dokucama

User Tools

Site Tools

Trace: jpuppet haproxy
network_stuff:haproxy

BASIC CONCEPTS
External Link

/etc/haproxy/haproxy.cfg

We define acl and backends. Then acl define what backend we use. 

use_backend blog-backend if acl_url_blog

OPERATION:
Restart: 

/etc/rc.d/init.d/haproxy restart

MONITORING
From the cli, this command gives us a csv, dump in Calc. Check max connections and current connections. 

echo "show info;show stat" | nc -U /var/lib/haproxy/stats  # Also | grep DOWN to see what is not working atm
ssh -o  UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -n ha1.dc "echo "show stat" | nc -U /var/lib/haproxy/stats" > file1 ; csvtool readable file1 | view -
ssh -o  UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -n ha1.dc "echo "show info" | nc -U /var/lib/haproxy/stats"

External Link There's GUI available as well as interacetive commands accessible with: 

nc -U /var/run/haproxy.sock

Also non-interactive commands for automated based operations.

From the stats page:

  • Session rate : number of new sessions per second. A session is a connection that was accepted by the layer 4 rules.
  • Connection: Note that a session can have one or more connections. “With the introduction of SSL, proxy protocol and layer4 ACLs, it was needed to cut the end-to-end sessions in smaller parts, hence the introduction of “connections””

PROTECT AGAINST DDOS:

SPECIAL FEATURES
Enable slow start: https://cbonte.github.io/haproxy-dconv/1.7/configuration.html#5.2-slowstart

  • Conceptual difference between a proxy and a 'reverse proxy': Proxy is a client proxy; reverse proxy is ~load balancer.
    • Proxy hides clients identity to the server. This is for client to server connections.
    • Proxy hides servers identity to the client. This is for client to server connections as well.

TODO:

network_stuff/haproxy.txt · Last modified: by 127.0.0.1

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki