haproxy代理流程的數據進行抓包分析
各模塊名稱以及作用
haproxy.cfg文件配置如下
global
maxconn 20480
log 127.0.0.1 local3
chroot /var/haproxy
uid 99
gid 99
daemon
nbproc 1
pidfile /var/run/haproxy.pid
ulimit-n 65535
defaults
log global
mode http
maxconn 20480
option httplog
option httpclose
option dontlognull
option forwardfor
option redispatch
option abortonclose
stats refresh 30
retries 3
balance roundrobin
contimeout 5000
clitimeout 50000
srvtimeout 50000
timeout check 2000
listen admin_status
bind 0.0.0.0:65532
mode http
log 127.0.0.1 local3 err
stats refresh 5s
stats uri /admin?stats
stats realm itnihao\ itnihao
stats auth admin:admin
stats auth admin1:admin1
stats hide-version
stats admin if TRUE
errorfile 403 /etc/haproxy/errorfiles/403.http
errorfile 500 /etc/haproxy/errorfiles/500.http
errorfile 502 /etc/haproxy/errorfiles/502.http
errorfile 503 /etc/haproxy/errorfiles/503.http
errorfile 504 /etc/haproxy/errorfiles/504.http
capture request header Host len 40
capture request header Content-Length len 10
capture request header Referer len 200
capture response header Server len 40
capture response header Content-Length len 10
capture response header Cache-Control len 8
listen site_status
bind 0.0.0.0:1081
mode http
log 127.0.0.1 local3 err
monitor-uri /site_status
acl site_dead nbsrv(server_web) lt 2
monitor fail if site_dead
frontend http_80_in
bind 0.0.0.0:80
mode http
log global
option httplog
option httpclose
option forwardfor
acl itnihao_web hdr_reg(host) -i ^(www.itnihao.cn|ww1.itnihao.cn)$
acl itnihao_blog hdr_dom(host) -i blog.itnihao.cn
use_backend server_web if itnihao_web
use_backend server_blog if itnihao_blog
default_backend server_bbs
backend server_web
mode http
balance roundrobin
cookie SERVERID
option httpchk GET /index.html
server web1 192.168.16.2:80 cookie web1 check inter 1500 rise 3 fall 3 weight 1
server web2 192.168.16.3:80 cookie web2 check inter 1500 rise 3 fall 3 weight 2
backend server_bbs
mode http
balance roundrobin
cookie SERVERID
option httpchk GET /index.html
server bbs1 192.168.16.2:80 cookie bbs1 check inter 1500 rise 3 fall 3 weight 1
server bbs2 192.168.16.3:80 cookie bbs2 check inter 1500 rise 3 fall 3 weight 2
客戶端192.168.16.90訪問http://ww1.itnihao.cn
Haproxy的日志如下,可以看到,負載均衡到web2和web1上面去了
詳細日志如下所示
Jul 2 04:09:19 localhost haproxy[30015]: 192.168.16.90:4329 [02/Jul/2012:04:09:19.876] http_80_in server_web/web2 31/0/10/0/44 200 271 - - ---- 0/0/0/0/0 0/0 "GET / HTTP/1.1"
Jul 2 04:09:19 localhost haproxy[30015]: 192.168.16.90:4329 [02/Jul/2012:04:09:19.876] http_80_in server_web/web2 31/0/10/0/44 200 271 - - ---- 0/0/0/0/0 0/0 "GET / HTTP/1.1"
