Load Balancer mis-configuration, build 0.47, agent-instance 0.6.0, agent 0.8.2

gesrat · November 30, 2015, 8:29pm

I have a docker compose file with the following LB config

`vms-portal:
ports:

80:80
801:80
802:80
restart: always
external_links:
vms-backend/gateway:gateway
vms-backend/console:console
vms-backend/idm:idm
labels:
io.rancher.loadbalancer.target.vms-backend/console: 80=80
io.rancher.loadbalancer.target.vms-backend/idm: 801=49001
io.rancher.loadbalancer.target.vms-backend/gateway: 802=49000
io.rancher.scheduler.global: 'true’
tty: true
image: rancher/load-balancer-service
stdin_open: true
`
My intent is to use inbound port to route onto a different back end service - I cant use sub-domain, and Rancher LB doesnt support URL path mapping. It almost works, the Haproxy config contains 3 ‘frontends’ and three backends, however each backend contains routes for all the hosts - see below - and I need to modify the haproxy.cfg to get it to work - again see below. Basically it includes all ports in all backends which was not my intent.

PS - What is the purpose of the 'load_balancer_config' entry in the LB rancher-compose file ?

Original Config

global
	log 127.0.0.1 local0
    	log 127.0.0.1 local1 notice
        maxconn 4096
        maxpipes 1024
	chroot /var/lib/haproxy
	user haproxy
	group haproxy
	daemon

defaults
	log	global
	mode	tcp
	option	tcplog
        option  dontlognull
        option  redispatch
        option http-server-close
        option forwardfor
        retries 3
        timeout connect 5000
        timeout client 50000
        timeout server 50000
	errorfile 400 /etc/haproxy/errors/400.http
	errorfile 403 /etc/haproxy/errors/403.http
	errorfile 408 /etc/haproxy/errors/408.http
	errorfile 500 /etc/haproxy/errors/500.http
	errorfile 502 /etc/haproxy/errors/502.http
	errorfile 503 /etc/haproxy/errors/503.http
	errorfile 504 /etc/haproxy/errors/504.http

frontend 64fa4c77-f37d-47a7-8d3c-9d83dfee2b2a_frontend
        bind 10.42.101.210:801
        mode http

    	default_backend 64fa4c77-f37d-47a7-8d3c-9d83dfee2b2a_1_backend

backend 64fa4c77-f37d-47a7-8d3c-9d83dfee2b2a_1_backend
        mode http
        balance roundrobin
        server 42846e88-4e48-4cfa-b088-5fbce8c9696a 10.42.237.59:80
        server c8951b1c-a5df-4c08-b6cb-a498f460c9f0 10.42.0.188:49001
        server 6aa3b2fa-ae2d-4fb8-95b7-0bc743627ed3 10.42.115.248:80
        
frontend 7d50c1f0-b21e-4058-9a16-f4d512457289_frontend
        bind 10.42.101.210:802
        mode http

    	default_backend 7d50c1f0-b21e-4058-9a16-f4d512457289_2_backend

backend 7d50c1f0-b21e-4058-9a16-f4d512457289_2_backend
        mode http
        balance roundrobin
        server 42846e88-4e48-4cfa-b088-5fbce8c9696a 10.42.237.59:80
        server c8951b1c-a5df-4c08-b6cb-a498f460c9f0 10.42.0.188:80
        server 6aa3b2fa-ae2d-4fb8-95b7-0bc743627ed3 10.42.115.248:49000
        
frontend 13d06aea-e46f-4a38-a28d-ea26210ab284_frontend
        bind 10.42.101.210:80
        mode http

    	default_backend 13d06aea-e46f-4a38-a28d-ea26210ab284_0_backend

backend 13d06aea-e46f-4a38-a28d-ea26210ab284_0_backend
        mode http
        balance roundrobin
        server 42846e88-4e48-4cfa-b088-5fbce8c9696a 10.42.237.59:80
        server c8951b1c-a5df-4c08-b6cb-a498f460c9f0 10.42.0.188:80
        server 6aa3b2fa-ae2d-4fb8-95b7-0bc743627ed3 10.42.115.248:80
        

