Haproxy Basics and some configurations

Basics of 1.HAproxy

Haproxy work in the TCP layer and the HTTP protocol application layer of the reverse proxy software, can load balance, support high concurrency (single process, event-triggered IO), back-end health check, but also can unilaterally disconnect TCP send connection, open source free.

1.1 Global Configuration

Log         127.0.  0.1  local2         #日志文件服务器, you can specify         a log level, you can define twolog127.0.  0.1  local1 noticechroot      /var/lib/haproxy      # Haproxy's working directory to the specified directory and performing the chroot () operation before discarding the permission can increase the security level of the haproxy, but it is important to ensure that the specified directory is empty and that no user can have write permissions     pidfile/ var/run/haproxy.pid  #主进程号路径maxconn     4000                     #最大连接数user        haproxygroup      Haproxydaemon     #让haproxy以守护进程的方式工作于后台

Nbproc #启动的进程数, typically CPU core number

1.2 Agent-related configuration

The defaults segment is used to provide default parameters for all other configuration segments

The frontend segment is used to define a series of listening sockets that can accept client requests and establish a connection with them

The backend segment is used to define a series of "back-end" servers that the agent forwards requests from the corresponding client to.

The listen segment defines a complete proxy by associating "front end" and "back end", usually only useful for TCP traffic

defaults mode HTTP #作用在应用层 log global #日志配置引用全局配置 option  Httplog #日志记录加上http请求部分 option Abortonclose #服务器负载大时, close the queue for long-handled connection option Dontlognull #不记录空连接的日志, such as a health check, such as option HTTP-server-close #对于某些server端不支持http长连接的情况, using this parameter can use the client to Haproxy is a long connection, while the Haproxy to the server side is short connection option Redisp Atch #当后端服务器宕机, re-select a different health server retries3#请求几次失败后认为服务器挂掉 Timeout http-Request 10s #请求超时 timeout Queue 1m #超时队列 timeout Connect 10s #连接超时 timeout client 1m #超时客户端 Timeout Server 1m #超时服务器 timeout http-keep-Alive 10s #长连接超时 timeout Check 10s #健康监测超时 maxconn the#最大连接数

Listen Stats    mode http    0.0.  0.0:    stats enable    #启用基于程序编译时默认设置的统计报告, cannot be used in the "frontend" section    stats hide-  Version    #启用统计报告并隐藏HAProxy版本报告, cannot be used for "frontend" section    stats uri     /haproxyadmin?  Stats   #设定URL    stats Realm   haproxy\ Statistics    #此参数仅在与 "stats auth" configuration used to make sense    stats    Auth Admin:admin   #启用带认证的统计报告功能并授权一个用户帐号     if TRUE   #在指定的条件满足时启用统计报告页面的管理级别功能

Here are some of the parameters used in this backend section

Banlance The load balancing algorithm for the specified back-end server is as follows:

Roundrobin, weighted polling, dynamic adjustment of the server can also be effective immediately

STATIC-RR, also weighted polling, but only static, adjust server weights can not be immediately effective

Leastconn, the minimum number of connections requested by the server, send the new request to the server

Source, locating the origin address to the specified server, but this hash method fails when the server goes down or the weight changes.

URI, which allows requests for the same URI to always be dispatched to a particular server, which fails when the server is down or the weight changes

Url-param, the request to ensure the same user ID is sent to the same specific server by tracing the user's identity in the request

HDR, according to the header to do scheduling, that is, the virtual host to dispatch, the algorithm defaults to static

Rdp-cookie, which locks and hashes each TCP request according to the cookie (name)

Basic knowledge of ACLs

ACLS <aclname> <criterion> [flags] [operator] <value> ...

Adname,acl name, Case sensitive

Criterion, Test standard

Flages–i is not a case-sensitive.

operator, operator, EQ equals ge greater than or equal to GT greater than LT less than le less than or equal to

Value, Integer, Regular, string, IP address

The test standard is more, the following

Be_sess_rate,fe_sess_rate, the previous one is backend on the session establishment rate, after a frontend session establishment rate

HDR (header) <string> request header for the specified content

Method <string> Request Methods

Path_beg <string>,path_end<string>, the previous one is the beginning of the URL, the last part of the URL

Hdr_beg <string>,hdr_beg <string> The previous one is whether the request header contains a matching string, and the trailing string in the next header

Some of the parameters used by server when defining the server are as follows:

Backup: Specifies that the server is a standby server

Check: Start the health check on the server, there are some detailed parameters, inter check interval, rise server from the hook to normal need to check the number of times, fall from normal operation to hang off need to check the number of

Cookie: Sets the cookie value for the specified server so that subsequent requests are defined to the same server

Redir: redirect

Weight: Weight

To achieve the example of static and dynamic separation, with the above knowledge can be very well understood, try to see the line to see if you can understand

Global Log127.0.0.1Local2chroot/var/lib/Haproxy Pidfile/var/run/haproxy.pid Maxconn4000User Haproxy Group Haproxy Daemon # turn on stats UNIX socket stats socket/var/lib/haproxy/statsdefaults mode HTTP log global option Httplog Option dontlognull option HTTP-server-close option forwardfor except127.0.0.0/8option Redispatch Retries3Timeout http-Request 10s Timeout queue 1m timeout Connect 10s timeout client 1m timeout s Erver 1m Timeout http-keep-Alive 10s Timeout Check 10s maxconn30000Listen stats mode http bind0.0.0.0: thestats Enable stats hide-version stats URI/haproxyadmin?Stats Stats Realm haproxy\ Statistics stats auth admin:admin stats adminiftruefrontend http-inchBind*: themode HTTP log global option httpclose option LOGASAP option Dontlognull Capture request Header Hos T Len#日志记录请求首部中host部分的值Capture Request Header Referer Len#日志记录请求首部中Referer部分的值ACL url_static Path_beg-i/static/images/javascript/stylesheets ACL url_static path_end-i. jpg. jpeg. gif. png. css. js use_backend static_serversifurl_static default_backend dynamic_serversbackend static_servers balance roundrobin server Imgsrv1172.16.200.7: theCheck Maxconn6000Server Imgsrv2172.16.200.8: theCheck Maxconn6000backend dynamic_servers cookie SRV insert NoCache balance roundrobin server Websrv1172.16.200.7: theCheck Maxconn +Cookie WEBSRV1 Server Websrv2172.16.200.8: theCheck Maxconn +Cookie WEBSRV2 Server Websrv3172.16.200.9: theCheck Maxconn +Cookie Websrv3

Haproxy Basics and some configurations