HAProxy 001基础知识

一、概述

接入层代理服务器，支持四层tcp网络层代理和七层http应用层代理
部署方案
两台服务hostHA001,hostHA002,申请vip
两条服务上安装haproxy代理软件，安装keepalive的软件，配置haproxy，keepalived，vip，做容灾和负载均衡
配置dns域名解析服务，解析ip到vip

二、常用基本操作

1
2
3
4
5
6
7


service haproxy check #检查配置文件是否正确
service haproxy reload #重新加载配置文件
service haproxy start/stop #启动服务和停止服务
配置文件：cat /etc/haproxy/haproxy.conf #查看配置文件
检查配置正确与否：/usr/sbin/haproxy -c -f /etc/haproxy/haproxy.cfg
重启命令： systemctl reload haproxy.service
查看页面配置: http://host1:1080,http://host2:1080

三、常用配置

3.1、四层tcp代理服务配置

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271


global
    log 127.0.0.1:514 local2
    chroot /usr/local/haproxy
    pidfile /var/run/haproxy.pid
    nbproc 1
    nbthread 30
    hard-stop-after 1800s
    maxconn 32768
    user root
    group root
    daemon

    # turn on stats unix socket
    stats socket /var/lib/haproxy/stats

defaults
    log global
    mode tcp
    option tcplog
    option dontlognull
    option abortonclose
    option redispatch
    retries 3
    maxconn 4096
    timeout check 10s
    timeout connect 3s
    timeout client 60s
    timeout server 60s
    timeout queue 60s

userlist admin_users
    user data password xxxxxxxx

#
# This sets up the admin page for HA Proxy at port 1080.
#
listen stats
    bind 0.0.0.0:1080
    balance
    mode http
    maxconn 32
    http-request use-service prometheus-exporter if { path /metrics }
    stats enable
    stats refresh 30s
    stats uri /
    acl auth_admin http_auth(admin_users)
    stats http-request auth realm Prove\ me\ baby unless auth_admin
    stats show-legends

# YARN resource manager
listen yarn_rm
    bind 0.0.0.0:8088
    mode http
    #option tcplog
    maxconn 4096
    timeout client 10s
    timeout client-fin 10s
    timeout connect 3s
    timeout server 10s
    timeout tunnel 60s
    timeout queue 60s
    balance roundrobin
    retries 3
    #server host200.internal host200.internal:14000 check rise 3 fall 3 maxconn 2048 maxqueue 128
    server host201.internal host201.internal:8088 redir http://host201:8088 check rise 3 fall 3 maxconn 2048 maxqueue 128
    server host202.internal host202.internal:8088 redir http://host202:8088 check rise 3 fall 3 maxconn 2048 maxqueue 128

#impala-shell
listen impalashell
    bind 0.0.0.0:21002
    mode tcp
    option tcplog
    maxconn 4096
    timeout client 60s
    timeout client-fin 60s
    timeout connect 3s
    timeout server 60s
    timeout tunnel 600s
    timeout queue 60s
    balance roundrobin
    retries 3
    server host001.internal host001.internal:21000 check rise 3 fall 3 maxconn 1024 maxqueue 512 #coordinator
    server host002.internal host002.internal:21000 check rise 3 fall 3 maxconn 1024 maxqueue 512 #coordinator
    server host003.internal host003.internal:21000 check rise 3 fall 3 maxconn 1024 maxqueue 512 #coordinator

# impala jdbc
listen impalajdbc
    bind 0.0.0.0:21053
    mode tcp
    option tcplog
    maxconn 4096
    timeout client 60s
    timeout client-fin 60s
    timeout connect 3s
    timeout server 60s
    timeout tunnel 600s
    timeout queue 60s
    balance leastconn
    retries 3
    server host007.internal host007.internal:21050 check rise 3 fall 3 maxconn 1024 maxqueue 512
    server host008.internal host008.internal:21050 check rise 3 fall 3 maxconn 1024 maxqueue 512
    server host009.internal host009.internal:21050 check rise 3 fall 3 maxconn 1024 maxqueue 512
    

