updated haproxy state

This commit is contained in:
Paul 2023-06-06 09:23:53 +02:00
parent 99e7840daf
commit c5f551757a
6 changed files with 94 additions and 15 deletions

View File

@ -1,7 +1,7 @@
--- ---
haproxy: haproxy:
enabled: true enabled: true
packages: pkgs:
- haproxy - haproxy
- liblua5.3-dev - liblua5.3-dev
- lua-filesystem - lua-filesystem
@ -56,7 +56,14 @@ haproxy:
- name: scripts/collector.lua - name: scripts/collector.lua
lib: false lib: false
- name: scripts/weight.lua - name: scripts/weight.lua
enabled: false
lib: false lib: false
args:
- 5
- name: scripts/state.lua
lib: false
args:
- 30
namespace: paulbsd namespace: paulbsd
user: haproxy user: haproxy
group: haproxy group: haproxy
@ -65,6 +72,7 @@ haproxy:
defaults: defaults:
#log: global #log: global
#log: 127.0.0.1 local0 #log: 127.0.0.1 local0
load-server-state-from-file: global
log: stdout format raw daemon info log: stdout format raw daemon info
retries: 2 retries: 2
timeout check: 4s timeout check: 4s

View File

@ -2,7 +2,7 @@
{%- from "haproxy/map.jinja" import haproxy with context %} {%- from "haproxy/map.jinja" import haproxy with context %}
haproxy-pkg: haproxy-pkg:
pkg.installed: pkg.installed:
- pkgs: {{ haproxy.packages }} - pkgs: {{ haproxy.pkgs }}
- watch_in: - watch_in:
- service: haproxy-service - service: haproxy-service

View File

@ -1,11 +1,12 @@
lfs = require("lfs") local lfs = require("lfs")
modpath = "/etc/haproxy/mods" local modpath = "/etc/haproxy/mods"
local compile = {} local compile = {}
local lua_version = "5.3"
local user = "haproxy" local user = "haproxy"
local group = "haproxy" local group = "haproxy"
local libs = {"-lcurl", "-ljansson", "-lmaxminddb"} local libs = {"-ljansson", "-lmaxminddb"}
function compile.check(module) function compile.check(module)
local sourcepath = modpath.."/"..module..".c" local sourcepath = modpath.."/"..module..".c"
@ -14,7 +15,7 @@ function compile.check(module)
local binexists = io.open(binpath) local binexists = io.open(binpath)
if not binexists or (binexists and lfs.attributes(sourcepath).change > lfs.attributes(binpath).change ) then if not binexists or (binexists and lfs.attributes(sourcepath).change > lfs.attributes(binpath).change ) then
local cmd = "cc -I/usr/include/ -I/usr/include/lua5.3/ -fPIC -shared -o " .. binpath .. " " .. sourcepath .. " " ..table.concat(libs," ") local cmd = "cc -I/usr/include/ -I/usr/include/lua" .. lua_version .. "/ -fPIC -shared -o " .. binpath .. " " .. sourcepath .. " " ..table.concat(libs," ")
local res = io.popen(cmd) local res = io.popen(cmd)
local aa = res:read("a*") local aa = res:read("a*")
io.popen("chown "..user..":"..group.." "..binpath) io.popen("chown "..user..":"..group.." "..binpath)

View File

@ -0,0 +1,39 @@
--local socket = require("socket")
local sleep_secs=15
local args = table.pack(...)
if args[1] ~= nil then sleep_secs = args[1] end
function create_state()
local try = 0
local lastconns = 0
while true do
if lastconns == core.get_info()["CumConns"] then
try = try+1
end
local a = io.popen('echo "show servers state" | socat tcp-connect:127.0.0.1:9990 -')
local content = a:read("*a")
if content ~= nil then
if #content>0 then
local f = io.open("/var/run/haproxy.state","w")
f:write(content)
io.close(f)
end
end
lastconns = core.get_info()["CumConns"]
if try == 10 then
local msg = "Worker with pid ".. core.get_info()["Pid"] .. " exited for create_state task"
print(msg)
core.done(msg)
end
core.sleep(sleep_secs)
end
end
core.register_task(create_state)

View File

@ -1,4 +1,9 @@
local function getmax(t) local sleep_secs=15
local args = table.pack(...)
if args[1] ~= nil then sleep_secs = args[1] end
function getmax(t)
local tmpvalue = 100000 local tmpvalue = 100000
local svname local svname
local value local value
@ -8,17 +13,28 @@ local function getmax(t)
svname = k svname = k
value = v value = v
end end
tmpvalue = v tmpvalue = v
end end
return svname, value return svname, value
end end
local function arrange_backends() function arrange_backends()
local try = 0
local lastconns = 0
while true do while true do
if lastconns == core.get_info()["CumConns"] then
try = try+1
end
for _, backend in pairs(core.backends) do for _, backend in pairs(core.backends) do
local results = {} local results = {}
for n,server in pairs(backend.servers) do for n,server in pairs(backend.servers) do
if server:get_stats()["check_status"] ~= nil then if server:get_stats()["check_status"] ~= nil
and server:get_stats()["status"] == "UP"
and server:get_stats()["bck"] == 0 then
if string.find(server:get_stats()["check_status"],"OK") ~= nil then if string.find(server:get_stats()["check_status"],"OK") ~= nil then
local svname = server:get_stats()["svname"] local svname = server:get_stats()["svname"]
local latency = server:get_stats()["check_duration"] local latency = server:get_stats()["check_duration"]
@ -38,7 +54,16 @@ local function arrange_backends()
end end
end end
end end
core.msleep(1000)
lastconns = core.get_info()["CumConns"]
if try == 10 then
local msg = "Worker with pid ".. core.get_info()["Pid"] .. " exited for arrange_backends task"
print(msg)
core.done(msg)
end
core.sleep(sleep_secs)
end end
end end

View File

@ -30,7 +30,7 @@
{%- macro tcpendpoints(servers=[], check=True) -%} {%- macro tcpendpoints(servers=[], check=True) -%}
{%- for server in servers %} {%- for server in servers %}
server {{ server.name }} {{ server.name }}:{{ server.port }}{{ " check" if check }}{{ " backup" if server.backup|default(False) }} port {{ server.port }} server {{ server.name }} {{ server.name }}:{{ server.port }}{{ " check" if check }}{{ " backup" if server.backup|default(False) }} port {{ server.port }}{{ " on-marked-down shutdown-sessions on-marked-up shutdown-backup-sessions" if server.killsessions|default(False) }}
{%- endfor %} {%- endfor %}
{%- endmacro -%} {%- endmacro -%}
@ -50,7 +50,7 @@ backend admin from {{ haproxy.config.namespace }}
mode http mode http
stats enable stats enable
stats admin if TRUE stats admin if TRUE
#stats refresh 10s stats refresh 10s
stats show-modules stats show-modules
stats show-legends stats show-legends
stats uri / stats uri /
@ -64,12 +64,15 @@ backend admin from {{ haproxy.config.namespace }}
# Global config # Global config
global global
master-worker
server-state-file /var/run/haproxy.state
mworker-max-reloads 2
maxconn 1000 maxconn 1000
lua-prepend-path {{ haproxy.config.dir }}/mods/?.so cpath lua-prepend-path {{ haproxy.config.dir }}/mods/?.so cpath
lua-prepend-path {{ haproxy.config.dir }}/scripts/?.lua lua-prepend-path {{ haproxy.config.dir }}/scripts/?.lua
{%- for file in haproxy.config.scripts %} {%- for script in haproxy.config.scripts %}
{%- if not file.lib %} {%- if not script.lib and script.enabled|default(true) %}
lua-load {{ haproxy.config.dir }}/{{ file.name }} {% if "args" in file.keys() %}{{ file.args|join(" ")}}{% endif %} lua-load {{ haproxy.config.dir }}/{{ script.name }} {% if "args" in script.keys() %}{{ script.args|join(" ") }}{% endif %}
{%- endif %} {%- endif %}
{%- endfor %} {%- endfor %}
{%- if haproxy.config.api.enable %} {%- if haproxy.config.api.enable %}
@ -179,6 +182,9 @@ frontend https from {{ haproxy.config.namespace }}
http-request capture req.hdr(Content-Type) len 50 http-request capture req.hdr(Content-Type) len 50
http-request capture sc_http_req_rate(0) len 4 http-request capture sc_http_req_rate(0) len 4
## Silent drop all external requests with no host header
http-request silent-drop if !domains !internal
## DDoS ## DDoS
http-request deny deny_status 429 if max_req_rate !internal http-request deny deny_status 429 if max_req_rate !internal