1

I came across the following statement in course LinuxFoundationX (LFS132x) Introduction to Cloud Foundry and Cloud Native Software Architecture.

Staging, testing, and development environments do not use a hardware device(for load balancing). Instead, they will use a software tool known as HAProxy to simulate the capabilities in software that the hardware device provides. Regardless of the environment, the load balancer is the entry point to the Cloud Foundry network.

However I did not find details with respect to the HAProxy settings in the context of Cloud foundry. I have following questions

  1. HAProxy comes with Cloud foundry. Based on the above text It looks like every cloud foundry app which I push is behind HAProxy. Is my understanding correct ?

  2. If I need to check the existence of HAProxy in the context of an HelloWorld type app which I have deployed on CF, where can I find them ?

I am using SAP Cloud Platform as the CF provider.

Any pointer would be very helpful .

Regards Atanu

Atanu Mallik
  • 31
  • 1
  • 1
  • 2

1 Answers1

1

There are a number of dependencies that can impact what is deployed & how it's deployed so I can't totally answer your question.

However I did not find details with respect to the HAProxy settings in the context of Cloud foundry.

I suspect the statement you found is probably referring to the OSS method of deploying Cloud Foundry called cf-deployment. You can configure this deployment method to use a number of different load balancers and typically would use your IaaS specific load balancer or a load balancer like an F5. Many people use this in all environments. Using HAproxy is also a viable alternative, and you can configure cf-deployment to use HAproxy if that makes sense for your situation.

The HAProxy configuration is based on the HAProxy Bosh release. You can see more about how HAproxy gets deployed in that release.

HAProxy comes with Cloud foundry. Based on the above text It looks like every cloud foundry app which I push is behind HAProxy. Is my understanding correct ?

Yes. The path of HTTP/HTTPS traffic looks like this:

Browser -> HAproxy -> Gorouter -> Your Apps

Traffic to your apps will always go through one of your load balancer instances and one of your Gorouter instance (typically there are multiples of both).

If I need to check the existence of HAProxy in the context of an HelloWorld type app which I have deployed on CF, where can I find them ?

I don't know that there is a way that you as an application developer could determine what type of load balancer is being used, unless that load balancer is leaving a signature, perhaps in a header (which is not typically done for security reasons).

That said, from the application developer's perspective, you don't really need to know that HAproxy is being used. There's nothing in its configuration that's really applicable to an application.

What you do need to keep in mind is that your application is behind a reverse proxy and thus, you need to check the x-forwarded-for and x-forwarded-proto headers to correctly retrieve the remote client & if the remote client used TLS. Many web frameworks have configuration settings to support this mode of operation, check the docs for your framework.

I am using SAP Cloud Platform as the CF provider.

If you have questions about the specific configuration in your environment, you would need to talk with the Operations team managing your Cloud Foundry environment. They would know specifically what load balancers are being used and how those are configured.

halfer
  • 19,824
  • 17
  • 99
  • 186
Daniel Mikusa
  • 13,716
  • 1
  • 22
  • 28