{"id":3447,"date":"2015-04-11T01:23:28","date_gmt":"2015-04-11T04:23:28","guid":{"rendered":"http:\/\/www.viazap.com.br\/?p=3447"},"modified":"2015-04-11T01:23:28","modified_gmt":"2015-04-11T04:23:28","slug":"apache-com-alta-disponibilidade-e-load-balancer","status":"publish","type":"post","link":"https:\/\/blog.clusterweb.com.br\/?p=3447","title":{"rendered":"APACHE COM ALTA DISPONIBILIDADE E LOAD BALANCER"},"content":{"rendered":"

Com esse post irei configurar um Load Balance com dois n\u00f3s utilizando uma configura\u00e7\u00e3o ativa\/passiva utilizando HAProxy e keepalived. O load balancer fica entre os usu\u00e1rios e 2 servidores web apache, que mantenham o mesmo conte\u00fado. O load balancer distribui os pedidos para os 2 servidores apache e tamb\u00e9m verifica o estado dos mesmos, caso um dos servidores esteja fora, os pedidos ser\u00e3o automaticamente redirecionados para o outro servidor. O HAProxy trabalha com sess\u00f5es, que significa que voc\u00ea pode us\u00e1-lo com qualquer aplica\u00e7\u00e3o web que fa\u00e7a uso de sess\u00f5es (f\u00f3runs, sites de compras \u2013 carrinho, etc).<\/p>\n

Precisamos de 4 hosts para o exemplo:<\/p>\n

Balanceadores: HA-proxy1: 10.1.1.200\/24 HA-proxy2: 10.1.1.201\/24 Servidores WEB: apache1: 10.1.1.202\/24 apache2: 10.1.1.203\/24  Virtual: 10.1.1.99\/24 (Este IP ser\u00e1 usado pelo clientes web) Obs.: Caso queira utilizar servidores alugados tenha o cuidado de reservar endere\u00e7os na mesma sub-rede, incluindo um para o IP virtual. Para o exemplo estou utilizando 4 hosts Debian squeeze (6.0).<\/pre>\n
Vamos instalar os servidores apache primeiro e configura-los:<\/p>\n
apache1\/apache2:<\/p>\n
# apt-get install apache2<\/strong><\/p>\n
O ha-proxy ser\u00e1 configurado como proxy transparente e os IPs dos clientes ser\u00e3o repassados ao campo X-Forwarded-for, e devemos alterar a op\u00e7\u00e3o LogFormat do apache para n\u00e3o registrar o endere\u00e7o do nosso Load Balancer. Vamos alterar o arquivo \/etc\/apache2\/apache2.conf, substituir %h por %{X-Forwarded-for}i :<\/p>\n
# vi \/etc\/apache2\/apache2.conf<\/strong><\/p>\n
[...] #LogFormat \"%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"\" vhost_combined LogFormat \"%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"\" combined [...]<\/pre>\n
Al\u00e9m dessa configura\u00e7\u00e3o temos que fazer o haproxy verificar se os servidores apache est\u00e3o funcionando e para isso iremos criar o arquivo \/var\/www\/check.txt que o haproxy ir\u00e1 procurar, e para evitar que os logs com esses acesso ao arquivo sejam registrados precisamos modificar o nosso VirtualHost default.<\/p>\n
# vi \/etc\/apache2\/sites-available\/default<\/strong><\/p>\n
[...] SetEnvIf Request_URI \"^\/check.txt$\" dontlog CustomLog \/var\/log\/apache2\/access.log combined env=!dontlog [...]<\/pre>\n
Comente qualquer outra linha CustomLog<\/p>\n
Vamos criar o arquivo check.txt em \/var\/www<\/p>\n
# touch \/var\/www\/check.txt<\/strong><\/p>\n
reiniciar os servidores apache:<\/p>\n
# invoke-rc.d apache2 restart<\/strong><\/p>\n
Com os servidores apache configurados vamos partir os 2 Load Balancer<\/p>\n
Instala\u00e7\u00e3o haproxy (HA-proxy1, HA-proxy2)<\/p>\n
# apt-get install haproxy<\/strong><\/p>\n
O arquivo de configura\u00e7\u00e3o \u00e9 \/etc\/haproxy\/haproxy.cfg mas vamos criar outro e fazer o backup do original<\/p>\n
