有时候公司调度机、数据库这些业务流量都比较大,为了提高网络吞吐量、链路冗余,所以我们都做端口绑定,linux下网卡绑定有多种模式,我这里用的是mode4
交换机上操作:
system-view interface Bridge-Aggregation 100 link-aggregation mode dynamic quit interface GigabitEthernet1/0/28 port link-aggregation group 100 quit interface GigabitEthernet1/0/29 port link-aggregation group 100 quit interface GigabitEthernet1/0/33 port link-aggregation group 100 quit interface GigabitEthernet1/0/30 port link-aggregation group 100 quit
服务器上操作:
1、撰写bond0的配置文件
vi /etc/sysconfig/network-scripts/ifcfg-bond0 DEVICE=bond0 ONBOOT=yes BOOTPROTO=static IPADDR=10.10.0.100 NETMASK=255.255.0.0 USERCTL=no TYPE=Ethernet
2、修改eth0、1、2、3的配置文件
/etc/sysconfig/network-scripts/ifcfg-eth0、1、2、3 DEVICE=eth0(1、2、3对应修改) BOOTPROTO=none ONBOOT=yes USERCTL=no MASTER=bond0 SLAVE=yes
3、编辑模块载入配置文件,开机自动加载bonding模块到内核
vim /etc/modprobe.d/openfwwf.conf ##########新增以下内容########### alias bond0 bonding options bond0 miimon=100 mode=4 alias net-pf-10 off #关闭ipv6支持 #################################
4、重启完全网卡
5、查看交换机绑定状态是否正常(Status都是S就ok了)
<zw_lan_18.F-06>display link-aggregation verbose Loadsharing Type: Shar -- Loadsharing, NonS -- Non-Loadsharing Port Status: S -- Selected, U -- Unselected Flags: A -- LACP_Activity, B -- LACP_Timeout, C -- Aggregation, D -- Synchronization, E -- Collecting, F -- Distributing, G -- Defaulted, H -- Expired Aggregation Interface: Bridge-Aggregation100 Aggregation Mode: Dynamic Loadsharing Type: Shar System ID: 0x8000, c4ca-d9d6-d1f3 Local: Port Status Priority Oper-Key Flag -------------------------------------------------------------------------------- GE1/0/28 S 32768 1 {ACDEF} GE1/0/29 S 32768 1 {ACDEF} GE1/0/30 S 32768 1 {ACDEF} GE1/0/33 S 32768 1 {ACDEF} Remote: Actor Partner Priority Oper-Key SystemID Flag -------------------------------------------------------------------------------- GE1/0/28 2 255 17 0xffff, 6cae-8b51-1c7a {ACDEF} GE1/0/29 4 255 17 0xffff, 6cae-8b51-1c7a {ACDEF} GE1/0/30 3 255 17 0xffff, 6cae-8b51-1c7a {ACDEF} GE1/0/33 1 255 17 0xffff, 6cae-8b51-1c7a {ACDEF}
做绑定之前首先需要知道服务器的网卡对应接交换机的那个网口,你可以登录到交换机上执行:
terminalmonitor(此功能默认是关闭的),然后在服务器上分别down网口,从交换机上就可以看到是那个端口down了。
http://wgkgood.blog.51cto.com/1192594/1380295
缓存服务器Squid架构配置
随着网站访问人数越来越多,承受的并发和压力也越来越高,这时候我们需要对网站和架构进行优化,今天我们来讨论使用Squid对架构进行优化,缓存网站。
一:安装
安装之前我们需要对系统进行优化,主要优化系统内核相关参数
vi /etc/sysctl.conf #sysctl.conf config 2014-03-26 net.ipv4.ip_forward = 0 net.ipv4.conf.default.rp_filter = 1 net.ipv4.conf.default.accept_source_route = 0 kernel.sysrq = 0 kernel.core_uses_pid = 1 net.ipv4.tcp_syncookies = 1 kernel.msgmnb = 65536 kernel.msgmax = 65536 kernel.shmmax = 68719476736 kernel.shmall = 4294967296 net.ipv4.tcp_max_tw_buckets = 10000 net.ipv4.tcp_sack = 1 net.ipv4.tcp_window_scaling = 1 net.ipv4.tcp_rmem = 4096 87380 4194304 net.ipv4.tcp_wmem = 4096 16384 4194304 net.core.wmem_default = 8388608 net.core.rmem_default = 8388608 net.core.rmem_max = 16777216 net.core.wmem_max = 16777216 net.core.netdev_max_backlog = 262144 net.core.somaxconn = 262144 net.ipv4.tcp_max_orphans = 3276800 net.ipv4.tcp_max_syn_backlog = 262144 net.ipv4.tcp_timestamps = 0 net.ipv4.tcp_synack_retries = 1 net.ipv4.tcp_syn_retries = 1 net.ipv4.tcp_tw_recycle = 1 net.ipv4.tcp_tw_reuse = 1 net.ipv4.tcp_mem = 94500000 915000000 927000000 net.ipv4.tcp_fin_timeout = 1 net.ipv4.tcp_keepalive_time = 15 net.ipv4.ip_local_port_range = 1024 65535