# impala jdbc Hue
# Session stick is required for Hue, balance mode leastconn can't applied to Hue
listen impalajdbc_hue
    bind 0.0.0.0:21051
    mode tcp
    option tcplog
    maxconn 4096
    timeout client 60s
    timeout client-fin 60s
    timeout connect 3s
    timeout server 60s
    timeout tunnel 600s
    timeout queue 60s
    balance source
    retries 3
    server host005.internal host005.internal:21050 check rise 3 fall 3 maxconn 1024 maxqueue 512
    server host006.internal host006.internal:21050 check rise 3 fall 3 maxconn 1024 maxqueue 512

# HiveServer2
listen hiveserver2
    bind 0.0.0.0:10001
    mode tcp
    option tcplog
    maxconn 4096
    timeout client 60s
    timeout client-fin 60s
    timeout connect 3s
    timeout server 60s
    timeout tunnel 1800s
    timeout queue 60s
    balance source
    retries 3
    server host011.internal host011.internal:10000 check rise 3 fall 3 maxconn 1024 maxqueue 512
    server host012.internal host012.internal:10000 check rise 3 fall 3 maxconn 1024 maxqueue 512

# TiDB
listen tidb
    bind 0.0.0.0:3306
    mode tcp
    option tcplog
    maxconn 4096
    timeout client 300s
    timeout client-fin 300s
    timeout connect 3s
    timeout server 300s
    timeout tunnel 1800s
    timeout queue 60s
    balance roundrobin
    retries 3
    option mysql-check user haproxy_check
    server host013.internal host013.internal:4000 check rise 3 fall 3 maxconn 1024 maxqueue 512 #disabled
    server host014.internal host014.internal:4000 check rise 3 fall 3 maxconn 1024 maxqueue 512 #disabled
    server host015.internal host015.internal:4000 check rise 3 fall 3 maxconn 1024 maxqueue 512 #disabled

# MySQL MHA
listen mysql_mha_master
    bind 0.0.0.0:3307
    mode tcp
    option tcplog
    maxconn 4096
    timeout client 300s
    timeout client-fin 300s
    timeout connect 3s
    timeout server 300s
    timeout tunnel 1800s
    timeout queue 60s
    retries 3
    option mysql-check user haproxy_check
    server host016.internal host016.internal:3306 check rise 3 fall 3 maxconn 1024 maxqueue 512

# ClickHouse Client (TCP)
listen ck_app_tcp
    bind 0.0.0.0:9011
    mode tcp
    maxconn 200000
    timeout client 60s
    timeout client-fin 30s
    option tcplog
    option logasap
    option contstats
    timeout connect 5s
    timeout server 60s
    timeout tunnel 300s
    timeout server-fin 30s
    timeout queue 60s
    balance leastconn
    retries 3
    server host101.internal host101.internal:9011 check rise 3 fall 3 maxconn 10000 maxqueue 1000 #disabled
    server host102.internal host102.internal:9011 check rise 3 fall 3 maxconn 10000 maxqueue 1000 #disabled
    server host103.internal host103.internal:9011 check rise 3 fall 3 maxconn 10000 maxqueue 1000 #disabled
    server host104.internal host104.internal:9011 check rise 3 fall 3 maxconn 10000 maxqueue 1000 #disabled
    server host105.internal host105.internal:9011 check rise 3 fall 3 maxconn 10000 maxqueue 1000 #disabled
    server host106.internal host106.internal:9011 check rise 3 fall 3 maxconn 10000 maxqueue 1000 #disabled
    
# ClickHouse Client (HTTP)
listen ck_app_http
    bind 0.0.0.0:8123
    mode http
    maxconn 200000
    timeout client 60s
    timeout client-fin 30s
    option httplog
    option logasap
    option contstats
    timeout connect 5s
    timeout server 300s
    timeout tunnel 300s
    timeout server-fin 30s
    timeout queue 60s
    balance leastconn
    retries 3
    cookie SERVERID insert
    server host101.internal host101.internal:8123 check rise 3 fall 3 maxconn 10000 maxqueue 1000 cookie s1 #disabled
    server host102.internal host102.internal:8123 check rise 3 fall 3 maxconn 10000 maxqueue 1000 cookie s2 #disabled
    server host103.internal host103.internal:8123 check rise 3 fall 3 maxconn 10000 maxqueue 1000 cookie s3 #disabled
    server host104.internal host104.internal:8123 check rise 3 fall 3 maxconn 10000 maxqueue 1000 cookie s4 #disabled
    server host105.internal host105.internal:8123 check rise 3 fall 3 maxconn 10000 maxqueue 1000 cookie s5 #disabled
    server host106.internal host106.internal:8123 check rise 3 fall 3 maxconn 10000 maxqueue 1000 cookie s6 #disabled

