ans_rproxy 说明
ans_rproxy 说明
网络IP资源分配
Windows2008R2:
IP: 172.16.204.50/24
Gateway: 172.16.204.1
SitePort: 8081
Windows2008R2:
IP: 172.16.204.53/24
Gateway: 172.16.204.1
SitePort: 8081
Ubuntu16.04:
IP: 172.16.204.184/24
Gateway: 172.16.204.1
Rproxy_port: 80
ANS2.2:
IP: 172.16.204.181/24
SNIP: 172.16.204.182/24
VIP: 172.16.204.188/24
Web.config 配置
<?xml version="1.0"?><!--有关如何配置 ASP.NET 应用程序的详细信息,请访问http://go.microsoft.com/fwlink/?LinkId=169433--><configuration><connectionStrings><add name="ApplicationServices"connectionString="data source=.\SQLEXPRESS;Integrated Security=SSPI;AttachDBFilename=|DataDirectory|\aspnetdb.mdf;User Instance=true"providerName="System.Data.SqlClient" /></connectionStrings><appSettings><add key="ConnString" value="Data Source=192.168.185.191;Initial Catalog=BaseService;Persist Security Info=True;User ID=sa;Password=qwe123;MultipleActiveResultSets=True"/></appSettings><system.web><compilation debug="true" targetFramework="4.0" /><authentication mode="Forms"><forms loginUrl="~/Account/Login.aspx" timeout="2880" /></authentication><membership><providers><clear/><add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="ApplicationServices"enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false"maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10"applicationName="/" /></providers></membership><profile><providers><clear/><add name="AspNetSqlProfileProvider" type="System.Web.Profile.SqlProfileProvider" connectionStringName="ApplicationServices" applicationName="/"/></providers></profile><roleManager enabled="false"><providers><clear/><add name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider" connectionStringName="ApplicationServices" applicationName="/" /><add name="AspNetWindowsTokenRoleProvider" type="System.Web.Security.WindowsTokenRoleProvider" applicationName="/" /></providers></roleManager><customErrors mode="Off" /></system.web><system.webServer><modules runAllManagedModulesForAllRequests="true"/></system.webServer> </configuration>
Ubuntu 服务器配置
1. 停用Ubuntu默认的防火墙服务 ( Ubuntu防火墙服务名称为: ufw.service 或者 apparmor.service )
myuser@ubsrv:~/ans$ sudo systemctl status apparmor.service myuser@ubsrv:~/ans$ sudo systemctl stop apparmor.service myuser@ubsrv:~/ans$ sudo systemctl disable apparmor.service myuser@ubsrv:~/ans$
2. 上传部署文件
myuser@ubsrv:~/ans$ ls ans_rproxy app.json libev.so.4 myuser@ubsrv:~/ans$ file ans_rproxy ans_rproxy3: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 2.6.24, BuildID[sha1]=bd061a62e823bd0f734b20e4c4ffb03cf58b13f7, not stripped myuser@ubsrv:~/ans$
3. 设置ans_rproxy程序的动态链接库路径
myuser@ubsrv:~/ans$ chmod +x ./patchelf myuser@ubsrv:~/ans$ ./patchelf --set-rpath ".:./lib:/usr/local/ans/ans_rproxy/lib:/opt/ans/ans_rproxy/lib" ./ans_rproxy myuser@ubsrv:~/ans$ myuser@ubsrv:~/ans$ ./patchelf --print-rpath ./ans_rproxy .:./lib:/usr/local/ans/ans_rproxy/lib:/opt/ans/ans_rproxy/lib myuser@ubsrv:~/ans$
