Initial commit

2025-11-30 08:19:50 +08:00
commit b5f83de0d9
10 changed files with 391 additions and 0 deletions
--- a/skills/load-balancer-configurator/assets/README.md
+++ b/skills/load-balancer-configurator/assets/README.md
@@ -0,0 +1,8 @@
+# Assets
+
+Bundled resources for load-balancer-configurator skill
+
+- [ ] nginx_template.conf: Template configuration file for Nginx load balancers.
+- [ ] haproxy_template.conf: Template configuration file for HAProxy load balancers.
+- [ ] alb_example.json: Example JSON configuration for AWS Application Load Balancers.
+- [ ] nlb_example.json: Example JSON configuration for AWS Network Load Balancers.
--- a/skills/load-balancer-configurator/assets/haproxy_template.conf
+++ b/skills/load-balancer-configurator/assets/haproxy_template.conf
@@ -0,0 +1,93 @@
+# HAProxy Configuration File
+# This template is designed for production environments.
+# Adjust the values below to match your specific needs.
+#
+# For detailed documentation, refer to: http://www.haproxy.org/download/1.8/doc/configuration.txt
+
+global
+    log /dev/log local0
+    log /dev/log local1 notice
+    chroot /var/lib/haproxy
+    stats socket /run/haproxy/admin.sock mode 660 level admin
+    stats timeout 30s
+    user haproxy
+    group haproxy
+    daemon
+
+    # Default SSL material locations
+    ssl-default-bind-ciphers ECDH+AESGCM:!DH
+    ssl-default-bind-options no-sslv3
+
+defaults
+    log global
+    mode http
+    option httplog
+    option dontlognull
+    timeout connect 5000ms
+    timeout client  50000ms
+    timeout server  50000ms
+    timeout http-request 10s
+    timeout http-keep-alive 15s
+    retries 3
+    option redispatch
+    option http-server-close
+
+# Frontend: Incoming HTTP/HTTPS traffic
+frontend http_frontend
+    bind *:80
+    mode http
+    # Add your ACLs and rules here for HTTP traffic
+    # Example:
+    # acl is_api path_beg /api
+    # use_backend api_backend if is_api
+    default_backend app_backend
+
+frontend https_frontend
+    bind *:443 ssl crt /etc/haproxy/ssl/yourdomain.pem
+    mode http
+    # Add your ACLs and rules here for HTTPS traffic
+    # Example:
+    # acl is_api path_beg /api
+    # use_backend api_backend if is_api
+    http-request add-header X-Forwarded-Proto https
+    default_backend app_backend
+
+# Backend: Application Servers
+backend app_backend
+    balance roundrobin  # Load balancing algorithm: roundrobin, leastconn, etc.
+    # Configure health checks
+    option httpchk GET /healthcheck # Replace with your application's health check endpoint
+    http-check expect status 200
+    # Add your application servers here
+    # Example:
+    server app1 <SERVER_IP_ADDRESS_1>:8080 check # Replace with your server IP and port
+    server app2 <SERVER_IP_ADDRESS_2>:8080 check # Replace with your server IP and port
+    server app3 <SERVER_IP_ADDRESS_3>:8080 check # Replace with your server IP and port
+
+# Backend: API Servers (Example, if you have a separate API)
+backend api_backend
+    balance leastconn
+    # Configure health checks
+    option httpchk GET /api/health # Replace with your API's health check endpoint
+    http-check expect status 200
+    # Add your API servers here
+    # Example:
+    server api1 <API_SERVER_IP_ADDRESS_1>:8081 check # Replace with your server IP and port
+    server api2 <API_SERVER_IP_ADDRESS_2>:8081 check # Replace with your server IP and port
+
+# Statistics Page
+listen stats
+    bind *:8080
+    mode http
+    stats enable
+    stats uri /haproxy_stats
+    stats realm Haproxy\ Statistics
+    stats auth <USERNAME>:<PASSWORD> # Replace with a strong username and password
+    stats admin if TRUE #Enable admin interface
+
+# TCP Mode Backend (Example - for non-HTTP traffic)
+# backend tcp_backend
+#   mode tcp
+#   balance roundrobin
+#   server tcp_server1 <TCP_SERVER_IP_ADDRESS_1>:3306 check
+#   server tcp_server2 <TCP_SERVER_IP_ADDRESS_2>:3306 check
--- a/skills/load-balancer-configurator/assets/nginx_template.conf
+++ b/skills/load-balancer-configurator/assets/nginx_template.conf
@@ -0,0 +1,109 @@
+# Nginx Load Balancer Configuration Template
+#
+# This configuration is designed for use with the Load Balancer Configurator plugin.
+# It provides a basic setup for load balancing across multiple upstream servers.
+#
+# To use this template:
+# 1. Replace the placeholders with your actual server details.
+# 2. Choose the appropriate load balancing method.
+# 3. Test the configuration thoroughly before deploying to production.
+
+# User under which nginx runs
+user  nginx;
+worker_processes  auto;
+
+error_log  /var/log/nginx/error.log notice;
+pid        /var/run/nginx.pid;
+
+
+events {
+    worker_connections  1024;
+}
+
+
+http {
+    include       /etc/nginx/mime.types;
+    default_type  application/octet-stream;
+
+    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
+                      '$status $body_bytes_sent "$http_referer" '
+                      '"$http_user_agent" "$http_x_forwarded_for"';
+
+    access_log  /var/log/nginx/access.log  main;
+
+    sendfile        on;
+    #tcp_nopush     on;
+
+    keepalive_timeout  65;
+
+    #gzip  on;
+
+    # Upstream servers - Replace these with your actual server details
+    upstream backend {
+        # Load balancing method:
+        # - round-robin (default)
+        # - least_conn
+        # - ip_hash
+        # - url_hash (requires nginx plus)
+        # Example: least_conn;
+
+        server <SERVER_IP_1>:<SERVER_PORT_1> weight=5; # Replace with your server IP and port
+        server <SERVER_IP_2>:<SERVER_PORT_2> weight=5; # Replace with your server IP and port
+        server <SERVER_IP_3>:<SERVER_PORT_3> weight=3 backup; # Replace with your server IP and port, backup server
+    }
+
+    server {
+        listen       80; # Listen on port 80
+        server_name  <DOMAIN_NAME>; # Replace with your domain name or IP address
+
+        # Enforce HTTPS redirection
+        # return 301 https://$host$request_uri;
+        # Optional: Configure HTTPS in a separate server block
+
+        location / {
+            proxy_pass http://backend; # Proxy requests to the upstream servers
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+
+            # Optional: Adjust timeouts for slow clients
+            proxy_connect_timeout       60s;
+            proxy_send_timeout          60s;
+            proxy_read_timeout          60s;
+        }
+
+        # Optional: Add error page configuration
+        # error_page   500 502 503 504  /50x.html;
+        # location = /50x.html {
+        #     root   /usr/share/nginx/html;
+        # }
+    }
+
+    # Optional: HTTPS Configuration (Requires SSL Certificates)
+    # server {
+    #     listen       443 ssl http2;
+    #     server_name  <DOMAIN_NAME>; # Replace with your domain name
+
+    #     ssl_certificate     /etc/nginx/ssl/<DOMAIN_NAME>.crt; # Replace with your certificate path
+    #     ssl_certificate_key /etc/nginx/ssl/<DOMAIN_NAME>.key; # Replace with your key path
+
+    #     ssl_session_cache  shared:SSL:10m;
+    #     ssl_session_timeout  10m;
+
+    #     ssl_protocols TLSv1.2 TLSv1.3;
+    #     ssl_ciphers 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384';
+    #     ssl_prefer_server_ciphers   on;
+
+    #     location / {
+    #         proxy_pass http://backend;
+    #         proxy_set_header Host $host;
+    #         proxy_set_header X-Real-IP $remote_addr;
+    #         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    #         proxy_set_header X-Forwarded-Proto $scheme;
+    #     }
+    # }
+
+    # Load configuration files from the /etc/nginx/conf.d directory
+    include /etc/nginx/conf.d/*.conf;
+}