标签为 HAProxy 的文章

HAProxy RPM SPECS与HTTPS Load配置分享

话不多说,具体内容如下:
haproxy-1.5.17.spec

haproxy.cfg

, , ,

2 Comments

线上HAProxy内核参数调优分享

HAProxy
CPU: 8核
内存: 16G
数量:4

Servers
数量: 150
类型:HTTP/HTTPS响应GET/POST请求,返回json数据并产生日志
稳定支持的并发会话数量:400K

系统相关配置
# grep -E 'maxconn|nbproc' /etc/haproxy/haproxy.cfg

maxconn     200000
nbproc           7

# cat /etc/security/limits.d/90-nproc.conf

# Default limit for number of user's processes to prevent
# accidental fork bombs.
# See rhbz #432903 for reasoning.

*          -    nproc     4096
root       -    nproc     unlimite

# cat /etc/security/limits.d/90-nofile.conf

*          -    nofile     200000

# cat /etc/sysctl.conf

# Kernel sysctl configuration file for Red Hat Linux
#
# For binary values, 0 is disabled, 1 is enabled.  See sysctl(8) and
# sysctl.conf(5) for more details.

# Controls IP packet forwarding
net.ipv4.ip_forward = 1
net.ipv4.ip_nonlocal_bind = 1

# Controls source route verification
net.ipv4.conf.default.rp_filter = 0

# Do not accept source routing
net.ipv4.conf.default.accept_source_route = 0

# Controls the System Request debugging functionality of the kernel
kernel.sysrq = 0

# Controls whether core dumps will append the PID to the core filename.
# Useful for debugging multi-threaded applications.
kernel.core_uses_pid = 1

# Controls the use of TCP syncookies
net.ipv4.tcp_syncookies = 1

# Disable netfilter on bridges.
net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0

# Controls the maximum size of a message, in bytes
kernel.msgmnb = 65536

# Controls the default maxmimum size of a mesage queue
kernel.msgmax = 65536

# Controls the maximum shared segment size, in bytes
kernel.shmmax = 68719476736

# Controls the maximum number of shared memory segments, in pages
kernel.shmall = 4294967296

# Maximize ephemeral port range
net.ipv4.ip_local_port_range = 1024 65535

# ARP related
net.ipv4.conf.all.arp_notify = 1
net.ipv4.conf.default.arp_ignore = 1
net.ipv4.conf.default.arp_announce = 2

# General gigabit tuning
net.core.somaxconn = 32768
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.core.rmem_default = 16777216
net.core.wmem_default = 16777216
net.ipv4.tcp_rmem = 4096 87380 16777216
net.ipv4.tcp_wmem = 4096 87380 16777216
net.ipv4.tcp_mem = 94500000 915000000 927000000

# Give the kernel more memory for tcp
# which need with many (100k+) open socket connections
net.core.netdev_max_backlog = 262144
net.ipv4.tcp_max_syn_backlog = 262144
net.ipv4.tcp_max_tw_buckets = 2000000
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_no_metrics_save = 1
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_keepalive_probes = 5
net.ipv4.tcp_keepalive_intvl = 30
net.ipv4.tcp_keepalive_time = 1800
net.ipv4.tcp_slow_start_after_idle = 0

## Protect against tcp time-wait assassination hazards
## drop RST packets for sockets in the time-wait state
net.ipv4.tcp_rfc1337 = 1

# Enusre that immediatly subsequent connections use the new values
net.ipv4.route.flush = 1

# Increase system file descriptor limit
fs.file-max = 200000
kernel.pid_max = 65536

# Limit number of orphans, each orphan can eat up to 16M (max wmem) of unswappable memory
net.ipv4.tcp_max_orphans = 60000
net.ipv4.tcp_synack_retries = 3
net.ipv4.tcp_syn_retries = 3

No Comments

HAProxy源码编译安装与配置实践

参考资料:
http://blog.51yip.com/server/868.html
http://18567.blog.51cto.com/8567/665375

一,什么是haproxy
HAProxy提供高可用性、负载均衡以及基于TCP和HTTP应用的代理,其处理能力比Nginx弱一些,一般适用于访问量并发在1万以下的小型集群,自带的一些健康检查,session保留等功能非常实用。

二,安装haproxy
# wget http://haproxy.1wt.eu/download/1.4/src/haproxy-1.4.20.tar.gz
# tar zxvf haproxy-1.4.20.tar.gz
# cd haproxy-1.4.20
# uname -a //查看linux内核版本
# make TARGET=linux26 PREFIX=/opt/haproxy
# make install PREFIX=/opt/haproxy

三,配置haproxy
# mkdir -p /opt/haproxy/conf
# vim /opt/haproxy/conf/haproxy.conf

global
        maxconn 5120 #限制单个进程的最大连接数
        chroot /opt/haproxy
        uid 99 #所属运行用户,默认99为nobody
        gid 99 #所属运行用户组,默认99为nobody
        daemon #让进程作为守护进程在后台运行
        quiet
        nbproc 2 #指定作为守护进程运行时的进程数,推荐设置为与CPU核心数相同
        pidfile /opt/haproxy/run/haproxy.pid

defaults
        log     global
        mode    http
        option  httplog
        option  dontlognull #不记录空连接
        log 127.0.0.1 local3 info #日志级别[err warning info debug]
        retries 3 #设置在一个服务器上链接失败后的重连次数
        option redispatch #在连接失败或断开的情况下,允许当前会话被重新分发 
        maxconn 2000 #可被发送到后端服务器的最大并发连接数 
        contimeout      5000ms #设置等待连接到服务器成功的最大时间 
        clitimeout      50000ms #设置客户端的最大超时时间
        srvtimeout      50000ms #设置服务器端的最大超时时间

listen cluster 0.0.0.0:80 #运行的端口及主机名
       mode http #使用http的7层模式
       balance roundrobin #设置服务器负载分配算法
       option httpclose
       option forwardfor
       option httpchk GET /keepalive.html #健康检测页面
       server webapp1 192.168.203.134:80 weight 1 check inter 2000 rise 2 fall 3
       server webapp2 192.168.203.135:80 weight 1 check inter 2000 rise 2 fall 3
       server webapp3 192.168.203.136:80 weight 1 check inter 2000 rise 2 fall 3
       server webapp4 192.168.203.137:80 weight 1 check inter 2000 rise 2 fall 3
       # weight - 调节服务器的负重 
       # check - 允许对该服务器进行健康检查 
       # inter - 设置连续的两次健康检查之间的时间,单位为毫秒(ms),默认值 2000(ms) 
       # rise - 指定多少次连续成功的健康检查后,即可认定该服务器处于可操作状态,默认值 2 
       # fall - 指定多少次不成功的健康检查后,认为服务器为当掉状态,默认值 3 
       # maxconn - 指定可被发送到该服务器的最大并发连接数 

listen localhost 0.0.0.0:8888 #监控页面的端口
       mode http
       transparent
       stats refresh 30s #统计页面自动刷新时间
       stats uri /haproxy-stats #监控页面的访问地址
       stats realm Haproxy \ statistic #统计页面密码框上提示文本
       stats auth haproxyadmin:haproxypass #统计页面用户名和密码设置
       stats hide-version #隐藏统计页面上HAProxy的版本信息

阅读全文 »

3 Comments