HAproxy configuration details

Source: Internet
Author: User
Tags haproxy

1. Introduction to haproxy
HAProxy provides high availability, Server Load balancer, and TCP and HTTP application-based proxy. It supports Virtual Hosts and is a free, fast, and reliable solution. HAProxy is especially suitable for websites with extremely high loads, which usually require session persistence or layer-7 processing. HAProxy runs on the current hardware and supports tens of thousands of concurrent connections. In addition, its running mode enables it to be easily and securely integrated into your current architecture, while protecting your web servers from being exposed to the network.

Configure haproxy
The haproxy configuration is divided into the following parts:
1 global: The parameter is process-level, usually related to the operating system. These parameters are generally set only once. If the configuration is correct, you do not need to modify them again.
2 defaults: Configure Default parameters. These parameters can be used by frontend, backend, and Listen components.
3 frontend: The Frontend virtual node that receives the request. frontend can specify the backend
4 backend: Backend service cluster configuration, which is a real server. One backend corresponds to one or more physical servers.
5 combination of Listen Fronted and backend

Three haproxy installation Configuration
1 Installation
# Wget http://haproxy.1wt.eu/download/1.4/src/haproxy-1.4.24.tar.gz
# Tar xf haproxy-1.4.24.tar.gz
# Uname-r
2.6.18-274. el5PAE
# Make TARGET = linux26PREFIX =/usr/local/haproxy
# Make install PREFIX =/usr/local/haproxy
# Mkdir/usr/local/haproxy/{etc, logs, run}
# Cd examples/
# Cp haproxy. cfg/usr/local/haproxy/etc
# Cp haproxy. init/etc/init. d/haproxy
# Chmod 700/etc/init. d/haproxy
# Chkconfig -- add haproxy
# Chkconfig haproxy on

# Cat haproxy. cfg
# Global configuration information ###
Global
Log 127.0.0.1 local3 # [error warringinfo debug] # define the haproxy log Level
# Log 127.0.0.1 local1 notice
# Log loghost local0 info
Maxconn 20480 # default maximum number of connections
Chroot/usr/local/haproxy # chroot running path
Uid 99 # Run haproxy user UID
Gid 99 # Run haproxy user group gid
Daemon # Run harpoxy later
Nbproc 1 # set the number of processes
Pidfile/usr/local/haproxy/run/haproxy. pid # haproxy process PID File
Ulimit-n 819200 # limit on the number of ulimit
# Debug # haproxy debugging level. We recommend that you debug it only when a single process is enabled.
# Quiet

#### Default configuration options #######

Ults
Log global
Mode http # type of processing (Layer 7 proxy http, Layer 4 Proxy tcp)
Maxconn 50000 # maximum number of connections
Option httplog # The log category is in the http log format
Option httpclose # proactively disable the http channel after each request is completed
Option dontlognull # do not record Health Check log information
Option forwardfor # If the backend server needs to obtain the real ip address of the client, you can obtain the IP address of the client from the http header.
Retries 3 # If the connection fails three times, the server is considered unavailable. You can also set
Option redispatch # After the server corresponding to the serverID fails, it is forcibly redirected to another healthy server.
Stats refresh 30 # Set the interval for refreshing the statistics page
Option abortonclose # When the server load is high, the connection to the current queue is automatically terminated for a long time.
Balance roundrobin # Set the default Load Balancing mode and polling Mode
# Balance source # Set the default Load Balancing mode, similar to the nginx ip_hash
# Balnace leastconn # Set the default Load Balancing mode and the minimum number of connections
Contimeout 5000 # Set connection timeout
Clitimeout 50000 # Set the client timeout
Srvtimeout 50000 # Set server timeout
Timeout check 2000 # Set the heartbeat check timeout
# Timeout http-request 10 s # default http request timeout
# Timeoutqueue 1 m # default queue timeout
# Timeoutconnect 10 s # default connection timeout
# Timeoutclient 1 m # Default Client timeout
# Timeoutserver 1 m # default server timeout
# Timeout http-keep-alive10s # default persistent connection timeout

######## Set monitoring page ######
Listen admin_status
Bind 0.0.0.0: 81 # Set the combination of Frontend and Backend, and set the name of the Monitoring Group as needed.
Mode http # Set the layer-7 mode layer of http
Log 127.0.0.1 local3 err # error log record
Stats refresh 30 s # Set monitoring page refresh time: 5 s
Stats uri/haproxy-stats # Set the monitoring page url
Stats realm Frank \ Frank # Set the page prompt information
Stats auth admin: admin # Set the user and password on the monitoring page: admin. You can set multiple user names.
Stats auth Frank: Frank # Set the user and password on the monitoring page: Frank
Stats hide-version # hide the HAproxy version on the statistics page
Stats admin if TRUE # Set Manual start/disable, back-end server (haproxy-1.4.9 later)

