Clever Geek Handbook

在开发人员机器上使用HAProxy和Docker进行网站开发

在编写此小指南之前,经历了数周的折磨,试图在项目上进行工作,当时有必要启动一个带有工作现场的容器,带有测试组件的容器,以便测试人员可以安全地测试基本数据的新系统功能以及研究技术支持的构建在接近“战斗”的条件下使用该系统。



在开发机器上使用HAProxy和Docker



此外,应该为我的开发团队的成员提供一个服务Web界面。在这种情况下,某些系统应可在一个版本的php上运行,而另一些版本应可同时,站点的工作环境有所不同,从操作系统和处理请求的http服务器开始,到安装的php模块结束



似乎没有什么复杂的,提起容器并将端口向前移到外面。但是对于每个容器,您需要指定您需要记住的自己的外部端口,然后将其转移到例如会计师(这也是测试人员),以便他检查所用系统的改进。有时我本人不明白为什么我刚刚修复的脚本无法按预期运行,或者为什么站点完全无法打开。



经过深思熟虑,决定通过前端的HAPRoxy转发所有请求,该前端在端口80443上可用,并且根据主机名将请求发送到所需的容器。



Docker配置



让我们从docker网络配置开始,因为我们需要控制将分配给容器的网络地址。



创建带有子网Docker网络必须指定子网以将请求从HAProxy发送到特定的ip地址,以便在某些容器未运行的情况下域名解析不会出现问题。



docker network create develop --subnet=172.20.0.0/16


ip docker-compose.yml :



networks:
  default:
    external:
      name: develop


, HAProxy, ip-.



    networks:
      default:
        ipv4_address: 172.20.1.1


https



HAProxy https .





, HAProxy.



  1. (key)


sudo openssl genrsa -out site.key 2048


  1. Certificate Signing Request (csr)


sudo openssl req -new -key site.key -out site.csr


  1. (crt)


sudo openssl x509 -req -days 365 -in site.csr -signkey site.key -out site.crt


  1. (pem)


sudo bash -c 'cat site.key site.crt >> site.pem'


HAProxy.



, HAProxy Docker.



haproxy.cfg docker-compose.yml.



, . , HAProxy docker-compose.



HAPRoxy



HAProxy 80 443, , , 80 . https.



443 .



HAProxy frontend , .



frontend , backend.



Backend, , .



defaults .



docker HAProxy /usr/local/etc/haproxy/haproxy.cfg


defaults
    mode http
    timeout connect 5000ms
    timeout client 50000ms
    timeout server 50000ms
frontend http_frontend
    bind *:80
    redirect scheme https if !{ ssl_fc }
frontend https_frontend
    bind *:443 ssl crt /etc/ssl/certs/site.pem
    acl is_microbase hdr_end(host) -i microbase.localhost
    use_backend microbase if is_microbase
    acl is_coordinator hdr_end(host) -i coordinator.localhost
    use_backend coordinator if is_coordinator
backend microbase
    server microbase 172.20.1.1:80 check
backend coordinator
    server coordinator 172.20.1.2:80 check


docker-compose.yml



docker docker-compose, yml .



microbase.localhost coordinator.localhost HAProxy.



c HAProxy .



docker-compose docker-compose.yml .



-f.



docker-compose -f. , .


version: "3"
services:
  microbase:
    image: "inblank/php7.4-apache"
    volumes:
      - ./microbase:/var/www
    networks:
      default:
        ipv4_address: 172.20.1.1
  coordinator:
    image: "inblank/php7.4-apache"
    volumes:
      - ./coordinator:/var/www
    networks:
      default:
        ipv4_address: 172.20.1.2
  haproxy:
    image: "haproxy:2.2-alpine"
    ports:
      - 80:80
      - 443:443
    volumes:
      - ./haproxy.cfg:/usr/local/etc/haproxy/haproxy.cfg
      - ./cert.pem:/etc/ssl/certs/site.pem
networks:
  default:
    external:
      name: develop




siege 25 . 1- .



siege coordinator.localhost -t 1m


php :



<?php
echo "Hello World!";


apache 2.4 php .



Intel Core i5-8250U 1.60GHz, 8 SSD . Linux Mint 20 Cinnamon



.



  • 80

    HAProxy 
    ** SIEGE 4.0.4
** Preparing 25 concurrent users for battle.
The server is now under siege...
Lifting the server siege...
Transactions:             258084 hits
Availability:             100.00 %
Elapsed time:             59.39 secs
Data transferred:         2.95 MB
Response time:            0.01 secs
Transaction rate:         4345.58 trans/sec
Throughput:               0.05 MB/sec
Concurrency:              24.72
Successful transactions:  258084
Failed transactions:      0
Longest transaction:      0.04
Shortest transaction:     0.00

    ** SIEGE 4.0.4
** Preparing 25 concurrent users for battle.
The server is now under siege...
Lifting the server siege...
Transactions:             314572 hits
Availability:             100.00 %
Elapsed time:             59.18 secs
Data transferred:         3.60 MB
Response time:            0.00 secs
Transaction rate:         5315.51 trans/sec
Throughput:               0.06 MB/sec
Concurrency:              24.64
Successful transactions:  314572
Failed transactions:      0
Longest transaction:      0.11
Shortest transaction:     0.00


~18%.


  • 80 443

    HAProxy 
    ** SIEGE 4.0.4
** Preparing 25 concurrent users for battle.
The server is now under siege...
Lifting the server siege...
Transactions:             114804 hits
Availability:             100.00 %
Elapsed time:             59.44 secs
Data transferred:         0.66 MB
Response time:            0.01 secs
Transaction rate:         1931.43 trans/sec
Throughput:               0.01 MB/sec
Concurrency:              24.78
Successful transactions:  114824
Failed transactions:      0
Longest transaction:      1.03
Shortest transaction:     0.00

    ** SIEGE 4.0.4
** Preparing 25 concurrent users for battle.
The server is now under siege...
Lifting the server siege...
Transactions:             134364 hits
Availability:             100.00 %
Elapsed time:             59.80 secs
Data transferred:         19.99 MB
Response time:            0.01 secs
Transaction rate:         2246.89 trans/sec
Throughput:               0.33 MB/sec
Concurrency:              24.74
Successful transactions:  134374
Failed transactions:      0
Longest transaction:      0.08
Shortest transaction:     0.00


~14.5%.

不出所料,将解决方案与HAProxy一起使用时性能会下降,但是在开发站点和提供对测试程序集的访问过程中使用此配置并不重要。



链接



HAProxy



  1. HSProxy官方网站
  2. HAProxy文档
  3. HAProxy配置的四个基本部分
  4. HAProxy的官方Docker映像


码头工人



  1. Docker官方网站
  2. Docker-compose官方页面
  3. Docker Compose文件版本3参考


More articles:


All Articles