I'm trying to use the HAProxy tutum docker image to load balance between two different web applications. Both web applications has an entry point of "/". At section Virtual host and virtual path I see that I can use virtual hosts to route to the different services. I've tried to set the VIRTUAL_HOST parameter for web app 1 to */webapp1* and for web app 2 I've set it to /*webapp2*. But when try to navigate to web app 1 through HAProxy (using for example http://haproxy-test.myname.svc.tutum.io/webapp1) it forwards me to http://<internal_ip_to_webapp1/webapp1. I would like HAProxy to forward calls to /webapp1 to http://<internal_ip_to_webapp1> (i.e. the entry point of web app 1). How can I achieve this?
You should try adding the host name in the VIRTUAL_HOST parameter.
like http://haproxy-test.myname.svc.tutum.io/webapp1/*
Related
I have several docker containers with some web applications running via docker compose. One of the containers is a custom DNS server with Bind and Webmin installed. Webmin gives a nice web UI allowing me to update Bind DNS configuration without directly modifying the files or SSHing into the container. I have docker setup to lookup DNS in this order:
my docker dns server
my companies internal dns server
google dns server
I have one master zone file for top level domain "example.com" defined in dns server 1. I added an address for server1.example.com and dns resolves correctly. I want other subdomains to be resolved from my companies internal dns server.
server1.example.com - resolves correctly
server2.example.com - this host is not referenced in the zone file for docker dns server. I would like to somehow delegate this to my companies dns server (server 2)
The goal is I should be able to do software development for web applications and deploy them on my docker containers. The code makes internal calls to other "example.com" hosts. I want some of those calls to get directed back to other docker containers rather than the real server because I am developing code on both and want to test it end to end.
I don't want to (and can't) modify my companies dns configuration. I am not an expert in bind or dns setup and looking for the simplest solution.
What configuration can achieve this?
I guess the workaround is to use fully qualified name when creating the zone file. Instead of creating a master zone example.com and listing server1 inside that zone I am creating a master zone with server1.example.com. It means I have to create a zone file for every server but I guess its ok to manage with a smaller number of hosts. server2.example.com then doesnt fall inside of a zone and gets resolved using the next dns server in the chain.
I have a little server in my local network that provides several web services. Each service can be accessed by entering the ip of the server followed by the respective port.
Now I always have to remember which service is behind which port and it would be nicer to have specific subdomains forwarded to these ports. For example
ip:1234 -> foo.server.local
ip:4321 -> bar.server.local
How can this be done? I have pihole running on the server and had hoped to get this done using pihole but I was not successful.
What you are looking for is to set up a Domain Name Server (DNS). phoenixnap.com/kb/raspberry-pi-dns-server This guide should help.
You use a domain to direct to an IP:port combo. Like you could direct 123.12.12.12:8080 to some.thing and 123.12.12.12:8081 to any.address.
The domain name is arbitrary and masks the whole IP:port address.
Firstly, this is a great place to learn and share new information.
Now I've an issue with hosting two websites on the same server but before describing my problem, there are some terms that I'll use henceforth to make things easier.
Website Setup
Server OS - CentOS 7 x64, Docker version - 18.03.0-ce, build 0520e24
1st Website: example.com - hosted via Nginx (Runs as a service on the host machine and not via Docker Container) on port 80 (re-directs to 443) : static website with HTML / CSS code.
2nd Website: http://art.example.com:8080/ : served on port 8080 via this Docker Image
SSL - using LetsEncrypt for both the above domains.
Requirements
To serve both sites (and possibly more) via HTTPs without breaking either of them.
This is because when I browse the 2nd website using art.example.com:8080, it works fine but if I browse the 1st website then subsequent requests to 2nd website somehow start going on HTTPs, causing the page to not load.
Questions
Can both sites (and more) be served via port 80|443 via Nginx VHosts (or any other alternative) without using a different port, i.e: 8080 for 2nd website? This is to not have any ports in the URL as mentioned above but just the domain name.
Or, is there a way to forward traffic to the Docker service on a different port while the main main web service listens to port 80|443? What config changes would I need to do?
I've searched on this forum as much possible but couldn't get much.
Please let me know if any more information would be required from me.
