HAproxy

Dynamic routing to backend based on context path in HAProxy

十年热恋 提交于 2019-12-24 09:29:28
问题 I have specific requirement that depending on my context path I have to redirect my traffic to different server/port though HAProxy. I have already achieved the same with "path_beg" in ACL. Below is the configuration. use_backend a1 if { path_beg /a1 } use_backend a2 if { path_beg /a2 } backend a1 balance roundrobin server 1-www 172.17.0.1:80 check cookie s2 backend a2 balance roundrobin server 1-www 172.17.0.3:80 check cookie s2 Now the concern is here every context path I also need to enter

HAProxy SSL termination + client certificate validation + curl / java client

可紊 提交于 2019-12-23 21:38:22
问题 I would like to have SSL termination on HAProxy, using my own self-signed certificates, and to validate client access using client certificates I create. I create the server (which is also the CA) certificates the following way: openssl genrsa -out ca.key 1024 openssl req -new -key ca.key -out ca.csr openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt and: cat ca.crt ca.key > haproxy.pem at HAProxy, I configure: bind *:443 ssl crt /path/server.pem ca-file /path/ca.crt verify

HAProxy - Configure HTTP frontend to listen on multiple ports

青春壹個敷衍的年華 提交于 2019-12-23 07:06:02
问题 I have an HAProxy HTTP Frontend in my HAProxy config like so: frontend myaddress.net :10098 bind :80,:8080 mode http log global option http-server-close timeout client 14400000 timeout connect 60000 timeout tunnel 14400000 timeout http-request 14400000 capture request header User-Agent len 64 capture request header Accept-language len 64 capture request header x-forward len 15 capture request header host len 64 capture request header X-Orig-Base len 64 capture request header X-Orig-Host len

X-Forwarded-For in Gwan

谁说胖子不能爱 提交于 2019-12-23 04:30:11
问题 I have read through the documentation (both API and Manual), and haven't seem to find any support by gwan for the X-Forwarded-For header. The only thing I have found that could be related was REMOTE_BIN_ADDR . I know to get a client IP you can use REMOTE_ADDR however my gwan servers are behind a HA Proxy load balancer, which forwards the client IP via X-Forwarded-For . Does Gwan not support this header? 回答1: As far as we know, while widely used, the X-Forwarded-For HTTP header is not part of

Can't connect to cassandra container via haproxy

对着背影说爱祢 提交于 2019-12-23 02:43:04
问题 I am trying to connect an external app to Cassandra which is running dockerized on a mesos cluster. These are the the apps I have running on mesos: CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 137760ce852a cassandra:latest "/docker-entrypoint.s" 15 minutes ago Up 15 minutes 7000-7001/tcp, 7199/tcp, 9160/tcp, 0.0.0.0:31634->9042/tcp mesos-1b65f33a-3d36-4bf4-8a77-32077d8d234a-S1.0db174cc-2e0c-4790-9cd7-1f142d08c6e2 fec5fc93ccfd cassandra:latest "/docker-entrypoint.s" 22 minutes ago Up

haproxy: get the host name

萝らか妹 提交于 2019-12-23 01:58:10
问题 I am trying to get the requester host/ip as it comes to haproxy node. My haproxy config is as below: frontend www-http bind *:9000 http-request redirect location https://%fi:9143 frontend www-https bind *:9143 ssl crt /root/keys.pem reqadd X-Forwarded-Proto:\ https default_backend www-backend backend www-backend balance roundrobin cookie SERVERID insert indirect nocache server server1 1.1.1.1:9080 cookie server1 weight 1 maxconn 1024 check So here, if any http request comes, then I need to

