updated haproxy state
This commit is contained in:
parent
99e7840daf
commit
c5f551757a
@ -1,7 +1,7 @@
|
|||||||
---
|
---
|
||||||
haproxy:
|
haproxy:
|
||||||
enabled: true
|
enabled: true
|
||||||
packages:
|
pkgs:
|
||||||
- haproxy
|
- haproxy
|
||||||
- liblua5.3-dev
|
- liblua5.3-dev
|
||||||
- lua-filesystem
|
- lua-filesystem
|
||||||
@ -56,7 +56,14 @@ haproxy:
|
|||||||
- name: scripts/collector.lua
|
- name: scripts/collector.lua
|
||||||
lib: false
|
lib: false
|
||||||
- name: scripts/weight.lua
|
- name: scripts/weight.lua
|
||||||
|
enabled: false
|
||||||
lib: false
|
lib: false
|
||||||
|
args:
|
||||||
|
- 5
|
||||||
|
- name: scripts/state.lua
|
||||||
|
lib: false
|
||||||
|
args:
|
||||||
|
- 30
|
||||||
namespace: paulbsd
|
namespace: paulbsd
|
||||||
user: haproxy
|
user: haproxy
|
||||||
group: haproxy
|
group: haproxy
|
||||||
@ -65,6 +72,7 @@ haproxy:
|
|||||||
defaults:
|
defaults:
|
||||||
#log: global
|
#log: global
|
||||||
#log: 127.0.0.1 local0
|
#log: 127.0.0.1 local0
|
||||||
|
load-server-state-from-file: global
|
||||||
log: stdout format raw daemon info
|
log: stdout format raw daemon info
|
||||||
retries: 2
|
retries: 2
|
||||||
timeout check: 4s
|
timeout check: 4s
|
||||||
|
@ -2,7 +2,7 @@
|
|||||||
{%- from "haproxy/map.jinja" import haproxy with context %}
|
{%- from "haproxy/map.jinja" import haproxy with context %}
|
||||||
haproxy-pkg:
|
haproxy-pkg:
|
||||||
pkg.installed:
|
pkg.installed:
|
||||||
- pkgs: {{ haproxy.packages }}
|
- pkgs: {{ haproxy.pkgs }}
|
||||||
- watch_in:
|
- watch_in:
|
||||||
- service: haproxy-service
|
- service: haproxy-service
|
||||||
|
|
||||||
|
@ -1,11 +1,12 @@
|
|||||||
lfs = require("lfs")
|
local lfs = require("lfs")
|
||||||
|
|
||||||
modpath = "/etc/haproxy/mods"
|
local modpath = "/etc/haproxy/mods"
|
||||||
|
|
||||||
local compile = {}
|
local compile = {}
|
||||||
|
local lua_version = "5.3"
|
||||||
local user = "haproxy"
|
local user = "haproxy"
|
||||||
local group = "haproxy"
|
local group = "haproxy"
|
||||||
local libs = {"-lcurl", "-ljansson", "-lmaxminddb"}
|
local libs = {"-ljansson", "-lmaxminddb"}
|
||||||
|
|
||||||
function compile.check(module)
|
function compile.check(module)
|
||||||
local sourcepath = modpath.."/"..module..".c"
|
local sourcepath = modpath.."/"..module..".c"
|
||||||
@ -14,7 +15,7 @@ function compile.check(module)
|
|||||||
local binexists = io.open(binpath)
|
local binexists = io.open(binpath)
|
||||||
|
|
||||||
if not binexists or (binexists and lfs.attributes(sourcepath).change > lfs.attributes(binpath).change ) then
|
if not binexists or (binexists and lfs.attributes(sourcepath).change > lfs.attributes(binpath).change ) then
|
||||||
local cmd = "cc -I/usr/include/ -I/usr/include/lua5.3/ -fPIC -shared -o " .. binpath .. " " .. sourcepath .. " " ..table.concat(libs," ")
|
local cmd = "cc -I/usr/include/ -I/usr/include/lua" .. lua_version .. "/ -fPIC -shared -o " .. binpath .. " " .. sourcepath .. " " ..table.concat(libs," ")
|
||||||
local res = io.popen(cmd)
|
local res = io.popen(cmd)
|
||||||
local aa = res:read("a*")
|
local aa = res:read("a*")
|
||||||
io.popen("chown "..user..":"..group.." "..binpath)
|
io.popen("chown "..user..":"..group.." "..binpath)
|
||||||
|
39
states/haproxy/scripts/state.lua
Normal file
39
states/haproxy/scripts/state.lua
Normal file
@ -0,0 +1,39 @@
|
|||||||
|
--local socket = require("socket")
|
||||||
|
local sleep_secs=15
|
||||||
|
|
||||||
|
local args = table.pack(...)
|
||||||
|
if args[1] ~= nil then sleep_secs = args[1] end
|
||||||
|
|
||||||
|
function create_state()
|
||||||
|
local try = 0
|
||||||
|
local lastconns = 0
|
||||||
|
|
||||||
|
while true do
|
||||||
|
if lastconns == core.get_info()["CumConns"] then
|
||||||
|
try = try+1
|
||||||
|
end
|
||||||
|
|
||||||
|
local a = io.popen('echo "show servers state" | socat tcp-connect:127.0.0.1:9990 -')
|
||||||
|
local content = a:read("*a")
|
||||||
|
|
||||||
|
if content ~= nil then
|
||||||
|
if #content>0 then
|
||||||
|
local f = io.open("/var/run/haproxy.state","w")
|
||||||
|
f:write(content)
|
||||||
|
io.close(f)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
lastconns = core.get_info()["CumConns"]
|
||||||
|
|
||||||
|
if try == 10 then
|
||||||
|
local msg = "Worker with pid ".. core.get_info()["Pid"] .. " exited for create_state task"
|
||||||
|
print(msg)
|
||||||
|
core.done(msg)
|
||||||
|
end
|
||||||
|
|
||||||
|
core.sleep(sleep_secs)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
core.register_task(create_state)
|
@ -1,4 +1,9 @@
|
|||||||
local function getmax(t)
|
local sleep_secs=15
|
||||||
|
|
||||||
|
local args = table.pack(...)
|
||||||
|
if args[1] ~= nil then sleep_secs = args[1] end
|
||||||
|
|
||||||
|
function getmax(t)
|
||||||
local tmpvalue = 100000
|
local tmpvalue = 100000
|
||||||
local svname
|
local svname
|
||||||
local value
|
local value
|
||||||
@ -8,17 +13,28 @@ local function getmax(t)
|
|||||||
svname = k
|
svname = k
|
||||||
value = v
|
value = v
|
||||||
end
|
end
|
||||||
|
|
||||||
tmpvalue = v
|
tmpvalue = v
|
||||||
end
|
end
|
||||||
|
|
||||||
return svname, value
|
return svname, value
|
||||||
end
|
end
|
||||||
|
|
||||||
local function arrange_backends()
|
function arrange_backends()
|
||||||
|
local try = 0
|
||||||
|
local lastconns = 0
|
||||||
|
|
||||||
while true do
|
while true do
|
||||||
|
if lastconns == core.get_info()["CumConns"] then
|
||||||
|
try = try+1
|
||||||
|
end
|
||||||
|
|
||||||
for _, backend in pairs(core.backends) do
|
for _, backend in pairs(core.backends) do
|
||||||
local results = {}
|
local results = {}
|
||||||
for n,server in pairs(backend.servers) do
|
for n,server in pairs(backend.servers) do
|
||||||
if server:get_stats()["check_status"] ~= nil then
|
if server:get_stats()["check_status"] ~= nil
|
||||||
|
and server:get_stats()["status"] == "UP"
|
||||||
|
and server:get_stats()["bck"] == 0 then
|
||||||
if string.find(server:get_stats()["check_status"],"OK") ~= nil then
|
if string.find(server:get_stats()["check_status"],"OK") ~= nil then
|
||||||
local svname = server:get_stats()["svname"]
|
local svname = server:get_stats()["svname"]
|
||||||
local latency = server:get_stats()["check_duration"]
|
local latency = server:get_stats()["check_duration"]
|
||||||
@ -38,7 +54,16 @@ local function arrange_backends()
|
|||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
core.msleep(1000)
|
|
||||||
|
lastconns = core.get_info()["CumConns"]
|
||||||
|
|
||||||
|
if try == 10 then
|
||||||
|
local msg = "Worker with pid ".. core.get_info()["Pid"] .. " exited for arrange_backends task"
