HAproxy | 易学教程

Haproxy SNI vs HTTP Host ACL check performance

阅读更多关于 Haproxy SNI vs HTTP Host ACL check performance

问题 I have a HAproxy 1.5 setup which offloads SSL in front of a couple of webservers (this way, they deal only with HTTP) My SSL certificate is a wildcard and we are balancing to different backends based on the FQDN. My frontend config look like this : ... frontend my-frontend bind ip:443 ssl crt /var/etc/haproxy/wildcard_cert.pem mode http log global option httplog option forwardfor use_backend my-backend if { ssl_fc_sni my.domain.org } use_backend my-backend2 if { ssl_fc_sni my2.domain.org }

How can I set up HAProxy to a backend based on a value in the url?

阅读更多关于 How can I set up HAProxy to a backend based on a value in the url?

问题 I am working on an application that consists of multiple services that, in production, run on different servers. In development, they run as multiple sites with different ports on the same machine. I would like to be able to use a hostname to locate the services, and have HAProxy do the port mapping to a dynamic backend host/port. I have a wildcard DNS mapping for the domain, resolving to the HAProxy IP. For example, http://serviceA-myhost.domain.com/ would map to http://myhost:8080, http:/

haproxy remove trailing slash

阅读更多关于 haproxy remove trailing slash

问题 I would like to redirect request from: http://myrepo/mytest.git/ to http://myrepo/mytest.git so, removing the trailing slash in haproxy. any hint ? Here's what I tried both in frontend and backend: reqrep ^(.*)[\/]$ \1 回答1: you can try like this. frontend nginx bind *:5000 mode http option forwardfor option httpclose acl old_url path_beg -i /mytest.git reqrep ^(.*)[\ /]$ \1 redirect prefix / code 301 if old_url default_backend tomcats backend tomcats mode http server tomcat01 X.X.X.X:8080

JWT Validation in HAProxy

阅读更多关于 JWT Validation in HAProxy

问题 I have an HAProxy configured to accept requests to *.mysubdomain.com. The HAProxy will parse the subdomain (prod or dev from prod.mysubdomain.com or dev.mysubdomain.com) and forward to the correct backend. Two backends exist, one for prod and one for dev. Each backend contains two server entries pointing towards Marathon LB instances on each subdomain. The subdomains require a JWT cookie for authentication on the backend. I have the public key to check the validity of the JWT, but would like

RabbitMQ高可用配置（Haproxy + Keepalived）

阅读更多关于 RabbitMQ高可用配置（Haproxy + Keepalived）

网络结构如下图：共有104、105、106三台RabbitMQ Server，互为集群其中104和105安装了Haproxy，每个Haproxy承担三台RabbitMQ server的负载均衡两台Harpoxy采用Keepalived互为主备，VIP是172.16.0.108 操作系统为Ubuntu 以下介绍操作步骤： 1、三台主机安装RabbitMQ apt-get install rabbitmq-server 开启RabbitMQ management，激活控制台以方便MQ的管理与监控 sudo rabbitmq-plugins enable rabbitmq_management 开启监控后可以输入http://ip:15672可以登录管理界面，默认账户guest/guest 2、配置MQ集群 2.1 cookie文件因为RabbitMQ的集群是通过Erlang的集群来实现的，所以，要求三台机器的 /var/lib/rabbitmq/.erlang.cookie 文件内容一致，用VI等工具将它的内容修改为 zHDCGETPYWOWREASJUAB 由于RabbitMQ在启动Booker时会检查该文件的权限，必须为400，否则会报错，所以要修改文件的权限 chmod 400 .erlang.cookie 2.2 修改各机器hosts 172.16.0.104 pzs

HAProxy vs. Nginx

阅读更多关于 HAProxy vs. Nginx

问题 I was looking at using HAProxy and Nginx for load balancing, and I had some questions: Should I use JUST HAProxy over Nginx for the proxy server? Is there any reason to have HAProxy and Nginx installed on the same proxy server? Thanks 回答1: haproxy is a "load balancer" it doesn't know to serve files or dynamic content. nginx is a web server capable of many interesting things. if you only need to load balance + HA some third web server then haproxy is enough. if you need to implement some

