Gunakan HAProxy Data Plane API untuk secara dinamis mengatur konfigurasi load balancer Anda menggunakan perintah HTTP.
Merancang untuk ketersediaan tinggi hampir selalu berarti memiliki proxy / penyeimbang beban tingkat tinggi. Server proxy menyediakan layanan dasar, seperti:
- deteksi dan penghapusan server yang salah
- antrian koneksi
- menonaktifkan enkripsi TLS
- kompresi
- caching
Tantangannya adalah untuk menjaga agar konfigurasi Anda tetap mutakhir, yang khususnya sulit karena layanan berpindah ke wadah dan wadah itu menjadi fana. Tersedia sejak HAProxy 2.0 Anda dapat menggunakan API Data Plane HAProxy baru (Terjemahan: https://habr.com/en/post/508132/ ) yang merupakan REST API modern.
HAProxy Data Plane API melengkapi bahasa konfigurasi HAProxy yang fleksibel , yang menyediakan blok bangunan untuk menentukan aturan perutean yang sederhana dan kompleks. Ini juga pelengkap sempurna untuk Runtime API yang ada , yang memungkinkan Anda untuk memulai, menghentikan, dan melewati lalu lintas server, mengubah bobot server, dan mengelola pemeriksaan kesehatan.
Data Plane API , . SPOE. , HTTP-. , .
HAProxy /etc/haproxy/haproxy.cfg. . frontend , IP-, , backend , , . , , , , -, , ACL .
, , . , . , TLS. , , .
HTTP API . Data Plane API . HAProxy Data Plane API HAProxy . , API API , .
Data Plane API Go config-parser client-native HAProxy Runtime API . HAProxy.
HAProxy
Data Plane API . , backend frontend, . API.
, GET /v1/services/haproxy/configuration/backends, backend, :
$ curl --get --user admin:mypassword \
http://localhost:5555/v1/services/haproxy/configuration/backends backend, endpoint POST. — . , .
endpoint /v1/services/haproxy/transactions . URL, . , POST, PUT DELETE, , HAProxy. , API, . , , , , . .
$ curl -X POST --user admin:mypassword \
-H "Content-Type: application/json" \
http://localhost:5555/v1/services/haproxy/transactions?version=1JSON:
{"_version":5,"id":"9663c384-5052-4776-a968-abcef032aeef","status":"in_progress"}endpoint /v1/services/haproxy/configuration/backends, , URL:
$ curl -X POST --user admin:mypassword \
-H "Content-Type: application/json" \
-d '{"name": "test_backend", "mode":"http", "balance": {"algorithm":"roundrobin"}, "httpchk": {"method": "HEAD", "uri": "/", "version": "HTTP/1.1"}}' \
http://localhost:5555/v1/services/haproxy/configuration/backends?transaction_id=9663c384-5052-4776-a968-abcef032aeef endpoint /v1/services/haproxy/configuration/servers backend:
$ curl -X POST --user admin:mypassword \
-H "Content-Type: application/json" \
-d '{"name": "server1", "address": "127.0.0.1", "port": 8080, "check": "enabled", "maxconn": 30, "weight": 100}' \
"http://localhost:5555/v1/services/haproxy/configuration/servers?backend=test_backend&transaction_id=9663c384-5052-4776-a968-abcef032aeef"
frontend endpoint /v1/services/haproxy/configuration/frontends :
$ curl -X POST --user admin:mypassword \
-H "Content-Type: application/json" \
-d '{"name": "test_frontend", "mode": "http", "default_backend": "test_backend", "maxconn": 2000}' \
http://localhost:5555/v1/services/haproxy/configuration/frontends?transaction_id=9663c384-5052-4776-a968-abcef032aeef frontend bind . , endpoint /v1/services/haproxy/configuration/binds, :
$ curl -X POST --user admin:mypassword \
-H "Content-Type: application/json" \
-d '{"name": "http", "address": "*", "port": 80}' \
"http://localhost:5555/v1/services/haproxy/configuration/binds?frontend=test_frontend&transaction_id=9663c384-5052-4776-a968-abcef032aeef", , endpoint /v1/services/haproxy/transactions/[transaction ID] PUT, :
$ curl -X PUT --user admin:mypassword \
-H "Content-Type: application/json" \
http://localhost:5555/v1/services/haproxy/transactions/9663c384-5052-4776-a968-abcef032aeef:
frontend test_frontend
mode http
maxconn 2000
bind *:80 name http
default_backend test_backend
backend test_backend
mode http
balance roundrobin
option httpchk HEAD / HTTP/1.1
server server1 127.0.0.1:8080 check maxconn 30 weight 100.