Jul 2 04:09:19 localhost haproxy[30015]: 192.168.16.90:4329 [02/Jul/2012:04:09:19.876] http_80_in server_web/web2 31/0/10/0/44 200 271 - - ---- 0/0/0/0/0 0/0 "GET / HTTP/1.1"
Jul 2 04:09:19 localhost haproxy[30015]: 192.168.16.90:4329 [02/Jul/2012:04:09:19.876] http_80_in server_web/web2 31/0/10/0/44 200 271 - - ---- 0/0/0/0/0 0/0 "GET / HTTP/1.1"
Jul 2 04:09:19 localhost haproxy[30015]: 192.168.16.90:4329 [02/Jul/2012:04:09:19.876] http_80_in server_web/web2 31/0/10/0/44 200 271 - - ---- 0/0/0/0/0 0/0 "GET / HTTP/1.1"
Jul 2 04:09:19 localhost haproxy[30015]: 192.168.16.90:4329 [02/Jul/2012:04:09:19.876] http_80_in server_web/web2 31/0/10/0/44 200 271 - - ---- 0/0/0/0/0 0/0 "GET / HTTP/1.1"
Jul 2 04:09:22 localhost haproxy[30015]: 192.168.16.90:4330 [02/Jul/2012:04:09:21.985] http_80_in server_web/web1 6/0/35/27/70 200 271 - - ---- 0/0/0/0/0 0/0 "GET / HTTP/1.1"
Jul 2 04:09:22 localhost haproxy[30015]: 192.168.16.90:4330 [02/Jul/2012:04:09:21.985] http_80_in server_web/web1 6/0/35/27/70 200 271 - - ---- 0/0/0/0/0 0/0 "GET / HTTP/1.1"
Jul 2 04:09:22 localhost haproxy[30015]: 192.168.16.90:4330 [02/Jul/2012:04:09:21.985] http_80_in server_web/web1 6/0/35/27/70 200 271 - - ---- 0/0/0/0/0 0/0 "GET / HTTP/1.1"
Jul 2 04:09:22 localhost haproxy[30015]: 192.168.16.90:4330 [02/Jul/2012:04:09:21.985] http_80_in server_web/web1 6/0/35/27/70 200 271 - - ---- 0/0/0/0/0 0/0 "GET / HTTP/1.1"
Jul 2 04:09:22 localhost haproxy[30015]: 192.168.16.90:4330 [02/Jul/2012:04:09:21.985] http_80_in server_web/web1 6/0/35/27/70 200 271 - - ---- 0/0/0/0/0 0/0 "GET / HTTP/1.1"
Jul 2 04:09:22 localhost haproxy[30015]: 192.168.16.90:4330 [02/Jul/2012:04:09:21.985] http_80_in server_web/web1 6/0/35/27/70 200 271 - - ---- 0/0/0/0/0 0/0 "GET / HTTP/1.1"
在web2上面抓包
查看抓包數據如下
客戶端192.168.16.90首先向ww1.itnihao.cn(192.168.16.22)發送請求,haproxy代理服務器192.168.16.22收到請求,根據以下的配置文件的則,將請求用調度算法roundrobin轉發給後端web2,即192.168.16.3
frontend http_80_in
bind 0.0.0.0:80
mode http
log global
option httplog
option httpclose
option forwardfor
acl itnihao_web hdr_reg(host) -i ^(www.itnihao.cn|ww1.itnihao.cn)$
use_backend server_web if itnihao_web
backend server_web
mode http
balance roundrobin
cookie SERVERID
option httpchk GET /index.html
server web1 192.168.16.2:80 cookie web1 check inter 1500 rise 3 fall 3 weight 1
server web2 192.168.16.3:80 cookie web2 check inter 1500 rise 3 fall 3 weight 2
可以看到,haproxy會將請求的www.itnihao.cn轉發給192.168.16.3,且標記客戶端的ip,如192.168.16.3有多個基於域名的虛擬主機,可以通過請求的域名來正確的識別到虛擬主機,這點無需擔心。
ip轉發的選項是option forwardfor 轉發過來的ip,如此,則端服務器可以獲取到真實的客戶端ip
192.168.16.3響應haproxy的請求,將數據index.html提供給haproxy192.168.16.22
代理過程完成,192.168.16.
22將index.html數據發送給用戶端,用戶端192.168.16.90完成此次的服務器請求,對用戶來說是完全透明的。
同理,代理將請求轉發給192.168.16.2,敘述過程不再重復,從抓包數據的結果可以看到