F5通过http class实现多域名分流进行服务器负载均衡
2013-01-28 11:06
507 查看
一、环境和需求
#---------环境电子商务平台
BIGIP 1600 LTM 一台,ASA5520 一台
ISP公网ip 5个
IBM服务器刀片10几个
主域名www.aaa.com,二级域名20个(tr.aaa.com/search.aaa.com/……)
#---------需求
由于公网ip有限,不能做到域名和公网ip的一对一绑定,需要通过f5来实现多域名的分流
所有用户都通过域名(80端口)访问业务,而后台每个域名分别为不同端口
每个域名代表一个业务组,后台有多组服务器池对应不同域名
二、设计思路
# 第一步------------------------------------把5个公网ip的功能进行规划:
IP1=防火墙接口ip
IP2=防火墙预留映射ip,nat给f5的管理ip 443
IP3=业务集合bg
bg_cms.bg.aaa.com
bg_erp.bg.aaa.com
bg_exh.bg.aaa.com
bg_goods.bg.aaa.com
bg_log.bg.aaa.com
bg_member.bg.aaa.com
bg_order.bg.aaa.com
bg_tr.bg.aaa.com
IP4=业务集合main
club.aaa.com
exh.aaa.com
login.aaa.com
member.aaa.com
order.aaa.com
search.aaa.com
tr.aaa.com
www.aaa.com
IP5=业务集合pay
bg_pay.aaa.com
image.aaa.com
pay.aaa.com
# 第二步------------------------------
域名绑定到IP3的一个公网ip上
bg_cms.bg.aaa.com
bg_erp.bg.aaa.com
bg_exh.bg.aaa.com
bg_goods.bg.aaa.com
bg_log.bg.aaa.com
bg_member.bg.aaa.com
bg_order.bg.aaa.com
bg_tr.bg.aaa.com
其他域名类似
# 第三步------------------------------
防火墙做一对一端口映射
其中IP3、4、5映射到F5的3个vs ip 192.168.21.1~3
# 第四步------------------------------
F5上通过http class配置进行对数据包的url进行检查域名来进行分流,到不同的server pool,并把80流量进行目的端口转换到不同业务
三、流量逻辑图
四、相关截图
Vs_bg,vs_main1,vs_pay分别为根据域名url判断的三个分流应用组
Vs forward是内部三层交换
Vs out是服务器主动访问
注:指定网段可以ip forwarding三层交换。
注:不管真实服务器是什么端口,用户都用80端口访问
注:http class的配置,根据vs中接受到包头的url进行判断
注:在vs的resource里面匹配http class
五、配置文件
profile httpclass httpclass {pool none
redirect none
url rewrite none
asm disable
wa disable
hosts none
paths none
headers none
cookies none
}
profile httpclass bg_cms {
defaults from httpclass
pool pool_bg_cms
redirect none
hosts "cms.bg.aaa.com"
}
profile httpclass bg_erp {
defaults from httpclass
pool pool_bg_erp
redirect none
hosts "erp.bg.aaa.com"
}
profile httpclass bg_exh {
defaults from httpclass
pool pool_bg_exh
redirect none
hosts "exh.bg.aaa.com"
}
profile httpclass bg_goods {
defaults from httpclass
pool pool_bg_goods
redirect none
hosts "goods.bg.aaa.com"
}
profile httpclass bg_log {
defaults from httpclass
pool pool_bg_log
redirect none
hosts "logistics.bg.aaa.com"
}
profile httpclass bg_member {
defaults from httpclass
pool pool_bg_member
redirect none
hosts "member.bg.aaa.com"
}
profile httpclass bg_order {
defaults from httpclass
pool pool_bg_order
redirect none
hosts "order.bg.aaa.com"
}
profile httpclass bg_pay {
defaults from httpclass
pool pool_bg_pay
redirect none
hosts "pay.bg.aaa.com"
}
profile httpclass bg_tr {
defaults from httpclass
pool pool_bg_tr
redirect none
hosts "tr.bg.aaa.com"
}
profile httpclass club {
defaults from httpclass
pool pool_club
redirect none
url rewrite none
hosts "club.aaa.com"
paths none
headers none
cookies none
}
profile httpclass exh {
defaults from httpclass
pool pool_exh
redirect none
url rewrite none
hosts "exh.aaa.com"
paths none
headers none
cookies none
}
profile httpclass image {
defaults from httpclass
pool pool_image1
redirect none
hosts "image1.aaa.com"
}
profile httpclass login {
defaults from httpclass
pool pool_login
redirect none
hosts "login.aaa.com"
}
profile httpclass member {
defaults from httpclass
pool pool_member
redirect none
hosts "member.aaa.com"
}
profile httpclass order {
defaults from httpclass
pool pool_order
redirect none
hosts "order.aaa.com"
}
profile httpclass pay {
defaults from httpclass
pool pool_pay
redirect none
hosts "pay.aaa.com"
}
profile httpclass search {
defaults from httpclass
pool pool_search
redirect none
hosts "search.aaa.com"
}
profile httpclass tr {
defaults from httpclass
pool pool_tr
redirect none
hosts "tr.aaa.com"
}
profile httpclass www {
defaults from httpclass
pool pool_www
redirect none
hosts "www.aaa.com"
}
pool pool_bg_cms {
monitor all tcp8180
members 192.168.8.121:8180 {}
}
pool pool_bg_erp {
monitor all tcp8080
members 192.168.8.121:webcache {}