# Prometheus Server basic
listen prometheus_server_basic
    bind 0.0.0.0:9099
    mode tcp
    option tcplog
    maxconn 4096
    timeout client 300s
    timeout client-fin 300s
    timeout connect 3s
    timeout server 300s
    timeout tunnel 1800s
    timeout queue 60s
    retries 3
    server host301.internal host301.internal:8428 check rise 3 fall 3 maxconn 10000 maxqueue 1000 #disabled
    server host302.internal host302.internal:8428 check rise 3 fall 3 maxconn 10000 maxqueue 1000 #disabled
    server host303.internal host303.internal:8428 check rise 3 fall 3 maxconn 10000 maxqueue 1000 #disabled

# Prometheus Pushgateway
listen prometheus_pushgateway_basic
    bind 0.0.0.0:9091
    mode tcp
    option tcplog
    maxconn 4096
    timeout client 300s
    timeout client-fin 300s
    timeout connect 3s
    timeout server 300s
    timeout tunnel 1800s
    timeout queue 60s
    retries 3
    server host301_9091.internal host301.internal:9091 check rise 3 fall 3 maxconn 10000 maxqueue 1024
    server host301_9092.internal host301.internal:9092 check rise 3 fall 3 maxconn 10000 maxqueue 1024
    server host301_9093.internal host301.internal:9093 check rise 3 fall 3 maxconn 10000 maxqueue 1024
    server host301_9094.internal host301.internal:9094 check rise 3 fall 3 maxconn 10000 maxqueue 1024
    server host302_9091.internal host302.internal:9091 check rise 3 fall 3 maxconn 10000 maxqueue 1024
    server host302_9092.internal host302.internal:9092 check rise 3 fall 3 maxconn 10000 maxqueue 1024
    server host302_9093.internal host302.internal:9093 check rise 3 fall 3 maxconn 10000 maxqueue 1024
    server host302_9094.internal host302.internal:9094 check rise 3 fall 3 maxconn 10000 maxqueue 1024
    server host303_9091.internal host303.internal:9091 check rise 3 fall 3 maxconn 10000 maxqueue 1024
    server host303_9092.internal host303.internal:9092 check rise 3 fall 3 maxconn 10000 maxqueue 1024
    server host303_9093.internal host303.internal:9093 check rise 3 fall 3 maxconn 10000 maxqueue 1024
    server host303_9094.internal host303.internal:9094 check rise 3 fall 3 maxconn 10000 maxqueue 1024
    
errorfile 403 /etc/haproxy/errorfiles/403.http
errorfile 500 /etc/haproxy/errorfiles/500.http
errorfile 502 /etc/haproxy/errorfiles/502.http
errorfile 503 /etc/haproxy/errorfiles/503.http
errorfile 504 /etc/haproxy/errorfiles/504.http

3.2、七层http代理服务配置

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578


global
    log 127.0.0.1:514 local2
    chroot /usr/local/haproxy
    pidfile /var/run/haproxy.pid
    nbproc 1
    nbthread 24
    hard-stop-after 3600s
    maxconn 32768
    user root
    group root
    daemon

    # turn on stats unix socket
    stats socket /var/lib/haproxy/stats
    tune.ssl.default-dh-param 2048

defaults
    log global
    mode http
    option httplog
    option dontlognull
    option redispatch
    option http-server-close
    option http-keep-alive
    option abortonclose
    retries 3
    maxconn 4096
    timeout connect 10s
    timeout client 10s
    timeout server 10s
    timeout check 10s
    timeout queue 10s
    timeout tunnel 300s
    timeout http-request 10s
    timeout http-keep-alive 10s

userlist admin_users
    user data password xxxx

userlist kafka_users
    user kafka password xxxx

userlist flink_users
    user flink password xxxx

# This sets up the admin page for HA Proxy at port 1080.
listen stats
    bind 0.0.0.0:1080
    balance
    mode http
    maxconn 32
    http-request use-service prometheus-exporter if { path /metrics }
    stats enable
    stats refresh 30s
    stats uri /
    acl auth_admin http_auth(admin_users)
    stats http-request auth realm Prove\ me\ baby unless auth_admin
    stats show-legends