# cd \/etc\/haproxy<\/strong><\/p>\n
# mv haproxy.cfg haproxy.cfg.original<\/strong><\/p>\n
# vi haproxy.cfg<\/strong><\/p>\n
global log 127.0.0.1 local0 log 127.0.0.1 local1 notice #log loghost local0 info maxconn 4096 #debug #quiet user haproxy group haproxy \u00a0 daemon defaults log global mode http option httplog option dontlognull retries 3 option redispatch maxconn 2000 contimeout 5000 clitimeout 50000 srvtimeout 50000  listen clusterweb 10.1.1.99:80 mode http stats enable stats auth user1:senha balance roundrobin cookie JSESSIONID prefix option httpclose option forwardfor option httpchk HEAD \/check.txt HTTP\/1.0 server apache1 10.1.1.202:80 cookie A check server apache2 10.1.1.203:80 cookie B check<\/pre>\n
Configurar o daemon do haproxy para ser carregado na inicializa\u00e7\u00e3o:<\/p>\n
# vi \/etc\/default\/haproxy<\/strong><\/p>\n
# Set ENABLED to 1 if you want the init script start haproxy. ENABLED=1 # Add extra flags here. #EXTRAOPTS=\"-de -m 16\"<\/pre>\n
Ajustar o par\u00e2metro do kernel para permitir que o haproxy vincule o IP virtual (10.1.1.99)<\/p>\n
# vi \/etc\/sysctl.conf<\/strong><\/p>\n
net.ipv4.ip_nonlocal_bind = 1<\/pre>\n
# sysctl -p<\/strong><\/p>\n
Instalar o keepalived:<\/p>\n
# apt-get install keepalived<\/strong><\/p>\n
em HA-proxy1:<\/p>\n
# vi \/etc\/keepalived\/keepalived.conf<\/strong><\/p>\n
vrrp_script chk_haproxy { script \"killall -0 haproxy\" interval 2 weight 2 }  vrrp_instance VI_1 { interface eth0 state MASTER virtual_router_id 51 priority 101 # 101 no master, 100 no backup virtual_ipaddress { 10.1.1.99 } track_script { chk_haproxy } }<\/pre>\n
Iniciar o keepalived<\/p>\n
# invoke-rc.d keepalived start<\/strong><\/p>\n
Verifique se o IP virtual foi criado (n\u00e3o aparece com ifconfig)<\/p>\n
# ip addr show eth0<\/strong><\/p>\n
Agora em HA-proxy2<\/p>\n
# vi \/etc\/keepalived\/keepalived.conf<\/strong><\/p>\n
vrrp_script chk_haproxy {  script \"killall -0 haproxy\"  interval 2  weight 2  }  vrrp_instance VI_1 { interface eth0 state MASTER virtual_router_id 51 priority 100 # 101 no master, 100 no backup virtual_ipaddress { 10.1.1.99 } track_script { chk_haproxy } }<\/pre>\n
Iniciar o keepalived<\/p>\n
# invoke-rc.d keepalived start<\/strong><\/p>\n
Verifique se o IP virtual foi criado (n\u00e3o aparece com ifconfig)<\/p>\n
# ip addr show eth0<\/strong><\/p>\n
Vamos iniciar o haproxy em ambas as m\u00e1quinas:<\/p>\n
# invoke-rc.d haproxy start<\/strong><\/p>\n
Pronto, para testar basta conectar no endere\u00e7o virtual http:\/\/10.1.1.99 e verificar se est\u00e1 funcionando. Seria interessante tamb\u00e9m parar um dos servidores apache e verificar se ainda est\u00e1 funcionando.<\/p>\n
As estat\u00edsticas do haproxy podem ser acessadas em: http:\/\/10.1.1.99\/haproxy?stats<\/p>\n
O nome do usu\u00e1rio e senha est\u00e1 cadastrado em \u201cstats auth user1:senha\u201d no arquivo \/etc\/haproxy\/haproxy.cfg<\/p>\n
Agora vamos gerar algum movimento nos servidores, utilizando ab (ApacheBench)<\/p>\n
Vamos gerar 15000 requisi\u00e7\u00f5es com 100 conex\u00f5es concorrentes<\/p>\n
# ab -n 15000 -c 100 http:\/\/10.1.1.99\/<\/strong><\/p>\n
This is ApacheBench, Version 2.3 <$Revision: 655654 $> Copyright 1996 Adam Twiss, Zeus Technology Ltd, http:\/\/www.zeustech.net\/ Licensed to The Apache Software Foundation, http:\/\/www.apache.org\/  Benchmarking 10.1.1.99 (be patient) Completed 1500 requests Completed 3000 requests Completed 4500 requests Completed 6000 requests Completed 7500 requests Completed 9000 requests Completed 10500 requests Completed 12000 requests Completed 13500 requests Completed 15000 requests Finished 