Skip to content

Instantly share code, notes, and snippets.

@arunnabraham

arunnabraham/HAProxy_Containers.md

Last active October 29, 2021 08:07
Show Gist options
  • Save arunnabraham/59ab301e113bad517726f8edb49ad691 to your computer and use it in GitHub Desktop.
Save arunnabraham/59ab301e113bad517726f8edb49ad691 to your computer and use it in GitHub Desktop.
Download ZIP
HAProxy on Host with Containarized Web Application
Raw
HAProxy_Containers.md

Why use HAProxy

Although there are various reasons to use various proxy servers, HAProxy is industry proven and one of the popular high performance reverse proxy and load balancer.

We could connect it with various web servers, databases or other network oriented apps to connect and configure

Using with Containarized Web Applications when HAPoxy in Host Machine

Suppose we need to develop in dockerized application, yet in some cases we are not easly able to do port mapping with hosts 80 with container's 80 as the privileged port.

There are many ways to overcome it with linux configurations. But here in the case the HAProxy runs on host machine and web application on container

Example Container App

Here we use Fedora as one of the most popular distro like Ubuntu. Instead of docker we use Podman. Which is like fork of docker, supports syntactically similar commands

podman run -d --net slirp4netns:allow_host_loopback=true --name webapp1 -p 8000:80 -p 4433:443 -v ./app:/var/www/localhost/htdocs:z -it --rm php-apache-alpine:latest

as like the command, here we allow container to communicate with the host with --net slirp4netns:allow_host_loopback=true option.

for volume syncing we use -v ./app:/var/www/localhost/htdocs:z with "z" as the default code sync option from host to container shared space.

all can be refered in https://docs.podman.io/en/latest/markdown/podman-run.1.html

HAProxy Config

Edit: sudo nano /etc/haproxy/haproxy.cfg

Add:

frontend webfrontend

bind :80 mode http default_backend webservers

backend webservers

server localhost 0.0.0.0:8000 check

Restart HAProxy: sudo systemctl restart haproxy

Now access the browser to localhost with default port 80 to check if that is working instead of :8000

Known Errors

503 Service unavaliable

Solution

Check status: sudo systemctl status haproxy

Result:

fedora haproxy[5032]: [WARNING] 300/030602 (5032) : Server webservers/localhost is DOWN, reason: Layer4 connection problem, >info: "General socket error (Permission denied)"> Oct 28 03:06:02 fedora haproxy[5032]: [ALERT] 300/030602 (5032) : backend 'webservers' has no server available!

Fix:

Step 1. run getsebool haproxy_connect_any (checking if HAProxy is able to access port).

Result might be Off

Step 2. run setsebool -P haproxy_connect_any 1

Step 3. Check Status:

Result:

Oct 28 03:07:26 fedora haproxy[5032]: [WARNING] 300/030726 (5032) : Server webservers/localhost is UP, reason: Layer4 check passed, check duration: 0ms. 1 active and 0 backup servers online

Now run the localhost in host browser. This would run fine as the status shown

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment