Hi list,
I have got a complex "routing" problem and I am sure there is a solution with
haproxy but the ring doesn't bell. The problem in this case is that all users
of a customer have to work on the same application server (because of the data
broadcast feature of the java application framework servoy). The login sequence
looks like follows:
1. The user connects via https to the Java application and logs in.
2. The Java application gets downloaded to the client.
3. The Java application starts at the client side and connects via TCP to a
dedicated port.
To create a HA setup we tried to add some "backup" servers to every backend but
we weren't able to find any working solution for those TCP listeners. Here is
what the configuration looks like:
frontend https-in
log global
bind *:80
bind *:443 ssl crt /etc/haproxy/test.pem
reqadd X-Forwarded-Proto:\ https
redirect scheme https if !{ ssl_fc }
acl is_service url_reg /(xxxxxxxxxxxxxxxxxxxx.*/xxxxxxxxxxxxx)
use_backend jnlp-%[url,map_reg(/etc/haproxy/url_reg.map,none)] if
is_service
use_backend %[url,map_reg(/etc/haproxy/url_reg.map,none)]
default_backend none
backend none
log global
http-request deny
backend app01
reqrep ^([^\ ]*\ \/)app01[\/]?(.*) \1\2
reqrep ^xxxxxxxxxxxxxxxxxxxxxxxxxx \1\4
server app01 xxxxxx-app01-prod:8080 check
server app02 xxxxxx-app02-prod:8080 check backup
server app03 xxxxxx-app03-prod:8080 check backup
backend jnlp-app01
acl intern src xxx.xxx.xxx.xxx
reqrep ^([xxxxxxxxxxxxxxxxxxx\2 if !intern
reqrep ^([xxxxxxxxxxxxxxxxxxxjnlp\2 if intern
rsprep ^Content-Type:\ .*$ Content-Type:\ application/x-java-jnlp-file
server jnlp-app01 xxxxxx-app01-prod:8080 check
server jnlp-app02 xxxxxx-app02-prod:8080 check backup
server jnlp-app03 xxxxxx-app03-prod:8080 check backup
backend app02
reqrep ^([^\ ]*\ \/)app02[\/]?(.*) \1\2
reqrep ^xxxxxxxxxxxxxxxxxxxxxxxxx) \1\4
server app02 xxxxxx-app02-prod:8080 check
server app01 xxxxxx-app01-prod:8080 check backup
server app03 xxxxxx-app03-prod:8080 check backup
backend jnlp-app02
acl intern src xxxxxxxxxx
reqrep ^xxxxxxxxxx\2 if !intern
reqrep ^xxxxxxxxxxxxxxxxxxxxxxx2 if intern
rsprep ^Content-Type:\ .*$ Content-Type:\ application/x-java-jnlp-file
server jnlp-app02 xxxxxx-app02-prod:8080 check
server jnlp-app01 xxxxxx-app01-prod:8080 check backup
server jnlp-app03 xxxxxx-app03-prod:8080 check backup
[...]
defaults
log global
mode tcp
option tcplog
timeout connect 10000
timeout client 150000
timeout server 150000
listen tcp-inout-app01
bind *:1091
server tcp-app01 xxxxxx-app01-prod:1091 check
server tcp-app02 xxxxxx-app02-prod:1092 check backup
server tcp-app03 xxxxxx-app03-prod:1093 check backup
listen tcp-inout-app02
bind *:1092
server tcp-app02 xxxxxx-app02-prod:1092 check
server tcp-app01 xxxxxx-app01-prod:1091 check backup
server tcp-app03 xxxxxx-app03-prod:1093 check backup
[...]
So the problem is - after eg. app01 crashed all users get disconnected and
after those users relogin the will connect to app02 and this application server
will tell the java application to connect to port 1092. We tried to use
"on-marked-up shutdown-backup-sessions" but as app02 is no backup on listener
1092 this does not make any sense. Anyone with a ringing bell?
All the best,
Florian
