TCP-based Haproxy proxy and TCPHaproxy proxy

Source: Internet
Author: User
Tags haproxy rsyslog

TCP-based Haproxy proxy and TCPHaproxy proxy

HaProxy provides high availability, Server Load balancer, and TCP and HTTP application-based proxy. It supports Virtual Hosts and is a free, fast, and reliable solution. Application to Haproxy is mainly because it is free and is based on TCP and HTTP application proxy.

First, we will introduce the application scenarios of Haproxy. One is TCP proxy, which is also applied in my project, and the other is HTTP proxy. Haproxy proxy Application Scenario Based on Tcp protocol: In a vpc network, the database of vm a cannot be accessed by the external network, but can only be accessed by vm B in the same Intranet environment, in this case, you can build an Haproxy environment on vm B and use the Haproxy proxy to access VM A database from external VM C. The actual application scenarios in my project are as follows, when you create an RDS instance on the public cloud, there will be a VPC network and a Classic network. After you select a VPC network to create an RDS instance, the data of the RDS database will be synchronized during data synchronization, at this time, because the RDS database is in a VPC network environment, the Internet cannot directly access this RDS database. At this time, we use an ECS to build a Haproxy proxy, and access the RDS database through the haproxy proxy through the Internet. This solves the VPC access problem;

HTTP-based Haproxy proxy Application Scenario: when a user accesses a website domain name, the HTTP request is sent to the backend configured web server through the Haproxy proxy we set, obtain the content returned by the backend server and then encapsulate the content and send the response to the client. If you do not get the content, you can use the haproxy proxy to access the backend mysql database (not necessarily the mysql database here ).

(1) download and install Haproxy: all online resources require credits, so you can find free resources directly on yum.

yum install -y haproxyrpm -qi haproxyrpm -ql haproxy

(2) configure the haproxy. cfg file (important)

cd /etc/haproxyvim haproxy.cfg
# Configure haproxy. cfg file global log 127.0.0.1 local2 chroot/var/lib/haproxy pidfile/var/run/haproxy. pid maxconn 4000 user haproxy group haproxy daemon # turn on stats unix socket stats socket/var/lib/haproxy/stats # response # common defaults that all the 'listen' and 'backend' sections will # use if not designated in their block # revoke defaults log global log 127.0.0.1 local3 mode http option httplog option dontlognull retries 10 option redispatch maxconn 2000 timeout http-request 10 s timeout queue 1 m timeout connect 10 s timeout client 1 m timeout server 1 m timeout http-keep-alive 10 s timeout check 10 s # backend mysql configuration, access the VM address + port number can access the backend mysql, for example: 192.168.108.20.: 7306 can access the mysql database listen mysql bind 0.0.0.0: 140 mode tcp balance roundrobin server mysql1 192.168.108.140: 3306 # haproxy listening port (which can be removed). Access the VM address + port number +/stats. For example, 192.168.108.20.: 1080/statslisten stats bind 0.0.0.0: 1080 mode http option httplog maxconn 10 stats refresh 30 s stats uri/stats realm XingCloud \ Haproxy stats auth admin: admin # use this account to log on. You can set stats auth Frank by yourself: frank stats hide-version stats admin if TRUE

(3) create a log file/var/log/haproxy. log

cd /var/logmkdir haproxycd haproxytouch haproxy.logchmod a+w haproxy.log

(4) Enable the haproxy Logging Function of rsyslog

Vim/etc/rsyslog. cnf -- modify the rsyslog. cfg file $ ModLoad imudp $ UDPServerRun 514 and remove the # before the two rows. In local7. */var/log/boot. add the following content after log # Save haproxy log local2. */var/log/haproxy. logvim/etc/sysconfig/rsyslog -- modify the rsylog file SYSLOGD_OPTIONS = "" To SYSLOGD_OPTIONS = "-r-m 2-c 2"

(5) restart the log and haproxy Service

systemctl restart rsyslogsystemctl restart haproxy

(6) haproxy commands

Killall haproxy -- stop haproxyps-ef | grep haproxy | grep-v grep -- view the running status of haproxy. (You can view the running status of haproxy on the configured monitoring page or 192.168.108.133: 1080/stats) netstat-plantu | grep 7306 -- view port 7306

(7) Test

1. Enter http: // 192.168.108.20.: 1080/stats to view the Haproxy invigilation page. This page also indicates that your haproxy configuration is successful.

2. The haproxy proxy accesses the back-end mysql database. Here I use Navicat. Here, 7306 is connected to the 192.168.108.140: 3306 database. The user name and password used here are the user name and password of the 140 database. If you have any questions, you can create a database on port 140 and access the database through port 7306. You can also see the newly created database.

Conclusion: The Haproxy function is quite powerful. For web applications based on Haproxy proxy, there is also a powerful Server Load balancer which is useless because the project is urgent and does not have time to gain in-depth understanding, next time, you will have the opportunity to build several web servers for testing. This is always a tricky problem, that is, when testing the connection to the backend mysql database, Host is blocked because of unknown connection errors; unblock with 'mysqladmin flush-hosts ', the final solution is to check that there is always a connection in use on port 140 on the 3306 server, and the connection fails. In the end, you can only restart the mysql database of port 140. This problem cannot be reproduced now, so we will not analyze the specific cause of the error here. This is mainly a simple application of Haproxy. If you have any questions, you can actively point out it.

  

 

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.