Skip to content

Instantly share code, notes, and snippets.

@behrad
Last active August 29, 2015 14:27
Show Gist options
  • Save behrad/c38f96ed73f7f582bcc5 to your computer and use it in GitHub Desktop.
Save behrad/c38f96ed73f7f582bcc5 to your computer and use it in GitHub Desktop.
Here's a sample WORKING haproxy config for websockets / socketio. We were able to get socketio working on an Amazon ELB with just one node, but when we added multiple nodes, we saw weird client issues. So, we decided to use HAProxy on Ubuntu 12.04 and spent significant time trying to get just the right configuration (haproxy.cfg). Note though th…
global
#debug
#daemon
log 127.0.0.1 local0
defaults
log global
option httplog
frontend unsecured *:80
mode http
timeout client 86400000
redirect prefix https://[ha-hostname] code 301
frontend secured
bind 0.0.0.0:443 ssl crt /path/to/your/cert/chain.pem
mode tcp
log global
option tcplog
timeout client 3600s
backlog 4096
maxconn 50000
default_backend www_backend
backend www_backend
mode tcp
option log-health-checks
option redispatch
option tcplog
balance source
timeout connect 1s
timeout queue 5s
timeout server 3600s
#SERVERBEGIN
server websocket-001 websocket-001.domain.com:8080 maxconn 1000 weight 10 check
server websocket-002 websocket-002.domain.com:8080 maxconn 1000 weight 10 check
server websocket-003 websocket-003.domain.com:8080 maxconn 1000 weight 10 check
#SERVEREND
listen stats 0.0.0.0:8888
mode http
stats enable
option httplog
stats show-legends
stats uri /haproxy
stats realm Haproxy\ Statistics
stats refresh 5s
stats auth SECRETUSER:SECRETPASS
timeout connect 5000ms
timeout client 50000ms
timeout server 50000ms
#/bin/bash
############################################################################################
## Assumptions:
## - The EC2 Name on your instance for the haproxy is simply "haproxy.domain.com"
## - Your member servers are named "websocket-001.domain.com .. websocket-999.domain.com
## - Your using VPCs and yoru haproxy sits in the public subnet with an EIP
## - Your websocket servers are listening on 8080
##
## Your root crontab entry could look like this (run every 15 min):
## */15 * * * * /path/to/update_haproxy_config.sh > /dev/null 2>&1
##
############################################################################################
export EC2_CERT=/path/to/your/ec2/cert.pem
export EC2_PRIVATE_KEY=/path/to/your/ec2/pk.pem
MAXCONN=1000
TMPTAGFILE=/tmp/websocket_tags
TMPINSTANCES=/tmp/websocket_instances
TMPHOSTS=/tmp/hosts
TMPHACONFIG=/tmp/testconfig
HACONFIG=/etc/haproxy/haproxy.cfg
HACONFIGSERVERS=/tmp/haconfig
echo "" > $HACONFIGSERVERS
echo "" > $TMPHOSTS
echo "" > $HACONFIGSERVERS
##################################################################
## Query the AWS EC2 API looking for servers named "socketio"
## You can adjust this if you want to name your member servers
## something different
##################################################################
echo "Getting EC2 Data..."
ec2-describe-tags | grep Name | grep websocket | grep -v haproxy > $TMPTAGFILE
ec2-describe-instances | grep INSTANCE > $TMPINSTANCES
while read line; do
NAME1=`echo $line | awk '{print $5}' | tr '.' ' ' | awk '{print $1}'`
NAME2=`echo $line | awk '{print $5}'`
INSTANCEID=`echo $line | awk '{print $3}'`
INTERNALIP=`cat $TMPINSTANCES | grep $INSTANCEID | awk '{print $15}'`
echo "$INTERNALIP $NAME1 $NAME2" >> $TMPHOSTS
echo " server $NAME1 $NAME2:8080 maxconn $MAXCONN weight 10 check" >> $HACONFIGSERVERS
echo "" >> $HACONFIGSERVERS
done < $TMPTAGFILE
#############################################################
## this modifies the /etc/hosts file so we can
## use the internal ip (10.x.x.x) for traffic rather then
## then EIP
#############################################################
if [ `cat $TMPHOSTS | wc -l` -gt 0 ];
then
echo "Writing New Host File..."
echo "127.0.0.1 localhost haproxy haproxy.domain.com" > /etc/hosts
cat $TMPHOSTS | sed '/^$/d' | sort -k 2 >> /etc/hosts
fi
#############################################################
## This rewrites the haproxy.cfg file placing additional
## servers between the two blocks:
## #SERVERBEGIN
## ....
## #SERVEREND
##
## And then reloads the config
#############################################################
if [ `cat $HACONFIGSERVERS | wc -l` -gt 0 ];
then
echo "Writing HA Proxy Config File..."
SUBSERVER=`cat $HACONFIGSERVERS | sort -u | sed '/^$/d' | sed -e 's/[\/&]/\\&/g'`
cat $HACONFIG | sed -e "/#SERVERBEGIN/,/#SERVEREND/c\\\t\#SERVERBEGIN\n\tSERVERPLACEHOLDER\n\t\#SERVEREND" | perl -p -i -e "s/SERVERPLACEHOLDER/${SUBSERVER}/g" > $TMPHACONFIG
cat $TMPHACONFIG > $HACONFIG
echo "Reloading HAProxy..."
/etc/init.d/haproxy reload
fi
#############################################################
## file cleanup
#############################################################
rm -f $TMPTAGFILE
rm -f $TMPINSTANCES
rm -f $HACONFIGSERVERS
rm -f $TMPHOSTS
rm -f $TMPHACONFIG
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment