RalfWenzel/README.md

## README.md

      
    Raw
  

              README.md
            
          
    Using LUA script for HAProxy backend selection

Principle / HAProxy features used


HAProxy can extract pieces of information known as samples. Samples can be fetched from various sources, for the use-case described herein extraction from HTTP request is required.


A sample may then pass through a number of operators known as converters. A converter consumes a sample and produces a new one.


HAProxy standard fetches/converters can be extended by writing own fetches/converters in LUA


A sample value may be used to select a backend


Getting started

Further reading


HAProxy documentation: Starter Guide, Configuration manual and Management Guide
LUA project page


## gwrouter.lua
function get_estrella_backend
core.Alert("gwrouter for estrella kolibri.")
core.register_fetches("get_estrella_backend", get_estrella_backend)

## haproxy.cfg
global
    log /dev/log len 1024 local0
    chroot /var/lib/haproxy
    user haproxy
    group haproxy
    daemon

	maxconn 10000
	stats socket /run/haproxy/admin.sock mode 600 level admin
	stats timeout 2m

    ca-base /etc/haproxy/certs
    crt-base /etc/haproxy/certs
    ssl-default-bind-ciphers kEECDH+aRSA+AES:kRSA+AES:+AES256:!kEDH:!LOW:!EXPORT:!DES:!3DES:!RC4:!MD5:!aNULL:!eNULL
    tune.ssl.default-dh-param 2048
    ssl-default-bind-options no-sslv3
    lua-load gwrouter.lua
defaults
    log	global
    mode	http
    option	http-server-close
    option	forwardfor
    option	httplog
    option	dontlognull

    timeout connect 10s
    timeout client  60s
    timeout server  60s
    timeout tunnel  3600s

    errorfile 400 /etc/haproxy/errors/400.http
    errorfile 403 /etc/haproxy/errors/403.http
    errorfile 408 /etc/haproxy/errors/408.http
    errorfile 500 /etc/haproxy/errors/500.http
    errorfile 502 /etc/haproxy/errors/502.http
    errorfile 503 /etc/haproxy/errors/503.http
    errorfile 504 /etc/haproxy/errors/504.http

frontend statistics_proxy
	bind :8080
	maxconn 20
	default_backend statistics

backend statistics
	stats enable
	stats refresh 15s
	stats uri /
	stats realm HAProxy\ GWVM1\ Statistics
	stats auth admin:admin

frontend ws_proxy
	bind :80
	maxconn 20000
	log-format %ci:%cp\ [%t]\ %ft\ %b/%s\ %Tq/%Tw/%Tc/%Tr/%Tt\ %ST\ %B\ %CC\ %CS\ %tsc\ %ac/%fc/%bc/%sc/%rc\ %sq/%bq\ %hr\ %hs\ {%sslv/%sslc/%[ssl_fc_sni]}\ %{+Q}r
	reqadd X-Forwarded-Proto:\ http
	acl is_upgrade hdr(Upgrade),lower -i websocket
	use_backend kolibri if is_upgrade


backend backend1
	balance leastconn
	fullconn 20000
	server broker8000 127.0.0.1:8000 check maxconn 2000
	server broker8001 127.0.0.1:8001 check maxconn 2000
	server broker8002 127.0.0.1:8002 check maxconn 2000
	server broker8003 127.0.0.1:8003 check maxconn 2000
	server broker8004 127.0.0.1:8004 check maxconn 2000

backend backend2
	balance leastconn
	fullconn 20000
	server broker8005 127.0.0.1:8005 check maxconn 2000
	server broker8006 127.0.0.1:8006 check maxconn 2000
	server broker8007 127.0.0.1:8007 check maxconn 2000
	server broker8008 127.0.0.1:8008 check maxconn 2000
    server broker8009 127.0.0.1:8009 check maxconn 2000
	function get_estrella_backend
	core.Alert("gwrouter for estrella kolibri.")
	core.register_fetches("get_estrella_backend", get_estrella_backend)
	global
	log /dev/log len 1024 local0
	chroot /var/lib/haproxy
	user haproxy
	group haproxy
	daemon

	maxconn 10000
	stats socket /run/haproxy/admin.sock mode 600 level admin
	stats timeout 2m

	ca-base /etc/haproxy/certs
	crt-base /etc/haproxy/certs
	ssl-default-bind-ciphers kEECDH+aRSA+AES:kRSA+AES:+AES256:!kEDH:!LOW:!EXPORT:!DES:!3DES:!RC4:!MD5:!aNULL:!eNULL
	tune.ssl.default-dh-param 2048
	ssl-default-bind-options no-sslv3
	lua-load gwrouter.lua
	defaults
	log global
	mode http
	option http-server-close
	option forwardfor
	option httplog
	option dontlognull

	timeout connect 10s
	timeout client 60s
	timeout server 60s
	timeout tunnel 3600s

	errorfile 400 /etc/haproxy/errors/400.http
	errorfile 403 /etc/haproxy/errors/403.http
	errorfile 408 /etc/haproxy/errors/408.http
	errorfile 500 /etc/haproxy/errors/500.http
	errorfile 502 /etc/haproxy/errors/502.http
	errorfile 503 /etc/haproxy/errors/503.http
	errorfile 504 /etc/haproxy/errors/504.http

	frontend statistics_proxy
	bind :8080
	maxconn 20
	default_backend statistics

	backend statistics
	stats enable
	stats refresh 15s
	stats uri /
	stats realm HAProxy\ GWVM1\ Statistics
	stats auth admin:admin

	frontend ws_proxy
	bind :80
	maxconn 20000
	log-format %ci:%cp\ [%t]\ %ft\ %b/%s\ %Tq/%Tw/%Tc/%Tr/%Tt\ %ST\ %B\ %CC\ %CS\ %tsc\ %ac/%fc/%bc/%sc/%rc\ %sq/%bq\ %hr\ %hs\ {%sslv/%sslc/%[ssl_fc_sni]}\ %{+Q}r
	reqadd X-Forwarded-Proto:\ http
	acl is_upgrade hdr(Upgrade),lower -i websocket
	use_backend kolibri if is_upgrade


	backend backend1
	balance leastconn
	fullconn 20000
	server broker8000 127.0.0.1:8000 check maxconn 2000
	server broker8001 127.0.0.1:8001 check maxconn 2000
	server broker8002 127.0.0.1:8002 check maxconn 2000
	server broker8003 127.0.0.1:8003 check maxconn 2000
	server broker8004 127.0.0.1:8004 check maxconn 2000

	backend backend2
	balance leastconn
	fullconn 20000
	server broker8005 127.0.0.1:8005 check maxconn 2000
	server broker8006 127.0.0.1:8006 check maxconn 2000
	server broker8007 127.0.0.1:8007 check maxconn 2000
	server broker8008 127.0.0.1:8008 check maxconn 2000
	server broker8009 127.0.0.1:8009 check maxconn 2000