Tuning Mirrored Traffic
There are several ways to tune the traffic that is mirrored.
Filtering
Sampling
Mapping key-value pairs
Making runtime changes using the REST API
Filtering
You can add an ACL that limits the requests that are captured. For instance, if you only want to mirror traffic for requests to the /search feature on your site, you would ignore all requests except those that have a URL path beginning with /search
, as shown:
spoe-message mirror-msg
args arg_method=method arg_path=url arg_ver=req.ver arg_hdrs=req.hdrs_bin arg_body=req.body
event on-frontend-http-request if { path_beg /search }
You can also define named ACLs that do the same thing:
spoe-message mirror-msg
args arg_method=method arg_path=url arg_ver=req.ver arg_hdrs=req.hdrs_bin arg_body=req.body
acl is_search path_beg /search
event on-frontend-http-request if is_search
Sampling
Suppose you don't want to capture all traffic but rather only a portion of it. You would add an ACL that collects a random sample of requests. In the next example, we generate a random number between 1 and 100 and only mirror the request if that number is less than or equal to 10:
spoe-message mirror-msg
args arg_method=method arg_path=url arg_ver=req.ver arg_hdrs=req.hdrs_bin arg_body=req.body
acl is_search path_beg /search
event on-frontend-http-request if { rand(100) le 10 }
Mapping key-value pairs
Your ACL statements can also check values from map files. For example, you can switch mirroring on or off by using a map file that contains a key-value pair like mirroring on
. Then, check the map file from your hapee-mirror-spoe.cfg
file like this:
spoe-message mirror-msg
args arg_method=method arg_path=url arg_ver=req.ver arg_hdrs=req.hdrs_bin arg_body=req.body
acl mirroring_on str(mirroring),map(/etc/hapee-2.5/mirroring.map) -m str on
event on-frontend-http-request if mirroring_on
Use the HAProxy Enterprise Runtime API to change the value in the map file to off
.
# Change mirroring to off
$ echo "set map /etc/hapee-2.5/mirroring.map mirroring off" | nc 127.0.0.1 9999
# Show current value
$ echo "show map /etc/hapee-2.5/mirroring.map mirroring" | nc 127.0.0.1 9999
Making runtime changes using the REST API
You can also use the Data Plane API to add or remove filter spoe
lines from the HAProxy configuration file dynamically. In the following example, we show the existing filters, then add a new one, and then remove it:
# Show existing filters
$ curl -X GET --user admin:mypassword "http://localhost:5555/v1/services/haproxy/configuration/filters?parent_name=fe_main&parent_type=frontend"
# Add a filter line
$ curl -X POST --user admin:mypassword "http://localhost:5555/v1/services/haproxy/configuration/filters?parent_name=fe_main&parent_type=frontend&version=1" -H "Content-Type: application/json" -d '{"id": 0, "spoe_config":"/etc/hapee-2.5/spoa.conf", "spoe_engine":"mirror", "type": "spoe"}'
{"id":0,"spoe_config":"/etc/hapee-2.5/spoa.conf","spoe_engine":"mirror","type":"spoe"}
# Remove a filter line
$ curl -X DELETE --user admin:mypassword "http://localhost:5555/v1/services/haproxy/configuration/filters/0?parent_name=fe_main&parent_type=frontend&version=2" -H "Content-Type: application/json"
Use the Data Plane API to fully configure your load balancer using REST API commands.
See also
Next up
Troubleshooting Traffic Mirroring