Yesterday I wrote an article that mostly explained how to install and configure haproxy. Today I want to describe the specific solution I’ve come up with for handling a development environment with multiple services running on multiple servers. My goal is to simply things. Specifically our networking and configuration. Complicating factors include:
- not wanting to change some domains/url (though I do want to remove the ports)
- minimize ip usage
- A proper dev or qa install includes several VMs load balanced together.
- DHCP works but messes up load balancing when renews happen.
- Hand picking IPs is a bit burdensome.
- Performance would be nice.
The solution I’ve come up with is to create a tree topology out of haproxyed servers. Basically, one server sets at the top and all port 80 traffic gets forwarded to it from the router. We’ll call it Lancelot. Lancelot’s haproxy rules are configured to search out the hdr_beg for domains like wiki. and jira. and forward those along to the appropriate servers. Say we have two additional servers, Arthur and Galahad, were we set up virtual environments. Lancelot also has hdr_end lines for arthur.domain.com and galahad.domain.com which forward the requests on to those servers. Galahad has virtual environments purity and sword. Arthur has virtual environments excalibur, lwr (large wooden rabbit), and hhg (holy hand grenade). Galahad’s haproxy is configured with hdr_beg lines for purity. and sword. which forward requests onto VirtualBox private networks. Arthur’s haproxy is configured with hdr_beg lines for excalibur., lwr., and hhg. which forward requests onto VirtualBox private networks.
Setup like the above, a request for excalibur.arthur.domain.com would:
- Get sent to Lancelot by the router (port 80 forwarding rule)
- Trigger Lancelots hdr_end rule for arthur.domain.com and get forward to Arthur
- Trigger Arthur’s hdr_beg rule for excalibur and get forwarded to a 192.168 that corrisponds to excalibur’s load balancer
- The request gets handled and winds it’s way back through the proxies to your web browser.
This satisfies most of my goals. Domains for things like wiki.domain.com remain the same because haproxy is forwarding the request directly to it’s appropriate server. Because installs like excalibur and purity use only private VM networking IPs from the office as a whole aren’t used and I have a static IP to load balance with. Performance could be better but screw it, it isn’t production.