search

eBayClassifiedsGroup / PanteraS

PanteraS - PaaS - Platform as a Service in a box
GNU General Public License v2.0
199 stars 61 forks source link

[Question] Recommendation and details on how to migrate web service into Fabio. #259

Closed kopax closed 6 years ago

kopax commented 7 years ago

I am replacing HAproxy for Fabio :tada:

After enabling fabio with START_FABIO=true I confirm the HAproxy process isn't running.

So far, I have the exact same service that can and can't be proxied.

HTTP

I have for example gitlab, behind a nginx ssl reverse proxy. I couldn't pass it to HAproxy because of 503 error. I had to use the direct upstream with a fixed port. I have tested with Fabio and I have the same result.

  1. I think this is due to HAproxy/Fabio not proxying the correct header, I havent see where to configure that. It could also be the encryption. Any idea why ?
  2. I have seen this, is this related and can this help ? (;proto=tcp+sni)

TCP

I have tested services like Ldap, OpenVPN, SMTP and the Fabio proxy seems to do the TCP proxying job. I did verify using telnet.

  1. Is the TCP port unique to the consul service or to the data center ?
  2. I tried to configure a postgresql with TCP proxy using Consul tag urlprefix-:5432 proto=tcp, but the service was not reachable on that port. Any idea why?

Common

  1. In the Panteras readme. You wrote about a service available for Fabio/HAproxy on port :81. I have nothing running on that port, is it expected?
  2. Is there a way to view all the services proxied by Fabio and their configuration?
  3. I still see in supervisord a process for haproxy_consul_template, is it expected ?
  4. I use to have unsync issues with HAproxy. It ended up with port already allocated error or corrupted HAproxy swap. This happened when playing with the HAproxy. Is it now more safe to configure Fabio while everything is running?

Thanks in advance.

sielaq commented 7 years ago

Hi,

1st use :

START_FABIO="true"
START_CONSUL_TEMPLATE="false"

you need to disable HAproxy+consul-template since this they use the same ports

then you can verify that fabio is up:

apt-get update; apt-get install net-tools; netstat -tulpen | grep fabio
tcp6       0      0 :::80                   :::*                    LISTEN      0          517397      17810/fabio
tcp6       0      0 :::81                   :::*                    LISTEN      0          517235      17810/fabio
kopax commented 7 years ago

Fabio is missing the listen interface configuration. I have opened an issue here I hope it will be solved. https://github.com/fabiolb/fabio/issues/283