1

I am trying to set up an active-active cluster with swarm and haproxy. I am struggling with the peers definition as it takes hostname and IP address into account. With swarm this can be a bit tricky.

I want to use mode host for the ports on the proxy so that I can rout traffic with DNS and tcp roundrobin to the proxy nodes.

 proxy:
    image: "saps-proxy:5"
    hostname: '{{.Node.Hostname}}'
    dns: 127.0.0.11
    ports:
      - target: 80
        published: 80
        protocol: tcp
        mode: host
      - target: 443
        published: 443
        protocol: tcp
        mode: host
      - target: 1024
        mode: host
        protocol: tcp
    deploy:
      mode: global
      placement: { constraints: ["node.labels.type == proxy"] }
      resources: { limits: { memory: 2G } }

In the haproxy.cfg I am defining a peers section.

peers layer7-loadbalancer
    bind *:1024
    server hostname1.bloom.com
    server hostname2.bloom.com 10.128.0.2:1024  # (ip of real host)

This seems to work for the local peer. But I think it's actually using the container IP. I can also not really spawn replicas from this.

So I try another syntax. When written like this HAProxy will bind IP:port from the peer name that is matching the hostname.

peers layer7-loadbalancer
    peer hostname1.bloom.com 10.128.0.1:1024  # (ip of real host)
    peer hostname2.bloom.com 10.128.0.2:1024  # (ip of real host)

I get an error though.

Starting proxy hostname1.bloom.com: 
cannot bind socket (Cannot assign requested address) [10.128.0.1:1024]

This makes sense because the container IP is actually not the host IP. That is why this address cannot be bound from inside the container.

At this point, I am not really sure how to solve this.

The Fool
  • 117
  • 1
  • 9
  • Did you manage to find a solution for this? Or this is not workable in docker? – Someone Special Dec 31 '21 at 04:31
  • No, back in the day, I didn't solve this. I have stopped using swarm and switched to k8s. – The Fool Jan 01 '22 at 11:28
  • Then are you still using this setup in k8 ? does it work? – Someone Special Jan 02 '22 at 00:28
  • In kubernetes you have ingress controller. There are also 2 haproxy ones that have the problem already solved. – The Fool Jan 02 '22 at 09:01
  • I am facing a very similar problem... I am still a bit unsure if I should switch to k8s. Could you reuse your existing Docker stacks easily or was it a bigger deal to move to k8s from an existing swarm? @TheFool – tamasgal Feb 07 '22 at 12:02
  • @tamasgal, it's not too hard to migrate IMO. Youll need to learn kubernetes though. There are even projects to take compose files and convert them to kubernetes yaml. I havent tried to use it yet.https://github.com/kubernetes/kompose. IMO, kubernetes is much better than swarm. Its more complicated but you get alot out of it. – The Fool Feb 07 '22 at 12:18

1 Answers1

0

You have enabled dns (dns: 127.0.0.11), so use the service name instead of the ip address in the peer line.

Welt Fahr
  • 101