|
||||||
|
print(msg)
|
||||||
|
core.done(msg)
|
||||||
|
end
|
||||||
|
|
||||||
|
core.sleep(sleep_secs)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -30,7 +30,7 @@
|
|||||||
|
|
||||||
{%- macro tcpendpoints(servers=[], check=True) -%}
|
{%- macro tcpendpoints(servers=[], check=True) -%}
|
||||||
{%- for server in servers %}
|
{%- for server in servers %}
|
||||||
server {{ server.name }} {{ server.name }}:{{ server.port }}{{ " check" if check }}{{ " backup" if server.backup|default(False) }} port {{ server.port }}
|
server {{ server.name }} {{ server.name }}:{{ server.port }}{{ " check" if check }}{{ " backup" if server.backup|default(False) }} port {{ server.port }}{{ " on-marked-down shutdown-sessions on-marked-up shutdown-backup-sessions" if server.killsessions|default(False) }}
|
||||||
{%- endfor %}
|
{%- endfor %}
|
||||||
{%- endmacro -%}
|
{%- endmacro -%}
|
||||||
|
|
||||||
@ -50,7 +50,7 @@ backend admin from {{ haproxy.config.namespace }}
|
|||||||
mode http
|
mode http
|
||||||
stats enable
|
stats enable
|
||||||
stats admin if TRUE
|
stats admin if TRUE
|
||||||
#stats refresh 10s
|
stats refresh 10s
|
||||||
stats show-modules
|
stats show-modules
|
||||||
stats show-legends
|
stats show-legends
|
||||||
stats uri /
|
stats uri /
|
||||||
@ -64,12 +64,15 @@ backend admin from {{ haproxy.config.namespace }}
|
|||||||
|
|
||||||
# Global config
|
# Global config
|
||||||
global
|
global
|
||||||
|
master-worker
|
||||||
|
server-state-file /var/run/haproxy.state
|
||||||
|
mworker-max-reloads 2
|
||||||
maxconn 1000
|
maxconn 1000
|
||||||
lua-prepend-path {{ haproxy.config.dir }}/mods/?.so cpath
|
lua-prepend-path {{ haproxy.config.dir }}/mods/?.so cpath
|
||||||
lua-prepend-path {{ haproxy.config.dir }}/scripts/?.lua
|
lua-prepend-path {{ haproxy.config.dir }}/scripts/?.lua
|
||||||
{%- for file in haproxy.config.scripts %}
|
{%- for script in haproxy.config.scripts %}
|
||||||
{%- if not file.lib %}
|
{%- if not script.lib and script.enabled|default(true) %}
|
||||||
lua-load {{ haproxy.config.dir }}/{{ file.name }} {% if "args" in file.keys() %}{{ file.args|join(" ")}}{% endif %}
|
lua-load {{ haproxy.config.dir }}/{{ script.name }} {% if "args" in script.keys() %}{{ script.args|join(" ") }}{% endif %}
|
||||||
{%- endif %}
|
{%- endif %}
|
||||||
{%- endfor %}
|
{%- endfor %}
|
||||||
{%- if haproxy.config.api.enable %}
|
{%- if haproxy.config.api.enable %}
|
||||||
@ -179,6 +182,9 @@ frontend https from {{ haproxy.config.namespace }}
|
|||||||
http-request capture req.hdr(Content-Type) len 50
|
http-request capture req.hdr(Content-Type) len 50
|
||||||
http-request capture sc_http_req_rate(0) len 4
|
http-request capture sc_http_req_rate(0) len 4
|
||||||
|
|
||||||
|
## Silent drop all external requests with no host header
|
||||||
|
http-request silent-drop if !domains !internal
|
||||||
|
|
||||||
## DDoS
|
## DDoS
|
||||||
http-request deny deny_status 429 if max_req_rate !internal
|
http-request deny deny_status 429 if max_req_rate !internal
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user