Haproxy configuration with Confluence

Hi, Wondering if anyone might be able to help out there we are running a test server and not able to get Synchrony working properly.  If I turn off Synchrony it works.

 

https://website.com:10443

this get redirected and gets passed to the server on 443 

 

server.xml 

<Server port="8000" shutdown="SHUTDOWN" debug="0">
<Service name="Tomcat-Standalone">
<Connector port="8090" connectionTimeout="20000" redirectPort="8443"
maxThreads="48" minSpareThreads="10"
enableLookups="false" acceptCount="10" debug="0" URIEncoding="UTF-8"
protocol="org.apache.coyote.http11.Http11NioProtocol"
proxyName="website" proxyPort="10443" scheme="https"/>

<Engine name="Standalone" defaultHost="localhost" debug="0">

<Host name="localhost" debug="0" appBase="webapps" unpackWARs="true" autoDeploy="false" startStopThreads="4">
<Context path="" docBase="../confluence" debug="0" reloadable="false">
<!-- Logger is deprecated in Tomcat 5.5. Logging configuration for Confluence is specified in confluence/WEB-INF/classes/log4j.properties -->
<Manager pathname="" />
<Valve className="org.apache.catalina.valves.StuckThreadDetectionValve" threshold="60" />
<!-- <Valve className="org.apache.catalina.valves.RemoteIpValve"
internalProxies="127.0.0.1"
remoteIpHeader="x-forwarded-for"
remoteIpProxiesHeader="x-forwarded-by"
protocolHeader="x-forwarded-proto"/> -->
</Context>

</Host>

</Engine>
</Service>
</Server>

 

haproxy.cfg

 

defaults

log global
mode http
option httplog
option dontlognull
retries 3
option redispatch
option http-server-close
option forwardfor
timeout connect 5000
timeout client 10000
timeout server 10000
default-server inter 3s rise 2 fall 3

 


##---------------------------------------------------------------------
# main frontend which proxys to the backends
#---------------------------------------------------------------------
frontend website.com
bind *:80
bind *:443 ssl crt /etc/haproxy/certs/website.com
mode http
# option socket-stats
reqadd X-Forwarded-Proto:\ https
reqadd X-Forwarded-Port:\ 443
acl is_synchrony path_beg /synchrony
use_backend synchrony if is_synchrony

# redirect prefix https://website.com code 301 if { hdr(host) -i confluence }
use_backend confluence #if { hdr_beg(host) -i confluence }

#---------------------------------------------------------------------
# static backend for serving up images, stylesheets and such
#---------------------------------------------------------------------
backend confluence
mode http
#redirect scheme https code 301 if !{ ssl_fc }
#option httpchk OPTIONS * HTTP/1.1\r\nHost:\ website.com
server localhost 127.0.0.1:8090 check


backend synchrony
mode http
option forwardfor
server localhost 127.0.0.1:8091 check

 

 

Any help would be great!

 

1 answer

We have the following setup working:

In DNS JIRA, Confluence etc points to a virtual IP.

Keepalived is runnning on two servers with that virtual IP.

Haproxy is running on port 80/443 listening on all interfaces, including the virtual IP.

Nginx is also running the same server at port 4443. Nginx is used as a reverse proxy for the atlassian applications.

Haproxy forwards requests to nginx which proxies JIRA, Confluence etc.

SO:

Virtual IP floats between two servers, if one goes does or is taken down, the IP is moved to the other server within 1-2 seconds. Haproxy forwards request to both servers (if both is up and running)

 

This gives load balance and fault tolerance. 

Have you considered adding a proxy server to your config? Nginx/apache is then used to upgrade connections to http2 which is needed by synchrony

We basically want to get haproxy working with Synchrony if possible and not add in a proxy server at this time. 

Suggest an answer

Log in or Sign up to answer
Community showcase
Posted Oct 24, 2018 in Confluence

Atlassian Research opportunity with Confluence templates

Do you use templates with Confluence? Take part in a remote 1-hr workshop. You'll receive USD $100 for your time!   We're looking for people to participate in a   remote 1-hr workshop...

1,543 views 25 14
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you