# not matched
backend not_matched
    mode http
    http-request deny deny_status 503

# Cloudera Manager
backend cm_server
    mode http
    timeout check 10s
    timeout connect 10s
    timeout server 300s
    timeout http-request 10s
    timeout http-keep-alive 10s
    timeout tunnel 300s
    timeout queue 10s
    balance roundrobin
    cookie SERVERNAME insert indirect nocache
    http-reuse safe
    #option httpchk GET / HTTP/1.1
    server host9601.internal host9601.internal:7183 ssl verify none cookie host9601 check inter 5000 rise 3 fall 3 maxconn 1024 maxqueue 128

# Grafana
backend grafana_server
    mode http
    timeout check 10s
    timeout connect 10s
    timeout server 120s
    timeout http-request 10s
    timeout http-keep-alive 10s
    timeout tunnel 1800s
    timeout queue 10s
    balance leastconn
    http-reuse safe
    option httpchk GET /?haproxy HTTP/1.1\r\nHost:\ monitor.oa.net
    server host701.internal host701.internal:3000 check inter 30000 rise 3 fall 3 maxconn 1024 maxqueue 128 #disabled
    server host702.internal host702.internal:3000 check inter 30000 rise 3 fall 3 maxconn 1024 maxqueue 128 #disabled

# Nacos backend server
backend nacos_server
    mode http
    timeout check 10s
    timeout connect 10s
    timeout server 120s
    timeout http-request 10s
    timeout http-keep-alive 10s
    timeout tunnel 300s
    timeout queue 10s
    balance roundrobin
    #cookie SERVERNAME insert indirect nocache
    http-reuse safe
    option httpchk GET /nacos/index.html HTTP/1.1\r\nHost:\ nacos-data.oa.net
    server host601.internal host601.internal:8848 check inter 5000 rise 3 fall 3 maxconn 1024 maxqueue 128
    server host602.internal host602.internal:8848 check inter 5000 rise 3 fall 3 maxconn 1024 maxqueue 128
    server host603.internal host603.internal:8848 check inter 5000 rise 3 fall 3 maxconn 1024 maxqueue 128

# ClickHouse Server
backend clickhouse_app_server
    mode http
    maxconn 2000
    timeout client 60s
    timeout client-fin 30s
    option httplog
    option logasap
    option contstats
    timeout connect 5s
    timeout server 60s
    timeout tunnel 300s
    timeout server-fin 30s
    timeout queue 60s
    balance leastconn
    retries 3
    server host9001.internal host9001.internal:8123 check rise 3 fall 3 maxconn 10000 maxqueue 1000 #disabled
    server host9002.internal host9002.internal:8123 check rise 3 fall 3 maxconn 10000 maxqueue 1000 #disabled
    server host9003.internal host9003.internal:8123 check rise 3 fall 3 maxconn 10000 maxqueue 1000 #disabled
    server host9004.internal host9004.internal:8123 check rise 3 fall 3 maxconn 10000 maxqueue 1000 #disabled
    server host9005.internal host9005.internal:8123 check rise 3 fall 3 maxconn 10000 maxqueue 1000 #disabled
    server host9006.internal host9006.internal:8123 check rise 3 fall 3 maxconn 10000 maxqueue 1000 #disabled

# ClickHouse Server
backend clickhouse_ods_server
    mode http
    maxconn 2000
    timeout client 60s
    timeout client-fin 30s
    option httplog
    option logasap
    option contstats
    timeout connect 5s
    timeout server 60s
    timeout tunnel 300s
    timeout server-fin 30s
    timeout queue 60s
    balance leastconn
    retries 3
    server host9101.internal host9101.internal:8123 check rise 3 fall 3 maxconn 10000 maxqueue 1000 #disabled
    server host9102.internal host9102.internal:8123 check rise 3 fall 3 maxconn 10000 maxqueue 1000 #disabled
    server host9103.internal host9103.internal:8123 check rise 3 fall 3 maxconn 10000 maxqueue 1000 #disabled
    server host9104.internal host9104.internal:8123 check rise 3 fall 3 maxconn 10000 maxqueue 1000 #disabled
    server host9105.internal host9105.internal:8123 check rise 3 fall 3 maxconn 10000 maxqueue 1000 #disabled
    server host9106.internal host9106.internal:8123 check rise 3 fall 3 maxconn 10000 maxqueue 1000 #disabled
    
