marathon-lb
官方:https://github.com/mesosphere/marathon-lb
一 简介
Marathon load balancer (Marathon-LB) is a proxy server and load balancer for TCP, HTTP, and HTTPS requests based on HAProxy open-source software.
marathon-lb是一个基于HAProxy的代理服务器和负载均衡器,支持TCP、HTTP、HTTPS请求;
背景
When your app is up and running, you need a way to send traffic to it, from other applications on the same cluster, and from external clients.
There are several ways to do this:
- Mesos-DNS provides service discovery through the domain name system (DNS).
- Marathon-lb provides port-based service discovery using HAProxy, a lightweight TCP/HTTP proxy.
当应用启动之后,需要一种方式使得其能够被调用方自动发现并发送请求,有两种方式可以实现:Mesos-DNS和Marathon-lb;
Marathon-LB locates applications through the Marathon framework port-based service discovery using a virtual or DNS-defined IP address and the frontend and backend configuration settings specified for the HAProxy program.
If you install and configure Marathon-LB, the load balancer runs the HAProxy TCP/HTTP proxy service on each host in the cluster. The HAProxy service listens for inbound connection requests on a service port on a public agent node. If clients connect to the service port to request access to an app, the HAProxy service transparently forwards the requests to a host name and port number associated with the individual application instances orchestrated by the Marathon service.
marathon-lb通过marathon框架基于端口的服务发现来定位应用,并且自动生成haproxy配置;
二 安装
1 docker
$ docker run -d --privileged -e PORTS=9090 --net=host docker.io/mesosphere/marathon-lb sse -m http://marathon1_ip:8080 -m http://marathon2_ip:8080 -m http://master3_ip:8080 --group external
2 marathon web
3 marathon api
# cat marathon-lb.json
{ "id":"marathon-lb", "cpus": 1, "mem": 128, "instances": 1, "constraints": [["hostname", "UNIQUE"]], "container": { "type":"DOCKER", "docker": { "image": "mesosphere/marathon-lb", "privileged": true, "network": "HOST" } }, "args": ["sse", "-m", "http://192.168.0.1:8080", "-m", "http://192.168.0.2:8080", "-m", "http://192.168.0.3:8080", "--group", "external"]}# curl -X POST http://192.168.0.1:8080/v2/apps -d@/path/to/marathon-lb.json -H "Content-type:application/json"
启动之后会绑定如下端口
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 23948/haproxy
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 23948/haproxy tcp 0 0 0.0.0.0:9090 0.0.0.0:* LISTEN 23948/haproxy tcp 0 0 0.0.0.0:9091 0.0.0.0:* LISTEN 23948/haproxy
如果不想绑定80和443端口,启动参数中增加 --dont-bind-http-https,即
sse -m http://marathon1_ip:8080 -m http://marathon2_ip:8080 -m http://master3_ip:8080 --group external --dont-bind-http-https
访问:http://$marathon-lb_server:9090/haproxy?stats
haproxy常用接口如下:
http://$haproxy_server:9090/haproxy?stats
http://$haproxy_server:9090/_haproxy_health_checkhttp://$haproxy_server:9090/_haproxy_getconfig
详细接口如下:
monitor-uri /_haproxy_health_check
acl getpid path /_haproxy_getpids http-request use-service lua.getpids if getpid acl getvhostmap path /_haproxy_getvhostmap http-request use-service lua.getvhostmap if getvhostmap acl getappmap path /_haproxy_getappmap http-request use-service lua.getappmap if getappmap acl getconfig path /_haproxy_getconfig http-request use-service lua.getconfig if getconfigacl signalmlbhup path /_mlb_signal/hup
http-request use-service lua.signalmlbhup if signalmlbhup acl signalmlbusr1 path /_mlb_signal/usr1 http-request use-service lua.signalmlbusr1 if signalmlbusr1
三 使用
1 http(比如nginx)
后端marathon application配置
"labels": {
"HAPROXY_0_MODE": "http", "HAPROXY_0_BALANCE": "roundrobin", "HAPROXY_0_GROUP": "external", "HAPROXY_0_VHOST": "service-test.com" }, ... "portMappings":[{"containerPort":80,"hostPort":0,"servicePort":10080,"protocol":"tcp"}]
其中HAPROXY_0_MODE默认为http,HAPROXY_0_BALANCE默认为roundrobin;生成的haproxy配置路径如下:
/marathon-lb/haproxy.cfg
然后可以通过 $marathon-lb_server:10080 来访问实际的一个或多个后端 $backend_server:80
2 tcp(比如redis)
后端marathon application配置
"labels": {
"HAPROXY_0_MODE": "tcp", "HAPROXY_0_GROUP": "external" }, ... "portMappings":[{"containerPort":6379,"hostPort":0,"servicePort":16379,"protocol":"tcp"}]
注意:HAPROXY_0_MODE=tcp时一定不要配置HAPROXY_0_VHOST(http mode时使用),否则会生成错误的haproxy配置导致marathon-lb启动失败
然后可以通过 $marathon-lb_server:16379 来访问实际的一个或多个后端 $backend_server:6379
请注意不要直接访问9090端口,否则是这样的
# curl http://localhost:9090503 Service Unavailable
No server is available to handle this request.
其实marathon-lb已经正常启动;
参考:
https://docs.mesosphere.com/services/marathon-lb/
https://mesosphere.github.io/marathon/docs/service-discovery-load-balancing.html