load balancer tso tawm , uas tso cai rau koj faib HTTP tsheb thiab arbitrary TCP thov ntawm ib pab pawg neeg ntawm servers, coj mus rau hauv tus account ntau yam (piv txwv li, nws tshawb xyuas qhov muaj servers, ntsuas qhov load theem, muaj DDoS countermeasures) thiab nqa tawm thawj cov ntaub ntawv lim ( Piv txwv li, koj tuaj yeem txheeb xyuas HTTP headers, lim xa cov lus nug tsis raug, thaiv SQL thiab XSS hloov pauv, txuas cov ntsiab lus ua haujlwm). HAProxy tuaj yeem ua tau los tswj kev sib cuam tshuam ntawm cov khoom hauv cov tshuab raws li microservices architecture. Qhov project code yog sau rau hauv C thiab muaj ntawv tso cai raws li GPLv2. Qhov project yog siv rau ntau qhov chaw loj, suav nrog Airbnb, Alibaba, GitHub, Imgur, Instagram, Reddit, StackOverflow, Tumblr, Twitter thiab Vimeo.
Cov yam ntxwv tseem ceeb tshaj tawm:
- API tshiab tau tshaj tawm , uas tso cai rau koj los tswj HAProxy nqis ntawm ya ntawm REST Web API. Xws li, koj tuaj yeem ua kom muaj zog ntxiv thiab tshem tawm cov backends thiab cov servers, tsim ACLs, hloov kev thov routing, hloov handler bindings rau IP;
- Ntxiv cov lus qhia nbthread, uas tso cai rau koj los teeb tsa cov xov tooj siv hauv HAProxy txhawm rau txhim kho kev ua tau zoo ntawm ntau cov tub ntxhais CPUs. Los ntawm lub neej ntawd, tus naj npawb ntawm cov neeg ua haujlwm xov raug xaiv nyob ntawm CPU cores muaj nyob rau hauv ib puag ncig tam sim no, thiab hauv huab ib puag ncig lub neej ntawd yog ib txoj xov. Txhawm rau teeb tsa cov kev txwv nyuaj, kev xaiv sib dhos MAX_THREADS thiab MAX_PROCS tau ntxiv, txwv qhov txwv sab saud ntawm cov xov thiab cov txheej txheem;
- Kev siv cov lus qhia khi rau kev khi cov neeg ua haujlwm rau cov chaw nyob hauv network tau yooj yim. Thaum teeb tsa, nws tsis tsim nyog los txhais cov txheej txheem tsis tau - los ntawm lub neej ntawd, kev sib txuas yuav raug faib rau cov xov nyob ntawm seb muaj pes tsawg qhov kev sib txuas.
- Kev teeb tsa cov cav thaum khiav hauv cov thawv cais tau yooj yim - tam sim no lub cav tuaj yeem xa mus rau stdout thiab stderr, nrog rau cov ntaub ntawv piav qhia uas twb muaj lawm (piv txwv li, "log fd@1 local0");
- Kev them nyiaj yug rau HTX (Native HTTP Tus Neeg Sawv Cev) tau qhib los ntawm lub neej ntawd, tso cai rau kev sib npaug thaum siv cov yam ntxwv siab heev xws li kawg-rau-kawg HTTP / 2, Txheej 7 Retries thiab gRPC. HTX tsis hloov cov headers nyob rau hauv qhov chaw, tab sis txo cov kev hloov kho ua hauj lwm kom tshem tawm thiab ntxiv ib tug tshiab header mus rau qhov kawg ntawm daim ntawv, uas tso cai rau koj mus rau manipulate ib tug txuas ntxiv variants ntawm HTTP raws tu qauv, khaws cia tus thawj semantics ntawm lub headers thiab tso cai rau koj mus rau manipulate ib tug ntxiv variants ntawm HTTP raws tu qauv, khaws cia cov thawj semantics ntawm lub headers thiab cia koj. kom ua tiav kev ua tau zoo dua thaum txhais HTTP / 2 rau HTTP / 1.1 thiab rov ua dua;
- Ntxiv kev txhawb nqa rau End-to-End HTTP / 2 hom (kev ua tiav ntawm txhua theem hauv HTTP / 2, suav nrog kev hu mus rau qhov backend, thiab tsis yog kev sib cuam tshuam ntawm tus neeg sawv cev thiab tus neeg siv khoom);
- Kev txhawb nqa tag nrho rau kev tso npe ob tog ntawm gRPC raws tu qauv tau ua tiav nrog lub peev xwm los txheeb xyuas gRPC cov kwj dej, qhia txog cov lus ntawm tus kheej, xav txog gRPC tsheb hauv lub cav thiab lim cov lus siv ACLs. gRPC tso cai rau koj los npaj cov haujlwm ntawm microservices hauv ntau hom lus programming uas cuam tshuam nrog ib leeg siv API universal. Kev sib txuas lus hauv network hauv gRPC yog siv rau saum HTTP / 2 raws tu qauv thiab yog raws li kev siv raws tu qauv Buffers rau cov ntaub ntawv serialization.
