Skip to main content

Fronting WSO2 AS worker/manager cluster with HAProxy

This blog describes how to configure HAProxy as a load balancer with WSO2 Application Server cluster

HAProxy 1.5
WSO2 Application Server 5.2.1

Setup WSO2 AS Cluster




This cluster consist of 3 WSO2 Application Server instances, as 3 worker nodes and 1 manager node, where 1 node work as both worker and manager. HAProxy performs load balancing with this cluster by distributing incoming requests to the worker nodes via HTTP/S on port 80/443.

All admin requests can be sent to the manager node directly via HTTPs on port 9444 or through the HAProxy via 443 port depending on how we configure the manager node.

Click here to see how to setup WSO2 Application Server cluster

Setup HAProxy load balancer


* Install HAProxy
$ sudo add-apt-repository ppa:vbernat/haproxy-1.5
$ sudo apt-get update
$ sudo apt-get install haproxy

Need version 1.5 since native SSL support was implemented in 1.5

* Set ENABLED to 1 if you want the init script to start haproxy

$sudo vi /etc/default/haproxy

* Edit the /etc/haproxy/haproxy.cfg file and add the following

# load balancing among the worker nodes - HTTP
frontend ft_wrk
      bind as.wso2.com:80
      default_backend bk_wrk

backend bk_wrk
      balance roundrobin
    server node1 as.wso2.com:9764
      server node2 as.wso2.com:9765
      server node3 as.wso2.com:9766

# load balancing among the worker nodes - HTTPS
# access the management console via HTTPS
frontend https-in
      bind *:443 ssl crt /etc/haproxy/ssl/haproxy.pem
      acl is_mgt hdr_beg(host) -m beg mgt.as.wso2.com
      acl is_wrk hdr_beg(host) -m beg as.wso2.com

      use_backend mgt_as_wso2_com if is_mgt
      use_backend as_wso2_com if is_wrk
      default_backend as_wso2_com

backend as_wso2_com
      balance roundrobin
      server node1 as.wso2.com:9444 check ssl
      server node2 as.wso2.com:9445 check ssl
      server node3 as.wso2.com:9446 check ssl

backend mgt_as_wso2_com
      server server1 mgt.as.wso2.com:9444 check ssl

NOTE: load balancer can receive HTTPS requests via 443 port either to management console https://mgt.as.wso2.com/carbon or worker nodes https://as.wso2.com/
frontend https-in block handles HTTPS requests come to the load balancer via 443 port,
bind *:443 ssl crt /etc/haproxy/ssl/haproxy.pem provide valid certificate to HAProxy.

acl is_mgt hdr_beg(host) -m beg mgt.as.wso2.com
acl is_wrk hdr_beg(host) -m beg as.wso2.com
acl properties filter manager and worker requests

Server verification is enabled by default in HAProxy, so need to specify the ca-file as follows
server node1 as.wso2.com:9444 check ssl ca-file /ca-file/path

To disable the server verifications need to specify ssl verify none as follows or specify ssl-server-verify none in global section
server node1 as.wso2.com:9444 check ssl verify none

* Mapping the host names to the IP
Update the “/etc/hosts” file

<IP-of-worker>    as.wso2.com
<IP-of-manager>    mgt.as.wso2.com


* Restart the HAProxy

$sudo  /etc/init.d/haproxy restart
Labels:

Comments

Post a Comment

Popular posts from this blog

How to generate random unique number in SOAP UI request

eg 1: ${=System.currentTimeMillis() + ((int)(Math.random()*10000))} eg 2: ${=java.util.UUID.randomUUID()} ${=java.util.UUID.randomUUID()} ${=System.currentTimeMillis() + ((int)(Math.random()*10000))} - See more at: http://tryitnw.blogspot.com/2014/03/generating-random-unique-number-in-soap.html#sthash.m2S4tUFu.dpuf ${=System.currentTimeMillis() + ((int)(Math.random()*10000))} - See more at: http://tryitnw.blogspot.com/2014/03/generating-random-unique-number-in-soap.html#sthash.m2S4tUFu.dpuf ${=System.currentTimeMillis() + ((int)(Math.random()*10000))} - See more at: http://tryitnw.blogspot.com/2014/03/generating-random-unique-number-in-soap.html#sthash.m2S4tUFu.dpuf
Post a Comment
Read more

Tips on using environment variables in WSO2 Integration Cloud

Environment variables allow you to change an application's internal configuration without changing its source code. Let’s say you want to deploy the same application in development, testing  and production environments. Then database related configs and some other internal configurations may change from one environment to another. If we can define these configurations as an environment variables we can easily set those without changing the source code of that application. When you deploy your application in WSO2 Integration Cloud, it lets you define environment variables via the UI. Whenever you change the values of environment variables, you just need to redeploy the application for the changes to take effect. Predefined environment variables Key Concepts - Environment Variables   provides you some predefined set of environment variables which will be useful when deploying applications in WSO2 Integration Cloud. Sample on how to use environment variables ...
Post a Comment
Read more

Send email via WSO2 ESB with several attachments

WSO2 ESB Mail transport allows you to send a email only with 1 attachment. If you want to send number of attachments here's the solution. Scenario: Here I want to extract some content from the input message and attach to the email as two different attachment. Solution:  You can achieve this requirement using Gmail connector. Steps:  Add the Gmail connector to the ESB and enable it. You can download the esb connector here https://storepreview.wso2.com/store/assets/esbconnector/a1fba975-89fb-4bb0-a1b9-9f9d061fb31c Add it to the ESB and enable it https://docs.wso2.com/display/ESB481/Managing+Connectors+in+Your+ESB+Instance Gmail connector documentation https://docs.wso2.com/display/ESBCONNECTORS/Gmail+Connector Setup the scenario: split the input message and send it with an email using two different attachments. Input message I used <email>         <username>sender@gmail.com<...
2 comments
Read more