15000 requests   Server Software: Apache\/2.2.16 Server Hostname: 10.1.1.99 Server Port: 80  Document Path: \/ Document Length: 177 bytes  Concurrency Level: 100 Time taken for tests: 12.048 seconds Complete requests: 15000 Failed requests: 0 Write errors: 0 Total transferred: 6795000 bytes HTML transferred: 2655000 bytes Requests per second: 1245.07 [#\/sec] (mean) Time per request: 80.317 [ms] (mean) Time per request: 0.803 [ms] (mean, across all concurrent requests) Transfer rate: 550.80 [Kbytes\/sec] received  Connection Times (ms) min mean[+\/-sd] median max Connect: 0 14 6.9 13 56 Processing: 17 66 15.2 65 166 Waiting: 4 56 14.0 55 165 Total: 28 80 15.5 79 177  Percentage of the requests served within a certain time (ms) 50% 79 66% 85 75% 89 80% 92 90% 99 95% 107 98% 118 99% 123 100% 177 (longest request)<\/pre>\n
As estat\u00edsticas do haproxy podem ser acessadas em: http:\/\/10.1.1.99\/haproxy?stats<\/p>\n
O nome do usu\u00e1rio e senha est\u00e1 cadastrado em \u201cstats auth user1:senha\u201d no arquivo \/etc\/haproxy\/haproxy.cfg<\/p>\n
\"\"<\/a><\/p>\n
Links:<\/p>\n
HaProxy:<\/strong> http:\/\/www.haproxy.1wt.eu<\/p>\n
Keepalived:<\/strong> http:\/\/www.keepalived.org<\/p>\n
Fonte:
\nHowtoforge:<\/strong> http:\/\/www.howtoforge.com<\/p>\n","protected":false},"excerpt":{"rendered":"
Com esse post irei configurar um Load Balance com dois n\u00f3s utilizando uma configura\u00e7\u00e3o ativa\/passiva utilizando HAProxy e keepalived. O load balancer fica entre os usu\u00e1rios e 2 servidores web apache, que mantenham o mesmo conte\u00fado. O load balancer distribui os pedidos para os 2 servidores apache e tamb\u00e9m verifica o estado dos mesmos, caso […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[455,477,91,730,1,830,772,725,42,51,495,514,68,271,548],"tags":[837,131,881,349,32,351,880],"class_list":["post-3447","post","type-post","status-publish","format-standard","hentry","category-apache2","category-backup-2","category-banco-de-dados","category-clusterweb","category-viazap","category-debian","category-dns-2","category-hospedagem","category-leitura-recomendada","category-linux-linuxrs","category-profissional-de-ti","category-programacao","category-redes-2","category-seguranca-2","category-ubuntu-2","tag-alta","tag-apache","tag-balancer","tag-com","tag-disponibilidade","tag-e","tag-load"],"_links":{"self":[{"href":"https:\/\/blog.clusterweb.com.br\/index.php?rest_route=\/wp\/v2\/posts\/3447","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.clusterweb.com.br\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.clusterweb.com.br\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.clusterweb.com.br\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.clusterweb.com.br\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3447"}],"version-history":[{"count":1,"href":"https:\/\/blog.clusterweb.com.br\/index.php?rest_route=\/wp\/v2\/posts\/3447\/revisions"}],"predecessor-version":[{"id":3448,"href":"https:\/\/blog.clusterweb.com.br\/index.php?rest_route=\/wp\/v2\/posts\/3447\/revisions\/3448"}],"wp:attachment":[{"href":"https:\/\/blog.clusterweb.com.br\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3447"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.clusterweb.com.br\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3447"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.clusterweb.com.br\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3447"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}