docker.recipes

BFE Load Balancer

intermediate

Baidu's open-source layer 7 load balancer.

Overview

BFE (Baidu Front End) is Baidu's production-grade, open-source layer 7 load balancer that handles billions of requests daily in one of the world's largest internet infrastructures. Originally developed to serve Baidu's massive scale requirements, BFE offers advanced traffic management capabilities including content-based routing, SSL termination, request transformation, and intelligent health checking with built-in circuit breakers and rate limiting mechanisms. This BFE configuration establishes a comprehensive load balancing solution with three distinct service endpoints: HTTP traffic handling on port 8080, HTTPS with SSL termination on port 8443, and real-time monitoring and metrics collection on port 8421. The setup leverages BFE's flexible configuration system through mounted volumes, allowing dynamic rule updates and sophisticated routing policies without container restarts. Organizations seeking enterprise-grade load balancing with Chinese internet scale reliability will find BFE particularly valuable, especially those requiring advanced layer 7 features like request rewriting, sophisticated health checks, and real-time traffic shaping. Companies handling high-throughput web applications, API gateways requiring complex routing logic, or infrastructure teams needing granular traffic control and monitoring will benefit from BFE's battle-tested architecture and comprehensive feature set.

Key Features

  • Content-based routing with advanced pattern matching for URL paths, headers, and request parameters
  • Built-in circuit breaker mechanism with configurable failure thresholds and recovery timeouts
  • Real-time traffic shaping and rate limiting with per-client and global request throttling
  • Comprehensive health checking system with custom probe configurations and automatic backend failover
  • SSL/TLS termination with certificate management and configurable cipher suites
  • Request and response transformation capabilities including header manipulation and URL rewriting
  • Advanced monitoring dashboard with detailed metrics on response times, error rates, and backend status
  • Hot configuration reload allowing rule updates without service interruption or connection drops

Common Use Cases

  • 1High-traffic e-commerce platforms requiring intelligent traffic distribution across multiple backend services
  • 2API gateway implementations needing sophisticated request routing based on authentication tokens or API versions
  • 3Multi-tenant SaaS applications requiring tenant-specific routing and rate limiting policies
  • 4Microservices architectures where services need dynamic discovery and health-aware load balancing
  • 5Content delivery optimization for applications serving users across different geographic regions
  • 6Blue-green deployment scenarios requiring gradual traffic shifting between application versions
  • 7Legacy application modernization where gradual migration to new services requires sophisticated traffic splitting

Prerequisites

  • Docker Engine 20.10+ with at least 2GB available memory for BFE operations and configuration caching
  • Available ports 8080, 8443, and 8421 on the host system without conflicts from other services
  • Basic understanding of load balancing concepts and HTTP/HTTPS protocol fundamentals
  • Familiarity with BFE configuration syntax for routing rules and backend pool definitions
  • Backend services or applications ready to receive proxied traffic from the load balancer
  • SSL certificates prepared if HTTPS termination and secure traffic handling is required

For development & testing. Review security settings, change default credentials, and test thoroughly before production use. See Terms

docker-compose.yml

docker-compose.yml
1services: 
2  bfe: 
3    image: bfenetworks/bfe:latest
4    container_name: bfe
5    restart: unless-stopped
6    volumes: 
7      - ./bfe/conf:/bfe/conf:ro
8    ports: 
9      - "8080:8080"
10      - "8443:8443"
11      - "8421:8421"
12    networks: 
13      - bfe-network
14
15networks: 
16  bfe-network: 
17    driver: bridge

.env Template

.env
1# BFE configuration

Usage Notes

  1. 1Docs: https://www.bfe-networks.net/en_us/
  2. 2HTTP on 8080, HTTPS on 8443, monitoring on 8421
  3. 3Monitor endpoint: http://localhost:8421/monitor shows metrics
  4. 4Configure routing rules in ./bfe/conf/server_data_conf/
  5. 5Built-in circuit breaker, rate limiting, and health checks
  6. 6Baidu's production LB handling billions of requests daily

Quick Start

terminal
1# 1. Create the compose file
2cat > docker-compose.yml << 'EOF'
3services:
4  bfe:
5    image: bfenetworks/bfe:latest
6    container_name: bfe
7    restart: unless-stopped
8    volumes:
9      - ./bfe/conf:/bfe/conf:ro
10    ports:
11      - "8080:8080"
12      - "8443:8443"
13      - "8421:8421"
14    networks:
15      - bfe-network
16
17networks:
18  bfe-network:
19    driver: bridge
20EOF
21
22# 2. Create the .env file
23cat > .env << 'EOF'
24# BFE configuration
25EOF
26
27# 3. Start the services
28docker compose up -d
29
30# 4. View logs
31docker compose logs -f

One-Liner

Run this command to download and set up the recipe in one step:

terminal
1curl -fsSL https://docker.recipes/api/recipes/bfe/run | bash

Troubleshooting

  • BFE container exits with 'configuration file not found': Create the ./bfe/conf directory structure with required bfe.conf, server_data_conf, and mod_conf subdirectories before starting
  • HTTP requests return 502 Bad Gateway errors: Verify backend server configurations in server_data_conf/cluster_conf.data and ensure target services are accessible from the BFE container network
  • Monitoring dashboard shows 'no data' on port 8421: Check that the monitor module is enabled in bfe.conf and the web_monitor configuration includes the correct listening address
  • SSL handshake failures on port 8443: Ensure valid certificate files are mounted in the tls_conf directory and certificate paths are correctly specified in tls_conf.data
  • Configuration changes not taking effect: Send SIGUSR1 signal to the BFE process or use the reload API endpoint to trigger hot configuration reloading without restart
  • High memory usage during operation: Adjust connection pool sizes and request buffer limits in bfe.conf, and monitor backend response times that may cause connection accumulation

Community Notes

Loading...
Loading notes...

Download Recipe Kit

Get all files in a ready-to-deploy package

Includes docker-compose.yml, .env template, README, and license

Components

bfe

Tags

#bfe#baidu#load-balancer#layer7#china

Category

Web Servers & Reverse Proxies

Related Recipes

Ad Space