. . URL transaction_id , .
HAProxy Data Plane API. HTTP- . . ACL, Host example.com. , use_backend example_servers. http-request deny, URL /admin.php, IP- 192.168.50.20/24.
endpoint /v1/services/haproxy/transactions :
$ curl -X POST --user admin:mypassword \
-H "Content-Type: application/json" \
http://localhost:5555/v1/services/haproxy/transactions?version=2
{"_version":2,"id":"7d0d6737-655e-4489-92eb-6d29cdd69827","status":"in_progress"} endpoint /v1/services/haproxy/configuration/backends , backend example_servers:
$ curl -X POST --user admin:mypassword \
-H "Content-Type: application/json" \
-d '{"name": "example_servers", "mode":"http", "balance": {"algorithm":"roundrobin"}}' \
http://localhost:5555/v1/services/haproxy/configuration/backends?transaction_id=7d0d6737-655e-4489-92eb-6d29cdd69827endpoint /v1/services/haproxy/configuration/servers server backend:
$ curl -X POST --user admin:mypassword \
-H "Content-Type: application/json" \
-d '{"name": "server1", "address": "127.0.0.1", "port": 8081, "check": "enabled", "maxconn": 30, "weight": 100}' \
"http://localhost:5555/v1/services/haproxy/configuration/servers?backend=example_servers&transaction_id=7d0d6737-655e-4489-92eb-6d29cdd69827"endpoint /v1/services/haproxy/configuration/acls, ACL is_example, , example.com:
$ curl -X POST --user admin:mypassword \
-H "Content-Type: application/json" \
-d '{"id": 0, "acl_name": "is_example", "criterion": "req.hdr(Host)", "value": "example.com"}' \
"http://localhost:5555/v1/services/haproxy/configuration/acls?parent_type=frontend&parent_name=test_frontend&transaction_id=7d0d6737-655e-4489-92eb-6d29cdd69827"/v1/services/haproxy/configuration/backend_switching_rules, use_backend, ACL is_example:
$ curl -X POST --user admin:mypassword \
-H "Content-Type: application/json" \
-d '{"id": 0, "cond": "if", "cond_test": "is_example", "name": "example_servers"}' \
"http://localhost:5555/v1/services/haproxy/configuration/backend_switching_rules?frontend=test_frontend&transaction_id=7d0d6737-655e-4489-92eb-6d29cdd69827"endpoint /v1/services/haproxy/configuration/http_request_rules, http-request deny, , /admin.php, IP- 192.168.50.20/24:
$ curl -X POST --user admin:mypassword \
-H "Content-Type: application/json" \
-d '{"id": 0, "cond": "if", "cond_test": "{ path /admin.php } !{ src 192.168.50.20/24 }", "type": "deny"}' \
"http://localhost:5555/v1/services/haproxy/configuration/http_request_rules?parent_type=frontend&parent_name=test_frontend&transaction_id=7d0d6737-655e-4489-92eb-6d29cdd69827", :
$ curl -X PUT --user admin:mypassword \
-H "Content-Type: application/json" \
http://localhost:5555/v1/services/haproxy/transactions/7d0d6737-655e-4489-92eb-6d29cdd69827HAProxy :
frontend test_frontend
mode http
maxconn 2000
bind *:80 name http
acl is_example req.hdr(Host) example.com
http-request deny deny_status 0 if { path /admin.php } !{ src 192.168.50.20/24 }
use_backend example_servers if is_example
default_backend test_backend
backend example_servers
mode http
balance roundrobin
server server1 127.0.0.1:8081 check maxconn 30 weight 100
backend test_backend
mode http
balance roundrobin
option httpchk HEAD / HTTP/1.1
server server1 127.0.0.1:8080 check maxconn 30 weight 100HAProxy Data Plane API, HAProxy REST API. (: https://habr.com/ru/post/508132/). , HAProxy API . Data Plane API , , HAProxy .
API . HAProxy .
Jika Anda menyukai artikel ini dan ingin mengikuti topik terkait, berlangganan blog ini. Anda juga dapat mengikuti kami di Twitter dan bergabung dengan percakapan di Slack . HAProxy Enterprise memudahkan memulai dengan Data Plane API, karena dapat diinstal sebagai paket sistem yang praktis. Ini juga mencakup basis kode yang andal dan canggih, satu set tambahan perusahaan, dukungan ahli dan layanan profesional. Ingin tahu lebih banyak? Hubungi kami hari ini dan unduh uji coba gratis.
PS Telegram mengobrol HAproxy https://t.me/haproxy_ru