HAProxy: Difference between revisions

From Chorke Wiki
Jump to navigation Jump to search
 
(20 intermediate revisions by the same user not shown)
Line 4: Line 4:
  sudo apt install haproxy=2.4.\*
  sudo apt install haproxy=2.4.\*
  haproxy -v
  haproxy -v
==Load Balancing==
frontend chorke-http
    bind *:80
    mode http
    default_backend chorke-minio
backend chorke-minio
    server minio1 127.0.0.1:1983
    mode http
==Reverse Proxy==
{|
| valign="top" |
frontend chorke-http
    bind *:80
    mode http
    acl host-is-chorke hdr(host) -i chorke.local
    acl path-prefix-is-services  path_beg /services/
    use_backend chorke-servers if host-is-chorke path-prefix-is-services
    use_backend chorke-clients if host-is-chorke
backend chorke-servers
    server apache 127.0.0.1:2013
    mode http
backend chorke-clients
    server apache 127.0.0.1:3000
    mode http
| valign="bottom" |
#    acl path-prefix-is-pgadmin4  path_beg /pgadmin4
#    acl path-prefix-is-gateway  path_beg /data/ OR path_beg /user/ OR path_beg /policy/
#    acl path-prefix-is-gateway  path_beg /data/ && path_beg /user/ && path_beg /policy/
#    use_backend chorke-servers if host-is-chorke path-prefix-is-gateway
#    use_backend chorke-servers if path-prefix-is-pgadmin4
frontend chorke-http
    bind *:80
    mode http
    acl path-prefix-is-minio  path_beg /minio/
    use_backend chorke-minio if path-prefix-is-minio
backend chorke-minio
    server minio1 127.0.0.1:9801
    mode http
|}
==HTTP Rewrite==
<syntaxhighlight lang="text">
frontend academia
  bind *:80
  mode http
  acl host-is-academia-flow  hdr(host) -i flow.academia.local
  acl host-is-academia      hdr(host) -i academia.local
  acl is-insurance          path_beg /services/insurance/
  acl is-policy              path_beg /services/policy/
  acl is-quote              path_beg /services/quote/
  acl is-audit              path_beg /services/audit/
  acl is-data                path_beg /services/data/
  acl is-user                path_beg /services/user/
  acl is-tds                path_beg /services/tds/
  use_backend academia-insurance  if host-is-academia is-insurance
  use_backend academia-policy    if host-is-academia is-policy
  use_backend academia-quote      if host-is-academia is-quote
  use_backend academia-audit      if host-is-academia is-audit
  use_backend academia-data      if host-is-academia is-data
  use_backend academia-user      if host-is-academia is-user
  use_backend academia-tds        if host-is-academia is-tds
  use_backend academia-flow      if host-is-academia-flow
  use_backend academia-admin      if host-is-academia
  default_backend academia-apache
backend academia-apache
  server apache 127.0.0.1:2013
  mode http
backend academia-insurance
  http-request set-path "%[path,regsub(^/services/insurance/,/)]"
  server tomcat 127.0.0.1:16002
  mode http
backend academia-data
  http-request set-path "%[path,regsub(^/services/data/,/)]"
  server tomcat 127.0.0.1:16001
  mode http
backend academia-user
  http-request set-path "%[path,regsub(^/services/user/,/)]"
  server tomcat 127.0.0.1:16001
  mode http
backend academia-flow
  server tomcat 127.0.0.1:16001
  mode http
backend academia-policy
  http-request set-path "%[path,regsub(^/services/policy/,/)]"
  server tomcat 127.0.0.1:9002
  mode http
backend academia-quote
  http-request set-path "%[path,regsub(^/services/quote/,/)]"
  server tomcat 127.0.0.1:9001
  mode http
backend academia-audit
  http-request set-path "%[path,regsub(^/services/audit/,/)]"
  server tomcat 127.0.0.1:9003
  mode http
backend academia-tds
  http-request set-path "%[path,regsub(^/services/tds/,/)]"
  server tomcat 127.0.0.1:9000
  mode http
backend academia-admin
  server nodejs 127.0.0.1:3000
  mode http
</syntaxhighlight>
==Knowledge==
{|
|valign='top'|
sudo ss -tulwn | grep LISTEN
sudo ss -tulpn | grep LISTEN
sudo ss -tulpn | grep LISTEN | grep sshd
sudo ss -tulpn | grep LISTEN | grep minio
sudo ss -tulpn | grep LISTEN | grep resolve
|valign='top'|
|valign='top'|
|-
|colspan='3'|
----
|-
|valign='top'|
|valign='top'|
|valign='top'|
|}