优化Linux文件打开最大数:
vi /etc/security/limits.conf * soft nproc 65535 * hard nproc 65535 * soft nofile 65535 * hard nofile 65535
自动化安装Squid脚本,里面分别配置了两个虚拟主机域名,前端有LVS,LVS均衡后端多组squid集群,根据命中率去调整squid集群的数量,Squid后端均衡Nginx或者Apache。(完整的架构LVS+Keepalived+Squid+Nginx+Resin/Tomcat/PHP+MySQL集群)
扩扑图如下:
#!/bin/sh #Auto make install squid server SQUID_CNF=/etc/squid/squid.conf CACHE_DIR=( /data/cache1 /data/cache2 ) #Install squid shell yum install -y squid #config squid.conf cat >>$SQUID_CNF <<EOF #global config squid.conf 2014-03-26 http_port 80 accel vhost vport cache_peer 192.168.149.128 parent 80 0 originserver name=wugk1 cache_peer 192.168.149.129 parent 80 0 originserver name=wugk2 cache_peer_domain wugk1 www.wugk1.com cache_peer_domain wugk2 www.wugk2.com visible_hostname localhost forwarded_for off via off cache_vary on #acl config acl manager proto cache_object acl localhost src 127.0.0.1/32 acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 acl localnet src 10.0.0.0/8 # RFC1918 possible internal network acl localnet src 172.16.0.0/12 # RFC1918 possible internal network acl localnet src 192.168.0.0/16 # RFC1918 possible internal network acl SSL_ports port 443 acl Safe_ports port 80 8080 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl all src 0.0.0.0/0 acl CONNECT method CONNECT http_access allow manager localhost http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow localnet http_access allow localhost http_access allow all acl PURGE method PURGE http_access allow PURGE localhost http_access deny PURGE #squid config 2014-03-25 cache_dir aufs /data/cache1 10240 16 256 cache_dir aufs /data/cache2 10240 16 256 cache_mem 4000 MB maximum_object_size 8 MB maximum_object_size_in_memory 256 KB hierarchy_stoplist cgi-bin ? coredump_dir /var/spool/squid refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 refresh_pattern \.(jpg|png|gif|mp3|xml|html|htm|css|js) 1440 50% 2880 ignore-reload refresh_pattern . 0 20% 4320 EOF #config cache_dir mkdir -p ${CACHE_DIR[@]} ;chown -R squid:squid ${CACHE_DIR[@]} #restart squid server /etc/init.d/squid restart if [ "$?" == "0" ];then echo "The Squid Server Install Successfully !!" else echo "The Squid Server Install Failed !!,Please Check Log......" fi
最后测试,前端LVS截图(注LVS此处不配置了)
通过浏览器查看head头,缓存命中情况截图如下:
通过命令
squidclient -p
80
mgr:info |egrep
"(Request Hit Ratios|Byte Hit Ratios)"
查看缓存命中率如下:
二、批量清空缓存
使用Shell脚本批量清空squid缓存脚本auto_clean_cache.sh
#!/bin/sh DIR=/data/cache/ Command=/usr/sbin/squidclient if [ "$1" = "" ];then echo "Usage:{$0 "\$1" ,Example exec $0 forum.php}" exit fi grep -r -a $1 ${DIR} | strings | grep "http:"|grep -v "=" >list.txt count=`cat list.txt|wc -l` if [ "$count" -eq "0" ];then echo -e "---------------------------------\nThe $1 cache already update,Please exit ......" exit fi while read line do $Command -m PURGE -p 80 "$line" >>/dev/null if [ $? -eq 0 ];then echo -e "----------------------------------\nThe $line cache update successfully!" fi done < list.txt
脚本执行:
[root@node2 ~]# sh auto_clean_cache.sh forum.php ---------------------------------- The http://www.wugk2.com/forum.php cache update successfully! [root@node2 ~]#