Rotten mud: TCP application for learning haproxy with high load balancing, and load balancing haproxy

Last Update:2015-08-29 Source: Internet

Author: User

Tags ssh port haproxy

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

Rotten mud: TCP application for learning haproxy with high load balancing, and load balancing haproxy

This document consistsIlanniwebProviding friendship sponsorship, first launchedThe world

In the previous articles, we introduced the configuration parameters of haproxy, And the configuration examples are all http protocol (layer-7 Application.

This article introduces the layer-4 TCP application of haproxy.

For more articles, follow me on ilanniweb.

I. Business Requirements

Now we have two requirements, both of which use tcp protocol.

1.1 haproxy Proxy ssh

For the sake of security, all business servers are required to close the Internet connection, only the server where haproxy is located is enabled, and ssh connections to other business servers are implemented through haproxy.

In actual service, port 8098 accessing 192.168.5.171 is the ssh port accessing 192.168.5.174.

1.2 haproxy Proxy mysql

For the sake of security, it is required that mysql database connection be implemented only through the Intranet IP address, but because cloud database is used, if the company wants to connect to the database internally, it should be implemented through haproxy.

In actual business scenarios, access to port 8099 of 192.168.5.171 is to access port 3306 of 192.168.7.7.

Ii. Configuration Haproxy

Because haproxy uses both Layer 7 and Layer 4, we do not define the haproxy running mode in ults.

Note: configuration parameters related to http mode should not appear in default.

For layer-4 TCP applications with business requirements, our haproxy configuration is as follows:

Listen 8099.

Bind 0.0.0.0: 8099

Mode tcp

Server 174_22 192.168.5.174: 22 maxconn 1024 weight 5 check inter 2000 rise 2 fall 3

Listen 8098.

Bind 0.0.0.0: 8098

Mode tcp

Server 77_3306 192.168.7.7: 3306 maxconn 1024 weight 5 check inter 2000 rise 2 fall 3

The configuration file of the whole haproxy is as follows:

Grep-vE "^ # | ^ $" haproxy. cfg

Global

Log 127.0.0.1 local0

Log 127.0.0.1 local1 notice

Maxconn 4096

Uid 1005

Gid 1005

Daemon

Ults

Log global

Retries 3

Option redispatch

Maxconn 2000

Contimeout 5000

Clitimeout 50000

Srvtimeout 50000

Listen admin_stats

Bind 192.168.5.171: 1080

Mode http

Option httplog

Maxconn 10

Stats refresh 30 s

Stats uri/stats

Stats auth admin: admin

Stats hide-version

Frontend weblb

Bind *: 80

Acl is_dg hdr_beg (host) dg.test.com

Mode http

Acl is_ilanni hdr_beg (host) ilanni.test.com

Acl is_171 hdr_beg (host) 192.168.5.171

Acl is_ip src 192.168.5.140

Acl is_port dst_port 8090

Use_backend acl if is_171 is_ip

Use_backend mui_acl if is_171 is_ip is_port

Use_backend dgserver if is_dg

Use_backend ilanni if is_ilanni

Use_backend 171 server if is_171

Default_backend backend_default

Backend dgserver

Balance source

Mode http

Server web1 192.168.5.171: 8080 maxconn 1024 weight 3 check inter 2000 rise 2 fall 3

Server web2 192.168.5.174: 8080 maxconn 1024 weight 3 check inter 2000 rise 2 fall 3

Server web3 192.168.5.178: 8080 maxconn 1024 weight 3 check inter 2000 rise 2 fall 3

Back End 171 server

Balance roundrobin

Mode http

Server dg1 192.168.5.174: 80 check

Server dg2 192.168.5.178: 80 check

Backend ilanni

Server web1 www.yuanbaopu.com: 80 weight 3 check inter 2000 rise 2 fall 3

Mode http

Backend acl

Balance source

Mode http

Server web1 www.ilanni.com: 80 maxconn 1024 weight 3 check inter 2000 rise 2 fall 3

Backend mui_acl

Balance source

Mode http

Server web1 192.168.5.178: 80 maxconn 1024 weight 3 check inter 2000 rise 2 fall 3

Backend backend_default

Server web1 192.168.5.178: 8080 weight 3 check inter 2000 rise 2 fall 3

Mode http

Listen 8090.

Bind 0.0.0.0: 8090

Mode http

Balance roundrobin

Server web1 192.168.5.174: 8090 maxconn 1024 weight 5 check inter 2000 rise 2 fall 3

Server web2 192.168.5.178: 8090 maxconn 1024 weight 3 check inter 2000 rise 2 fall 3

Listen 8099.

Bind 0.0.0.0: 8099

Mode tcp

Server 174_22 192.168.5.174: 22 maxconn 1024 weight 5 check inter 2000 rise 2 fall 3

Listen 8098.

Bind 0.0.0.0: 8098

Mode tcp

Server 77_3306 192.168.7.7: 3306 maxconn 1024 weight 5 check inter 2000 rise 2 fall 3

Iii. verification requirements

After haproxy is configured, verify that haproxy is correctly configured as follows:

3.1 Verify haproxy proxy ssh

Now let's verify the haproxy proxy ssh and use the following command on the Linux client:

Ssh-p8099 wangxy@192.168.5.171

We can see that haproxy successfully proxies the ssh port 192.168.5.174.

3.2 Verify the haproxy proxy mysql

Now let's verify the haproxy proxy mysql and use the following command on the Linux client:

Mysql-P8098-h192.168.5.171-uroot-p

We can see that haproxy successfully proxies port 3306 (that is, mysql) of 192.168.7.7 ).

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More