Skip to content

Instantly share code, notes, and snippets.

@haproxytechblog
Last active September 4, 2019 15:20
Show Gist options
  • Save haproxytechblog/d766dc0be50e2d4e4407b9b3c7783152 to your computer and use it in GitHub Desktop.
Save haproxytechblog/d766dc0be50e2d4e4407b9b3c7783152 to your computer and use it in GitHub Desktop.
HAProxy Traffic Mirroring for Real-world Testing
$ sudo apt update
$ sudo apt install -y autoconf automake build-essential git libcurl4-openssl-dev libev-dev libpthread-stubs0-dev pkg-config
$ git clone https://github.com/haproxytech/spoa-mirror
$ cd spoa-mirror
$ ./scripts/bootstrap
$ ./configure
$ make all
$ sudo cp ./src/spoa-mirror /usr/local/bin/
./configure --enable-debug
$ spoa-mirror --runtime 0 --mirror-url http://test.local --logfile /var/log/haproxy-mirror.log
program mirror
command spoa-mirror --runtime 0 --mirror-url http://test.local
$ sudo systemctl status haproxy
haproxy.service - HAProxy Load Balancer
Main PID: 1177 (haproxy)
Tasks: 14 (limit: 1152)
CGroup: /system.slice/haproxy.service
├─1177 /usr/sbin/haproxy -Ws -f /etc/haproxy/haproxy.cfg -p /run/haproxy.pid -S /run/haproxy-master.sock -sf 1209
├─2081 spoa-mirror --runtime 0 --mirror-url http://localhost:81 --address 127.0.0.1
└─2082 /usr/sbin/haproxy -Ws -f /etc/haproxy/haproxy.cfg -p /run/haproxy.pid -S /run/haproxy-master.sock -sf 1209
# Production frontend
frontend fe_main
mode http
bind :80
option http-buffer-request
filter spoe engine mirror config /etc/haproxy/mirror.conf
default_backend servers
# Production servers
backend be_servers
mode http
server s1 prodserver:80
# Mirror agents
backend mirroragents
mode tcp
balance roundrobin
timeout connect 5s
timeout server 5s
server agent1 localhost:12345
[mirror]
spoe-agent mirror
log global
messages mirror
use-backend mirroragents
timeout hello 500ms
timeout idle 5s
timeout processing 5s
spoe-message mirror
args arg_method=method arg_path=url arg_ver=req.ver arg_hdrs=req.hdrs_bin arg_body=req.body
event on-frontend-http-request
SPOE: [mirror] <EVENT:on-frontend-http-request> sid=0 st=0 0/1/0/0/1 1/1 0/0 0/1
spoe-message mirror-msg
args arg_method=method arg_path=url arg_ver=req.ver arg_hdrs=req.hdrs_bin arg_body=req.body
event on-frontend-http-request if { path_beg /search }
spoe-message mirror-msg
args arg_method=method arg_path=url arg_ver=req.ver arg_hdrs=req.hdrs_bin arg_body=req.body
acl is_search path_beg /search
event on-frontend-http-request if is_search
spoe-message mirror-msg
args arg_method=method arg_path=url arg_ver=req.ver arg_hdrs=req.hdrs_bin arg_body=req.body
acl is_search path_beg /search
event on-frontend-http-request if { rand(100) le 10 }
spoe-message mirror-msg
args arg_method=method arg_path=url arg_ver=req.ver arg_hdrs=req.hdrs_bin arg_body=req.body
acl mirroring_on str(mirroring),map(/etc/haproxy/mirroring.map) -m str on
event on-frontend-http-request if mirroring_on
# Change mirroring to off
$ echo "set map /etc/haproxy/mirroring.map mirroring off" | nc 127.0.0.1 9999
# Show current value
$ echo "show map /etc/haproxy/mirroring.map mirroring" | nc 127.0.0.1 9999
# Show existing filters
curl -X GET --user admin:mypassword "http://localhost:5555/v1/services/haproxy/configuration/filters?parent_name=fe_main&parent_type=frontend"
# Add a filter line
curl -X POST --user admin:mypassword "http://localhost:5555/v1/services/haproxy/configuration/filters?parent_name=fe_main&parent_type=frontend&version=1" -H "Content-Type: application/json" -d '{"id": 0, "spoe_config":"/etc/haproxy/spoa.conf", "spoe_engine":"mirror", "type": "spoe"}'
{"id":0,"spoe_config":"/etc/haproxy/spoa.conf","spoe_engine":"mirror","type":"spoe"}
# Remove a filter line
curl -X DELETE --user admin:mypassword "http://localhost:5555/v1/services/haproxy/configuration/filters/0?parent_name=fe_main&parent_type=frontend&version=2" -H "Content-Type: application/json"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment