使用 HAProxy 创建 API 代理并获取响应
Creating an API proxy using HAProxy and getting responses
我有一个问题,API 供应商需要静态 IP 才能连接到它,而我无法为请求配置静态 IP,所以我正在考虑使用 HAProxy 作为我的gateway/proxy 到 API.
以基本形式配置 HAProxy 并让它代理我的请求非常容易,但我发现 一些 请求 return 没有响应,而其他请求做。
API 请求将使用 PUT、POST 和 GET 方法。我的配置与默认配置非常相似。我正在使用 HAProxy 1.8。
两个问题;
HAProxy 是合适的工具吗?还有什么可以用的吗?我什至愿意花钱购买能够完成这项工作的商业工具。
如果它是正确的工具,为什么有些 GET 请求 return 响应而有些不响应,是否有任何原因?响应代码仍然是 200,但我无法访问 API 供应商端的日志以进行故障排除。
#---------------------------------------------------------------------
# Example configuration for a possible web application. See the
# full configuration options online.
#
# http://haproxy.1wt.eu/download/1.4/doc/configuration.txt
#
#---------------------------------------------------------------------
#---------------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------
global
# to have these messages end up in /var/log/haproxy.log you will
# need to:
#
# 1) configure syslog to accept network log events. This is done
# by adding the '-r' option to the SYSLOGD_OPTIONS in
# /etc/sysconfig/syslog
#
# 2) configure local2 events to go to the /var/log/haproxy.log
# file. A line like the following can be added to
# /etc/sysconfig/syslog
#
# local2.* /var/log/haproxy.log
#
#log 127.0.0.1 local2
log 127.0.0.1:514 local0
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy
daemon
# turn on stats unix socket
stats socket /var/lib/haproxy/stats
#---------------------------------------------------------------------
# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
#---------------------------------------------------------------------
defaults
mode http
log global
option httplog
option dontlognull
option http-server-close
option forwardfor except 127.0.0.0/8
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 3000
log-format "%ci:%cp [%tr] %ft %b/%s %TR/%Tw/%Tc/%Tr/%Ta %ST %B %CC %CS %tsc %ac/%fc/%bc/%sc/%rc %sq/%bq %hr %hs %{+Q}r"
#---------------------------------------------------------------------
# main frontend which proxys to the backends
#---------------------------------------------------------------------
#frontend main *:5000
# acl url_static path_beg -i /static /images /javascript /stylesheets
# acl url_static path_end -i .jpg .gif .png .css .js
#
# use_backend static if url_static
# default_backend app
frontend api_proxy
bind *:6109
mode http
# capture response header
default_backend remote_api_server
backend remote_api_server
#replace 10.10.10.10 with the actual Ip address
mode http
http-request set-header Host myhost.com.au
server server1 myhost.com.au:443 ssl verify none
#---------------------------------------------------------------------
# static backend for serving up images, stylesheets and such
#---------------------------------------------------------------------
#backend static
# balance roundrobin
# server static 127.0.0.1:4331 check
#---------------------------------------------------------------------
# round robin balancing between the various backends
#---------------------------------------------------------------------
#backend app
# balance roundrobin
# server app1 127.0.0.1:5001 check
# server app2 127.0.0.1:5002 check
# server app3 127.0.0.1:5003 check
# server app4 127.0.0.1:5004 check
因此,HAProxy 的使用继续没有按照我预期的方式运行,所以我尝试在 nginx 中做我需要的事情,它是如此简单。
最终,这个块完全符合我的需要。
server {
listen 6109;
location / {
proxy_redirect off;
proxy_pass_header Server;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Scheme $scheme;
proxy_set_header Host myhost.com.au;
proxy_set_header X-NginX-Proxy true;
proxy_connect_timeout 5;
proxy_read_timeout 240;
proxy_intercept_errors on;
proxy_pass https://myhost.com.au:443;
}
}
这是在 EC2 实例上,所以我在它前面有一个处理 SSL 的负载均衡器。
我有一个问题,API 供应商需要静态 IP 才能连接到它,而我无法为请求配置静态 IP,所以我正在考虑使用 HAProxy 作为我的gateway/proxy 到 API.
