Last active
August 21, 2023 15:42
-
-
Save haproxytechblog/69e52d97a62e46dd14196172c9de96f1 to your computer and use it in GitHub Desktop.
Introduction to HAProxy Maps
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # A comment begins with a hash sign | |
| static.example.com be_static | |
| www.example.com be_static | |
| # You can add additional comments, but they must be on a new line | |
| example.com be_static | |
| api.example.com be_api |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| frontend fe_main | |
| bind :80 | |
| use_backend %[str(example.com),map(/etc/hapee-1.8/maps/hosts.map)] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| use_backend %[req.hdr(host),lower,map(/etc/hapee-1.8/maps/hosts.map,be_static)] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| dynamic-update | |
| update id /etc/hapee-1.8/maps/sample.map url http://10.0.0.1/sample.map delay 300s |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| root@server1:~$ echo "show map /etc/hapee-1.8/maps/hosts.map" | socat stdio /var/run/hapee-1.8/hapee-lb.sock | |
| 0x1605c10 static.example.com be_static | |
| 0x1605c50 www.example.com be_static | |
| 0x1605c90 example.com be_static | |
| 0x1605cd0 api.example.com be_api |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| root@server1:~$ echo "del map /etc/hapee-1.8/hosts.map static.example.com" | socat stdio /var/run/hapee-1.8/hapee-lb.sock |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| root@server1:~$ echo "clear map /etc/hapee-1.8/maps/hosts.map" | socat stdio /var/run/hapee-1.8/hapee-lb.sock |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| root@server1:~$ echo "add map /etc/hapee-1.8/maps/hosts.map foo.example.com be_bar" | socat stdio /var/run/hapee-1.8/hapee-lb.sock |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| root@server1:~$ echo "set map /etc/hapee-1.8/maps/hosts.map foo.example.com be_baz" | socat stdio /var/run/hapee-1.8/hapee-lb.sock |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| root@server1:~$ echo "show map /etc/hapee-1.8/maps/hosts.map" | socat stdio /var/run/hapee-1.8/hapee-lb.sock | awk '{print $2" "$3}' > /etc/hapee-1.8/maps/hosts.map |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| root@server1:~$ echo "clear map /etc/hapee-1.8/maps/hosts.map; add map /etc/hapee-1.8/maps/hosts.map bar.example.com be_foo; add map /etc/hapee-1.8/maps/hosts.map foo.example.com be_baz" | socat stdio /var/run/hapee-1.8/hapee-lb.sock |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| frontend fe_main | |
| bind :80 | |
| acl in_network src 192.168.122.0/24 | |
| acl is_map_add path_beg /map/add | |
| http-request set-map(/etc/hapee-1.8/maps/hosts.map) %[url_param(domain)] %[url_param(backend)] if is_map_add in_network | |
| http-request deny deny_status 200 if { path_beg /map/ } | |
| use_backend %[req.hdr(host),lower,map(/etc/hapee-1.8/maps/hosts.map)] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| acl is_map_del path_beg /map/delete | |
| http-request del-map(/etc/hapee-1.8/maps/hosts.map) %[url_param(domain)] if is_map_del in_network |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| active be_blue |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| frontend fe_main | |
| bind :80 | |
| use_backend %[str(active),map(/etc/hapee-1.8/maps/bluegreen.map)] | |
| backend be_blue | |
| server server1 10.0.0.3:80 check | |
| server server2 10.0.0.4:80 check | |
| backend be_green | |
| server server1 10.0.0.5:80 check | |
| server server2 10.0.0.6:80 check |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| root@server1:~$ echo "set map /etc/hapee-1.8/maps/bluegreen.map active be_green" | socat stdio /var/run/hapee-1.8/hapee-lb.sock |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /api/routeA 40 | |
| /api/routeB 20 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| frontend api_gateway | |
| bind :80 | |
| default_backend api_servers | |
| # Set up stick table to track request rates | |
| stick-table type binary len 8 size 1m expire 10s store http_req_rate(10s) | |
| # Track client by base32+src (Host header + URL path + src IP) | |
| http-request track-sc0 base32+src | |
| # Check map file to get rate limit for path | |
| http-request set-var(req.rate_limit) path,map_beg(/etc/hapee-1.8/maps/rates.map) | |
| # Client's request rate is tracked | |
| http-request set-var(req.request_rate) base32+src,table_http_req_rate(api_gateway) | |
| # Subtract the current request rate from the limit | |
| # If less than zero, set rate_abuse to true | |
| acl rate_abuse var(req.rate_limit),sub(req.request_rate) lt 0 | |
| # Deny if rate abuse | |
| http-request deny deny_status 429 if rate_abuse |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment