search

donaldzou / WGDashboard

Simple dashboard for WireGuard VPN written in Python & Vue.js
https://donaldzou.github.io/WGDashboard-Documentation/
Apache License 2.0
1.51k stars 223 forks source link

WGD HA setup - Queries and Ideas. #372

Open mzs114 opened 1 month ago

mzs114 commented 1 month ago

Is your feature request related to a problem? Please describe. It seems we have have a HA setup with some cloud like AWS, and WGD can support this if the state(DB) sharing is taken care of.

Refer the below setup: https://www.procustodibus.com/blog/2021/02/ha-wireguard-on-aws/

Describe the solution you'd like

Can WGD support PostgreSQL, so that one can setup AWS Aurora for shared state between multiple WGD VMs?

DaanSelen commented 1 week ago

You mean support an SQLike database such as Postgres or MySQL/MariaDB?

donaldzou commented 1 week ago

Theoretically... it can be done.. since the SQL statement I used works across different flavours of SQL DBs. One thing I would like to know is, if I understand HA WireGuard setup correctly:

  1. It uses multiple servers but assign them by load balancer
  2. You will need identical WG configurations across servers
  3. Deploy WGDashboard on each servers
    • If you use one database across all WGDashboard instances, some records in databse will get override such as:
      • ServerA => Peer1 recorded using 4.4GB total
      • ServerB => Peer1 recorded using 1GB total
      • In this case, you will see different data usage whenever each server update

Correct me if I'm wrong. But using PostgreSQL, MySQL, SQL Server is possible with WGDashboard.

mzs114 commented 1 week ago

You mean support an SQLike database such as Postgres or MySQL/MariaDB?

Yes, any other FLOSS RDBMS, that supports external HA setup.

Theoretically... it can be done.. since the SQL statement I used works across different flavours of SQL DBs. One thing I would like to know is, if I understand HA WireGuard setup correctly:

An ORM may help, but not sure how Flask handles this.

1. It uses multiple servers but assign them by load balancer

Yes.

2. You will need identical WG configurations across servers

Correct.

3. Deploy WGDashboard on each servers

Correct, and they all connect to the same DB.

   * If you use **one** database across all WGDashboard instances, some records in databse will get override such as:

     * ServerA => Peer1 recorded using 4.4GB total
     * ServerB => Peer1 recorded using 1GB total
     * **In this case, you will see different data usage whenever each server update**

This could be a problem, but I think if we use sticky sessions the connection will be routed to the same backend node, however, this is still not a perfect setup, as the peer can switch after idle timeout to a new backend node behind the load balancer, need to see how other FLOSS products are handling this.

https://cloudar.be/awsblog/why-aws-nlb-stickiness-is-not-always-sticky/

donaldzou commented 1 week ago

This could be a problem, but I think if we use sticky sessions the connection will be routed to the same backend node, however, this is still not a perfect setup, as the peer can switch after idle timeout to a new backend node behind the load balancer, need to see how other FLOSS products are handling this.

I see, but I'm thinking if we use sticky session, isn't it kinda defeated the purpose of using NLB lol.. Currently WGDashboard support cross server access on its Desktop app, maybe this would be a better solution?

mzs114 commented 1 week ago

I see, but I'm thinking if we use sticky session, isn't it kinda defeated the purpose of using NLB lol.. Currently WGDashboard support cross server access on its Desktop app, maybe this would be a better solution?

Some Wireguard uses UDP, even if the back node is lost, the connection routes through some other node, ideally the user would not notice.