4. 查看ans_rproxy程序所需的动态链接库是否存在
若使用系统提供的库 libev.so.4 , 可以安装执行命令安装对应的库文件 sudo aptitude install libev4
myuser@ubsrv:~/ans$ chmod +x ./ans_rproxy myuser@ubsrv:~/ans$ ldd ./ans_rproxy linux-vdso.so.1 => (0x00007ffd9b591000)libev.so.4 => ./libev.so.4 (0x00007f19aa342000)libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f19a9f78000)libm.so.6 => /lib/x86_64-linux-gnu/libm.so.6 (0x00007f19a9c6f000)/lib64/ld-linux-x86-64.so.2 (0x00007f19aa550000) myuser@ubsrv:~/ans$
5. 添加rd_public用户
备注: Centos 的删除用户命令( userdel -fr rd_public )和添加用户命令( useradd -U rd_public )
myuser@ubsrv:~/ans$ sudo deluser -fr rd_public Removing user `rd_public' ... Warning: group `rd_public' has no more members. Done. myuser@ubsrv:~/ans$ myuser@ubsrv:~/ans$ sudo adduser --disabled-login --gecos 'rd_public' rd_public Adding user `rd_public' ... Adding new group `rd_public' (1001) ... Adding new user `rd_public' (1001) with group `rd_public' ... Creating home directory `/home/rd_public' ... Copying files from `/etc/skel' ... myuser@ubsrv:~/ans$ myuser@ubsrv:~/ans$ sudo -u rd_public -H id uid=1001(rd_public) gid=1001(rd_public) groups=1001(rd_public) myuser@ubsrv:~/ans$
6. 创建工作目录/opt/ans/ans_rproxy
myuser@ubsrv:~/ans$ sudo mkdir -p /opt/ans/ans_rproxy myuser@ubsrv:~/ans$ sudo chown -R rd_public:rd_public /opt/ans/ans_rproxy myuser@ubsrv:~/ans$ sudo -u rd_public -H cp -Rf ./* /opt/ans/ans_rproxy myuser@ubsrv:~/ans$ cd /opt/ans/ans_rproxy myuser@ubsrv:/opt/ans/ans_rproxy$ ls -alh . drwxr-xr-x 2 rd_public rd_public 4.0K Sep 14 13:50 . drwxr-xr-x 3 root root 4.0K Sep 14 13:20 .. -rwxr-xr-x 1 rd_public rd_public 359K Sep 14 13:50 ans_rproxy -rw-r--r-- 1 rd_public rd_public 324 Sep 14 13:50 app.json -rw-r--r-- 1 rd_public rd_public 55K Sep 14 13:50 libev.so.4 myuser@ubsrv:/opt/ans/ans_rproxy$
7. 修改配置文件app.json
注意: 默认日志文件 在 Ubuntu 上为 /var/log/syslog 在 CentOS 上为 /var/log/messages
添加的虚拟服务器列表的权重值相加的和一定要为100
myuser@ubsrv:/opt/ans/ans_rproxy$ sudo ./ans_rproxy -mmachine code: [XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX]Please send the above machine code to High-Galaxy Corp.myuser@ubsrv:/opt/ans/ans_rproxy$ myuser@ubsrv:/opt/ans/ans_rproxy$ sudo -u rd_public -H vim ./app.json { "license": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX","quiet" : 0,"syslog": 0,"user": "rd_public","group": "rd_public","working_dir": "/opt/ans/ans_rproxy","vservers": [{"host" : "172.16.204.50","port" : "8081","weight" : 60},{"host" : "172.16.204.53","port" : "8081","weight" : 40}] } myuser@ubsrv:/opt/ans/ans_rproxy$
8. 测试服务器是否可以正常访问