使用Haproxy搭建web集群

阅读更多关于使用Haproxy搭建web集群

常见的web集群调度器目前常见的web集群调度器分为软件和硬件，软件通常使用开源的LVS，Haproxy，Nginx，硬件一般使用比较多的是F5，也有很多人使用国内的一些产品，如梭子鱼，绿盟等 Haproxy应用分析 LVS在企业应用中抗负载能力很强，但存在不足 LVS不支持正则处理，不能实现动静分离对于大型网站，LVS的实施配置复杂，维护成本相对较高 Haproxy是一款可提供高可用性，负载均衡，及基于TCP和HTTP应用的代理的软件特别适用于负载特别大的web站点运行在当前的硬件上可支持数以万计的并发连接连接请求 Haproxy调度算法原理 RR：最简单常用的，轮询调度 LC：最小连接数算法，根据后端的节点连接数大小动态分配前端请求 SH：来源访问调度算法，用于有session会话记录在服务器端，可以基于来源ip，cookie做群集调度实验环境 Haporxy服务器 192.168.13.175 web1服务器 192.168.13.151 web2服务器 192.168.13.176 客户端测试机 win7 1，在web1，web2服务器上安装Nginx [root@web1 ~]# yum install -y \ ##安装环境需要组件包 > pcre-devel \ ##开发包 > zlib-devel \ ##压缩包 > gcc \ > gcc-c++ \ >

搭建 RabbitMQ Server 高可用集群

阅读更多关于搭建 RabbitMQ Server 高可用集群

原文: 搭建 RabbitMQ Server 高可用集群阅读目录：准备工作搭建 RabbitMQ Server 单机版 RabbitMQ Server 高可用集群相关概念搭建 RabbitMQ Server 高可用集群搭建 HAProxy 负载均衡因为公司测试服务器暂不能用，只能在自己电脑上重新搭建一下 RabbitMQ Server 高可用集群，正好把这个过程记录下来，以便日后查看。公司测试服务器上的 RabbitMQ 集群，我搭建的是三台服务器，因为自己电脑空间有限，这边只能搭建两台服务器用作高可用集群，用的是 Vagrant 虚拟机管理工具。环境介绍： RabbitMQ 节点 IP 地址工作模式 node1 192.168.1.50 DISK CentOS 7.0 - 64位 node2 192.168.1.51 DISK CentOS 7.0 - 64位整体架构： 1. 准备工作首先，在 node1 服务器上，修改 vi /etc/hostname ： node1 在 node2 服务器上，修改 vi /etc/hostname ： node2 然后在 node1 服务器上，修改 vi /etc/hosts ： node1 192.168.1.50 node2 192.168.1.51 127.0.0.1 node1 ::1 node1 在 node2

How to send a response with HAProxy without passing the request to web servers

阅读更多关于 How to send a response with HAProxy without passing the request to web servers

问题 The server is receiving thousands of OPTIONS requests due to CORS (Cross-Origin Resource Sharing). Right now, every options request is being sent to one of the servers, which is a bit wasteful, knowing that HAProxy can add the CORS headers itself without the help of a web server. frontend https-in ... use_backend cors_headers if METH_OPTIONS ... backend cors_headers rspadd Access-Control-Allow-Origin:\ https://www.example.com rspadd Access-Control-Max-Age:\ 31536000 However for this to work I

Haproxy redirect www to non-www

阅读更多关于 Haproxy redirect www to non-www

问题 I'm currently using Haproxy to balance several express.js nodes. I know that it's possible to redirect using express.js, but I was hoping to do so with Haproxy. I was wondering how I can do a permanent redirect from www.mysite.com to mysite.com? 回答1: redirect prefix http://example.com code 301 if { hdr(host) -i www.example.com } Please see the documentation of the redirect prefix rule for more information. If you are using a newer version of HAProxy, i.e. at least 1.6, you can use a more