I am trying to configure Traefik for a WebSocket app, I just try with a simple WS app on docker: https://hub.docker.com/r/jmalloc/echo-server/
To test it I use Chrome SimpleWebSocketClient, so if I use the IP:Port of the app it works fine. If I add the Traefik DNS it fails, I just try with other WS server and clients and fails too, so it would be something of Traefik.
I just try with Traefik versions:
-v1.3.0/raclette
-v1.2.3/morbier
Those are my Traefik rules:
[backends.ws-test-backend]
[backends.ws-test-backend.LoadBalancer]
method = "drr"
[backends.ws-test-backend.servers.server1]
url = "ws://172.16.8.231:3000"
[frontends.ws-test-frontend]
backend = "ws-test-backend"
passHostHeader = true
entrypoints = ["http","https","ws", "wss"]
[frontends.ws-test-frontend.routes.manager]
rule = "Host:ws-test.ikcloud.ikerlan.es"
What could it be wrong?
Any recommended reverse proxy for doing this?
You need to enable sticky session for your ws connections, otherwise it will be reconnecting all the time.
[backends]
[backends.backend1]
# Enable sticky session
[backends.backend1.loadbalancer.stickiness]
Related
I have 3 spring boot applications, each running on a different port. Can someone guide me how to set up Ha Proxy to demonstarte load balancing between the 3 applications (can make multiple instances). Is there any feature in spring boot which integrates Ha Proxy? What are the thing that I have to change in the config file of Ha Proxy?
Actually, there are several ways one can achieve this. But, I don't think there is anything in spring boot to integrate with HAProxy, because they two are different processes and they two work independently and nothing linked to each other as you might know what spring boot does. And HAProxy is a load balancer, and also a proxy server for TCP and HTTP process that are distributed across multiple servers.
That explains the first part of your question.
Now actually, how can you achieve this is entirely based on how you want to set this up.
Run individual applications as service like you did, and route traffic to each of them based on url.
Another deploying the individual applications on a single tomcat and taking the help of context path in your application properties you can route traffic from outside world to tomcat while tomcat takes care of everything.
And there might be other ways to do this, someone can add in the future to this answer. But either way you need to use a proxy server to do this, it could be either HAProxy, Nginx, or anything that fits the purpose.
So, taking your approach let's assume you are running your applications on port 8081, 8082, 8083. Your HAProxy setting should look something like this.
frontend www_http
mode http
bind *:80
bind *:443 ssl crt /etc/ssl/certs/mycompany.pem
# passing on that browser is using https
reqadd X-Forwarded-Proto:\ https
# for Clickjacking
rspadd X-Frame-Options:\ SAMEORIGIN
# prevent browser from using non-secure
rspadd Strict-Transport-Security:\ max-age=15768000
redirect scheme https code 301 if !{ ssl_fc }
stats enable
stats refresh 30s
stats show-node
stats realm Haproxy\ Statistics
stats uri /haproxy?stats
acl app1 hdr(host) -i app1.mycompany.com
acl app2 hdr(host) -i app2.mycompany.com
acl app3 hdr(host) -i app3.mycompany.com
# Just incase if you are using path instead of subdomain. But it's commented.
# acl app1 url_beg /app1
# acl app2 url_beg /app2
# acl app3 url_beg /app3
use_backend app_1_backend if app1
use_backend app_2_backend if app2
use_backend app_3_backend if app3
# backend for app 1
backend app_1_backend
timeout client 300000
timeout server 300000
redirect scheme https if !{ ssl_fc }
server app-1 127.0.0.1:8081 check
http-response set-header X-TS-Server-ID %s
# backend for app 2
backend app_2_backend
timeout client 300000
timeout server 300000
redirect scheme https if !{ ssl_fc }
server app-2 127.0.0.1:8082 check
http-response set-header X-TS-Server-ID %s
# backend for app 3
backend app_3_backend
timeout client 300000
timeout server 300000
redirect scheme https if !{ ssl_fc }
server app-3 127.0.0.1:8083 check
http-response set-header X-TS-Server-ID %s
This is some basic setup, but you can add your options and change everything as you like.
Hope this helps.
I'm running a micronaut microservice on a Win 7.
My GET Request looks like : http://localhost:8080/maps/myreq.
The controller use a httpclient to send request to an external webseite : image.maps.api.here.com
When running without proxy, all went fine and the response is ok (an image).
But when running behind the proxy, connection timed out. Proxy works fine for any other applications or browser.
How to set micronaut server behind proxy to properly root requests?
edit : when sending a request, the netty server respond with an error : unable to connect to image.maps.api.here.com:xx.xx.xx.xx:xxxx where xx.xx.xx.xx:xxxx is the proxy
How to set micronaut server behind proxy to properly root requests?
You can set the https.proxyHost, https.proxyPort, http.proxyUser and http.proxyPassword system properties. A common place to do that is in the MN_OPTS environment variable. For example, you could set MN_OPTS to have a value like "-Dhttps.proxyHost=127.0.0.1 -Dhttps.proxyPort=3128 -Dhttp.proxyUser=test -Dhttp.proxyPassword=test".
See https://docs.micronaut.io/1.1.0/guide/index.html#proxy for more info.
I hope that helps.
I fixed the problem with settings the proxy for the CLI but also by setting the proxy in the application.yml like here :
https://github.com/micronaut-projects/micronaut-core/issues/1611
There is a load balancer in between the user and the CAS. The load balancer will check allow the SSL certificate. But from the load balancer to the CAS the connection will be HTTP.
How to configure cas in a way so that it listen to HTTP?
I have tried this in my cas.properties but didn't solve my problem:
cas.server.httpProxy.enabled=true
cas.server.httpProxy.secure=false ## changed from True
cas.server.httpProxy.protocol=AJP/1.3
cas.server.httpProxy.scheme=http ## changed to http
cas.server.httpProxy.redirectPort=8080
cas.server.httpProxy.proxyPort=8080
cas.server.httpProxy.attributes.attributeName=attributeValue
I do have the warning:
"Non-secure Connection You are currently accessing CAS over a non-secure connection. Single Sign On WILL NOT WORK. In order to have single sign on work, you MUST log in over HTTPS." but the warning still remains.
https://apereo.github.io/cas/5.2.x/installation/Configuration-Properties.html#http-proxying
Try adding
cas.server.http.port=8080
cas.server.http.protocol=org.apache.coyote.http11.Http11NioProtocol
cas.server.http.enabled=true
I developed a simple application, calls currency converter webservice from www.webservicex.net. and deployed it on GenyMotion AndroVM.
But I am getting below error,
"Cannot connect to www.webservicex.net on port 80:
java.net.ConnectException: Connection timed out"
We have proxy and I defined proxy settings as well. I am able to access internet using browser inside AndroVM.
Please help
In Android, the system's proxy settings is not applied to all Http requests you made inside your app. It is applied natively inside the browser only that's the reason why you can use it.
Each application has to handle it "manually".
My first and quick advise is to use OkHttp as Http client because it handles it for you.
Or you can get the values manually and configure yourself your requests like this (gathered from here):
String host = System.getProperty("http.proxyHost");
String port = System.getProperty("http.proxyPort");
DefaultHttpClient httpclient = new DefaultHttpClient();
HttpHost proxy = new HttpHost(host, Integer.parseInt(port));
httpclient.getParams().setParameter(ConnRoutePNames.DEFAULT_PROXY, proxy);
I have the app running and it doesn't find socket.io and gives me 404.
this is the client:
<script src="http://game-test-1.herokuapp.com/socket.io/socket.io.js"></script>
<script>var socket = io.connect('http://game-test-1.herokuapp.com');</script>
and this is the server:
var express = require('express'),
routes = require('./routes'),
user = require('./routes/user'),
http = require('http'),
path = require('path'),
express = require("express"),
app = express(),
server = http.createServer(app),
io = require('socket.io').listen(server);
server.listen(80);
I tried changing the ports and doing http://game-test-1.herokuapp.com:81/... but that gave me an error
How do I link socket.io correctly?
Heroku requires that your application listens on a port of Heroku's choosing. Heroku will tell your application this port when it launches your application, via the PORT environment variable. If you listen on any other port, Heroku will ignore it and will terminate your application after 60 seconds.
Your users' browsers will still use ports 80 for HTTP traffic and 443 for HTTPS traffic. Heroku's routing layer, which is in-between the user's browser and your application, will send the HTTP traffic through to your application at the port Heroku designated for your application.
Heroku Dev Center has a guide on using socket.io on Heroku. In particular, you'll need this bit of config:
// assuming io is the Socket.IO server object
io.configure(function () {
io.set("transports", ["xhr-polling"]);
io.set("polling duration", 10);
});
This is because Heroku does not support Websockets at this time (to the best of my knowledge) In order to use socket.io you need to force it to fallback to an xhr long-polling approach.