# Dolphin backend server
backend dolphin_server
    mode http
    timeout check 10s
    timeout connect 10s
    timeout server 120s
    timeout http-request 10s
    timeout http-keep-alive 10s
    timeout tunnel 300s
    timeout queue 10s
    balance roundrobin
    #cookie SERVERNAME insert indirect nocache
    http-reuse safe
    option httpchk GET /dolphinscheduler HTTP/1.1\r\nHost:\ dolphin-data.oa.net
    server host9301.internal host9301.internal:12345 check inter 5000 rise 3 fall 3 maxconn 1024 maxqueue 128
    server host9302.internal host9302.internal:12345 check inter 5000 rise 3 fall 3 maxconn 1024 maxqueue 128

# Eagle
backend eagle_server
    mode http
    timeout check 10s
    timeout connect 10s
    timeout server 300s
    timeout http-request 10s
    timeout http-keep-alive 10s
    timeout tunnel 300s
    timeout queue 10s
    balance roundrobin
    cookie SERVERNAME insert indirect nocache
    http-reuse safe
    option httpchk GET /?haproxy HTTP/1.1\r\nHost:\ eagle-data.oa.net
    server host9301.internal host9301.internal:80 cookie host9301 check inter 5000 rise 3 fall 3 maxconn 1024 maxqueue 128 #disabled
    server host9302.internal host9302.internal:80 cookie host9302 check inter 5000 rise 3 fall 3 maxconn 1024 maxqueue 128 #disabled

# Arfa
backend arfa_server
    mode http
    timeout check 10s
    timeout connect 10s
    timeout server 300s
    timeout http-request 10s
    timeout http-keep-alive 10s
    timeout tunnel 300s
    timeout queue 10s
    balance roundrobin
    #cookie SERVERNAME insert indirect nocache
    http-reuse safe
    option httpchk OPTIONS /?haproxy HTTP/1.1\r\nHost:\ arfa-data.oa.net
    server host9501.internal host9501.internal:80 check inter 5000 rise 3 fall 3 maxconn 1024 maxqueue 128 #disabled
    server host9502.internal host9502.internal:80 check inter 5000 rise 3 fall 3 maxconn 1024 maxqueue 128 #disabled

# Alita backend server
backend alita_server
    mode http
    timeout check 10s
    timeout connect 10s
    timeout server 120s
    timeout http-request 10s
    timeout http-keep-alive 10s
    timeout tunnel 300s
    timeout queue 10s
    balance roundrobin
    #cookie SERVERNAME insert indirect nocache
    http-reuse safe
    option httpchk GET / HTTP/1.1\r\nHost:\ alita-data.oa.net
    server host9501.internal host9501.internal:80 check inter 5000 rise 3 fall 3 maxconn 1024 maxqueue 128
    server host9502.internal host9502.internal:80 check inter 5000 rise 3 fall 3 maxconn 1024 maxqueue 128

# Horizon backend server
backend horizon_server
    mode http
    timeout check 10s
    timeout connect 10s
    timeout server 120s
    timeout http-request 10s
    timeout http-keep-alive 10s
    timeout tunnel 300s
    timeout queue 10s
    balance roundrobin
    #cookie SERVERNAME insert indirect nocache
    http-reuse safe
    option httpchk OPTIONS /?haproxy HTTP/1.1\r\nHost:\ data.oa.net
    server host9501.internal host9501.internal:80 check inter 5000 rise 3 fall 3 maxconn 1024 maxqueue 128
    server host9502.internal host9502.internal:80 check inter 5000 rise 3 fall 3 maxconn 1024 maxqueue 128

# Api backend server
backend api_server
    mode http
    timeout check 10s
    timeout connect 10s
    timeout server 120s
    timeout http-request 10s
    timeout http-keep-alive 10s
    timeout tunnel 300s
    timeout queue 10s
    balance leastconn
    http-reuse safe
    option httpchk OPTIONS /?haproxy HTTP/1.1\r\nHost:\ api-data.oa.com
    server host9501.internal host9501.internal:80 check inter 5000 rise 3 fall 3 maxconn 1024 maxqueue 128 
    server host9502.internal host9502.internal:80 check inter 5000 rise 3 fall 3 maxconn 1024 maxqueue 128 backup 

