2013. február 14., csütörtök

Keepalived and squid as a load balancer

Okay, we have 4 servers to loadbalance and failover the web traffic. The first two servers hold a shared IP address with keepalived:

global_defs {
    notification_email {
    notification_email_from roto@masterkey.com
        smtp_connect_timeout 2
        lvs_id LVS_01

vrrp_instance VI_1      {
                        interface eth1
                        state MASTER
                        virtual_router_id 51
                        priority 99
                authentication {
                    auth_type PASS
                    auth_pass SECRET
                        virtual_ipaddress {
#                       track_script {
#                       chk_haproxy
#                       }
                        notify_master /etc/keepalived/master
                        notify_backup /etc/keepalived/backup


On the slave node, everything is similar but the priority. You can touch anything into the master and backup scripts, e.g. /etc/init.d/squid3 restart (Just to make sure that squid picks up and listens to the shared IP. No. I don't think it makes sense.)

Squid3 runs on both frontend nodes as

cache_peer parent 3128 3130 proxy-only round-robin login=PASSTHRU
cache_peer parent 3128 3130 proxy-only round-robin login=PASSTHRU
dead_peer_timeout 15 seconds
hierarchy_stoplist cgi-bin ? ebolaplay
cache_mem 8 MB
maximum_object_size_in_memory 1 MB
memory_replacement_policy lru
cache deny all
cache_dir null /tmp
logformat squid %ts.%03tu %6tr %>a %Ss/%03Hs %<st %rm %ru %un %Sh/%<A %mt
logformat squidmime %ts.%03tu %6tr %>a %Ss/%03Hs %<st %rm %ru %un %Sh/%<A %mt [%>h] [%<h]
logformat common %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %Hs %<st %Ss:%Sh
logformat combined %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %Hs %<st "%{Referer}>h" "%{User-Agent}>h" %Ss:%Sh
access_log /var/log/squid3/access.log combined
cache_store_log /var/log/squid3/store.log
cache_log  /var/log/squid3/cache.log
logfile_rotate 8

Of course and 22 and the backend Squid servers. On these servers, there are nothing special. Caching is set to ON but no use of logging the source IP addresses of the request because they are already containing the frontend server IP address here.

Nincsenek megjegyzések:

Megjegyzés küldése