Haproxy 优化

1. Haproxy 自身健康检查
   vi /usr/local/haproxy/sbin/check_haproxy.sh
   

   #!/bin/sh
   PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
                               
   [[ -e "/etc/rc.d/init.d/haproxy" ]] || exit 1
   [[ -z `ps aux | grep /usr/sbin/haproxy | grep -v grep` ]] && service haproxy start && exit 1
                               
   ETH1_ADDR=`/sbin/ifconfig eth0 | awk -F ':' '/inet addr/{print $2}' | sed 's/[a-zA-Z ]//g'`
   [[ -z `curl -I -s "http://${ETH1_ADDR}" | grep "200 OK"` ]] && service haproxy restart

   chmox +x /usr/local/haproxy/sbin/check_haproxy.sh
   设置定时检查任务
   crontab -e
   */5 * * * * /usr/local/haproxy/sbin/check_haproxy.sh >/dev/null 2>&1
   备注：若无法运行，请根据haproxy安装路径和绑定的网卡对代码做简单修改

2. 进阶配置
   mode http
   # 设置为http模式
   balance source
   # 设置haproxy的调度算法为源地址hash
   cookie SERVERID
   # 允许向cookie插入SERVERID，每台服务器的SERVERID可在下面使用cookie关键字定义
   option httpchk GET /test/index.php
   # 开启对后端服务器的健康检测，通过GET /test/index.php来判断后端服务器的健康情况
   server php_server_1 10.12.25.68:80 cookie 1 check inter 2000 rise 3 fall 3 weight 2
   server php_server_2 10.12.25.72:80 cookie 2 check inter 2000 rise 3 fall 3 weight 1
   server php_server_bak 10.12.25.79:80 cookie 3 check inter 1500 rise 3 fall 3 backup
   # server语法：server [:port] [param*]
   # 使用server关键字来设置后端服务器；为后端服务器所设置的内部名称[php_server_1]，该名称将会呈现在日志或警报中、后端服务器的IP地址
   # 支持端口映射[10.12.25.68:80]、指定该服务器的SERVERID为1[cookie 1]
   # 接受健康监测[check]、监测的间隔时长，单位毫秒[inter 2000]
   # 监测正常多少次后被认为后端服务器是可用的[rise 3]
   # 监测失败多少次后被认为后端服务器是不可用的[fall 3]
   # 分发的权重[weight 2]、最后为备份用的后端服务器，当正常的服务器全部都宕机后，才会启用备份服务器[backup]
   
   
3. 优化网络
   vim /etc/sysctl.conf
   

   net.ipv4.tcp_syncookies = 1
   net.ipv4.tcp_tw_reuse = 1
   net.ipv4.tcp_tw_recycle = 1
   net.ipv4.tcp_fin_timeout = 30
   net.ipv4.tcp_keepalive_time = 1200
                                    
   net.ipv4.ip_local_port_range = 1024 65000
   net.ipv4.tcp_max_syn_backlog = 8192
   net.ipv4.tcp_max_tw_buckets = 80000
                                    
   net.core.somaxconn = 32768
                                    
   net.ipv4.tcp_keepalive_probes = 5
   net.ipv4.tcp_keepalive_intvl = 20
                                    
   net.core.wmem_default = 8388608
   net.core.rmem_default = 8388608
   net.core.rmem_max = 16777216
   net.core.wmem_max = 16777216
                                    
   net.ipv4.tcp_rmem = 4096 87380 16777216
   net.ipv4.tcp_wmem = 4096 65536 16777216
                                    
   net.core.netdev_max_backlog = 32768
                                    
   net.ipv4.tcp_timestamps = 0
   net.ipv4.tcp_synack_retries = 2
   net.ipv4.tcp_syn_retries = 2
   net.ipv4.tcp_retries2 = 5
                                    
   net.ipv4.tcp_mem = 41943040 73400320 94371840
   net.ipv4.tcp_max_orphans = 3276800
   fs.file-max = 1300000

   sysctl -p 

4. 参考文档
   http://sofar.blog.51cto.com/353572/1291013/
   http://leejia.blog.51cto.com/4356849/1421882