A less-known feature in HAProxy is its ability to use DNS records for Service Discovery — instead of specifying the backends by IP addresses, HAProxy can resolve them by DNS names. Doing so provides the following benefits:
- Follow servers as they move from one IP to another without changing and reloading your configuration (in elastic cloud and microservices deployments where IP address changes frequently)
- Enable dynamic scaling of backend servers (you can add backend servers simply by inserting additional DNS records)
Below is a sample configuration using HAProxy DNS resolver in backend checks:
global
log /dev/log local0
log /dev/log local1 notice
chroot /var/lib/haproxy
stats socket /run/haproxy/admin.sock mode 660 level admin expose-fd listeners
stats timeout 30s
server-state-file /etc/haproxy/server-state
user haproxy
group haproxy
daemon
maxconn 2000000
defaults
load-server-state-from-file global
log global
mode tcp
option abortonclose
option dontlognull
option tcp-check
option redispatch
timeout connect 1200ms
timeout client 300s
timeout server 300s
timeout check 2s
retries 1
retry-on empty-response conn-failure response-timeout
resolvers mydns
nameserver cf1 1.1.1.1:53
nameserver cf2 1.0.0.1:53
accepted_payload_size 8192
listen stats
mode http
bind *:80
stats enable
stats refresh 15s
stats uri /stats
frontend proxy-in
bind *:443
default_backend proxy-out
backend proxy-out
server p201 p201.domain.com:443 maxconn 1024 check resolvers mydns init-addr none fall 2 rise 15 on-marked-down shutdown-sessions slowstart 1h
server p301 p301.domain.com:443 maxconn 1024 check resolvers mydns init-addr none fall 2 rise 15 on-marked-down shutdown-sessions slowstart 1h
server p401 p401.domain.com:443 maxconn 1024 check resolvers mydns init-addr none fall 2 rise 15 on-marked-down shutdown-sessions slowstart 1h
Leave a Reply