myuser@ubsrv:/opt/ans/ans_rproxy$ curl -I http://172.16.204.50:8081/LoginFuZai.aspx HTTP/1.1 200 OK Cache-Control: private Content-Length: 1624 Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/7.5 X-AspNet-Version: 4.0.30319 X-Powered-By: ASP.NET Date: Mon, 17 Sep 2018 08:29:26 GMTmyuser@ubsrv:/opt/ans/ans_rproxy$ myuser@ubsrv:/opt/ans/ans_rproxy$ curl -I http://172.16.204.53:8081/LoginFuZai.aspx HTTP/1.1 200 OK Cache-Control: private Content-Length: 1624 Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/7.5 X-AspNet-Version: 4.0.30319 X-Powered-By: ASP.NET Date: Mon, 17 Sep 2018 08:29:34 GMTmyuser@ubsrv:/opt/ans/ans_rproxy$
9. 使用rd_public用户启动ans_rproxy程序
注意:这里启动会报错,提示【create_listen: Permission denied】
myuser@ubsrv:/opt/ans/ans_rproxy$ sudo -u rd_public -H ./ans_rproxy -f ./app.json user [rd_public] group [rd_public] working dir [/opt/ans/ans_rproxy] Added 2 virtual servers. 20180914T153123.728231 [ 3967] create_listen: Permission denied 20180914T153123.728341 [ 3967] run_proxy: Failed to create listens. myuser@ubsrv:/opt/ans/ans_rproxy$
10. 使用sudo调用root用户权限,启动ans_rproxy程序
myuser@ubsrv:/opt/ans/ans_rproxy$ sudo ./ans_rproxy -f ./app.json user [rd_public] group [rd_public] working dir [/opt/ans/ans_rproxy] Added 2 virtual servers. Created listen socket [6]. Created listen socket [7]. start_workers: start(0), count(1) ansrpxy: initialization complete rd_public: uid(1001), gid(1001) In child process with uid (1001) 20180914T154306.928568 [ 3974] {core} Process 0 online 20180914T154306.928816 [ 3974] Worker 0: listen on 6 20180914T154306.928846 [ 3974] Worker 0: listen on 7 20180914T154306.928907 [ 3974] Worker 0 : in event loop. ...... myuser@ubsrv:/opt/ans/ans_rproxy$ myuser@ubsrv:/opt/ans/ans_rproxy$ sudo ps -waux | grep ans_rproxy | grep -v grep root 4114 0.0 0.1 52700 3928 pts/0 S+ 15:51 0:00 sudo ./ans_rproxy -f ./app.json root 4115 0.0 0.0 9648 968 pts/0 S+ 15:51 0:00 ./ans_rproxy -f ./app.json rd_publ+ 4116 0.0 0.0 18096 1816 pts/0 S+ 15:51 0:00 ./ans_rproxy -f ./app.json myuser@ubsrv:/opt/ans/ans_rproxy$ sudo netstat -alntp | grep ans_rproxy | grep -v grep tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 4351/ans_rproxy tcp6 0 0 :::80 :::* LISTEN 4351/ans_rproxy myuser@ubsrv:/opt/ans/ans_rproxy$
11. 使用sudo调用root用户权限,后台方式启动ans_rproxy程序
myuser@ubsrv:/opt/ans/ans_rproxy$ sudo nohup ./ans_rproxy -f ./app.json > /dev/null 2>/dev/null & [1] 4143 myuser@ubsrv:/opt/ans/ans_rproxy$ myuser@ubsrv:/opt/ans/ans_rproxy$ sudo ps -waux | grep ans_rproxy | grep -v grep root 4143 0.0 0.1 52700 3936 pts/0 S 15:53 0:00 sudo nohup ./ans_rproxy -f ./app.json root 4144 0.0 0.0 9648 976 pts/0 S 15:53 0:00 ./ans_rproxy -f ./app.json rd_publ+ 4145 0.0 0.0 18096 1832 pts/0 S 15:53 0:00 ./ans_rproxy -f ./app.json myuser@ubsrv:/opt/ans/ans_rproxy$ sudo netstat -alntp | grep ans_rproxy | grep -v grep tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 4144/ans_rproxy tcp6 0 0 :::80 :::* LISTEN 4144/ans_rproxy myuser@ubsrv:/opt/ans/ans_rproxy$
12. 查看ans_rproxy进程所占用的系统资源
myuser@ubsrv:/opt/ans/ans_rproxy$ sudo lsof -c ans_rproxy myuser@ubsrv:/opt/ans/ans_rproxy$
13. 测试访问ans_rproxy进程提供的Session代理服务
业务测试必须使用客户端浏览器进行模拟用户操作
