Closed lukicsl closed 5 years ago
What kind of traffic are you proxying? TCP?
yes, in principle it is some sort of json, xml and binary rpc data
Are you only proxying TCP traffic?
yes,
I finally foud the tcp support option, but seems not work as I expect.
I am having this service definition:
- com.df.notify=true
- com.df.distribute=true
- com.df.servicePath.1=/openhab,/rest,/start,/habpanel,/habmin,/doc,/paperui
- com.df.reqPathSearchReplace.1=/openhab,/
- com.df.port.1=8080
- com.df.servicePath.2=/
- com.df.srcPort.2=9125
- com.df.port.2=9125
- com.df.reqMode2=tcp
- com.df.servicePath.3=/
- com.df.srcPort.3=9126
- com.df.port.3=9126
- com.df.reqMode3=tcp
but somehow the result is:
proxy_proxy.1.k33rhpamkhil@vevedock-02 | backend openhab_openhab-be8080_1
proxy_proxy.1.k33rhpamkhil@vevedock-02 | mode http
proxy_proxy.1.k33rhpamkhil@vevedock-02 | http-request add-header X-Forwarded-Proto https if { ssl_fc }
proxy_proxy.1.k33rhpamkhil@vevedock-02 | http-request set-path %!
proxy_proxy.1.k33rhpamkhil@vevedock-02 | (BADINDEX) server openhab_openhab openhab_openhab:8080
proxy_proxy.1.k33rhpamkhil@vevedock-02 | backend openhab_openhab-be9125_2
proxy_proxy.1.k33rhpamkhil@vevedock-02 | mode http
proxy_proxy.1.k33rhpamkhil@vevedock-02 | http-request add-header X-Forwarded-Proto https if { ssl_fc }
proxy_proxy.1.k33rhpamkhil@vevedock-02 | server openhab_openhab openhab_openhab:9125
proxy_proxy.1.k33rhpamkhil@vevedock-02 | backend openhab_openhab-be9126_3
proxy_proxy.1.k33rhpamkhil@vevedock-02 | mode http
proxy_proxy.1.k33rhpamkhil@vevedock-02 | http-request add-header X-Forwarded-Proto https if { ssl_fc }
proxy_proxy.1.k33rhpamkhil@vevedock-02 | server openhab_openhab openhab_openhab:9126
proxy_proxy.1.k33rhpamkhil@vevedock-02 | 2019/01/14 15:15:32 Proxy config was reloaded
proxy_proxy.1.k33rhpamkhil@vevedock-02 | 2019/01/14 15:15:32 Reloading the proxy
proxy_proxy.1.k33rhpamkhil@vevedock-02 | 2019/01/14 15:15:32 Validating configuration
proxy_proxy.1.k33rhpamkhil@vevedock-02 | Configuration file is valid
proxy_proxy.1.k33rhpamkhil@vevedock-02 | 2019/01/14 15:15:33 Proxy config was reloaded
The proxy setting is:
ports:
- 80:80
- 443:443
- 9125:9125
- 9126:9126
networks:
- proxy
environment:
- LISTENER_ADDRESS=swarm-listener
- MODE=swarm
- CONNECTION_MODE=${CONNECTION_MODE:-http-server-close}
- STATS_USER=admin
- STATS_PASS=admin
- BIND_PORTS=9125,9126
the config output is:
root@80a52663f5e1:/# cat /cfg/haproxy.cfg
global
pidfile /var/run/haproxy.pid
stats socket /var/run/haproxy.sock mode 660 level admin expose-fd listeners
tune.ssl.default-dh-param 2048
# disable sslv3, prefer modern ciphers
ssl-default-bind-options no-sslv3
ssl-default-bind-ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS
ssl-default-server-options no-sslv3
ssl-default-server-ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS
resolvers docker
nameserver dns 127.0.0.11:53
defaults
mode http
balance roundrobin
option dontlognull
option dontlog-normal
option http-server-close
option redispatch
errorfile 400 /errorfiles/400.http
errorfile 403 /errorfiles/403.http
errorfile 405 /errorfiles/405.http
errorfile 408 /errorfiles/408.http
errorfile 429 /errorfiles/429.http
errorfile 500 /errorfiles/500.http
errorfile 502 /errorfiles/502.http
errorfile 503 /errorfiles/503.http
errorfile 504 /errorfiles/504.http
maxconn 5000
timeout connect 5s
timeout client 20s
timeout server 20s
timeout queue 30s
timeout tunnel 3600s
timeout http-request 5s
timeout http-keep-alive 15s
stats enable
stats refresh 30s
stats realm Strictly\ Private
stats uri /admin?stats
stats auth admin:admin
frontend services
bind *:80
bind *:443
mode http
option forwardfor
bind *:9125
bind *:9126
acl url_monitor_grafana3000_0 path_beg /grafana/ path_beg /grafana/public path_beg /grafana/api
use_backend monitor_grafana-be3000_0 if url_monitor_grafana3000_0
acl url_monitor_monitor9090_0 path_beg /monitor
acl domain_monitor_monitor9090_0 hdr_beg(host) -i vevedock-01
use_backend monitor_monitor-be9090_0 if url_monitor_monitor9090_0 domain_monitor_monitor9090_0
acl url_openhab_frontail9001_0 path_beg /oh-log
use_backend openhab_frontail-be9001_0 if url_openhab_frontail9001_0
acl url_openhab_openhab8080_1 path_beg /openhab path_beg /rest path_beg /start path_beg /habpanel path_beg /habmin path_beg /doc path_beg /paperui
acl url_openhab_openhab9125_2 path_beg /
acl srcPort_openhab_openhab9125_2 dst_port 9125
acl url_openhab_openhab9126_3 path_beg /
acl srcPort_openhab_openhab9126_3 dst_port 9126
use_backend openhab_openhab-be8080_1 if url_openhab_openhab8080_1
use_backend openhab_openhab-be9125_2 if url_openhab_openhab9125_2 srcPort_openhab_openhab9125_2
use_backend openhab_openhab-be9126_3 if url_openhab_openhab9126_3 srcPort_openhab_openhab9126_3
backend monitor_grafana-be3000_0
mode http
http-request add-header X-Forwarded-Proto https if { ssl_fc }
http-request set-path %[path,regsub(/grafana,)]
server monitor_grafana monitor_grafana:3000
backend monitor_monitor-be9090_0
mode http
http-request add-header X-Forwarded-Proto https if { ssl_fc }
server monitor_monitor monitor_monitor:9090
backend openhab_frontail-be9001_0
mode http
http-request add-header X-Forwarded-Proto https if { ssl_fc }
server openhab_frontail openhab_frontail:9001
backend openhab_openhab-be8080_1
mode http
http-request add-header X-Forwarded-Proto https if { ssl_fc }
http-request set-path %[path,regsub(/openhab,/)]
server openhab_openhab openhab_openhab:8080
backend openhab_openhab-be9125_2
mode http
http-request add-header X-Forwarded-Proto https if { ssl_fc }
server openhab_openhab openhab_openhab:9125
backend openhab_openhab-be9126_3
mode http
http-request add-header X-Forwarded-Proto https if { ssl_fc }
server openhab_openhab openhab_openhab:9126root@80a52663f5e1:/#
Try com.df.reqMode.2=tcp
(with the .
).
damn! changed that, getting strange warning on debug console:
proxy_proxy.1.k33rhpamkhil@vevedock-02 | 2019/01/14 15:34:31 Creating configuration for the service openhab_openhab
proxy_proxy.1.k33rhpamkhil@vevedock-02 | 2019/01/14 15:34:31 Reloading the proxy
proxy_proxy.1.k33rhpamkhil@vevedock-02 | 2019/01/14 15:34:31 Validating configuration
proxy_proxy.1.k33rhpamkhil@vevedock-02 | [WARNING] 013/153431 (4112) : config : 'stats' statement ignored for frontend 'tcpFE_9125' as it requires HTTP mode.
proxy_proxy.1.k33rhpamkhil@vevedock-02 | [WARNING] 013/153431 (4112) : config : 'stats' statement ignored for frontend 'tcpFE_9126' as it requires HTTP mode.
proxy_proxy.1.k33rhpamkhil@vevedock-02 | [WARNING] 013/153431 (4112) : config : 'stats' statement ignored for backend 'openhab_openhab-be9125_2' as it requires HTTP mode.
proxy_proxy.1.k33rhpamkhil@vevedock-02 | [WARNING] 013/153431 (4112) : config : 'stats' statement ignored for backend 'openhab_openhab-be9126_3' as it requires HTTP mode.
