Hi, Wondering if anyone might be able to help out there we are running a test server and not able to get Synchrony working properly. If I turn off Synchrony it works.
this get redirected and gets passed to the server on 443
server.xml
<Server port="8000" shutdown="SHUTDOWN" debug="0">
<Service name="Tomcat-Standalone">
<Connector port="8090" connectionTimeout="20000" redirectPort="8443"
maxThreads="48" minSpareThreads="10"
enableLookups="false" acceptCount="10" debug="0" URIEncoding="UTF-8"
protocol="org.apache.coyote.http11.Http11NioProtocol"
proxyName="website" proxyPort="10443" scheme="https"/>
<Engine name="Standalone" defaultHost="localhost" debug="0">
<Host name="localhost" debug="0" appBase="webapps" unpackWARs="true" autoDeploy="false" startStopThreads="4">
<Context path="" docBase="../confluence" debug="0" reloadable="false">
<!-- Logger is deprecated in Tomcat 5.5. Logging configuration for Confluence is specified in confluence/WEB-INF/classes/log4j.properties -->
<Manager pathname="" />
<Valve className="org.apache.catalina.valves.StuckThreadDetectionValve" threshold="60" />
<!-- <Valve className="org.apache.catalina.valves.RemoteIpValve"
internalProxies="127.0.0.1"
remoteIpHeader="x-forwarded-for"
remoteIpProxiesHeader="x-forwarded-by"
protocolHeader="x-forwarded-proto"/> -->
</Context>
</Host>
</Engine>
</Service>
</Server>
haproxy.cfg
defaults
log global
mode http
option httplog
option dontlognull
retries 3
option redispatch
option http-server-close
option forwardfor
timeout connect 5000
timeout client 10000
timeout server 10000
default-server inter 3s rise 2 fall 3
##---------------------------------------------------------------------
# main frontend which proxys to the backends
#---------------------------------------------------------------------
frontend website.com
bind *:80
bind *:443 ssl crt /etc/haproxy/certs/website.com
mode http
# option socket-stats
reqadd X-Forwarded-Proto:\ https
reqadd X-Forwarded-Port:\ 443
acl is_synchrony path_beg /synchrony
use_backend synchrony if is_synchrony
# redirect prefix https://website.com code 301 if { hdr(host) -i confluence }
use_backend confluence #if { hdr_beg(host) -i confluence }
#---------------------------------------------------------------------
# static backend for serving up images, stylesheets and such
#---------------------------------------------------------------------
backend confluence
mode http
#redirect scheme https code 301 if !{ ssl_fc }
#option httpchk OPTIONS * HTTP/1.1\r\nHost:\ website.com
server localhost 127.0.0.1:8090 check
backend synchrony
mode http
option forwardfor
server localhost 127.0.0.1:8091 check
Any help would be great!
We have the following setup working:
In DNS JIRA, Confluence etc points to a virtual IP.
Keepalived is runnning on two servers with that virtual IP.
Haproxy is running on port 80/443 listening on all interfaces, including the virtual IP.
Nginx is also running the same server at port 4443. Nginx is used as a reverse proxy for the atlassian applications.
Haproxy forwards requests to nginx which proxies JIRA, Confluence etc.
SO:
Virtual IP floats between two servers, if one goes does or is taken down, the IP is moved to the other server within 1-2 seconds. Haproxy forwards request to both servers (if both is up and running)
This gives load balance and fault tolerance.
Have you considered adding a proxy server to your config? Nginx/apache is then used to upgrade connections to http2 which is needed by synchrony
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.