linux_Load_Balancing_with_HAProxy%2BHeartbeat 8/8