proxy_proxy.1.k33rhpamkhil@vevedock-02 | Configuration file is valid
proxy_proxy.1.k33rhpamkhil@vevedock-02 | The configuration file is valid, but there still may be a misconfiguration somewhere that will give unexpected results, please verify:
proxy_proxy.1.k33rhpamkhil@vevedock-02 | stdout:
proxy_proxy.1.k33rhpamkhil@vevedock-02 | Configuration file is valid
proxy_proxy.1.k33rhpamkhil@vevedock-02 |
proxy_proxy.1.k33rhpamkhil@vevedock-02 | stderr:
proxy_proxy.1.k33rhpamkhil@vevedock-02 | [WARNING] 013/153431 (4112) : config : 'stats' statement ignored for frontend 'tcpFE_9125' as it requires HTTP mode.
proxy_proxy.1.k33rhpamkhil@vevedock-02 | [WARNING] 013/153431 (4112) : config : 'stats' statement ignored for frontend 'tcpFE_9126' as it requires HTTP mode.
proxy_proxy.1.k33rhpamkhil@vevedock-02 | [WARNING] 013/153431 (4112) : config : 'stats' statement ignored for backend 'openhab_openhab-be9125_2' as it requires HTTP mode.
proxy_proxy.1.k33rhpamkhil@vevedock-02 | [WARNING] 013/153431 (4112) : config : 'stats' statement ignored for backend 'openhab_openhab-be9126_3' as it requires HTTP mode.
proxy_proxy.1.k33rhpamkhil@vevedock-02 |
proxy_proxy.1.k33rhpamkhil@vevedock-02 |
proxy_proxy.1.k33rhpamkhil@vevedock-02 | [WARNING] 013/153431 (4119) : config : 'stats' statement ignored for frontend 'tcpFE_9125' as it requires HTTP mode.
proxy_proxy.1.k33rhpamkhil@vevedock-02 | [WARNING] 013/153431 (4119) : config : 'stats' statement ignored for frontend 'tcpFE_9126' as it requires HTTP mode.
proxy_proxy.1.k33rhpamkhil@vevedock-02 | [WARNING] 013/153431 (4119) : config : 'stats' statement ignored for backend 'openhab_openhab-be9125_2' as it requires HTTP mode.
proxy_proxy.1.k33rhpamkhil@vevedock-02 | [WARNING] 013/153431 (4119) : config : 'stats' statement ignored for backend 'openhab_openhab-be9126_3' as it requires HTTP mode.
proxy_proxy.1.k33rhpamkhil@vevedock-02 | The configuration file is valid, but there still may be a misconfiguration somewhere that will give unexpected results, please verify:
proxy_proxy.1.k33rhpamkhil@vevedock-02 | stdout:
proxy_proxy.1.k33rhpamkhil@vevedock-02 |
proxy_proxy.1.k33rhpamkhil@vevedock-02 | stderr:
proxy_proxy.1.k33rhpamkhil@vevedock-02 | [WARNING] 013/153431 (4119) : config : 'stats' statement ignored for frontend 'tcpFE_9125' as it requires HTTP mode.
proxy_proxy.1.k33rhpamkhil@vevedock-02 | [WARNING] 013/153431 (4119) : config : 'stats' statement ignored for frontend 'tcpFE_9126' as it requires HTTP mode.
proxy_proxy.1.k33rhpamkhil@vevedock-02 | [WARNING] 013/153431 (4119) : config : 'stats' statement ignored for backend 'openhab_openhab-be9125_2' as it requires HTTP mode.
proxy_proxy.1.k33rhpamkhil@vevedock-02 | [WARNING] 013/153431 (4119) : config : 'stats' statement ignored for backend 'openhab_openhab-be9126_3' as it requires HTTP mode.
proxy_proxy.1.k33rhpamkhil@vevedock-02 |
proxy_proxy.1.k33rhpamkhil@vevedock-02 |
proxy_proxy.1.k33rhpamkhil@vevedock-02 | 2019/01/14 15:34:31 Proxy config was reloaded
The stats
entry in global
may be progagating to the mode tcp
services. What does the haproxy config look like now?