myuser@ubsrv:/opt/ans/ans_rproxy$ curl -v http://localhost:80/LoginFuZai.aspx * Trying ::1... * Connected to localhost (::1) port 80 (#0) > GET /LoginFuZai.aspx HTTP/1.1 > Host: localhost > User-Agent: curl/7.47.0 > Accept: */* > < HTTP/1.1 200 OK < Cache-Control: private < Content-Type: text/html; charset=utf-8 < Server: Microsoft-IIS/7.5 < X-AspNet-Version: 4.0.30319 < X-Powered-By: ASP.NET < Date: Mon, 17 Sep 2018 08:31:52 GMT < Content-Length: 1624 < ......myuser@ubsrv:/opt/ans/ans_rproxy$ tail -f /var/log/syslog Sep 17 16:27:58 ubsrv ans_rproxy[10011]: VSVR [1] : Response Hits [0], Weight [40], State [DOWN] Sep 17 16:28:58 ubsrv ans_rproxy[10011]: Connections [0], Total Requests [0], Total vsvrs [2] Sep 17 16:28:58 ubsrv ans_rproxy[10011]: VSVR [0] : Response Hits [0], Weight [60], State [UP] Sep 17 16:28:58 ubsrv ans_rproxy[10011]: VSVR [1] : Response Hits [0], Weight [40], State [UP] Sep 17 16:29:58 ubsrv ans_rproxy[10011]: Connections [0], Total Requests [0], Total vsvrs [2] Sep 17 16:29:58 ubsrv ans_rproxy[10011]: VSVR [0] : Response Hits [0], Weight [60], State [UP] Sep 17 16:29:58 ubsrv ans_rproxy[10011]: VSVR [1] : Response Hits [0], Weight [40], State [UP] Sep 17 16:30:58 ubsrv ans_rproxy[10011]: Connections [0], Total Requests [3], Total vsvrs [2] Sep 17 16:30:58 ubsrv ans_rproxy[10011]: VSVR [0] : Response Hits [2], Weight [60], State [UP] Sep 17 16:30:58 ubsrv ans_rproxy[10011]: VSVR [1] : Response Hits [2], Weight [40], State [UP] ......myuser@ubsrv:/opt/ans/ans_rproxy$
14. 结束ans_rproxy进程
myuser@ubsrv:/opt/ans/ans_rproxy$ sudo ps -waux | grep ans_rproxy | grep -v grep | awk '{print $2}' | sudo xargs kill -9 [1]+ Killed sudo nohup ./ans_rproxy -f ./app.json > /dev/null 2> /dev/null myuser@ubsrv:/opt/ans/ans_rproxy$ sudo ps -waux | grep ans_rproxy | grep -v grep myuser@ubsrv:/opt/ans/ans_rproxy$
15. 其他配置
#!/usr/bin/env bash #filename: rproxy_ctl.shcur_dir=`pwd` ans_uid=`id -u`usage_rproxy() {echo "Usage: sudo `basename $0` [start|stop|restart|staus|help]"echo " start -- Start program."echo " stop -- Stop program."echo " restart -- Restart program."echo " status -- Display service status."echo " help -- Display help information."return 0 }invoke_sudo() {if [ $ans_uid -ne 0 ]; thensudo id > /dev/null 2>/dev/nullif [ $? -ne 0 ]; thenecho "Elevate permissions failed."return 1fifireturn 0 }start_rproxy() {invoke_sudoif [ $? -ne 0 ]; thenecho "Error: Permission denied."exit 1filocal line_numline_num=`sudo ps -waux | grep ans_rproxy | grep -v rproxy_ctl | grep -v grep | wc -l`if [ $line_num -ne 0 ]; thenecho "Error: Program is already running."return 1fiecho "Start program ..."if [ -f ${cur_dir}/ans_rproxy -a -x ${cur_dir}/ans_rproxy -a -f ${cur_dir}/app.json -a -r ${cur_dir}/app.json ]; thensudo nohup ${cur_dir}/ans_rproxy -f ${cur_dir}/app.json > /dev/null 2>/dev/null &if [ $? -ne 0 ]; thenecho "Error: Program start