# Vipapi backend server
backend vipapi_server
    mode http
    timeout check 10s
    timeout connect 10s
    timeout server 120s
    timeout http-request 10s
    timeout http-keep-alive 10s
    timeout tunnel 300s
    timeout queue 10s
    balance leastconn
    http-reuse safe
    option httpchk OPTIONS /?haproxy HTTP/1.1\r\nHost:\ vipapi-data.oa.com
    server host9501.internal host9501.internal:80 check inter 5000 rise 3 fall 3 maxconn 1024 maxqueue 128 backup
    server host9502.internal host9502.internal:80 check inter 5000 rise 3 fall 3 maxconn 1024 maxqueue 128 

# Azkaban vip backend server
backend azkaban_vip_server
    mode http
    timeout check 10s
    timeout connect 10s
    timeout server 10s
    timeout http-request 10s
    timeout http-keep-alive 10s
    timeout tunnel 300s
    timeout queue 10s
    balance leastconn
    http-reuse safe
    option httpchk OPTIONS /?haproxy
    server host9501.internal host9501.internal:8084 check inter 5000 rise 3 fall 3 maxconn 1024 maxqueue 128 
    server host9502.internal host9502.internal:8084 check inter 5000 rise 3 fall 3 maxconn 1024 maxqueue 128 backup 

# Azkaban busi backend server
backend azkaban_busi_server
    mode http
    timeout check 10s
    timeout connect 10s
    timeout server 10s
    timeout http-request 10s
    timeout http-keep-alive 10s
    timeout tunnel 300s
    timeout queue 10s
    balance leastconn
    http-reuse safe
    option httpchk OPTIONS /?haproxy
    server host9501.internal host9501.internal:8085 check inter 5000 rise 3 fall 3 maxconn 1024 maxqueue 128 backup 
    server host9502.internal host9502.internal:8085 check inter 5000 rise 3 fall 3 maxconn 1024 maxqueue 128 

#Hue backend server
backend hue_server
    mode http
    timeout check 10s
    timeout connect 10s
    timeout server 300s
    timeout http-request 10s
    timeout http-keep-alive 10s
    timeout tunnel 300s
    timeout queue 10s
    balance roundrobin
    cookie SERVERNAME insert indirect nocache
    http-reuse safe
    option httpchk OPTIONS /?haproxy HTTP/1.1
    server host9501.internal host9501.internal:8888 cookie tw06a339 check inter 5000 rise 3 fall 3 maxconn 1024 maxqueue 128
    server host9502.internal host9502.internal:8888 cookie tw06a340 check inter 5000 rise 3 fall 3 maxconn 1024 maxqueue 128

# Kibana
backend kibana_server
    mode http
    timeout check 10s
    timeout connect 10s
    timeout server 300s
    timeout http-request 10s
    timeout http-keep-alive 10s
    timeout tunnel 300s
    timeout queue 10s
    balance roundrobin
    cookie SERVERNAME insert indirect nocache
    http-reuse safe
    option httpchk GET /?haproxy HTTP/1.1\r\nHost:\ kibana.data.onething.net
    server host9501.internal host9501.internal:5601 cookie host9501 check inter 5000 rise 3 fall 3 maxconn 1024 maxqueue 128 #disabled
    server host9502.internal host9502.internal:5601 cookie host9502 check inter 5000 rise 3 fall 3 maxconn 1024 maxqueue 128 #disabled

# Flink
backend flink_server
    mode http
    acl auth_flink http_auth(flink_users)
    http-request auth realm Prove\ me\ baby unless auth_flink 
    timeout check 10s
    timeout connect 10s
    timeout server 120s
    timeout http-request 10s
    timeout http-keep-alive 10s
    timeout tunnel 1800s
    timeout queue 10s
    balance leastconn
    http-reuse safe
    option httpchk GET /?haproxy HTTP/1.1\r\nHost:\ flink.data.onething.net
    server host9501.internal host9501.internal:8081 check inter 30000 rise 3 fall 3 maxconn 1024 maxqueue 128 #disabled
    server host9502.internal host9502.internal:8081 check inter 30000 rise 3 fall 3 maxconn 1024 maxqueue 128 backup #disabled

