Unable to configure ELB for v1.2 HA server

Having issues configuring an AWS ELB for use with the v1.2 HA deployment.
The docs indicate to expose port 8080 on the rancher/server container, so I’ve tried configuring the ELB for HTTPS/HTTP (443/8080) which appears to work as long as ProxyProtocol is not enable enabled for the ELB, but then my agents won’t connect. If I enable ProxyProtocol, then the agents connect but I can’t get to the web page for Rancher server (it returns 400 Bad Request).
Furthermore, the section on “Basic SSL Configuration” retains the previous configurations of using ports 80/81 and 443/444 for the server when using an ELB.

It appears there is a serious misalignment of the docs for v1.2 when it comes to deploying in a HA setup.

You want the newer ALB (Application Load Balancer) for 1.2, It supports WebSockets properly so you don’t need TCP listeners and PROXY protocol and all that shenanigans.

@denise docs need updating --^

Thanks vincent. That appears to have worked.

I see the Install Docs are updated to include a bit about using a ALB, however in trying to set one up I’ve been unsuccessful.

We have the additional requirement that all HTTP requests are re-directed to HTTPS, so everything is always over SSL. In the past we set this up by running a NGINX container withs upport for PROXY protocol (see GitHub - Demandbase/docker-nginx-https-redirect: A simple nginx container that redirects all http requests to https) and it worked well with an ELB.

Is there a guide on setting up Rancher to use an ALB in AWS? We have a ALB setup with a Target Group pointing to 8080 on the Rancher master server, with a health check of 8080:/, but it never comes into service.

I also like to figure out how to use a HTTP 301 re-direct with an ALB, but that’s not really a Rancher issue.

Using /v1/token or /v2-beta/token as the health check path works for a AWS ALB.