==References==
==References==
Line 33: Line 183:
| valign="top" |
| valign="top" |
* [https://serverfault.com/questions/768575/ HAProxy » ACL multiple OR conditions]
* [https://serverfault.com/questions/768575/ HAProxy » ACL multiple OR conditions]
* [https://discourse.haproxy.org/t/acl-condition-with-and/3190/5 HAProxy » ACL condition with AND]
* [https://medium.com/@lalosaimi/haproxy-e5d39ca64a07 HAProxy » Spring Boot Application]
* [https://medium.com/@lalosaimi/haproxy-e5d39ca64a07 HAProxy » Spring Boot Application]
* [https://www.jenkins.io/doc/book/system-administration/reverse-proxy-configuration-haproxy/ HAProxy » Jenkins Reverse Proxy]
* [https://www.jenkins.io/doc/book/system-administration/reverse-proxy-configuration-haproxy/ HAProxy » Jenkins Reverse Proxy]
* [https://www.haproxy.com/blog/haproxy-configuration-basics-load-balance-your-servers/ HAProxy » Configuration Basics]
* [https://www.haproxy.com/blog/haproxy-configuration-basics-load-balance-your-servers/ HAProxy » Configuration Basics]
* [https://www.haproxy.com/blog/introduction-to-haproxy-acls/ HAProxy » Introduction to ACLs]
* [https://docs.haproxy.org/2.4/configuration.html HAProxy » Configuration » 2.4]
* [https://docs.haproxy.org/2.4/configuration.html HAProxy » Configuration » 2.4]
* [https://docs.haproxy.org/2.4/management.html HAProxy » Management » 2.4]
* [https://docs.haproxy.org/2.4/management.html HAProxy » Management » 2.4]
* [https://www.haproxy.com/blog/how-to-install-haproxy-on-ubuntu/ HAProxy » Install on Ubuntu]
* [https://www.haproxy.com/blog/how-to-install-haproxy-on-ubuntu/ HAProxy » Install on Ubuntu]
* [https://docs.haproxy.org/ HAProxy » Documentation]
* [https://docs.haproxy.org/ HAProxy » Documentation]
* [[PostgreSQL]]
* [[Camunda]]


|-
|-
Line 48: Line 198:
|-
|-
| valign="top" |
| valign="top" |
* [https://www.haproxy.com/blog/using-haproxy-as-an-api-gateway-part-1-introduction HAProxy » As an API Gateway]
* [https://help.ubuntu.com/community/WakeOnLan Setting Up Wake-on-LAN]
* [https://www.haproxy.com/blog/haproxy-and-let-s-encrypt HAProxy »  Let’s Encrypt]
* [[Convention for Projects]]
* [[Convention for Projects]]
* [[Localtunnel]]
* [[PostgreSQL]]
* [[Camunda]]
* [[Pi-hole]]
* [[Nginx]]
* [[MinIO]]


| valign="top" |
| valign="top" |
* [https://www.linkedin.com/pulse/how-https-lets-encrypt-haproxy-jack-mtembete HAProxy » HTTPS with Let's Encrypt]
* [https://www.haproxy.com/blog/autoscaling-with-the-haproxy-kubernetes-ingress-controller-and-keda HAProxy » K8s Autoscaling]
* [[K8s/Ingress]]


| valign="top" |
| valign="top" |


|}
|}

Latest revision as of 22:56, 4 September 2024

sudo apt install haproxy
sudo apt install --no-install-recommends software-properties-common
sudo add-apt-repository ppa:vbernat/haproxy-2.4 -y
sudo apt install haproxy=2.4.\*
haproxy -v