# Pushgateway
backend prom_pushgateway
    mode http
    timeout check 10s
    timeout connect 10s
    timeout server 120s
    timeout http-request 10s
    timeout http-keep-alive 10s
    timeout tunnel 1800s
    timeout queue 10s
    balance source
    http-reuse safe
    server host001_9091.internal host001.internal:9091 check rise 3 fall 3 maxconn 10000 maxqueue 1024
    server host001_9092.internal host001.internal:9092 check rise 3 fall 3 maxconn 10000 maxqueue 1024
    server host001_9093.internal host001.internal:9093 check rise 3 fall 3 maxconn 10000 maxqueue 1024
    server host001_9094.internal host001.internal:9094 check rise 3 fall 3 maxconn 10000 maxqueue 1024
    server host002_9091.internal host002.internal:9091 check rise 3 fall 3 maxconn 10000 maxqueue 1024
    server host002_9092.internal host002.internal:9092 check rise 3 fall 3 maxconn 10000 maxqueue 1024
    server host002_9093.internal host002.internal:9093 check rise 3 fall 3 maxconn 10000 maxqueue 1024
    server host002_9094.internal host002.internal:9094 check rise 3 fall 3 maxconn 10000 maxqueue 1024
    server host003_9091.internal host003.internal:9091 check rise 3 fall 3 maxconn 10000 maxqueue 1024
    server host003_9092.internal host003.internal:9092 check rise 3 fall 3 maxconn 10000 maxqueue 1024
    server host003_9093.internal host003.internal:9093 check rise 3 fall 3 maxconn 10000 maxqueue 1024
    server host003_9094.internal host003.internal:9094 check rise 3 fall 3 maxconn 10000 maxqueue 1024

# Prometheus
backend prometheus_server
    mode http
    timeout check 10s
    timeout connect 10s
    timeout server 120s
    timeout http-request 10s
    timeout http-keep-alive 10s
    timeout tunnel 1800s
    timeout queue 10s
    balance leastconn
    http-reuse safe
    server host9301.internal host9301.internal:9099 check rise 3 fall 3 maxconn 10000 maxqueue 1024
    server host9302.internal host9302.internal:9099 check rise 3 fall 3 maxconn 10000 maxqueue 1024
    server host9303.internal host9303.internal:9099 check rise 3 fall 3 maxconn 10000 maxqueue 1024

# Yearning
backend yearning_server    
    mode http
    timeout check 10s
    timeout connect 10s
    timeout server 120s
    timeout http-request 10s
    timeout http-keep-alive 10s
    timeout tunnel 1800s
    timeout queue 10s
    balance leastconn
    http-reuse safe
    option httpchk GET /?haproxy HTTP/1.1\r\nHost:\ yearning-data.oa.net
    server host9501.internal host9501.internal:8000 check inter 30000 rise 3 fall 3 maxconn 1024 maxqueue 128 #disabled
    server host9502.internal host9502.internal:8000 check inter 30000 rise 3 fall 3 maxconn 1024 maxqueue 128 #disabled

# HTTP on port 443
frontend https_in
    bind 0.0.0.0:443 ssl crt /usr/local/haproxy/cert/xxx.com.pem
    maxconn 4096
    timeout client 10s
    timeout http-request 10s
    timeout http-keep-alive 10s
    option forwardfor except 10.0.0.0/8

    # Cloudera Manager
    acl cm_server hdr(host) -i cm.data.oa.net
    use_backend cm_server if cm_server

    # Grafana
    acl grafana hdr(host) -i monitor.oa.net
    use_backend grafana_server if grafana

    # Nacos
    acl nacos_statis path_reg ^/$ #访问控制
    acl nacos hdr(host) -i nacos-data.oa.net
    redirect location https://nacos-data.oa.net/nacos/index.html\   #/login if nacos nacos_statis
    use_backend nacos_server if nacos

    # ClickHouse Server
    acl clickhouse_app hdr_reg(host) -i ^(cks-data.oa.net|cks-app-data.oa.net)$
    use_backend clickhouse_app_server if clickhouse_app
    
    # ClickHouse Server
    acl clickhouse_ods hdr(host) -i cks-ods-data.oa.net
    use_backend clickhouse_ods_server if clickhouse_ods

    # Dolphin
    acl dolphin_statis path_reg ^/$
    acl dolphin hdr(host) -i dolphin-data.oa.net
    redirect location https://dolphin-data.oa.net/dolphinscheduler/ui/\  #/home if dolphin dolphin_statis
    use_backend dolphin_server if dolphin

