Saita Sabbin Sabar Yanar Gizo Load Daidaita Amfani da POUND akan RHEL/CentOS

POUND shiri ne na daidaita kaya wanda Kamfanin ITSECURITY ya haɓaka. Kayan aiki ne mai sauƙi na buɗe tushen baya wanda za'a iya amfani dashi azaman ma'auni mai ɗaukar nauyi na uwar garken yanar gizo don rarraba kaya tsakanin sabar da yawa. Akwai fa'idodi da yawa POUND yana bayarwa don ƙarshen mai amfani waɗanda suka dace sosai kuma suna yin aikin daidai.

  1. Yana goyan bayan runduna ta zahiri.
  2. Mai daidaitawa.
  3. Lokacin da uwar garken baya ta gaza ko kuma aka dawo da ita daga gazawar, takan gano ta ta atomatik kuma ta kafa matakan daidaita nauyi bisa ga wannan.
  4. Yana watsi da buƙatun da ba daidai ba.
  5. Babu takamaiman mai bincike ko sabar gidan yanar gizo.

Bari mu ga yadda za a yi wannan hack ɗin.

Da farko kuna buƙatar yanayi don ƙarin fahimta game da yin hakan. Don haka zan yi amfani da wani labari inda akwai sabar gidan yanar gizo guda biyu da uwar garken ƙofa ɗaya wanda ke buƙatar daidaita buƙatun da ke zuwa uwar garken ƙofar zuwa sabar gidan yanar gizo.

Pound Gateway Server : 172.16.1.222
Web Server 01 : 172.16.1.204
Web Server 02 : 192.168.1.161

Mataki 1: Shigar da Ma'aunin Load na Pound akan Sabar Gateway

1. Hanya mafi sauƙi don shigar da Pound shine ta amfani da fakitin RPM da aka riga aka haɗa, zaku iya samun RPMs don rarraba tushen RedHat a:

  1. http://www.invoca.ch/pub/packages/pound/

A madadin, ana iya shigar da Pound cikin sauƙi daga ma'ajiyar EPEL kamar yadda aka nuna a ƙasa.

# yum install epel-release
# yum install Pound

Bayan shigar da Pound, zaku iya tabbatar ko an shigar da shi ta hanyar bayar da wannan umarni.

# rpm –qa |grep Pound

2. Abu na biyu, kuna buƙatar sabar yanar gizo guda biyu don daidaita nauyin kuma tabbatar da cewa kuna da fayyace masu bayyanawa don gwada ƙirar fam ɗin yana aiki lafiya.

Anan ina da sabar guda biyu masu ɗauke da adiresoshin IP 172.16.1.204 da 192.168.1.161.

Don sauƙin amfani, na ƙirƙiri python SimpleHTTPServer don ƙirƙirar sabar gidan yanar gizo nan take akan sabobin biyu. Karanta game da Python SimpleHTTPServer

A cikin labari na, Ina da sabar yanar gizo na01 yana gudana akan 172.16.1.204 ta tashar tashar jiragen ruwa 8888 da webserver02 yana gudana akan 192.168.1.161 ta hanyar tashar jiragen ruwa 5555.

Mataki 2: Sanya Ma'auni Load Pound

3. Yanzu lokaci ya yi da za a yi gyare-gyare. Da zarar kun shigar da fam cikin nasara, yana ƙirƙirar fayil ɗin daidaitawar fam a/sauransu, wato pound.cfg.

Dole ne mu gyara uwar garken da bayanan baya don daidaita nauyi tsakanin sabar gidan yanar gizo. Je zuwa/sauransu kuma buɗe fayil ɗin pound.cfg don gyarawa.

# vi /etc/pound.cfg

Yi canje-canje kamar yadda aka ba da shawara a ƙasa.

ListenHTTP
    Address 172.16.1.222
    Port 80
End

ListenHTTPS
    Address 172.16.1.222
    Port    443
    Cert    "/etc/pki/tls/certs/pound.pem"
End

Service
    BackEnd
        Address 172.16.1.204
        Port    8888
    End

    BackEnd
        Address 192.168.1.161
        Port    5555
    End
End

Wannan shine yadda fayil na pound.cfg yayi kama.

A ƙarƙashin alamun \ListenHTTP da ListenHTTPS, dole ne ka shigar da adireshin IP na uwar garken da ka shigar POUND.

Ta hanyar tsohuwa uwar garken tana sarrafa buƙatun HTTP kodayake tashar jiragen ruwa 80 da buƙatun HTTPS ta hanyar tashar jiragen ruwa 443. A ƙarƙashin alamar \Service, zaku iya ƙara kowane adadin ƙananan alamun da ake kira \BackEnd. Tags na BackEnd suna ɗauke da adiresoshin IP da lambobin tashar jiragen ruwa waɗanda sabar yanar gizo ke gudana a kai.

