I am trying to use HAProxy for IPLB to front end my Openshift cluster.
Steps I use after installed and IPforwarding is enabled on host: (Below is just small section example.. but shows issue)
# Edit HA Proxy settings for VIP forwarding on both ns01 and ns02
cp /etc/haproxy/haproxy.cfg /etc/haproxy/haproxy.cfg.orig
vi /etc/haproxy/haproxy.cfg
# Append below to enable VIP with forwarding rule to console and nodes
#####################
#---------------------------------------------------------------------
# Example configuration for a possible web application. See the
# full configuration options online.
#
# http://haproxy.1wt.eu/download/1.4/doc/ ... ration.txt
#
#---------------------------------------------------------------------
#---------------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------
global
# to have these messages end up in /var/log/haproxy.log you will
# need to:
#
# 1) configure syslog to accept network log events. This is done
# by adding the '-r' option to the SYSLOGD_OPTIONS in
# /etc/sysconfig/syslog
#
# 2) configure local2 events to go to the /var/log/haproxy.log
# file. A line like the following can be added to
# /etc/sysconfig/syslog
#
# local2.* /var/log/haproxy.log
#
log 127.0.0.1 local2
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy
daemon
# turn on stats unix socket
stats socket /var/lib/haproxy/stats
#---------------------------------------------------------------------
# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
#---------------------------------------------------------------------
defaults
mode http
log global
option httplog
option dontlognull
option http-server-close
option forwardfor except 127.0.0.0/8
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 3000
#---------------------------------------------------------------------
# main frontend which proxys to the backends
#---------------------------------------------------------------------
frontend main *:5000
acl url_static path_beg -i /static /images /javascript /stylesheets
acl url_static path_end -i .jpg .gif .png .css .js
use_backend static if url_static
default_backend app
#---------------------------------------------------------------------
# static backend for serving up images, stylesheets and such
#---------------------------------------------------------------------
backend static
balance roundrobin
server static 127.0.0.1:4331 check
#---------------------------------------------------------------------
# round robin balancing between the various backends
#---------------------------------------------------------------------
backend app
balance roundrobin
server app1 127.0.0.1:5001 check
server app2 127.0.0.1:5002 check
server app3 127.0.0.1:5003 check
server app4 127.0.0.1:5004 check
# CloudForms Management UI URL
# Added 2019-12-02 for cluster VIP OpenShift console.penguinpages.local.
listen apache-80-osmstr_vip
bind 172.16.100.70:80
mode tcp
balance source
server osmstr01 172.16.100.71:80 check inter 1s
server osmstr02 172.16.100.72:80 check inter 1s
server osmstr03 172.16.100.73:80 check inter 1s
#
listen apache-443-osmstr_vip
bind 172.16.100.70:443
mode tcp
balance source
server osmstr01 172.16.100.71:443 check inter 1s
server osmstr02 172.16.100.72:443 check inter 1s
server osmstr03 172.16.100.73:443 check inter 1s
#
#####################
Issue is that service works.. but with wrong mask
[root@ns01 ~]# ip ad
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9000 qdisc pfifo_fast state UP group default qlen 1000
link/ether 52:54:00:c4:c3:2f brd ff:ff:ff:ff:ff:ff
inet 172.16.100.41/24 brd 172.16.100.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
inet 172.16.100.70/32 scope global eth0
valid_lft forever preferred_lft forever
inet 172.16.100.74/32 scope global eth0
valid_lft forever preferred_lft forever
inet 172.16.100.120/32 scope global eth0
valid_lft forever preferred_lft forever
inet 172.16.100.130/32 scope global eth0
valid_lft forever preferred_lft forever
inet 172.16.100.20/32 scope global eth0
valid_lft forever preferred_lft forever
inet 172.16.100.24/32 scope global eth0
valid_lft forever preferred_lft forever
inet 172.16.100.40/24 brd 172.16.100.255 scope global secondary eth0
valid_lft forever preferred_lft forever
inet6 fe80::5054:ff:fec4:c32f/64 scope link
valid_lft forever preferred_lft forever
I googled around and found no examples. Tried to figure out the HAProxy documentation but nothing about setting mask. I "assumed it would follow the subnet mask of the IP the system uses... but some reason it picked 32 vs what I want 24.
Any ideas on how this is setup?
HA Proxy - Set Subnet Mask
General support questions
- penguinpages
- Posts: 91
- Joined: 2015/07/21 13:58:05
Return to “CentOS 7 - General Support”
Jump to
- CentOS General Purpose
- ↳ CentOS - FAQ & Readme First
- ↳ Announcements
- ↳ CentOS Social
- ↳ User Comments
- ↳ Website Problems
- CentOS 8 / 8-Stream / 9-Stream
- ↳ 8 /8-Stream / 9-Stream - General Support
- ↳ 8 /8-Stream / 9-Stream - Hardware Support
- ↳ 8 /8-Stream / 9-Stream - Networking Support
- ↳ 8 /8-Stream / 9-Stream - Security Support
- CentOS 7
- ↳ CentOS 7 - General Support
- ↳ CentOS 7 - Software Support
- ↳ CentOS 7 - Hardware Support
- ↳ CentOS 7 - Networking Support
- ↳ CentOS 7 - Security Support
- CentOS Legacy Versions
- ↳ CentOS 5
- ↳ CentOS 5 - General Support
- ↳ CentOS 5 - Software Support
- ↳ CentOS 5 - Hardware Support
- ↳ CentOS 5 - Networking Support
- ↳ CentOS 5 - Server Support
- ↳ CentOS 5 - Security Support
- ↳ CentOS 5 - Oracle Installation and Support
- ↳ CentOS 5 - Miscellaneous Questions
- ↳ CentOS 6
- ↳ CentOS 6 - General Support
- ↳ CentOS 6 - Software Support
- ↳ CentOS 6 - Hardware Support
- ↳ CentOS 6 - Networking Support
- ↳ CentOS 6 - Security Support