Public | Automated Build

Last pushed: 21 days ago
Short Description
Small footprint HAProxy
Full Description

haproxy in docker

Key differences from the official HAProxy on Docker Hub:

  • Uses alpine as base image for its tiny footprint instead of debian:testing
  • Runs service as user haproxy in container instead of root as set by HAProxy configuration parameter user
  • Includes rsyslogd so that logs can be saved to a file and/or retransmitted to ELK, etc.
  • No bash, use sh instead if necessary
  • Uses s6 to ensure liveness of rsyslogd and ensure proper signal propagation

The image is less than 20 MB!

If, however, you need to rewrite URLs in HTML response body, HAProxy is not the right tool. Use nginx instead.

For performance reason, HAProxy does not log to file on its own. Logging is via either a local or remote syslog daemon e.g. rsyslogd etc. That's why this docker image has included rsyslogd and s6. The use of rsyslogd and s6 is optional.

s6 may be used to ensure signals are propagated, defunct processes are reaped, processes restarted if necessary.

By default, rsyslogd saved HAProxy logs to /var/log/messages. You can customize rsyslogd, e.g. log to multiple destination, etc. by crafting additional rsyslogd configuration and mount it into the container with VOLUMES as /etc/rsyslog.d/10-extraconfig.conf

Usage

As usual, craft your own haproxy.cfg. Next, create a docker-compose.yml based on the example below.

haproxy:
  image: cheewai/haproxy
  ports:
    - "80:80"
    # If you want to proxy SSL, uncomment the line below
    #- "443:443"
  volumes:
    # If proxying SSL, you must supply all your certificate PEM(s)
    # in a directory e.g. 'ssl' and your haproxy.cfg lines should
    # reference /etc/ssl/private
    #- ./ssl:/etc/ssl/private
    - ./haproxy.cfg:/etc/haproxy/haproxy.cfg

HAProxy alone without running rsyslogd

In this case you don't really need s6. The container exits if HAProxy dies. You can compensate for this adding restart: always option to docker-compose.yml so that the container may be restarted by the Docker daemon.

HAProxy with rsyslogd, without s6

s6 does add slight delay to container startup/shutdown. Without it, you lose the ability to ensure that rsyslogd remains alive. The container exits if HAProxy dies. You can compensate for this adding restart: always option to docker-compose.yml so that the container may be restarted by the Docker daemon.

  • Create docker-entrypoint.sh like this:
#!/bin/sh
set -ux
rm -f /var/run/rsyslogd.pid
rsyslogd
exec "$@"
  • chmod 755 docker-entrypoint.sh
  • Add item - ./docker-entrypoint.sh:/docker-entrypoint.sh to volumes list in docker-compose.yml
  • Add entrypoint: /docker-compose.yml to docker-compose.yml

HAProxy with rsyslogd and s6

  • Add entrypoint: /init to docker-compose.yml

In doing so, /etc/services.d/rsyslog/run script already present in the Docker image will be executed automatically by s6 to bring up rsyslogd when the container comes up. s6 also re-runs the script in the unlikely event that rsyslogd dies.

References

Docker Pull Command
Owner
cheewai
Source Repository

Comments (0)