我们可以基于haproxy 提供的dataplaneapi 动态进行haproxy 配置的修改,增强haproxy的可编程能力,以下是一个简单
的测试,基于docker-compose运行

环境准备

  • docker-compose文件
version: "3"
services:
    grafana:
     image: grafana/grafana
     ports:
     - "3000:3000"
    prometheus:
     image: prom/prometheus
     volumes:
     - "./prometheus.yml:/etc/prometheus/prometheus.yml"
     ports:
     - "9090:9090"
    haproxy:
     image: dalongrong/haproxy-dataplaneapi:2.0.5
     build: ./
     volumes:
     - "./haproxy.cfg:/usr/local/etc/haproxy/haproxy.cfg"
     ports:
     - "80:80"
     - "5555:5555"
     - "8404:8404"
     - "8080:8080"
     - "9000:9000"
     - "9001:9001"
     - "9002:9002"
     - "1000-1005:1000-1005"
     - "10080:10080"
    nginx1:
     image: nginx
     ports:
     - "8090:80"
    nginx2:
     image: nginx
     ports:
     - "8091:80"

  • haproxy 配置
#
# This is the ultimate HAProxy 2.0 "Getting Started" config
# It demonstrates many of the features available which are now available 
# While you may not need all of these things, this can serve
# as a reference for your own configurations.
#
# Have questions? Check out our community Slack:
# https://slack.haproxy.org/
#
global
    # master-worker required for `program` section
    # enable here or start with -Ws
    master-worker
    mworker-max-reloads 3
    # enable core dumps
    set-dumpable
    user root
    group root
    log stdout local0
    stats socket /run/haproxy.sock mode 600 level admin
    stats timeout 2m
defaults
    mode http
    log global
    timeout client 5s
    timeout server 5s
    timeout connect 5s
    option redispatch
    option httplog
resolvers dns
    parse-resolv-conf
    resolve_retries 3
    timeout resolve 1s
    timeout retry 1s
    hold other 30s
    hold refused 30s
    hold nx 30s
    hold timeout 30s
    hold valid 10s
    hold obsolete 30s
program dataplane-api
    command /usr/local/sbin/dataplaneapi --host 0.0.0.0 --port 5555 --haproxy-bin /usr/local/sbin/haproxy --config-file /usr/local/etc/haproxy/haproxy.cfg --reload-cmd "kill -SIGUSR2 1" --reload-delay 5 --userlist api
    no option start-on-reload
userlist api 
   # user admin password $5$aVnIFECJ$2QYP64eTTXZ1grSjwwdoQxK/AP8kcOflEO1Q5fc.5aA
    user admin insecure-password dalong
frontend stats
    bind *:8404
    # Enable Prometheus Exporter
    http-request use-service prometheus-exporter if { path /metrics }
    stats enable
    stats uri /stats
    stats refresh 10s
frontend fe_main
    bind *:8080
    # Enable log sampling
    # One out of 10 requests would be logged to this source
    log 127.0.0.1:10001 sample 1:10 local0
    # For every 11 requests, log requests 2, 3, and 8-11
    log 127.0.0.1:10002 sample 2-3,8-11:11 local0
    # Log profiling data
    log-format "%ci:%cp [%tr] %ft %b/%s %TR/%Tw/%Tc/%Tr/%Ta %ST %B %CC %CS %tsc %ac/%fc/%bc/%sc/%rc %sq/%bq %hr %hs %{+Q}r cpu_calls:%[cpu_calls] cpu_ns_tot:%[cpu_ns_tot] cpu_ns_avg:%[cpu_ns_avg] lat_ns_tot:%[lat_ns_tot] lat_ns_avg:%[lat_ns_avg]"
    # gRPC path matching
    acl is_grpc_codename path /CodenameCreator/KeepGettingCodenames 
    # Dynamic 'do-resolve' trusted hosts
    acl dynamic_hosts req.hdr(Host) api.local admin.local haproxy.com
    # Activate Traffic Mirror
    # Redirect if not SSL
    # http-request redirect scheme https unless { ssl_fc }
    # Enable src tracking
    # http-request track-sc0 src table mypeers/src_tracking
    # Enable rate limiting
    # Return 429 Too Many Requests if client averages more than
    # 10 requests in 10 seconds.
    # (duration defined in stick table in peers section)
    http-request deny deny_status 429 if { sc_http_req_rate(0) gt 10 }
    # Enable local resolving of Host if within dynamic_hosts ACL
    # Allows connecting to dynamic IP address specified in Host header
    # Useful for DNS split view or split horizon
    http-request do-resolve(txn.dstip,dns) hdr(Host),lower if dynamic_hosts
    http-request capture var(txn.dstip) len 40 if dynamic_hosts
    # return 503 when dynamic_hosts matches but the variable 
    # txn.dstip is not set which mean DNS resolution error
    # otherwise route to be_dynamic
    use_backend be_503 if dynamic_hosts !{ var(txn.dstip) -m found }
    use_backend be_dynamic if dynamic_hosts
    # route to gRPC path
    use_backend be_grpc if is_grpc_codename 
    default_backend be_main
backend be_main
    # Enable Power of Two Random Choices Algorithm
    balance random(2)
    # Enable Layer 7 retries
    retry-on all-retryable-errors
    retries 3 
    # retrying POST requests can be dangerous
    # make sure you understand the implications before removing
    http-request disable-l7-retry if METH_POST
    server server1 nginx1:80 check inter 3s
    server server2 nginx2:80 check inter 3s
backend be_grpc
    default-server ssl verify none alpn h2 check maxconn 50
    server grpc1 10.1.0.11:3000 
    server grpc2 10.1.0.12:3000 
backend be_dynamic
    default-server ssl verify none check maxconn 50
    # rule to prevent HAProxy from reconnecting to services
    # on the local network (forged DNS name used to scan the network)
    http-request deny if { var(txn.dstip) -m ip 127.0.0.0/8 10.0.0.0/8 }
    http-request set-dst var(txn.dstip)
    server dynamic 0.0.0.0:0
backend spoe-traffic-mirror
    mode tcp
    balance roundrobin
    timeout connect 5s
    timeout server 1m
    server spoa1 127.0.0.1:12345
    server spoa2 10.1.0.20:12345
backend be_503
    # dummy backend used to return 503.
    # You can use the 'errorfile' directive to send a nice
    # 503 error page to end users.
    errorfile 503 /usr/local/etc/haproxy/errors/503.http
 
 
 
  • 启动
docker-compose up -d
  • 效果

动态添加代理配置

dataplaneapi 有一个事物的概念,我们可以基于次模型进行动态haproxy 的操作,以下是一个简单的演示

  • 创建代理的流程
    首选创建backend
    添加server到backend
    创建frontend
    添加bind 到frontend
  • 一个简单的操作
    初始化事物:
curl -X POST --user admin:dalong \
-H "Content-Type: application/json" \
http://localhost:5555/v1/services/haproxy/transactions?version=1

效果:

{"_version":1,"id":"1f9630d9-665d-43f8-8ad9-f15652fbfbbe","status":"in_progress"}

查询事物:

curl -X GET --user admin:dalong \
-H "Content-Type: application/json" \
"http://localhost:5555/v1/services/haproxy/transactions"

效果:

[{"_version":1,"id":"1f9630d9-665d-43f8-8ad9-f15652fbfbbe","status":"in_progress"}]

创建backend 服务:

curl -X POST --user admin:dalong \
-H "Content-Type: application/json" \
-d '{"name": "test_backend", "mode":"http", "balance": {"algorithm":"roundrobin"}, "httpchk": {"method": "HEAD", "uri": "/", "version": "HTTP/1.1"}}' \
"http://localhost:5555/v1/services/haproxy/configuration/backends?transaction_id=1f9630d9-665d-43f8-8ad9-f15652fbfbbe" 

效果:

{"balance":{"algorithm":"roundrobin","arguments":null},"httpchk":{"method":"HEAD","uri":"/","version":"HTTP/1.1"},"mode":"http","name":"test_backend"}

添加server 到backend 服务:

curl -X POST --user admin:dalong \
-H "Content-Type: application/json" \
-d '{"name": "server1", "address": "192.168.0.104", "port":8888, "check": "enabled", "maxconn": 30, "weight": 100}' \
"http://localhost:5555/v1/services/haproxy/configuration/servers?backend=test_backend&transaction_id=1f9630d9-665d-43f8-8ad9-f15652fbfbbe"

效果:

{"address":"192.168.0.104","check":"enabled","maxconn":30,"name":"server1","port":8888,"weight":100}

创建frontend 服务:

curl -X POST --user admin:dalong \
-H "Content-Type: application/json" \
-d '{"name": "test_frontend", "mode": "http", "default_backend": "test_backend", "maxconn": 2000}' \
"http://localhost:5555/v1/services/haproxy/configuration/frontends?transaction_id=1f9630d9-665d-43f8-8ad9-f15652fbfbbe"

效果:

{"default_backend":"test_backend","maxconn":2000,"mode":"http","name":"test_frontend"}

创建bind 服务:

curl -X POST --user admin:dalong \
-H "Content-Type: application/json" \
-d '{"name": "http", "address": "*", "port": 10080}' \
"http://localhost:5555/v1/services/haproxy/configuration/binds?frontend=test_frontend&transaction_id=1f9630d9-665d-43f8-8ad9-f15652fbfbbe"

效果:

{"address":"*","name":"http","port":10080}

应用变更:

curl -X PUT --user admin:dalong \
-H "Content-Type: application/json" \
"http://localhost:5555/v1/services/haproxy/transactions/1f9630d9-665d-43f8-8ad9-f15652fbfbbe"

效果:

{"_version":1,"id":"1f9630d9-665d-43f8-8ad9-f15652fbfbbe","status":"success"}
  • 修改的haproxy 配置文件

实际上我们应用变更之后,会生成新的配置文件
内容如下:

  • 启动demo backend 服务
 
live-server  --port=8888
  • 效果

live-server 服务:

haproxy 代理服务:

haproxy 监控服务:

prometheus metrics服务:

说明

以上是一个简单的操作,官方文档提供了比较全的说明,很值得看看,同时基于dataplaneapi 我们可以方便的 扩展haproxy

参考资料

https://www.haproxy.com/documentation/hapee/1-9r1/configuration/dataplaneapi/
https://www.haproxy.com/documentation/dataplaneapi/latest/
https://github.com/rongfengliang/haproxy2.0-prometheus

haproxy 2.0 dataplaneapi rest api 试用的更多相关文章

  1. haproxy 2.0 dataplaneapi rest api 转为graphql

    haproxy 2.0 dataplaneapi rest api 是比较全的,以下是一个简单的集成graphql,通过swagger-to-graphql 转换为graphql api 方便使用 环 ...

  2. haproxy 2.0 dataplaneapi rest api 几个方便的问题排查接口

    在使用haproxy 2.0 dataplaneapi的时候,刚开始的时候我们可能需要进行调试,保证我们的配置在我们的系统环境中 是可以使用的,以下是自己在当前学习中为了排查问题会使用的几个api 创 ...

  3. haproxy 2.0 dataplaneapi rest api 转为graphql docker 镜像

    为了方便直接使用haproxy dataplaneapi graphql 格式的查询,制作了一个简单的docker 镜像 基于dotenv 进行配置管理,可以直接通过环境变量传入参数,处理不同hapr ...

  4. haproxy 2.0 dataplaneapi docker 镜像

    为了方便测试dataplaneapi 基于官方的docker镜像,制作了一个简单的包含dataplaneapi 的镜像 下载dataplaneapi https://github.com/haprox ...

