Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Next challenges

Recent achievements

  • Global
  • Personal

Recognition

  • Give kudos
  • Received
  • Given

Leaderboard

  • Global

Trophy case

Kudos (beta program)

Kudos logo

You've been invited into the Kudos (beta program) private group. Chat with others in the program, or give feedback to Atlassian.

View group

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

HAProxy 1.7 config for JIRA Tomcat fails when applied to Confluence Tomcat (eror 503)

I am running HAProxy 1.7 as a front end reverse proxy against a JIRA 7.5.1 server, and it works without issue.

However, if I take the exact same config and slightly modify it (change the server hostname in the haproxy.cfg for example) for use with my Confluence 6.6.0 server, it fails and HAProxy returns a '503 Server Unavailable' error.   (configurations are included below)

I have made the exact same config modifications to the Connector Port settings for the Confluence Tomcat server, as are in my JIRA Tomcat server, and it fails.   The 503 error is what HAProxy is kicking back, so for some reason it doesn't like how Confluence is serving back the proxy, versus how JIRA does.   Any ideas what might be wrong?

One of the main differences that I see between the way JIRA serves http via Tomcat, versus how Tomcat does is that JIRA's "protocol" setting in Tomcat is "protocol=HTTP/1.1" whereas COnfluence serves it with the setting " protocol="org.apache.coyote.http11.Http11NioProtocol"

Any ideas (relevant config entries below)

------------------------------------------------------
Confluence Tomcat settings:


<Service name="Tomcat-Standalone">
<Connector port="8090"
connectionTimeout="20000"
redirectPort="8443"
maxThreads="48" minSpareThreads="10"
enableLookups="false"
acceptCount="10"
debug="0"
URIEncoding="UTF-8"
protocol="org.apache.coyote.http11.Http11NioProtocol"
secure="true"
scheme="https"
proxyName="<myserver.domain.com>"
proxyPort="443" />
------------------------------------------------------------------------

HAProxy settings:


frontend confluence_http_insecure
bind *:80
redirect scheme https if !{ ssl_fc }

frontend confluence_http_secure
mode http
bind *:443 ssl crt /etc/pki/tls/keystore/<ssl_key>.pem
reqadd X-Forwarded-Proto:\ https
reqadd X_Forwarded-Port:\ 443
default_backend confluence_http_backend

#---------------------------------------------------------------------
# static backend for serving up images, stylesheets and such
# The confluence_http_backend section forwards all requests to
# http://<myhost.domain.com:8090/>.
# It will allow a maximum of 1000 connections to the server.
#---------------------------------------------------------------------
backend confluence_http_backend
mode http
option httplog
option forwardfor
option http-server-close
option httpchk
server <myhost> <myhost.domain.com:8090> maxconn 1000

 

 

2 answers

One additional note,

If I configure HAProxy to do a reverse proxy to the SSL (https) port on my backend server, like so:

#---------------------------------------------------------------------
backend confluence_http_backend
mode http
option httplog
option forwardfor
option http-server-close
option httpchk
server sjc2-conflnce01 <myhost.domain.com:8443> ssl verify none cookie sl maxconn 1000
#--------------------------------------------------------------------

Everything is fine.  It's ONLY when I'm trying to get it to proxy to the non-SSL (http; port 8090) that HAProxy fails, which makes me think this is somehow related to how the 8090 Connector Port configuration in Tomcat is responding to HAProxy http check requests?

Did you ever find a solution to this.

 

I am in your exact same position,  and have been troubleshooting for days, but have reached similar conclusions to yours without much headway.

 

And like you I was able to get Jira to work without any issues.

Suggest an answer

Log in or Sign up to answer
TAGS

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you