如何将Apache Httpd正确配置为Load Balancer,其中某些主机可能不可用
[英]How to properly configure Apache Httpd as Load Balancer where some hosts may be unavailable
问题描述
I am using an Apache Httpd instance as proxy in front of multiple Java Tomcat instances. 
我在多个Java Tomcat实例前面使用Apache Httpd实例作为代理。 Apache acts as load balancer for the Tomcat instances. Apache充当Tomcat实例的负载平衡器。
The apache config basically looks like follows apache配置基本上如下所示
<Proxy balancer://mycluster>
BalancerMember ajp://host1:8280 route=jvmRoute-8280
BalancerMember ajp://host2:8280 route=jvmRoute-8280
BalancerMember ajp://host3:8280 route=jvmRoute-8280
</Proxy>
<VirtualHost *:80>
ProxyPass / balancer://mycluster/
ProxyPassReverse / balancer://mycluster/
</VirtualHost>
This basically works when the AJP ports are configured in the Tomcat instances. 当在Tomcat实例中配置AJP端口时,这基本上有效。 Requests are sent to one of the hosts and the load is distributed across the Tomcat instances. 请求将发送到其中一个主机,负载将分布在Tomcat实例中。
However I see very long delays that seem to be caused inside Httpd whenever one of the hosts is not available, ie it seems Apache does not remember that one of the hosts is not available and repeatedly tries to send requests also to the missing hosts instead of sending it to one of the available hosts and trying the failing host at some time later. 然而,我发现只要其中一个主机不可用,Httpd内部就会出现非常长的延迟,即似乎Apache不记得其中一个主机不可用并且反复尝试将请求发送到丢失的主机而不是将其发送到其中一个可用主机并在稍后的某个时间尝试发生故障的主机。
Is there a way to configure mod_proxy et.al. 有没有办法配置mod_proxy et.al. from Apache Httpd to support such a failover scenario, ie having multiple hosts and don't cause huge delays when one host fails? 从Apache Httpd支持这样的故障转移场景,即拥有多个主机,并且当一个主机出现故障时不会造成巨大延迟? Preferably Apache should periodically check in the background which hosts are gone and not as them for any requests. Apache应该定期检查后台哪些主机已经消失,而不是任何请求。
I did find HAProxy which seems to be more suited for this kind of thing, but I would prefer to stick with Apache for a number of unrelated reasons. 我确实发现HAProxy似乎更适合这种事情,但我更愿意坚持使用Apache,原因有很多。
Update 更新
In the meantime I found out that part of my problem was caused by clients which kept the connection open endlessly and thus no more connections/threads were available. 与此同时,我发现我的问题的一部分是由客户端引起的,这些客户端使连接保持无限开放,因此没有更多的连接/线程可用。
Thus I change the question to: What configuration options would you use to minimize the effect of something like this? 因此,我将问题更改为:您将使用哪些配置选项来最小化此类效果? Ie allow many open connections or close them quickly in this case? 即在这种情况下允许许多打开的连接或快速关闭它们? Otherwise this sounds like a very easy DOS-attack with my current config? 否则这听起来像我当前配置的一个非常容易的DOS攻击?
3 个解决方案
解决方案1
6 已采纳 2013-01-31 09:43:48
Clients will not keep the connection open endlessly. 客户不会无休止地保持连接。 Check your Apache server-tuning.conf and look for the KeepAliveTimeout setting. 检查Apache server-tuning.conf并查找KeepAliveTimeout设置。 Lower it to something sensible. 把它降低到合理的程度。
Your changes to connectiontimeout and retry are indeed what you have to do. 您对connectiontimeout和重试的更改确实是您必须要做的。 I'd lower connectiontimeout though. 我会降低连接时间。 10 seconds is still ages. 10秒仍然是年龄。 If the back end is in the same location why not set it in miliseconds? 如果后端位于同一位置,为什么不在几毫秒内设置它? connectiontimeout=200ms should leave plenty of time to set up the connection. connectiontimeout = 200ms应该留出足够的时间来建立连接。
解决方案2
2 2013-01-26 23:53:21
I think I found at least sort of a workaround or simple solution. 我想我至少找到了一种解决方法或简单的解决方案。 mod_proxy seems to have a very long connectiontimeout by default (300 seconds). 默认情况下,mod_proxy似乎有一个非常长的连接超时(300秒)。 if you do not set it differently, it will take a long time until offline nodes are detected as being in "err" state. 如果不进行不同的设置,则需要很长时间才能检测到脱机节点处于“错误”状态。
By setting a short connectiontimeout and increasing the retry I could make it work better for me: 通过设置一个短的连接超时并增加重试,我可以让它对我更好:
BalancerMember ajp://host1:8280 route=jvmRoute-8280 connectiontimeout=10 retry=600
This will ensure that failing connections are detected fairly quickly and Apache does not retry too often to reach failing servers. 这将确保快速检测到失败的连接,并且Apache不会经常重试以访问失败的服务器。 Unfortunately it seems Apache uses actual requests for checking the balance members and thus from time to time single requests may be slow when it tries to reach a server previously put into err-state. 不幸的是,似乎Apache使用实际请求来检查余额成员,因此当尝试访问先前进入错误状态的服务器时,单个请求可能会很慢。 It seems there is no heartbeat or watchdog feature. 似乎没有心跳或看门狗功能。 For something like this other load balancing solutions bring such features, notably HAProxy 对于类似的东西,其他负载平衡解决方案带来了这些功能,特别是HAProxy
Read up on mod_proxy and mod_proxy_balancer for more details. 阅读mod_proxy和mod_proxy_balancer以获取更多详细信息。
Additionally server-status via mod_status and balance manager via a page provided by mod_balancer have been a great help in diagnosing this! 此外,通过mod_status和平衡管理器通过mod_balancer提供的页面提供服务器状态对诊断这一点非常有帮助!
解决方案3
1 2017-11-03 11:38:49
It seems you have forgotten the ping tag (Actually it's called CPING - 100-Continue) 你似乎忘记了ping标签(实际上它叫做CPING - 100-Continue)
Like so: 像这样:
<Proxy "balancer://www">
BalancerMember "http://192.168.0.100:80" max=128 ttl=300 retry=60 connectiontimeout=5 timeout=300 ping=2
BalancerMember "http://192.168.0.101:80" max=128 ttl=300 retry=60 connectiontimeout=5 timeout=300 ping=2
BalancerMember "http://192.168.0.102:80" max=128 ttl=300 retry=60 connectiontimeout=5 timeout=300 ping=2
BalancerMember "http://192.168.0.103:80" max=128 ttl=300 retry=60 connectiontimeout=5 timeout=300 ping=2
BalancerMember "http://192.168.0.104:80" max=128 ttl=300 retry=60 connectiontimeout=5 timeout=300 ping=2
BalancerMember "http://192.168.0.105:80" max=128 ttl=300 retry=60 connectiontimeout=5 timeout=300 ping=2
BalancerMember "http://192.168.0.106:80" max=128 ttl=300 retry=60 connectiontimeout=5 timeout=300 ping=2
SetEnv proxy-nokeepalive 1
</Proxy>
ProxyPass "/www/" "balancer://www/"
ProxyPassReverse "/www/" "balancer://www/"
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.