}
pool pool_bg_exh {
monitor all tcp8280
members 192.168.8.121:8280 {}
}
pool pool_bg_goods {
monitor all tcp8380
members 192.168.8.121:cruise-update {}
}
pool pool_bg_log {
monitor all tcp8780
members 192.168.8.121:8780 {}
}
pool pool_bg_member {
monitor all tcp8480
members 192.168.8.121:8480 {}
}
pool pool_bg_order {
monitor all tcp8580
members 192.168.8.121:8580 {}
}
pool pool_bg_pay {
monitor all tcp9180
members 192.168.8.221:9180 {}
}
pool pool_bg_tr {
monitor all tcp8680
members 192.168.8.121:8680 {}
}
pool pool_club {
monitor all tcp8080
members {
192.168.8.131:webcache {}
192.168.8.132:webcache {}
192.168.8.133:webcache {}
192.168.8.134:webcache {}
}
}
pool pool_exh {
monitor all tcp8280
members {
192.168.8.131:8280 {}
192.168.8.132:8280 {}
192.168.8.133:8280 {}
192.168.8.134:8280 {}
}
}
pool pool_image1 {
monitor all http
members 192.168.8.161:http {}
}
pool pool_internet {
monitor all gateway_icmp
members 192.168.21.254:any {}
}
pool pool_login {
monitor all tcp8380
members {
192.168.8.131:cruise-update {}
192.168.8.132:cruise-update {}
192.168.8.133:cruise-update {}
192.168.8.134:cruise-update {}
}
}
pool pool_member {
monitor all tcp8480
members {
192.168.8.131:8480 {}
192.168.8.132:8480 {}
192.168.8.133:8480 {}
192.168.8.134:8480 {}
}
}
pool pool_order {
monitor all tcp8580
members {
192.168.8.131:8580 {}
192.168.8.132:8580 {}
192.168.8.133:8580 {}
192.168.8.134:8580 {}
}
}
pool pool_pay {
monitor all tcp9080
members 192.168.8.221:glrpc {}
}
pool pool_search {
monitor all tcp8680
members {
192.168.8.131:8680 {}
192.168.8.132:8680 {}
192.168.8.133:8680 {}
192.168.8.134:8680 {}
}
}
pool pool_tr {
monitor all tcp8780
members {
192.168.8.131:8780 {}
192.168.8.132:8780 {}
192.168.8.133:8780 {}
192.168.8.134:8780 {}
}
}
pool pool_www {
monitor all tcp8180
members {
192.168.8.131:8180 {}
192.168.8.132:8180 {}
192.168.8.133:8180 {}
192.168.8.134:8180 {}
}
}
virtual address any {
mask 0.0.0.0
}
virtual address 192.168.5.0 {
mask 255.255.255.0
}
virtual address 192.168.6.0 {
mask 255.255.255.0
}
virtual address 192.168.8.0 {
mask 255.255.255.0
}
virtual vs_bg {
destination 192.168.21.2:http
ip protocol tcp
httpclass {
bg_cms
bg_erp
bg_exh
bg_goods
bg_log
bg_member
bg_order
bg_tr
}
persist source_addr
profiles {
http {}
tcp {}
}
}
virtual vs_forward {
ip forward
destination 192.168.8.0:any
mask 255.255.255.0
}
virtual vs_forward1 {
ip forward
destination 192.168.6.0:any
mask 255.255.255.0
}
virtual vs_forward2 {
ip forward
destination 192.168.5.0:any
mask 255.255.255.0
}
virtual vs_main1 {
destination 192.168.21.1:http
ip protocol tcp
httpclass {
club
exh
login
member
order
search
tr
www
}
persist source_addr
profiles {
http {}
tcp {}
}
}
virtual vs_out {
snat automap
pool pool_internet
destination any:any
mask 0.0.0.0
}
virtual vs_pay {
destination 192.168.21.3:http
ip protocol tcp
httpclass {
bg_pay
image
pay
}
persist source_addr
profiles {
http {}
tcp {}
}
}
更多相关资讯,请关注F5中国官方网站:www.f5.com.cn
相关文章推荐
- F5通过http class实现多域名分流进行服务器负载均衡
- 三步实现通过域名访问tomcat的http和https服务器
- 两台WEB服务器通过DNS轮询功能实现负载均衡
- 通过 JS 实现与后台进行连接,提交表单,将获取到的数据pos给服务器。
- 通过Exchange边缘传输服务器实现邮件入站分流
- 通过F5 LTM iRule实现根据URL进行流量分发
- Linux 通过HTTP进行域名更新
- Android通过Http连接MySQL 实现登陆/注册(数据库+服务器+客户端)
- QTE下通过Http协议以同步方式与Web服务器通信的实现
- 一个完整的通过encoding/json信息传递格式,采用http.POST利用进行与服务器通信,并对返回结果进行解析处理的典型案例
- Android通过Http连接MySQL 实现登陆/注册(数据库+服务器+客户端)
- android客户端通过Get方式提交参数给服务器,使用URL和HttpURLConnection实现,以及乱码问题解决
- Android端通过Okhttp与PHP服务器进行交互并实现文件上传下载(二)
- Android通过Http连接MySQL 实现登陆/注册(数据库+服务器+客户端),androidmysql
- android客户端通过Get方式提交参数给服务器,使用URL和HttpURLConnection实现,以及乱码问题解决
- Java中通过方法创建一个http连接并请求(服务器间进行通信)
- 通过设置http的头信息实现服务器不保存文件直接下载
- Android端通过Okhttp与PHP服务器进行交互并实现文件上传下载(一)
- 通过Exchange边缘传输服务器实现邮件入站分流
- 一台linux服务器,通过apache实现,一个域名访问jsp的网站,一个域名访问php的网站