本文共 8152 字,大约阅读时间需要 27 分钟。
haproxy代理服务器(主)
haproxy代理服务器(从)
varnish缓存服务器
real_server(LNMP)
real_server(LNMP)
! Configuration File for keepalivedglobal_defs { notification_email { root@localhost } notification_email_from root_keepalived smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id LVS_DEVEL} vrrp_script chk_haproxy { script "killall -0 haproxy" interval 2 weight -150 fall 2 rise 2 }vrrp_instance VI_1 { state MASTER interface eth2 virtual_router_id 14 priority 200 advert_int 1 authentication { auth_type PASS auth_pass 2121 } virtual_ipaddress { 172.17.17.1 }# track_script {# chk_haproxy# } }vrrp_instance VI_2 { state BACKUP interface eth1 virtual_router_id 15 priority 200 advert_int 1 authentication { auth_type PASS auth_pass 2121 } virtual_ipaddress { 192.168.17.1 } track_script { chk_haproxy } }
global log 127.0.0.1 local2 nbproc 1 chroot /var/lib/haproxy pidfile /var/run/haproxy.pid maxconn 4000 user haproxy group haproxy daemon stats socket /var/lib/haproxy/statsdefaults mode http log global option httplog option dontlognull option http-server-close option forwardfor except 127.0.0.0/8 option redispatch retries 3 timeout http-request 10s timeout queue 1m timeout connect 10s timeout client 1m timeout server 1m timeout http-keep-alive 10s timeout check 10s maxconn 3000frontend static mode http bind *:80 default_backend server_static frontend ip_acl bind *:80 acl src_ip src 172.17.0.0 block if ! src_ipbackend server_static balance roundrobin option httpchk GET /index.html http-check expect string ok server static_175 192.168.16.173:6081 checklisten stats #定义一个统计报告服务 mode http #基于http协议 bind *:1900 #监听1090端口 stats enable #开启统计报告服务 stats hide-version #隐藏统计报告版本信息 stats uri /haproxy?111 #统计报告访问url stats realm Haproxy\ Statistics #页面登陆信息 stats auth admin:admin #验证账号信息 stats admin if TRUE #验证模式
vcl 4.0;import directors;probe check1 { .url = "/index.html"; .timeout=1s; .interval=2s; .window=5; .threshold=3; }backend xiaomi5 { .host = "192.168.17.175"; .port = "80"; .probe = check1;}backend xiaomi6 { .host = "192.168.17.176"; .port = "80"; .probe = { .url= "/index.html"; .timeout=1s; .interval=2s; .window=5; .threshold=3; }}sub vcl_init { new real_server1 = directors.random(); real_server1.add_backend(xiaomi5,10); real_server1.add_backend(xiaomi6,10); new static = directors.round_robin(); static.add_backend(xiaomi5);}acl purgers { "127.0.0.1"; "192.168.16.173";}sub vcl_recv { if (req.method == "PRI") { return (synth(405)); } if (req.method != "GET" && req.method != "HEAD" && req.method != "PUT" && req.method != "POST" && req.method != "TRACE" && req.method != "OPTIONS" && req.method != "DELETE") { return (pipe); } if (req.method != "GET" && req.method != "HEAD") { return (pass); } if (req.http.Authorization || req.http.Cookie) { return (pass); } return (hash); if (req.method == "PURGE") { if (client.ip ~ purgers) { return(purge); } else { return(synth(405,"Method not allowed")); } } if (req.http.X-Forward-For) { set req.http.X-Forward-For = req.http.X-Forward-For + "," + client.ip; }else{ set req.http.X-Forward-For = client.ip; } if (req.url ~ ".php") { set req.backend_hint = real_server1.backend(); } else { set req.backend_hint = static.backend(); }}sub vcl_backend_response { if (bereq.url ~ "\.(jpg|jpeg|gif|png)$") { set beresp.ttl = 1s; } if (bereq.url ~ "\.(html|css|js)$") { set beresp.ttl = 1s; } return(deliver);}sub vcl_deliver { if (obj.hits > 0) { set resp.http.X-Cache = "HIT from " + server.ip; } else { set resp.http.X-Cache = "MISS"; } unset resp.http.X-Powered-By; unset resp.http.Server; unset resp.http.Via; unset resp.http.X-Varnish; unset resp.http.Age;}
vcl 4.0;import directors;probe check { .request = "GET /index.html HTTP/1.1" "Host: wwwmuzigan.com" "Connetction: close"; .timeout= 1s; .interval= 2s; .window=5; .threshold=5;}backend server1 { .host = "192.168.17.175"; .port = "80"; .probe = check;}backend server2 { .host = "192.168.17.176"; .port = "80"; .probe = check;}backend server3 { .host = "192.168.17.177"; .port = "80"; .probe = check;}backend server4 { .host = "192.168.17.178"; .port = "80"; .probe = check;}sub vcl_init {# 要先导入directors模块,round_robin,random new real_server1 = directors.round_robin(); real_server1.add_backend(server1); real_server1.add_backend(server2); new real_server2 = directors.random(); real_server2.add_backend(server3,5); real_server2.add_backend(server4,10);}acl purgers { "127.0.0.1"; "192.168.16.173";}sub vcl_recv { if (req.http.host ~ "www.muzigan.com") { set req.backend_hint = real_server2.backend(); } if (req.http.host ~ "www.linux.com") { set req.backend_hint = real_server2.backend(); } if (req.http.Authorization || req.http.Cookie) { return (pass); } if (req.method == "PURGE") { if (client.ip ~ purgers) { return(purge); } else { return(synth(405,"Method not allowed")); } } if (req.http.X-Forward-For) { set req.http.X-Forward-For = req.http.X-Forward-For + "," + client.ip; }else{ set req.http.X-Forward-For = client.ip; } if (req.url ~ ".php") { set req.backend_hint = real_server1.backend(); } else { set req.backend_hint = real_server2.backend(); } return (hash);}sub vcl_backend_response { if (beresp.status == 499 || beresp.status == 404 || beresp.status == 502 ) { set beresp.uncacheable = true; } if (bereq.url ~ "\.(php|jsp)(\?|$)") { set beresp.uncacheable = true; }else{ if (bereq.url ~ "\.html(\?|$)") { set beresp.ttl = 60s; unset beresp.http.Set-Coonkie; }else{ set beresp.ttl = 1h; unset beresp.http.Set-Coonkie; } }}sub vcl_deliver { if (obj.hits > 0) { set resp.http.X-Cache = "HIT from " + server.ip; } else { set resp.http.X-Cache = "MISS"; }#取消 php框架版本的header头 unset resp.http.X-Powered-By; unset resp.http.Server;#取消 nginx的Via unset resp.http.Via;#取消 nginx的版本和Via等header头 unset resp.http.X-Varnish;#取消 该资源缓存的时间 (秒) unset resp.http.Age;#显示该资源命中次数 set resp.http.X_hit_count = obj.hits;}
转载地址:http://ggnli.baihongyu.com/