Re: Configuration question with regards to cookies

Well, i put all this effort into describing my problem and I just ended up putting nginx in front of HAProxy to perform the virtual hosting management and then use HAProxy to provide the load balancing and failover capabilities. It made my HAProxy configuration a lot more simple and nginx seems lightweight enough to perform the tasks I need with some extra functionality like caching.

Anyone have any comments on this. I was just trying to be an HAProxy purist, but failed.

Randall

On Tue, 2008-11-04 at 09:59 -0800, Randall Svancara wrote:
> Hi,
>
> I am attempting to set up haproxy to accommodate multiple virtual
> hosting sites in addition to providing load balancing. So in my
> configuration, i have two domains, dev.cacaogenomedb.org and
> dev.hortgdr.org. Both of these are development sites that will be using
> drupal. Further more, all of these sites are located behind a NAT
> firewall (if that makes any difference).
>
> So here is my layout in a somewhat graphical format.
>
> Internet
> |
> Nat Firewall
> |
> -------------------------------------------------------
> | | |
> dev.hortgdr.org dev.cacaogenomedb.org HAProxy
>
> So the firewall directs all port 80 traffic to HAProxy. Then HAProxy
> forwards all requests comming in from port 80 to the appropriate server.
> In my configuration I am attempting to use cookies set by HAProxy to
> route http traffic based on the hostname provided by the client (Not
> sure if this is the best way to do this, would ngix be more
> appropriate?).
>
> Below is my configuration that I am using:
>
> global
> log 127.0.0.1 local0
> log 127.0.0.1 local1 notice
> #log loghost local0 info
> maxconn 4096
> chroot /opt/haproxy
> uid 500
> gid 500
> daemon
> defaults
> log global
> mode http
> option httplog
> option dontlognull
> retries 3
> option redispatch
> maxconn 2000
> contimeout 5000
> clitimeout 50000
> srvtimeout 50000
> balance roundrobin
> option httpclose
> retries 1
> listen frontend 10.0.0.141:80
> option forwardfor
> reqidel ^Cookie:\ backend=
> reqirep ^Host:\ dev.cacaogenomedb.org \0\nCookie:\ backend=2
> reqirep ^Host:\ dev.hortgdr.org \0\nCookie:\ backend=3
> server switch 127.0.0.1:8000
> listen backend1 127.0.0.1:8001
> capture request header X-Forwarded-For len 100
> capture request header Host len 30
> capture cookie backend len 12
> server apache 10.0.0.193:80
>
> listen backend2 127.0.0.1:8002
> capture request header X-Forwarded-For len 100
> capture request header Host len 30
> capture cookie backend len 12
> # List servers here
> server dev_cacaogenomedb_org 10.0.0.228:80
>
> listen backend3 127.0.0.1:8003
> capture request header X-Forwarded-For len 100
> capture request header Host len 30
> capture cookie backend len 12
> # List servers here
> server dev_hortgdr_org 10.0.0.227:80
>
> As you can see, I have attempted to create a frontend, which based on
> hostname, sets a cookie. Then forwards to the appropriate backend to
> handle the request.
>
> My problem is with Drupal when I attempt to login, the login fails. I
> suspect a problem with cookies, however I am unable to confirm this.
> However, if I bypass HAProxy or configure HAProxy front end to go
> directly to dev.cacaogenomedb.org , the login works fine.
>
> >From debug output, I see that a cookie is being set.
>
> 00000002:backend2.srvhdr[000e:000f]: Set-Cookie:
> SESS32a778652c9b91f0c26452475854fcf0=qrnq2gapg0c62ef3p6b7lrfk14;
> expires=Thu, 27 Nov 2008 21:24:39 GMT; path=/;
> domain=.dev.cacaogenomedb.org
>
> So what can I do to troubleshoot this problem? Secondly, is there
> anything I can do to fix it? Lastly, is there a better way to
> accomplish virtual hosting with high availability, perhaps using HAProxy
> with other software.
>
> Thanks,
>
> Randall
>
>
>
Received on 2008/11/05 22:11