十一、使用KeepAlived为RabbitMQ的高可用的负载均衡

本小妞迷上赌 提交于 2019-12-22 14:29:21
【推荐】2019 Java 开发者跳槽指南.pdf(吐血整理) >>> 概述 高可用架构是 Keepalived + HAproxy,用 HAproxy 来做 RabbitMQ 负载均衡和高可用,用 Keepalived 来保证 HAproxy 的高可用。 组件 IP地址 端口 RabbitMQ磁盘节点-01 192.168.0.101 5672 RabbitMQ磁盘节点-02 192.168.0.102 5672 RabbitMQ磁盘节点-03 192.168.0.103 5672 HAproxy-01 192.168.0.104 HAproxy-02 192.168.0.105 Keepalived-Master 192.168.0.104 Keepalived-Backup 192.168.0.105 虚拟IP:192.168.0.100 之前安装过RabbitMQ。 也安装过单节点的HAProxy,IP地址为:192.168.0.104。 现在,需要把单节点的HAProxy克隆一份,形成两个HAProxy,新克隆出来的HAProxy节点的IP地址为:192.168.0.105。 安装KeepAlived 在两个节点使用yum安装keepalived: yum install -y keepalived 在两个节点的/etc/keepalived

001-rabbitmq和haproxy结合

梦想的初衷 提交于 2019-12-22 14:06:46
【推荐】2019 Java 开发者跳槽指南.pdf(吐血整理) >>> rabbitmq集群搭建 防火墙添加并重启 -A INPUT -p tcp -m multiport --dports 4369,25672,5672,15672 -j ACCEPT 安装 cd /usr/local/src/; wget https://github.com/rabbitmq/rabbitmq-server/releases/download/v3.7.16/rabbitmq-server-3.7.16-1.el7.noarch.rpm curl -s https://packagecloud.io/install/repositories/rabbitmq/erlang/script.rpm.sh | sudo bash yum install erlang -y yum install rabbitmq-server-3.7.16-1.el7.noarch.rpm -y 四台服务器的/etc/hosts配置统一 192.168.1.1 node1 192.168.1.1 node2 192.168.1.1 node3 192.168.1.1 node4 确认每一台的.erlang.cookie的配置统一 chmod 700 /var/lib/rabbitmq/.erlang.cookie

haproxy+keepalived实现高可用负载均衡

倖福魔咒の 提交于 2019-12-22 13:05:56
软件负载均衡一般通过两种方式来实现:基于操作系统的软负载实现和基于第三方应用的软负载实现。LVS就是基于Linux操作系统实现的一种软负载,HAProxy就是开源的并且基于第三应用实现的软负载。 HAProxy相比LVS的使用要简单很多,功能方面也很丰富。当 前,HAProxy支持两种主要的代理模式:"tcp"也即4层(大多用于邮件服务器、内部协议通信服务器等),和7层(HTTP)。在4层模式 下,HAProxy仅在客户端和服务器之间转发双向流量。7层模式下,HAProxy会分析协议,并且能通过允许、拒绝、交换、增加、修改或者删除请求 (request)或者回应(response)里指定内容来控制协议,这种操作要基于特定规则。 我现在用HAProxy主要在于它有以下优点,这里我总结下: 一、 免费开源,稳定性也是非常好,这个可通过我做的一些小项目可以看出来,单Haproxy也跑得不错,稳定性可以与LVS相媲美; 二、 根据官方文档,HAProxy可以跑满10Gbps-New benchmark of HAProxy at 10 Gbps using Myricom's 10GbE NICs (Myri-10G PCI-Express),这个作为软件级负载均衡,也是比较惊人的; 三、 HAProxy可以作为MySQL、邮件或其它的非web的负载均衡,我们常用于它作为MySQL(读

Haproxy SNI vs HTTP Host ACL check performance

时光怂恿深爱的人放手 提交于 2019-12-22 05:55:12
问题 I have a HAproxy 1.5 setup which offloads SSL in front of a couple of webservers (this way, they deal only with HTTP) My SSL certificate is a wildcard and we are balancing to different backends based on the FQDN. My frontend config look like this : ... frontend my-frontend bind ip:443 ssl crt /var/etc/haproxy/wildcard_cert.pem mode http log global option httplog option forwardfor use_backend my-backend if { ssl_fc_sni my.domain.org } use_backend my-backend2 if { ssl_fc_sni my2.domain.org }
订阅 HAproxy