Load Balancing

frontend chorke-http
   bind *:80
   mode http
   default_backend chorke-minio

backend chorke-minio
   server minio1 127.0.0.1:1983
   mode http

Reverse Proxy

frontend chorke-http
   bind *:80
   mode http
   acl host-is-chorke hdr(host) -i chorke.local
   acl path-prefix-is-services  path_beg /services/
   use_backend chorke-servers if host-is-chorke path-prefix-is-services
   use_backend chorke-clients if host-is-chorke

backend chorke-servers
   server apache 127.0.0.1:2013
   mode http

backend chorke-clients
   server apache 127.0.0.1:3000
   mode http

#    acl path-prefix-is-pgadmin4  path_beg /pgadmin4
#    acl path-prefix-is-gateway   path_beg /data/ OR path_beg /user/ OR path_beg /policy/
#    acl path-prefix-is-gateway   path_beg /data/ && path_beg /user/ && path_beg /policy/
#    use_backend chorke-servers if host-is-chorke path-prefix-is-gateway
#    use_backend chorke-servers if path-prefix-is-pgadmin4

frontend chorke-http
   bind *:80
   mode http
   acl path-prefix-is-minio  path_beg /minio/
   use_backend chorke-minio if path-prefix-is-minio

backend chorke-minio
   server minio1 127.0.0.1:9801
   mode http

HTTP Rewrite

frontend academia
   bind *:80
   mode http
   acl host-is-academia-flow  hdr(host) -i flow.academia.local
   acl host-is-academia       hdr(host) -i academia.local
 
   acl is-insurance           path_beg /services/insurance/
   acl is-policy              path_beg /services/policy/
   acl is-quote               path_beg /services/quote/
   acl is-audit               path_beg /services/audit/
   acl is-data                path_beg /services/data/
   acl is-user                path_beg /services/user/
   acl is-tds                 path_beg /services/tds/

   use_backend academia-insurance  if host-is-academia is-insurance
   use_backend academia-policy     if host-is-academia is-policy
   use_backend academia-quote      if host-is-academia is-quote
   use_backend academia-audit      if host-is-academia is-audit
   use_backend academia-data       if host-is-academia is-data
   use_backend academia-user       if host-is-academia is-user
   use_backend academia-tds        if host-is-academia is-tds
   use_backend academia-flow       if host-is-academia-flow
   use_backend academia-admin      if host-is-academia

   default_backend academia-apache


backend academia-apache
   server apache 127.0.0.1:2013
   mode http

backend academia-insurance
   http-request set-path "%[path,regsub(^/services/insurance/,/)]"
   server tomcat 127.0.0.1:16002
   mode http

backend academia-data
   http-request set-path "%[path,regsub(^/services/data/,/)]"
   server tomcat 127.0.0.1:16001
   mode http

backend academia-user
   http-request set-path "%[path,regsub(^/services/user/,/)]"
   server tomcat 127.0.0.1:16001
   mode http

backend academia-flow
   server tomcat 127.0.0.1:16001
   mode http

backend academia-policy
   http-request set-path "%[path,regsub(^/services/policy/,/)]"
   server tomcat 127.0.0.1:9002
   mode http

backend academia-quote
   http-request set-path "%[path,regsub(^/services/quote/,/)]"
   server tomcat 127.0.0.1:9001
   mode http

backend academia-audit
   http-request set-path "%[path,regsub(^/services/audit/,/)]"
   server tomcat 127.0.0.1:9003
   mode http

backend academia-tds
   http-request set-path "%[path,regsub(^/services/tds/,/)]"
   server tomcat 127.0.0.1:9000
   mode http

backend academia-admin
   server nodejs 127.0.0.1:3000
   mode http

Knowledge

sudo ss -tulwn | grep LISTEN
sudo ss -tulpn | grep LISTEN
sudo ss -tulpn | grep LISTEN | grep sshd
sudo ss -tulpn | grep LISTEN | grep minio
sudo ss -tulpn | grep LISTEN | grep resolve

References

Retrieved from "https://cdn.chorke.org/weke/index.php?title=HAProxy&oldid=12841"