- HAPEE 1.6r2 User Guide
- Getting Started
- Traffic Management
- Running HAProxy
- Stopping and Restarting HAProxy
- Performing Health Checks
- Generating Alerts for Events
- Capturing Traffic Data
- Configuring HAPEE for Transport Layer Security (TLS)
- Fetching Data Samples
- Setting Up Access Control Lists (ACLs)
- Writing Conditions
- Rewriting HTTP Protocol
- Redirecting HTTP Traffic
- Compressing HTTP Traffic
- Configuring the lb-update module
The ‘lb-update’ module allows HAProxy to update periodically the content of
map which is loaded from a file.
You can also use this module to update
map content without reloading HAProxy.
At startup, HAProxy loads the content of map or acl from the designated file. If there is an update directive set up to update this content, HAProxy downloads the new content from the specified URL <url> after a specified period of time <delay> .
- HAProxy updates the content of the map or acl only if the file was properly downloaded.
- If HAProxy cannot connect to the server within the time defined in <tmout>, it retries for the number of times defined in <nb> before it quits.
- Edit HAProxy‘s configuration file /etc/hapee-1.6/hapee-lb.conf.
- Add or uncomment the line below in the global section:
Once enabled, the lb-update module creates a new HAProxy configuration section named dynamic-update.
This section can contain a single type of directive, called update, as follows:
update id <id> url <url> [delay <delay>] [timeout <tmout>] [retries <nb>] [map]
with the following parameters:
|id <id>||<id> is the file name initially loaded by map or acl; uses the absolute file path|
|url <url>||<url> is where the file can be downloaded|
|delay <delay>||<delay> is the download period; by default, its value is 5m|
|timeout <tmout>||<tmout> is the connection timeout to the download server; by default its value is 5s|
|retries <nb>||<nb> is the number of tries to establish a connection to the download server|
informs that the downloaded file must be interpreted as a map file. By Default, the file is interpreted as an acl file.
The following are other HAProxy configuration parameters available for the server directive:
The following example delivers redirect URLs based on the client IP address:
- HAProxy‘s configuration frontend, with a map definition and a dynamic-update section to define how to update the map:
frontend fe_main bind 10.0.0.2:80 mode http acl maintenance_required src,map_ip(/etc/haproxy/forbid.map) -m found http-request redirect location src,map_ip(/etc/haproxy/forbid.map) if maintenance_required dynamic-update update id /etc/haproxy/forbid.map map url http://10.0.0.1:80/forbid.map delay 300s
- content of the file /etc/haproxy/forbid.map with a list of subnets and associated redirection:
10.0.0.0/8 /maintenance.html 192.168.0.0/16 /forbiden.html 0.0.0.0 /deny.html