Pete French
2019-Jan-15 14:43 UTC
Any suggestions for a layer 3 load ablancer for 12, as relayd doesnt work anymore
On 15/01/2019 10:24, Mark Blackman wrote:>> On 14 Jan 2019, at 18:44, Dave Cottlehuber <dch at skunkwerks.at> wrote: >> haproxy does proper failover and allows custom health checks either via >> URL or real world traffic of external scripts. Traefik has lots of >> container oriented features. >> Dave > > There?s also the very venerable (hence reliable) HTTP proxy/load balancer, Apache Traffic Manager, https://trafficserver.apache.orgThanks for the suggestions - unfortunately both of those (unless I misread them) terminate the TCP connection and make a new one to the backends. I was after something where I can see the original IP address on the socket. Though I could put a procy in front and add the headers I suppse, but thats a biut more work as it involves changing the code. Interested in the apache traffic manager - I hadnt come across that one before, tahnks, -pete.
Matt Garber
2019-Jan-15 14:48 UTC
Any suggestions for a layer 3 load ablancer for 12, as relayd doesnt work anymore
> On Jan 15, 2019, at 9:43 AM, Pete French <petefrench at ingresso.co.uk> wrote: > > Thanks for the suggestions - unfortunately both of those (unless I > misread them) terminate the TCP connection and make a new one to > the backends. I was after something where I can see the original IP > address on the socket. Though I could put a procy in front and add > the headers I suppse, but thats a biut more work as it involves changing > the code. > > Interested in the apache traffic manager - I hadnt come across that > one before, tahnks,Pete, For what it?s worth, HAProxy has the PROXY protocol for exactly the scenario you?re describing; I?ve heard it?s very straightforward and powerful to use, although haven?t had to use it on any of my HAProxy instances which are primarily doing L7. https://www.haproxy.com/blog/preserve-source-ip-address-despite-reverse-proxies/ Thanks, ? Matt Garber
Mark Blackman
2019-Jan-16 15:10 UTC
Any suggestions for a layer 3 load ablancer for 12, as relayd doesnt work anymore
> On 15 Jan 2019, at 14:43, Pete French <petefrench at ingresso.co.uk> wrote: > > > > On 15/01/2019 10:24, Mark Blackman wrote: >>> On 14 Jan 2019, at 18:44, Dave Cottlehuber <dch at skunkwerks.at> wrote: >>> haproxy does proper failover and allows custom health checks either via >>> URL or real world traffic of external scripts. Traefik has lots of >>> container oriented features. >>> Dave >> There?s also the very venerable (hence reliable) HTTP proxy/load balancer, Apache Traffic Manager, https://trafficserver.apache.org > > Thanks for the suggestions - unfortunately both of those (unless I > misread them) terminate the TCP connection and make a new one to > the backends. I was after something where I can see the original IP > address on the socket. Though I could put a procy in front and add > the headers I suppse, but thats a biut more work as it involves changing > the code. > > Interested in the apache traffic manager - I hadnt come across that > one before, tahnks,These days, most ?proper? application designs have a layer in front of the application that handles all of the traffic management considerations and deliberately takes away direct connectivity from the client to the application, inserting the original client IP address into the request headers as just more metadata associated with the request. Things like Zuul, HAProxy, Apache, Nginx, Traffic Manager, Traefik and all the others are meant to handle the nitty gritty of the connection between the client and your application, passing on only trusted,normalised requests to the underlying application.