Thanks in advance!
Solution: As recommended by this Docker image maintainer - kdelfour as well as a quick recommendation by BretFisher, we can remake the 1st Website as a Docker Container like the 2nd Website and then load-balance them using Traefik as a reverse proxy to manage SSL
Marking this as solved until an even better solution is found, cheers!
I am currently trying to setup wso2 api manager on openshift. The problem i am running into is that when i try to browse the url created by the openshift route, the application redirects me to the internally created IP address of the publisher app. However when i launch the container without openshift, the application directs me to it's intended API login page which is the Mgt console url.
I suspect this has to do with how the HAProxy embedded load balancer is behaving. I was able to hack around the configurations by changing the default ports to 443 however that created a new set of issues because changing the ports also required me hard coding container hostnames in the carbon.xml. Hardcoding settings in the configuration files prevents me from being able to scale up the containers.
Any assistance on this will be much appreciated.
Let's say we have 2 separate applications, a Web Api application and a MVC application both written in .NET 4.5. If you were to host the MVC application in IIS under the host header "https://www.mymvcapp.com/" would it be possible to host the Web Api application separately in IIS under the host header "https://www.mymvcapp.com/api/"?
The processes running the 2 applications in IIS need to be separate. I know of the separate methods of hosting, self hosting and hosting using IIS. I would like to use IIS if at all possible.
Also, how would I host two applications (an API and a web application) if each were on a separate server so that I could serve the api from http://www.mymvcapp.com/api?
There are at least 4 ways of doing what you want to do. The first two methods are for if you have 1 web server, and both applications are served from that one web server running IIS. This method also works if you have multiple web servers running behind a load-balancer, so long as the API and the Web site are running on the same server.
The second two methods are using what's called a "Reverse Proxy", essentially a way to route traffic from one server (the proxy server) to multiple internal servers depending on what type of traffic you're receiving. This is for when you run your web servers on a set of servers and run your API on a different set of servers. You can use any reverse proxy software you want, I mention nginx and HAProxy because I've used both in the past.
Single Web Server running IIS
There are two ways to do it in IIS:
If your physical folder structure is as follows:
c:\sites\mymvcapp
c:\sites\mymvcapp\api
You can do the following:
Create a Child Application
Creating a child application will allow your "API" site to be reachable from www.mymvcapp.com/api, without any routing changes needed.
To do that:
Open IIS Manager
Click on the appropriate site in the "Sites" folder tree on the left side
Right Click on the API folder
click "Convert to Application"
The downside is that all Child Applications inherit the web config of their parent, and if you have conflicting settings in there, you'll see some runtime weirdness (if it works at all).
Create a directory Junction
The second way is a way to do it so that the applications maintain their separateness; and again you don't have to do any routing.
Assuming two folder structures:
c:\sites\api
c:\sites\mvcapp
You can set up Junctions in Windows. From the command line*:
cd c:\sites
mklink /D /J mymvcapp c:\sites\mvcapp
cd mymvcapp
mklink /D /J api c:\sites\api
Then go into IIS Manager, and convert both to applications. This way, the API will be available in \api\, but not actually share its web.config settings with the parent.
Multiple Servers
If you use nginx or haproxy as a reverse proxy, you can set it up to route calls to each app depending.
nginx Reverse Proxy settings
In your nginx.conf (best practice is to create a sites-enabled conf that's a symlink to sites-available, and you can destroy that symlink whenever deploying) do the following:
location / {
proxy_pass http://mymvcapp.com:80
}
location /api {
proxy_pass http://mymvcapp.com:81
}
and then you'd set the correct IIS settings to have each site listen on ports 80 (mymvcapp) and ports 81 (api).
HAProxy
acl acl_WEB hdr_beg(host) -i mymvcapp.com
acl acl_API path_beg -i /api
use_backend API if acl_API
use_backend WEB if acl_WEB
backend API
server web mymvcapp.com:81
backend WEB
server web mymvcapp.com:80
*I'm issuing the Junction command from memory; I did this a few months ago, but not recently, so let me know if there are issues with the command
NB: the config files are not meant to be complete config files -- only to show the settings necessary for reverse proxying. Depending on your environment there may be other settings you need to set.