Configuration question with regards to cookies

From: Randall Svancara <rsvancara#wsu.edu>
Date: Tue, 04 Nov 2008 09:59:08 -0800


Hi,

I am attempting to set up haproxy to accommodate multiple virtual hosting sites in addition to providing load balancing. So in my configuration, i have two domains, dev.cacaogenomedb.org and dev.hortgdr.org. Both of these are development sites that will be using drupal. Further more, all of these sites are located behind a NAT firewall (if that makes any difference).

So here is my layout in a somewhat graphical format.

   Internet

      |
Nat Firewall

      | 

      |                  |                            |
 dev.hortgdr.org     dev.cacaogenomedb.org         HAProxy

So the firewall directs all port 80 traffic to HAProxy. Then HAProxy forwards all requests comming in from port 80 to the appropriate server. In my configuration I am attempting to use cookies set by HAProxy to route http traffic based on the hostname provided by the client (Not sure if this is the best way to do this, would ngix be more appropriate?).

Below is my configuration that I am using:

global 

        log 127.0.0.1   local0
        log 127.0.0.1   local1 notice
        #log loghost    local0 info
        maxconn 4096
        chroot /opt/haproxy
        uid 500
        gid 500
        daemon
defaults
        log     global
        mode    http
        option  httplog
        option  dontlognull
        retries 3
        option redispatch
        maxconn 2000
        contimeout      5000
        clitimeout      50000
        srvtimeout      50000
        balance roundrobin
        option  httpclose
        retries 1
listen frontend 10.0.0.141:80
        option forwardfor
        reqidel ^Cookie:\ backend=
        reqirep ^Host:\ dev.cacaogenomedb.org \0\nCookie:\ backend=2
        reqirep ^Host:\ dev.hortgdr.org \0\nCookie:\ backend=3
        server  switch 127.0.0.1:8000
listen backend1 127.0.0.1:8001
       capture request header X-Forwarded-For len 100
       capture request header Host len 30
       capture cookie backend len 12
       server apache 10.0.0.193:80

listen backend2 127.0.0.1:8002
       capture request header X-Forwarded-For len 100
       capture request header Host len 30
       capture cookie backend len 12
       # List servers here
       server dev_cacaogenomedb_org 10.0.0.228:80

listen backend3 127.0.0.1:8003
       capture request header X-Forwarded-For len 100
       capture request header Host len 30
       capture cookie backend len 12
       # List servers here
       server dev_hortgdr_org 10.0.0.227:80

As you can see, I have attempted to create a frontend, which based on hostname, sets a cookie. Then forwards to the appropriate backend to handle the request.

My problem is with Drupal when I attempt to login, the login fails. I suspect a problem with cookies, however I am unable to confirm this. However, if I bypass HAProxy or configure HAProxy front end to go directly to dev.cacaogenomedb.org , the login works fine.

>From debug output, I see that a cookie is being set.

00000002:backend2.srvhdr[000e:000f]: Set-Cookie: SESS32a778652c9b91f0c26452475854fcf0=qrnq2gapg0c62ef3p6b7lrfk14; expires=Thu, 27 Nov 2008 21:24:39 GMT; path=/; domain=.dev.cacaogenomedb.org

So what can I do to troubleshoot this problem? Secondly, is there anything I can do to fix it? Lastly, is there a better way to accomplish virtual hosting with high availability, perhaps using HAProxy with other software.

Thanks,

Randall Received on 2008/11/04 18:59

This archive was generated by hypermail 2.2.0 : 2008/11/04 19:00 CET