Yanzu ajiye fayil ɗin bayan gyara shi daidai kuma sake kunna sabis ɗin POUND ta hanyar ba da ɗayan umarni na ƙasa.

# /etc/init.d/pound restart 
OR
# service pound restart
OR
# systemctl restart pound.service

4. Yanzu lokaci ya yi don dubawa. Bude masu bincike na gidan yanar gizo guda biyu don bincika ko saitunan mu suna aiki lafiya. A cikin adireshin adireshin, rubuta adireshin IP ɗin ƙofar POUND ɗin ku kuma duba abin da ya bayyana.

Buƙatar farko yakamata ta ɗora sabar gidan yanar gizo na farko01 kuma buƙatu na biyu daga sauran mai binciken yanar gizon yakamata ya loda sabar yanar gizo na biyu02.

Bugu da ƙari kuma, yi la'akari da yanayin kamar idan kuna da sabar yanar gizo guda biyu don ɗaukar ma'auni kuma ɗayan aikin uwar garken yana da kyau kuma sauran ayyukan ba su da kyau sosai.

Don haka lokacin da za a daidaita nauyin kaya a tsakanin su, dole ne ku yi la'akari da wace uwar garken da za ku ƙara nauyi. Babu shakka ga uwar garken tare da kyawawan ƙayyadaddun ayyuka.

Don daidaita nauyin haka, kawai sai ku ƙara siga guda ɗaya a cikin fayil ɗin pound.cfg. Bari mu duba shi.

Yi tunanin uwar garken 192.168.1.161:5555 shine mafi kyawun uwar garken. Sannan kuna buƙatar sanya ƙarin buƙatun shiga wannan uwar garken. Ƙarƙashin alamar \BackEnd wanda aka saita don uwar garken 192.168.1.161, ƙara ma'anar Priority kafin alamar Ƙarshen.

Dubi misali a ƙasa.

Kewayon da za mu iya amfani da shi don ma'aunin Fififici yana tsakanin 1-9. Idan ba mu ayyana shi ba, za a sanya tsohowar ƙimar 5.

Sa'an nan kaya za a daidaita daidai. Idan muka ayyana lambar fifiko, POUND za ta loda uwar garken tare da mafi girman lambar fifiko akai-akai. Don haka a wannan yanayin, 192.168.1.161:5555 za a yi lodi fiye da sabar 172.16.1.204:8888.

Mataki na 3: Tsara Tsare-tsare na Gaggawa

Tag na gaggawa: Ana amfani da wannan alamar don loda uwar garke idan duk sabar ƙarshen baya ta mutu. Kuna iya ƙara shi kafin alamar Ƙarshen ƙarshe na pound.cfg kamar haka.

“Emergency
           Address 192.168.5.10
           Port        8080
   End”

6. POUND koyaushe yana lura da waɗanne sabobin baya suna raye da waɗanda ba su da. Za mu iya ayyana bayan daƙiƙa nawa POUND ya kamata ya duba sabar baya ta ƙara siginar Rayuwa a cikin pound.cfg.

Kuna iya amfani da ma'aunin a matsayin Alive 30 don saita shi zuwa daƙiƙa 30. Pound zai kashe na ɗan lokaci sabobin baya da ba sa amsawa. Lokacin da muka ce sabar da ba ta amsa ba na iya mutuwa ko kuma ba za ta iya kafa haɗin gwiwa ba a lokacin.

POUND zai bincika uwar garken baya na naƙasasshe bayan kowane lokaci da kuka ayyana a cikin fayil ɗin pound.cfg idan har uwar garken zai iya kafa haɗi, to POUND zai iya komawa aiki tare da sabar.

7. POUND daemon za a sarrafa ta hanyar poundctl umurnin. Ta hanyar samun wannan ba mu buƙatar gyara fayil ɗin fam.cfg kuma za mu iya ba da Listner Server, BackEnd sabobin da kuma zaman da dai sauransu ta hanyar umarni guda.

Syntax: poundctl -c /path/to/socket [-L/-l] [-S/-s] [-B/-b] [-N/-n] [-H] [-X]

  1. -c yana bayyana hanyar zuwa soket ɗin ku.
  2. -L/-l yana bayyana mai sauraron gine-ginen ku.
  3. -S/-s yana bayyana sabis ɗin.
  4. -B/-b yana bayyana sabobin baya.

Duba shafukan poundctl don ƙarin bayani.

Da fatan za ku ji daɗin wannan hack kuma gano ƙarin zaɓuɓɓuka game da wannan. Jin kyauta don yin sharhi a ƙasa don kowane shawarwari da ra'ayoyi. Ci gaba da haɗin kai tare da Tecment don dacewa da sabuwar Yadda ake.