Haproxy ACL控制艺术

本文叙述使用Haproxy ACL功能,实现实际的业务需求,展现ACL的控制技术。
需求讲解:
当以book.test.com域名访问时,进行动静态资源请求分离,这里是将请求分发到(静态)apache01 apache02 (动态)tomcat01 tomcat02
当以onlineimage.test.com域名访问时,同样进行动静态资源请求分离,这里是将请求分发到(静态)apache01 apache02 (动态)tomcat01 tomcat02
当以m.book.test.com域名访问时,直接将请求发送到tomcat03 tomcat04
当以guide.book.test.com域名访问时,直接将请求发送到tomcat05 tomcat06
这里其实利用haproxy acl 功能实现了动静态分离、虚拟主机功能
访问流向图如下:
haproxy

需求实现:

haproxy.cfg内容配置如下:注意ACL的匹配顺序很重要哦,从上到下匹配

frontend test
        bind *:80
        #  定义ACL 对应的资源名称
        acl static path_end -i .htm .css .js .png .jpg .jpeg .gif .ico
        acl is_m.book.test.com hdr_end(host) -i m.book.test.com
        acl is_book.test.com hdr_end(host) -i book.test.com
        acl is_onlineimage.test.com hdr_end(host) -i onlineimage.test.com
        acl is_guide.book.test.com hdr_end(host) -i guide.book.test.com
        # 匹配ACL并执行到相应后端backend上 注意这里的匹配顺序很重要哦,从上到下匹配
        use_backend  guide.book.test.com if is_guide.book.test.com  
        #当guide.book.test.com访问时发送到guide.book.test.com backend
        use_backend  m.book.test.com if  is_m.book.test.com  
        #当m.book.test.com访问时发送到m.book.test.com backend
        use_backend  bkclient if  is_book.test.com 
        #当book.test.com访问时发送到bkclient backend
        use_backend  ocs_static.server if static is_book.test.com  
        #当同时满足static  is_book.test.com 两条ACL时访问时发送到  ocs_static.server backend 
        #也就是当访问这个book.test.com下的静态资源时将请求转发致 ocs_static.server  backend
        use_backend  bkclient if  is_onlineimage.test.com 
        #当onlineimage.test.com访问时发送到bkclient backend
        use_backend  ocs_static.server if static is_onlineimage.test.com 
        #当同时满足static  is_onlineimage.test.com 两条ACL时访问时发送到  ocs_static.server backend
        #也就是当访问这个onlineimage.test.com 下的静态资源时将求求转发致 ocs_static.server backend
        # 默认请求发送到后端的bkclient下
        default_backend bkclient

backend ocs_static.server
        mode http
        balance source
        cookie  SERVERSTATICID insert indirect
        option  httpchk HEAD /test.html
        server  ocs51 192.168.1.30:80 cookie ocs51 check inter 6000 rise 3 fall 3 weight 1
        server  ocs52 192.168.1.40:80 cookie ocs52 check inter 6000 rise 3 fall 3 weight 1

backend bkclient
        mode http
        balance source
        cookie  SERVERID insert indirect
        option  httpchk HEAD /test.html
        server  bkclient1 192.168.1.10:9090 cookie bkclient1 check inter 6000 rise 3 fall 3 weight 1
        server  bkclient2 192.168.1.20:9090 cookie bkclient2 check inter 6000 rise 3 fall 3 weight 1
backend m.book.test.com
        mode http
        balance source
        cookie  SERVERID3 insert indirect
        option  httpchk HEAD /test.html
        server  bookmobile1 192.168.1.50:9090 cookie bookmobile1 check inter 6000 rise 3 fall 3 weight 1
        server  bookmobile2 192.168.1.60:9090 cookie bookmobile2 check inter 6000 rise 3 fall 3 weight 1
backend guide.book.test.com
        mode http
        balance source
        cookie  SERVERID4 insert indirect
        option  httpchk HEAD /test.html
        server  guide1 192.168.1.70:80 cookie guide1 check inter 6000 rise 3 fall 3 weight 1
        server  guide2 192.168.1.80:80 cookie guide2 check inter 6000 rise 3 fall 3 weight 1

发表评论