- Ntxiv kev txhawb nqa rau "Txheej Txheej 7 Retries" hom, uas tso cai rau koj xa rov qab HTTP thov nyob rau hauv cov kev tshwm sim ntawm software tsis ua hauj lwm uas tsis muaj feem xyuam rau cov teeb meem tsim ib tug network kev twb kev txuas (piv txwv li, yog tsis muaj lus teb los yog ib tug khoob lus teb rau ib tug. POST thov). Txhawm rau lov tes taw hom, tus chij "disable-l7-retry" tau ntxiv rau "http-thov" kev xaiv, thiab "retry-on" kev xaiv tau ntxiv rau kev nplua zoo hauv qhov qub, mloog thiab rov qab seem. Cov cim qhia hauv qab no muaj rau kev xa rov qab: txhua qhov rov ua yuam kev, tsis muaj, conn-failure, npliag- teb, junk-sponse, teb-timeout, 0rtt-tsis lees paub, nrog rau kev khi kom rov qab cov cai (404, thiab lwm yam) ;
- Tus thawj tswj txheej txheem tshiab tau raug coj los siv, uas tso cai rau koj los teeb tsa hu cov ntaub ntawv ua haujlwm sab nraud nrog cov neeg tuav haujlwm rau HAProxy.
Piv txwv li, Data Plan API (/ usr / sbin / dataplaneapi), nrog rau ntau yam Offload kwj kev ua cav, tau ua raws li tus neeg siv sab nraud; - Bindings tau ntxiv rau .NET Core, Go, Lua thiab Python rau kev tsim SPOE (Stream Processing Offload Engine) thiab SPOP (Stream Processing Offload Protocol) txuas ntxiv. Yav dhau los, kev txhim kho txuas ntxiv tau txhawb nqa tsuas yog hauv C;
- Ntxiv rau sab nraud spoa-daim iav handler (/ usr / sbin / spoa-mirror) rau mirroring thov mus rau lwm tus neeg rau zaub mov (piv txwv li, rau kev luam ib feem ntawm cov tsheb thauj mus los rau kev sim qhov chaw sim nyob rau hauv ib qho kev thauj khoom tiag tiag);
- Xa los ntawm los xyuas kom meej kev koom ua ke nrog Kubernetes platform;
- Ntxiv built-in kev txhawb nqa rau kev xa tawm cov txheeb cais mus rau kev saib xyuas ;
- Peers raws tu qauv, siv los pauv cov ntaub ntawv nrog lwm cov nodes khiav HAProxy, tau txuas ntxiv. Nrog rau kev txhawb nqa ntxiv rau Heartbeat thiab encrypted cov ntaub ntawv xa mus;
- Qhov "piv txwv" tsis tau ntxiv rau "log" cov lus qhia, uas tso cai rau koj pov tseg tsuas yog ib feem ntawm kev thov rau hauv lub cav, piv txwv li 1 tawm ntawm 10, los tsim cov qauv ntsuas;
- Ntxiv tsis siv neeg profileing hom (profiling.tasks cov lus qhia, uas tuaj yeem coj qhov tseem ceeb pib, qhib thiab tawm). Tsis siv neeg profileing tau qhib yog tias qhov nruab nrab latency tshaj 1000 ms. Txhawm rau saib cov ntaub ntawv profile, "show profileing" hais kom ua tau ntxiv rau Runtime API lossis nws tuaj yeem rov pib txheeb xyuas rau lub cav;
- Ntxiv kev txhawb nqa rau kev nkag mus rau backend servers siv SOCKS4 raws tu qauv;
- Ntxiv qhov kawg-rau-kawg kev txhawb nqa rau cov txheej txheem rau kev qhib kev sib txuas ceev ceev TCP (TFO - TCP Fast Open, RFC 7413), uas tso cai rau koj txo tus naj npawb ntawm kev sib txuas cov kauj ruam los ntawm kev sib txuas thawj zaug rau hauv ib qho kev thov thiab qib thib ob ntawm cov txheej txheem kev sib txuas lus classic 3-kauj ruam thiab ua rau nws tuaj yeem xa cov ntaub ntawv thaum pib ntawm kev tsim kev sib txuas;
- Cov kev ua tshiab ntxiv:
- "http-request replace-uri" los hloov qhov URL siv cov lus qhia tsis tu ncua;
- "tcp-thov cov ntsiab lus ua- daws" thiab "http-request do-resolve" rau kev daws lub hostname;
- "tcp-thov cov ntsiab lus teeb-dst" thiab "tcp-thov cov ntsiab lus teeb-dst-port" los hloov lub hom phiaj IP chaw nyob thiab chaw nres nkoj.
- Ntxiv tshiab conversion modules:
- aes_gcm_dev rau decrypting kwj siv AES128-GCM, AES192-GCM thiab AES256-GCM algorithms;
- protobuf kom rho tawm teb los ntawm Protocol Buffers lus;
- ungrpc kom rho tawm cov teb los ntawm gRPC cov lus.
Tau qhov twg los: opennet.ru