  5. haproxy 2.0 dataplaneapi 类似的工具haproxyadmin

    haproxyadmin 是一个python 的pip 包,提供了类似dataplaneapi 的功能,使用上也比较简单,同时提供的方法也比较全 使用的技术与dataplaneapi 基本类似,也是一 ...

  6. haproxy2.0 dataplaneapi 简单说明

    haproxy2.0 支持基于dataplaneapi 的haproxy 动态配置修改以及服务生效,早期大家为了动态 可以会基于dsn 的服务发现模式,基于confd 结合consul 动态生成配置并 ...

  7. 使用haproxy 2.0 prometheus metrics 监控系统状态

    haproxy 2.0 已经发布一段时间了,提供内部直接暴露的prometheus metrics 很方便 ,可以快速的监控系统的状态 以下是一个简单的demo 环境准备 docker-compose ...

  8. HAProxy 2.0 and Beyond

    转自:https://www.haproxy.com/blog/haproxy-2-0-and-beyond/  关于haproxy 2.0 的新特性说明 HAProxy Technologies i ...

  9. ElasticSearch 5.0.1 java API操作

    今天来说下使用ES 5.0.1的API来进行编码. 开始之前,简单说下5.0.1跟之前的几个变化.之前的ES自身是不支持delete-by-query的,也就是通过查询来删除,可以达到批量的效果,是因 ...

随机推荐

  1. java基本数据类型的变量

    一.整型变量 短整型(short).整型(int)和长整型(long),它们都可以定义整型变量,但是由于分配的内存空间不同,所能表示的数据的长度也不同. 我们可以定义并初始化一个整型变量: int a ...

  2. ML学习笔记之XGBoost实现对鸢尾花数据集分类预测

    import xgboost as xgb import numpy as np import pandas as pd from sklearn.model_selection import tra ...

  3. WPF解决WindowsFormsHost背景透明

    项目案例:WPF使用WindowsFormsHost播放视频,视频上显示边框.字幕等特效: 难点问题 1.WindowsFormsHost不支持背景透明: 2.WPF Panel.ZIndex无效,W ...

  4. 2019 中手游java面试笔试题 (含面试题解析)

      本人5年开发经验.18年年底开始跑路找工作,在互联网寒冬下成功拿到阿里巴巴.今日头条.中手游等公司offer,岗位是Java后端开发,因为发展原因最终选择去了中手游,入职一年时间了,也成为了面试官 ...

  5. Java自学-异常处理 自定义异常

    Java 自定义异常 示例 1 : 创建自定义异常 一个英雄攻击另一个英雄的时候,如果发现另一个英雄已经挂了,就会抛出EnemyHeroIsDeadException 创建一个类EnemyHeroIs ...

  6. HTTP发展简史

    HTTP发展简史 HTTP协议是Hyper Text Transfer Protocol(超文本传输协议)的缩写,是用于从万维网(WWW:World Wide Web )服务器传输超文本到本地浏览器的 ...

  7. English--动词时态

    English|动词时态 时态是一个很玄乎的东西,要么是完全掌握,要么是不知所云. 在正式开始之前,大家需要明白汉语的谓语动词是不会随着时间与状态而变化.但是,英语的谓语动词会随着时间与状态发生变化. ...

  8. 把EXECL表格导入到WORD中

    一般我们在编写开发文档时需要进行表格导入导出,这里提供几种方法供参考. 法一: 打开EXECL,WORD软件,在需要导入表格的地方选择“插入” ,找到“对象选项: ”在对象对话框中点击“由文件创建”, ...

  9. Vue搭建脚手架1

    Vue2.0搭建Vue脚手架(vue-cli) 此文章参考了网上一些前人的技术分享,自己拿过来总结一下.此文章是基于webpack构建的vue项目,并实现简单的单页面应用.其中利用到的相关技术会简单加 ...

  10. 下拉菜单旋转出现css

    <!DOCTYPE html> <html> <head lang="en"> <meta charset="UTF-8&quo ...