2.配置 HAProxy
2.1 配置文件格式
Haproxy的配置过程包含了3部分的参数资源:
- 命令行中的参数,此种参数总是享有优先权被使用
- 配置文件中global节点中的参数,此种参数是进程范围参数
- 代理节点参数,此种参数是从defaults,listen,frontend,backend节点中读取的
这个手册里,以关键字起始并作为关联引用的行,组成了配置文件的语法结构。后面跟上可选的一个或者几个用空格隔开的参数。
2.2 引用(Quoting)和转义(escaping)
Haproxy的配置介绍了一个像大多数编程语言一样的引用和转义的系统。配置文件支持3种类型:用一个反斜杠(\),弱引用用双引号,
强引用用单引号。
如果字符串中必须要加入空格,必须要在它们前面加上反斜杠('\')来转义它们或者用引号引起来。反斜杠也必须用双反斜杠或者强引用来转义它们。
我们在一个特殊字符前面加上反斜杠('\')来表达一个转义:
\ 用来表示空格,以区分一个分隔符
\# 用来表示一个#号,以区分注释符号
\\ 表示一个反斜杠
\' 表示一个单引号,以区分强引用
\" 表示一个双引号,以区分弱引用
弱引用使用双引号来实现("")。用来阻止解释语义(使特殊字符变为普通字符,比如让以下特殊字符所表示的特殊意义失效):
空格字符表示参数的分隔符
‘ 单引号表示强引用的分隔符
# #表示注释的开始
弱引用允许对变量进行语法解释,如果你想在一个双引号的变量中用一个非解释(non-interpreted)美元符号,你应该用一个反斜杠去
转义它('\$'),注意,在弱引用外这样做是不起效果的。
弱引用不会阻止转义解释和特殊字符的。
强引用用单引号来实现('')。在单引号内,不会解释任何东西,这对用来引用正则表达式效果是极佳的。
被引用起来的和被转义的字符串在内存中被替换成它们所表示的内容,它允许你处理与之有关的一系列的事情。
示例:
# 这些是表达式:
log-format %{+Q}o\ %t\ %s\ %{-Q}r
log-format "%{+Q}o %t %s %{-Q}r"
log-format '%{+Q}o %t %s %{-Q}r'
log-format "%{+Q}o %t"' %s %{-Q}r'
log-format "%{+Q}o %t"' %s'\ %{-Q}r
# 这些是表达式:
reqrep "^([^\ :]*)\ /static/(.*)" \1\ /\2
reqrep "^([^ :]*)\ /static/(.*)" '\1 /\2'
reqrep "^([^ :]*)\ /static/(.*)" "\1 /\2"
reqrep "^([^ :]*)\ /static/(.*)" "\1\ /\2"
2.3 环境变量
Haproxy的配置支持环境变量。这些变量只能在双引号中被解释。在解析配置文件的时候,变量也被解析。变量必须以$开头,也可以像在Bourne shell里一样在后面跟上花括号(“{}”)。
变量名可以包含字母,数字或者下划线“_”,但不能以数字开头.
示例:
bind "fd@${FD_APP1}"
log "${LOCAL_SYSLOG}:514" local0 notice # send to local server
user "$HAPROXY_USER"
在进程启动阶段,定义里一个特殊的变量$HAPROXY_LOCALPEER,它包含了local peer的名字。(详情请在管理指南章节查看"- L")。
2.4 时间格式
有些变量包含了现在的时间值,比如timeouts.这些值一般都用毫秒(除非其他的一些精确的状态)表示,如果要用其他单位,需要用数字加上单位。
认知到这一点很重要,因为不是每个关键词都会被重复。支持的单位有:
- us : 微秒(microseconds). 1 微秒 = 1/1000000 秒
- ms : 毫秒(milliseconds). 1 毫秒 = 1/1000 秒. 默认以毫秒为单位.
- s : 秒(seconds). 1s = 1000ms
- m : 分钟(minutes). 1m = 60s = 60000ms
- h : 小时(hours). 1h = 60m = 3600s = 3600000ms
- d : 天(days). 1d = 24h = 1440m = 86400s = 86400000ms
2.5示例
#简单配置一个HTTP代理,用来监听80端口上的所有接口和端口转发请求,与之对应的是一个单个的后台“servers”,
#这个后台配置了一个监听127.0.0.1的服务器“server1”。
global
daemon
maxconn 256
defaults
mode http
timeout connect 5000ms
timeout client 50000ms
timeout server 50000ms
frontend http-in
bind *:80
default_backend servers
backend servers
server server1 127.0.0.1:8000 maxconn 32
# 下面的示例效果一样,是用一个单独的listen代码块,尤其是在HTTP模式下这样做更简介更有效。
global
daemon
maxconn 256
defaults
mode http
timeout connect 5000ms
timeout client 50000ms
timeout server 50000ms
listen http-in
bind *:80
server server1 127.0.0.1:8000 maxconn 32
假如haproxy已经在$PATH环境变量中,在shell终端中这样来测试这些配置:
$ sudo haproxy -f configuration.conf -c
-------------------------------------------以下是英文原文--------------------------------------------------
2. Configuring HAProxy
2.1. Configuration file format
HAProxy's configuration process involves 3 major sources of parameters :
- the arguments from the command-line, which always take precedence
- the "global" section, which sets process-wide parameters
- the proxies sections which can take form of "defaults", "listen",
"frontend" and "backend".
The configuration file syntax consists in lines beginning with a keyword
referenced in this manual, optionally followed by one or several parameters
delimited by spaces.
2.2. Quoting and escaping
HAProxy's configuration introduces a quoting and escaping system similar to
many programming languages. The configuration file supports 3 types: escaping
with a backslash, weak quoting with double quotes, and strong quoting with
single quotes.
If spaces have to be entered in strings, then they must be escaped by preceding
them by a backslash ('\') or by quoting them. Backslashes also have to be
escaped by doubling or strong quoting them.
Escaping is achieved by preceding a special character by a backslash ('\'):
\ to mark a space and differentiate it from a delimiter
\# to mark a hash and differentiate it from a comment
\\ to use a backslash
\' to use a single quote and differentiate it from strong quoting
\" to use a double quote and differentiate it from weak quoting
Weak quoting is achieved by using double quotes (""). Weak quoting prevents
the interpretation of:
space as a parameter separator
' single quote as a strong quoting delimiter
# hash as a comment start
Weak quoting permits the interpretation of variables, if you want to use a non
-interpreted dollar within a double quoted string, you should escape it with a
backslash ("\$"), it does not work outside weak quoting.
Interpretation of escaping and special characters are not prevented by weak
quoting.
Strong quoting is achieved by using single quotes (''). Inside single quotes,
nothing is interpreted, it's the efficient way to quote regexes.
Quoted and escaped strings are replaced in memory by their interpreted
equivalent, it allows you to perform concatenation.
Example:
# those are equivalents:
log-format %{+Q}o\ %t\ %s\ %{-Q}r
log-format "%{+Q}o %t %s %{-Q}r"
log-format '%{+Q}o %t %s %{-Q}r'
log-format "%{+Q}o %t"' %s %{-Q}r'
log-format "%{+Q}o %t"' %s'\ %{-Q}r
# those are equivalents:
reqrep "^([^\ :]*)\ /static/(.*)" \1\ /\2
reqrep "^([^ :]*)\ /static/(.*)" '\1 /\2'
reqrep "^([^ :]*)\ /static/(.*)" "\1 /\2"
reqrep "^([^ :]*)\ /static/(.*)" "\1\ /\2"
2.3. Environment variables
HAProxy's configuration supports environment variables. Those variables are
interpreted only within double quotes. Variables are expanded during the
configuration parsing. Variable names must be preceded by a dollar ("$") and
optionally enclosed with braces ("{}") similarly to what is done in Bourne
shell. Variable names can contain alphanumerical characters or the character
underscore ("_") but should not start with a digit.
Example:
bind "fd@${FD_APP1}"
log "${LOCAL_SYSLOG}:514" local0 notice # send to local server
user "$HAPROXY_USER"
A special variable $HAPROXY_LOCALPEER is defined at the startup of the process
which contains the name of the local peer. (See "-L" in the management guide.)
2.4. Time format
Some parameters involve values representing time, such as timeouts. These
values are generally expressed in milliseconds (unless explicitly stated
otherwise) but may be expressed in any other unit by suffixing the unit to the
numeric value. It is important to consider this because it will not be repeated
for every keyword. Supported units are :
- us : microseconds. 1 microsecond = 1/1000000 second
- ms : milliseconds. 1 millisecond = 1/1000 second. This is the default.
- s : seconds. 1s = 1000ms
- m : minutes. 1m = 60s = 60000ms
- h : hours. 1h = 60m = 3600s = 3600000ms
- d : days. 1d = 24h = 1440m = 86400s = 86400000ms
2.5. Examples
# Simple configuration for an HTTP proxy listening on port 80 on all
# interfaces and forwarding requests to a single backend "servers" with a
# single server "server1" listening on 127.0.0.1:8000
global
daemon
maxconn 256
defaults
mode http
timeout connect 5000ms
timeout client 50000ms
timeout server 50000ms
frontend http-in
bind *:80
default_backend servers
backend servers
server server1 127.0.0.1:8000 maxconn 32
# The same configuration defined with a single listen block. Shorter but
# less expressive, especially in HTTP mode.
global
daemon
maxconn 256
defaults
mode http
timeout connect 5000ms
timeout client 50000ms
timeout server 50000ms
listen http-in
bind *:80
server server1 127.0.0.1:8000 maxconn 32
Assuming haproxy is in $PATH, test these configurations in a shell with:
$ sudo haproxy -f configuration.conf -c