    # Eagle
    acl eagle hdr(host) -i eagle-data.oa.net
    use_backend eagle_server if eagle

    # Arfa
    acl arfa hdr(host) -i arfa-data.oa.net
    use_backend arfa_server if arfa

    # Alita
    acl alita hdr(host) -i alita-data.oa.net
    use_backend alita_server if alita 

    # Default
    default_backend not_matched

# HTTP on port 80
frontend http_in
    bind 0.0.0.0:80
    maxconn 4096
    timeout client 10s
    timeout http-request 10s
    timeout http-keep-alive 10s
    option forwardfor except 10.0.0.0/8

    # ACL config
    # Horizon
    acl horizon hdr_reg(host) -i ^(data.oa.net|d.oa.net)$
    acl horizon_old hdr(host) -i data.oa.com
    http-request redirect prefix http://data.oa.net code 301 if horizon_old
    use_backend horizon_server if horizon or horizon_old

    # Api
    acl api hdr_reg(host) -i ^(api-data.oa.net|api-data.oa.com)$
    use_backend api_server if api

    acl vipapi hdr_reg(host) -i ^(vipapi-data.oa.net|vipapi-data.oa.com)$
    use_backend vipapi_server if vipapi

    # Eagle
    acl eagle hdr(host) -i eagle-data.oa.net
    use_backend eagle_server if eagle

    # Arfa
    acl arfa hdr(host) -i arfa-data.oa.net
    use_backend arfa_server if arfa

    # Alita
    acl alita hdr(host) -i alita-data.oa.net
    use_backend alita_server if alita 

    # Azkaban
    acl azk_static path_beg -i /index
    acl azkaban_vip hdr(host) -i azkaban-vip-data.oa.net
    acl azkaban_busi hdr(host) -i azkaban-busi-data.oa.net
    redirect location /canvas if azkaban_vip azk_static or azkaban_busi azk_static
    use_backend azkaban_vip_server if azkaban_vip
    use_backend azkaban_busi_server if azkaban_busi
    
    # Hue
    acl hue hdr_reg(host) -i ^(hue-data.oa.net|hue-data.oa.com)$
    use_backend hue_server if hue

    # Kibana
    acl kibana hdr(host) -i kibana-data.oa.net
    use_backend kibana_server if kibana

    # Flink
    acl flink hdr(host) -i flink-data.oa.net
    use_backend flink_server if flink

    # Push gateway
    acl push_gateway hdr(host) -i pg-data.oa.net
    use_backend prom_pushgateway if push_gateway

    # Prometheus
    acl prometheus hdr(host) -i prometheus-data.oa.net
    use_backend prometheus_server if prometheus

    # Yearning
    acl yearning hdr(host) -i yearning-data.oa.net
    use_backend yearning_server if yearning

    # Default
    default_backend not_matched

# This is for Flume-Server on port 10001
frontend flume_server
    bind 0.0.0.0:10001
    mode tcp
    maxconn 200000
    timeout client 60s
    timeout client-fin 30s
    option tcplog
    option logasap
    option contstats

    # ACL config
    # Flume-Server

    # Flume-Server Producer
    use_backend flume_server_producer

# This is for Flume-Server Producer
backend flume_server_producer
    mode tcp
    timeout connect 5s
    timeout server 60s
    timeout tunnel 300s
    timeout server-fin 30s
    timeout queue 60s
    balance leastconn
    retries 3
    server host7001.internal host7001.internal:10001 check inter 30000 rise 3 fall 3 maxconn 1024 maxqueue 128 #disabled
    server host7002.internal host7002.internal:10001 check inter 30000 rise 3 fall 3 maxconn 1024 maxqueue 128 #disabled
    server host7003.internal host7003.internal:10001 check inter 30000 rise 3 fall 3 maxconn 1024 maxqueue 128 #disabled
    server host7004.internal host7004.internal:10001 check inter 30000 rise 3 fall 3 maxconn 1024 maxqueue 128 #disabled
    server host7005.internal host7005.internal:10001 check inter 30000 rise 3 fall 3 maxconn 1024 maxqueue 128 #disabled

errorfile 403 /etc/haproxy/errorfiles/403.http
errorfile 500 /etc/haproxy/errorfiles/500.http
errorfile 502 /etc/haproxy/errorfiles/502.http
errorfile 503 /etc/haproxy/errorfiles/503.http
errorfile 504 /etc/haproxy/errorfiles/504.http

文章目录

一、概述

二、常用基本操作

三、常用配置

3.1、四层tcp代理服务配置

3.2、七层http代理服务配置

See Also

最近文章

分类

标签

其它