以基本形式配置 HAProxy 并让它代理我的请求非常容易,但我发现 一些 请求 return 没有响应,而其他请求做。
API 请求将使用 PUT、POST 和 GET 方法。我的配置与默认配置非常相似。我正在使用 HAProxy 1.8。
两个问题; HAProxy 是合适的工具吗?还有什么可以用的吗?我什至愿意花钱购买能够完成这项工作的商业工具。
如果它是正确的工具,为什么有些 GET 请求 return 响应而有些不响应,是否有任何原因?响应代码仍然是 200,但我无法访问 API 供应商端的日志以进行故障排除。
#---------------------------------------------------------------------
# Example configuration for a possible web application. See the
# full configuration options online.
#
# http://haproxy.1wt.eu/download/1.4/doc/configuration.txt
#
#---------------------------------------------------------------------
#---------------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------
global
# to have these messages end up in /var/log/haproxy.log you will
# need to:
#
# 1) configure syslog to accept network log events. This is done
# by adding the '-r' option to the SYSLOGD_OPTIONS in
# /etc/sysconfig/syslog
#
# 2) configure local2 events to go to the /var/log/haproxy.log
# file. A line like the following can be added to
# /etc/sysconfig/syslog
#
# local2.* /var/log/haproxy.log
#
#log 127.0.0.1 local2
log 127.0.0.1:514 local0
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy
daemon
# turn on stats unix socket
stats socket /var/lib/haproxy/stats
#---------------------------------------------------------------------
# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
#---------------------------------------------------------------------
defaults
mode http
log global
option httplog
option dontlognull
option http-server-close
option forwardfor except 127.0.0.0/8
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 3000
log-format "%ci:%cp [%tr] %ft %b/%s %TR/%Tw/%Tc/%Tr/%Ta %ST %B %CC %CS %tsc %ac/%fc/%bc/%sc/%rc %sq/%bq %hr %hs %{+Q}r"
#---------------------------------------------------------------------
# main frontend which proxys to the backends
#---------------------------------------------------------------------
#frontend main *:5000
# acl url_static path_beg -i /static /images /javascript /stylesheets
# acl url_static path_end -i .jpg .gif .png .css .js
#
# use_backend static if url_static
# default_backend app
frontend api_proxy
bind *:6109
mode http
# capture response header
default_backend remote_api_server
backend remote_api_server
#replace 10.10.10.10 with the actual Ip address
mode http
http-request set-header Host myhost.com.au
server server1 myhost.com.au:443 ssl verify none
#---------------------------------------------------------------------
# static backend for serving up images, stylesheets and such
#---------------------------------------------------------------------
#backend static
# balance roundrobin
# server static 127.0.0.1:4331 check
#---------------------------------------------------------------------
# round robin balancing between the various backends
#---------------------------------------------------------------------
#backend app
# balance roundrobin
# server app1 127.0.0.1:5001 check
# server app2 127.0.0.1:5002 check
# server app3 127.0.0.1:5003 check
# server app4 127.0.0.1:5004 check
因此,HAProxy 的使用继续没有按照我预期的方式运行,所以我尝试在 nginx 中做我需要的事情,它是如此简单。
最终,这个块完全符合我的需要。
server {
listen 6109;
location / {
proxy_redirect off;
proxy_pass_header Server;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Scheme $scheme;
proxy_set_header Host myhost.com.au;
proxy_set_header X-NginX-Proxy true;
proxy_connect_timeout 5;
proxy_read_timeout 240;
proxy_intercept_errors on;
proxy_pass https://myhost.com.au:443;
}
}
这是在 EC2 实例上,所以我在它前面有一个处理 SSL 的负载均衡器。