failed."return 1elseecho "Info: Program start successful."return 0fielseif [ -f /opt/ans/ans_rproxy/ans_rproxy -a -x /opt/ans/ans_rproxy/ans_rproxy -a -f /opt/ans/ans_rproxy/app.json -a -r /opt/ans/ans_rproxy/app.json ]; thensudo nohup /opt/ans/ans_rproxy/ans_rproxy -f /opt/ans/ans_rproxy/app.json > /dev/null 2>/dev/null &if [ $? -ne 0 ]; thenecho "Error: Program start failed."return 1elseecho "Info: Program start successful."return 0fielseecho "Error: File permissions are incorrect."return 1fifi }stop_rproxy() {invoke_sudoif [ $? -ne 0 ]; thenecho "Error: Permission denied."exit 1filocal line_numline_num=`sudo ps -waux | grep ans_rproxy | grep -v rproxy_ctl | grep -v grep | wc -l`if [ $line_num -eq 0 ]; thenecho "Error: Program is not running."return 1fiecho "Stop program ..."sudo ps -waux | grep ans_rproxy | grep -v grep | awk '{print $2}' | sudo xargs kill -9if [ $? -ne 0 ]; thenecho "Error: Program stop failed."return 1elseecho "Info: Program stop successful."return 0fi }restart_rproxy() {invoke_sudoif [ $? -ne 0 ]; thenecho "Error: Permission denied."exit 1filocal line_numline_num=`sudo ps -waux | grep ans_rproxy | grep -v rproxy_ctl | grep -v grep | wc -l`if [ $line_num -ne 0 ]; thenstop_rproxyif [ $? -ne 0 ]; thenecho "Error: Program restart failed."return 1fisleep 3fistart_rproxyif [ $? -ne 0 ]; thenecho "Error: Program restart failed."echo "Info: Please stop program."return 1fireturn 0 }status_rproxy() {invoke_sudoif [ $? -ne 0 ]; thenecho "Error: Permission denied."exit 1fiecho "Service status information:"local ps_num port_numps_num=`sudo ps -waux | grep ans_rproxy | grep -v rproxy_ctl | grep -v grep | wc -l`if [ $ps_num -eq 3 ]; thenecho " Process: [ Running ]"elseecho " Process: [ Not Running ]"fiport_num=`sudo netstat -alntp | grep ans_rproxy | grep -v rproxy_ctl | grep -v grep | wc -l`if [ $port_num -ne 0 ]; thenecho " Prot: [ Running ]"elseecho " Prot: [ Not Running ]"fireturn 0 }case $1 in"start")start_rproxy;;"stop")stop_rproxy;;"restart")restart_rproxy;;"status")status_rproxy;;"help")usage_rproxyexit 0;;*)usage_rproxyexit 0;;esacexit 0
gxw@gxw-desktop:~$ sudo cat /etc/rc.local #!/bin/sh -e # # rc.local # # This script is executed at the end of each multiuser runlevel. # Make sure that the script will "exit 0" on success or any other # value on error. # # In order to enable or disable this script just change the execution # bits. # # By default this script does nothing.# Startup ans_rproxy /opt/ans/ans_rproxy/rproxy_ctl.sh restartexit 0 gxw@gxw-desktop:~$
安狮设备配置
注意:这里服务的监视器类型必须是TCP类型, 使用HTTP类型的监视器将会导致健康检查失败。
> add server srv_rproxy 172.16.204.184 # 添加服务器Done > add service svc_http_rproxy srv_rproxy http 80 # 添加服务Done > bind service svc_http_rproxy -monitorName tcp # 给服务绑定tcp类型的监视器Done > show service svc_http_rproxy # 查看服务的状态svc_http_rproxy (172.16.204.184:80) - HTTPState: UPLast state change was at Mon Sep 17 07:41:53 2018 Time since last state change: 0 days, 00:00:11.870Server Name: srv_rproxy Server ID : None Monitor Threshold : 0Max Conn: 0 Max Req: 0 Max Bandwidth: 0 kbitsUse Source IP: NO Client Keepalive(CKA): NOAccess Down Service: NOTCP Buffering(TCPB): NOHTTP Compression(CMP): YESIdle timeout: Client: 180 sec Server: 360 secClient IP: DISABLED Cacheable: NOSC: OFFSP: ONDown state flush: ENABLEDAppflow logging: ENABLEDTD: 01) Monitor Name: tcpState: UP Weight: 1 Passive: 0Probes: 12 Failed [Total: 9 Current: 0]Last response: Success - TCP syn+ack received.Response Time: 0.0 millisecDone > > add lb vserver lb_vsrv_http_rproxy http 172.16.204.188 80 -lbmethod ROUNDROBIN -persistenceType COOKIEINSERT -timeout 0 # 添加负载均衡虚拟服务器Done > bind lb vserver lb_vsrv_http_rproxy svc_http_rproxy # 给负载均衡虚拟服务器绑定服务Done > show lb vserver lb_vsrv_http_rproxy # 查看负载均衡虚拟服务器的状态lb_vsrv_http_rproxy (172.16.204.188:80) - HTTP Type: ADDRESS State: UPLast state change was at Mon Sep 17 07:41:53 2018Time since last state change: 0 days, 00:00:44.320Effective State: UPClient Idle Timeout: 180 secDown state flush: ENABLEDDisable Primary Vserver On Down : DISABLEDAppflow logging: ENABLEDPort Rewrite : DISABLEDNo. of Bound Services : 1 (Total) 1 (Active)Configured Method: ROUNDROBINMode: IPPersistence: COOKIEINSERT (version 0) Persistence Timeout: 0 minVserver IP and Port insertion: OFF Push: DISABLED Push VServer: Push Multi Clients: NOPush Label Rule: noneL2Conn: OFFSkip Persistency: NoneIcmpResponse: PASSIVENew Service Startup Request Rate: 0 PER_SECOND, Increment Interval: 0TD: 0Mac mode Retain Vlan: DISABLEDDBS_LB: DISABLED1) svc_http_rproxy (172.16.204.184: 80) - HTTP State: UP Weight: 1Persistence Cookie Value : NSC_mc_wtsw_iuuq_sqspyz=ffffffffad04caaf1e171659141d0e58464652443660Done >
客户端验证测试
1. 验证按权重值切换服务器
win1_50启用web服务, win2_53启用web服务,用户请求按权重比例分配给win1_50和win2_53服务器。
2. 验证服务器故障自动切换
win1_50启用web服务, win2_53启用web服务,此时进行用户登陆操作,操作页面正常。
此时禁用win2_53的web服务, 操作页面正常,用户请求自动发送win1_50服务器。
3. 查看ans_rproxy进程服务日志
FAQ:
1. 管理员账户密码忘记时,可直接操作数据库重置密码。
> select ShortName,Password,IsLock from domasv30.userinfo; > update domasv30.userinfo set Password=md5('admin') where ShortName='ADMIN';
======================== End
转载于:https://www.cnblogs.com/lsgxeva/p/9647377.html
ans_rproxy 说明相关推荐
最新文章
- 搭建服务器集群——Windows7系统中nginx与IIS服务器搭建集群实现负载均衡
- LLVM4更新--简化对象定义
- halcon圆环完整度检测
- 配置mysql使其允许外部ip进行登录
- BZOJ1970 [Ahoi2005] 矿藏编码
- 准确实用,7个优秀的开源中文分词库推荐
- 基于JAVA+SpringMVC+Mybatis+MYSQL的精美酒店管理系统
- WordPress主题制作全过程(二):主题文件构成
- 跟燕十八学习PHP-第二十五天-mysqlgroup by和having的综合练习
- XAF 应用程序模型架构
- 01背包问题理解笔记
- matlab汽车仿真实例,基于MATLAB的车辆工程仿真实例
- 中国脑计划颠覆性创新之路九,进化的方向,脑科学,互联网和人工智能联合突破达尔文进化论局限
- html简单旋转木马
- 无限循环小数四则运算_无限循环小数不能进行四则运算
- JS笔记:检测客户端(引擎、浏览器、平台、操作系统、移动设备)
- C++ 基本编程工具 DevCpp5.4.0 + 经典 VC6.0 | 软件分享 |
- Vue3+node.js网易云音乐实战项目(五)
- 计算机应用当兵分配到哪,参军是怎么分配省份的 当兵会被分配到哪里
- 股票跌得猝不及防,是因为你还不懂这个技术!