######## Set the haproxy error page #####

Errorfile 403/usr/local/haproxy/errorfiles/403. http
Errorfile 500/usr/local/haproxy/errorfiles/500. http
Errorfile 502/usr/local/haproxy/errorfiles/502. http
Errorfile 503/usr/local/haproxy/errorfiles/503. http
Errorfile 504/usr/local/haproxy/errorfiles/504. http

##### Set frontend #########

Frontend http_80_in
Bind 0.0.0.0: 80 # Set the listening port, that is, the web Service port provided by haproxy, which is similar to the lvs vip.
Mode http # Layer-7 http mode
Log global # apply global log Settings
Option httplog # enable http log
Option httpclose # proactively disable the http channel after each request is completed. HA-proxy does not support the keep-alive mode.
Option forwardfor # If the backend server needs to obtain the real IP address of the client, you can obtain the Client IP address from HttpHeader.

#### Acl Policy Configuration ######
Acl frank_web hdr_reg (host)-I ^ (www.test.com. sh | news.test.com. sh) $
# True-I is case-insensitive if the requested domain name meets the two domain names in the Regular Expression
# Acl frank_fund hdr_dom (host)-I fund.test.com. sh
# If the requested domain name meets fund.test.com. sh, true-I is case-insensitive.
Acl frank hdr (host)-I test.com. sh
# If the requested domain name meets test.com. sh, true-I is case-insensitive.
# Acl file_req url_sub-I killall =
# If the request url contains killall =, true is returned for this control policy; otherwise, false is returned.
# Acl dir_req url_dir-I allow
# If allow exists in the request url as part of the address path, this control policy returns true; otherwise, false is returned.
Acl missing_cl hdr_cnt (Content-length) eq 0
# Returns true if Content-length in the request header is equal to 0.
#### Manage interface ####
Acl Frank_Manage path_dir/Frank/manage/
Acl Frank_Network src 192.168.151.189 192.168.152.0/24
# Deny lb.html ###
Acl Frank_lb path/lb.html

######## Matching an acl Policy #############

Block if Frank_lb
Block if Frank_Manage! Frank_Network
# Block if missing_cl
# When the Content-length in the request header is equal to 0, the request will return 403
# Block if! File_req | dir_req
# Block indicates that the request is blocked, and error 403 is returned. The current block indicates that the request is blocked if the policy file_req is not satisfied or the policy dir_req is satisfied.
Redirect prefix http: // 192.168.151.249code 301 if frank
# When accessing test.com. sh, use http 301 to switch to http: // 192.168.151.249.
Use_backend server_web if frank_web
# Use server_web backend when the frank_web policy is met
# Use_backend server_blog if frank_fund
# Use the backend of server_blog when the frank_fund policy is met
Default_backend server_web
# Use the backend of server_bbs by default when none of the preceding conditions are met

######### Backend settings ##############
#################### Backend server_web ################## #######
123456789101112 backendserver_web
Mode http # Layer-7 mode of http
Balance roundrobin # Load Balancing mode, roundrobin average Mode
Cookie etnetchinaid insert indirectnocache domain .test.com. sh maxidle 20 s maxlife 30 s # server ID can be inserted to the cookie. The serverid can be defined later.
# Cookie SERVERID insert indirect nocache
# Appsession JSESSIONID len 64 timeout 300 s request-learn
Option httpchk GET/lb.html HTTP/1.0 # Heartbeat detection File
Server 192.168.51.78 192.168.151.78: 80 cookie cookie78 check inter 1500 rise 3 fall 3 weight 1
# Server definition. cookie 1 indicates that serverid is web1 and check inter1500 indicates the heartbeat detection frequency. rise 3 indicates that the server is correctly considered available three times,
# Fall 3 indicates that the server is unavailable when it fails three times, and weight indicates the weight.
Server 192.168.151.79 192.168.151.79: 80 cookie cookie79 check inter 1500 rise 3 fall 3 weight 1
# Server definition. cookie 1 indicates that serverid is web2, check inter1500 indicates the heartbeat detection frequency. rise 3 indicates 3 times that the server is correctly recognized as available. # fall 3 indicates 3 times that the server is unavailable, weight indicates weight

For details about HAproxy, click here
HAproxy: click here

Recommended reading:

Haproxy + Keepalived build Weblogic high-availability server Load balancer Cluster

Keepalived + HAProxy configure high-availability Load Balancing

Haproxy + Keepalived + Apache configuration notes in CentOS 6.3

Haproxy + KeepAlived WEB Cluster on CentOS 6

Haproxy + Keepalived build high-availability Load Balancing

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.