I deleted
- BIND_PORTS=9125,9126
no it seems to work from a telnet session and I am not getting 503 back from proxy
proxy_proxy.1.x9z7vwlsb13x@vevedock-02 | 2019/01/14 15:54:41 HAPRoxy: 10.255.0.2:44128 [14/Jan/2019:15:54:38.542] tcpFE_9126 openhab_openhab-be9126_3/openhab_openhab 3008/-1/3017 0 SC 3/1/0/0/3 0/0
the cfg:
root@c0163a830a66:/# cat /cfg/haproxy.cfg
global
pidfile /var/run/haproxy.pid
stats socket /var/run/haproxy.sock mode 660 level admin expose-fd listeners
tune.ssl.default-dh-param 2048
log 127.0.0.1:1514 local0
# disable sslv3, prefer modern ciphers
ssl-default-bind-options no-sslv3
ssl-default-bind-ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS
ssl-default-server-options no-sslv3
ssl-default-server-ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS
resolvers docker
nameserver dns 127.0.0.11:53
defaults
mode http
balance roundrobin
option http-server-close
option redispatch
errorfile 400 /errorfiles/400.http
errorfile 403 /errorfiles/403.http
errorfile 405 /errorfiles/405.http
errorfile 408 /errorfiles/408.http
errorfile 429 /errorfiles/429.http
errorfile 500 /errorfiles/500.http
errorfile 502 /errorfiles/502.http
errorfile 503 /errorfiles/503.http
errorfile 504 /errorfiles/504.http
maxconn 5000
timeout connect 5s
timeout client 20s
timeout server 20s
timeout queue 30s
timeout tunnel 3600s
timeout http-request 5s
timeout http-keep-alive 15s
stats enable
stats refresh 30s
stats realm Strictly\ Private
stats uri /admin?stats
stats auth admin:admin
frontend services
bind *:80
bind *:443
mode http
option forwardfor
option httplog
log global
acl url_monitor_grafana3000_0 path_beg /grafana/ path_beg /grafana/public path_beg /grafana/api
use_backend monitor_grafana-be3000_0 if url_monitor_grafana3000_0
acl url_monitor_monitor9090_0 path_beg /monitor
acl domain_monitor_monitor9090_0 hdr_beg(host) -i vevedock-01
use_backend monitor_monitor-be9090_0 if url_monitor_monitor9090_0 domain_monitor_monitor9090_0
acl url_openhab_frontail9001_0 path_beg /oh-log
use_backend openhab_frontail-be9001_0 if url_openhab_frontail9001_0
acl url_openhab_openhab8080_1 path_beg /openhab path_beg /rest path_beg /start path_beg /habpanel path_beg /habmin path_beg /doc path_beg /paperui
use_backend openhab_openhab-be8080_1 if url_openhab_openhab8080_1
frontend tcpFE_9126
bind *:9126
mode tcp
option tcplog
log global
default_backend openhab_openhab-be9126_3
frontend tcpFE_9125
bind *:9125
mode tcp
option tcplog
log global
default_backend openhab_openhab-be9125_2
backend monitor_grafana-be3000_0
mode http
http-request add-header X-Forwarded-Proto https if { ssl_fc }
log global
http-request set-path %[path,regsub(/grafana,)]
server monitor_grafana monitor_grafana:3000
backend monitor_monitor-be9090_0
mode http
http-request add-header X-Forwarded-Proto https if { ssl_fc }
log global
server monitor_monitor monitor_monitor:9090
backend openhab_frontail-be9001_0
mode http
http-request add-header X-Forwarded-Proto https if { ssl_fc }
log global
server openhab_frontail openhab_frontail:9001
backend openhab_openhab-be8080_1
mode http
http-request add-header X-Forwarded-Proto https if { ssl_fc }
log global
http-request set-path %[path,regsub(/openhab,/)]
server openhab_openhab openhab_openhab:8080
backend openhab_openhab-be9125_2
mode tcp
server openhab_openhab openhab_openhab:9125
backend openhab_openhab-be9126_3
mode tcp
server openhab_openhab openhab_openhab:9126root@c0163a830a66:/#
The debug output above does it indicate that I am forwarding 9126 port to openhab_openhab service
I am not getting inside the openhab service not the expected results, but that might also be a service internal problem
I will try out tomorrow the setup with a well known simple service like MQTT.
for the moment closing the issue
I am running openhab inside the swarm. Managed to get it running. Stuck right now with missing option/knowledge how to route none html traffic from outside to openhab service. proxy should listen to ports 9125, 9126 and route to the service.
with HAProxy that should be manageable: https://www.linickx.com/load-balance-anything-with-haproxy