listen default 0.0.0.0:42

Modified Config - note deleted entries from backends

global
	log 127.0.0.1 local0
    	log 127.0.0.1 local1 notice
        maxconn 4096
        maxpipes 1024
	chroot /var/lib/haproxy
	user haproxy
	group haproxy
	daemon

defaults
	log	global
	mode	tcp
	option	tcplog
        option  dontlognull
        option  redispatch
        option http-server-close
        option forwardfor
        retries 3
        timeout connect 5000
        timeout client 50000
        timeout server 50000
	errorfile 400 /etc/haproxy/errors/400.http
	errorfile 403 /etc/haproxy/errors/403.http
	errorfile 408 /etc/haproxy/errors/408.http
	errorfile 500 /etc/haproxy/errors/500.http
	errorfile 502 /etc/haproxy/errors/502.http
	errorfile 503 /etc/haproxy/errors/503.http
	errorfile 504 /etc/haproxy/errors/504.http

frontend 70c52fd3-d690-4d9f-a528-f89308303728_frontend
        bind 10.42.186.58:801
        mode http

    	default_backend 70c52fd3-d690-4d9f-a528-f89308303728_1_backend

backend 70c52fd3-d690-4d9f-a528-f89308303728_1_backend
        mode http
        balance roundrobin
        server c8951b1c-a5df-4c08-b6cb-a498f460c9f0 10.42.0.188:49001
        
frontend e56f622b-7610-4221-8b3c-9e81ac355293_frontend
        bind 10.42.186.58:802
        mode http

    	default_backend e56f622b-7610-4221-8b3c-9e81ac355293_2_backend

backend e56f622b-7610-4221-8b3c-9e81ac355293_2_backend
        mode http
        balance roundrobin
        server 6aa3b2fa-ae2d-4fb8-95b7-0bc743627ed3 10.42.115.248:49000
        
frontend 2e9631ff-4e62-4883-8cfb-e432dbb85927_frontend
        bind 10.42.186.58:80
        mode http

    	default_backend 2e9631ff-4e62-4883-8cfb-e432dbb85927_0_backend

backend 2e9631ff-4e62-4883-8cfb-e432dbb85927_0_backend
        mode http
        balance roundrobin
        server 42846e88-4e48-4cfa-b088-5fbce8c9696a 10.42.237.59:80
        

listen default 0.0.0.0:42

denise · December 3, 2015, 8:57pm

In the load_balancer_config, we store cookie policies (if enabled).

As for what you are attempting to do, whenever you create a listener port in the ports section, it will create all ports in all backends (As you have seen).

To get around to isolate that you want specific routes, you can create some bogus routing rules which will cause the traffic to be routed as you would like.

labels:
  # How you want the traffic to be sent
  io.rancher.loadbalancer.target.vms-backend/console: 80=80
  io.rancher.loadbalancer.target.vms-backend/idm: 801=49001
  io.rancher.loadbalancer.target.vms-backend/gateway: 802=49000
  # How to force it so that traffic for services at another hostname 
  io.rancher.loadbalancer.target.vms-backend/console: foo:801
  io.rancher.loadbalancer.target.vms-backend/console: foo:802
  io.rancher.loadbalancer.target.vms-backend/idm: foo:80
  io.rancher.loadbalancer.target.vms-backend/idm: foo:802    
  io.rancher.loadbalancer.target.vms-backend/gateway: foo:80
  io.rancher.loadbalancer.target.vms-backend/gateway: foo:801

Topic		Replies	Views
Load balancer issues	3	1834	August 8, 2017
Load balancer Target services with unhealthy backend Rancher 1.x	8	2693	March 14, 2016
Load balancer Randomize port issue Rancher 1.x	2	1013	December 13, 2016
Another load balancing issue Rancher 1.x	2	901	February 4, 2017
Load Balancer - Port Redirection Rancher 1.x	0	679	February 27, 2018

Load Balancer mis-configuration, build 0.47, agent-instance 0.6.0, agent 0.8.2

Related topics