Skip to content

[backport] horizon: Configure stickiness with haproxy #33

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
matelakat wants to merge 2 commits into
base: stable/sap/3.0
Choose a base branch
from
Open

[backport] horizon: Configure stickiness with haproxy #33

matelakat wants to merge 2 commits into from

Conversation

@matelakat
Copy link

@matelakat matelakat commented Mar 28, 2017

This is the backport of crowbar#841

@matelakat matelakat mentioned this pull request Mar 28, 2017
Open
2 tasks
vuntz added 2 commits June 29, 2017 15:58
@vuntz
horizon: Configure stickiness with haproxy
dbd92be 
We use cookie-based stickiness for non-SSL, and we also expire the
stickiness based on the session timeout. This should make the
haproxy/horizon combo to work well, with each session sticking to one
backend, thus avoiding potential issues where requests are spread
between multiple backends.

Note that we use two cookies:

 - sessionid, which identifies a session
 - csrftoken, which identifies a "login session", before a real session
   really exists, with the proper sessionid token

(cherry picked from commit 4da5c63)
@vuntz
horizon: Use "source" balance strategy for ssl haproxy
68fcc4a 
Since horizon is really used by browsers, the affinity based on SSL
session ID is not enough because the browsers open multiple connections.
To make sure a user always ends up on the same backend, we enforce the
balance strategy to be "source" (that is based, on the the client IP
address).

(cherry picked from commit 2471a0e)
@matelakat matelakat requested review from mkoderer, tpatzig and vuntz June 29, 2017 14:56
@matelakat
Copy link
Author

matelakat commented Jul 6, 2017

This seems to fail due to:

{"error":"Failed to apply the proposal to: d52-54-77-77-01-03.vm1.cloud.suse.de 
Most recent logged lines from the Chef run: 

 23:  haproxy_loadbalancer \"horizon\" do
  24:    address \"0.0.0.0\"
  25:    port 80
  26:    use_ssl false
  27:    servers CrowbarPacemakerHelper.haproxy_servers_for_service(node, \"horizon\", \"horizon-server\", \"plain\")
  28\u003e\u003e   stick stick_options
  29:    action :nothing
  30:  end.run_action(:create)
  31:  
  32:  if node[:horizon][:apache][:ssl]
  33:    stick_options = { expire: \"#{node[:horizon][:session_timeout]}m\" }
  34:  
  35:    haproxy_loadbalancer \"horizon-ssl\" do
  36:      address \"0.0.0.0\"
  37:      port 443
 
 [2017-06-29T15:20:02+00:00] ERROR: Running exception handlers
 [2017-06-29T15:20:02+00:00] ERROR: Report handler Chef::Handler::ErrorReport raised #\u003cEncoding::UndefinedConversionError: \"\\xCD\" from ASCII-8BIT to UTF-8\u003e
 [2017-06-29T15:20:02+00:00] ERROR: /usr/lib64/ruby/gems/2.1.0/gems/chef-10.32.2/lib/chef/resource.rb:530:in `encode'
 [2017-06-29T15:20:02+00:00] ERROR: /usr/lib64/ruby/gems/2.1.0/gems/chef-10.32.2/lib/chef/resource.rb:530:in `to_json'
 [2017-06-29T15:20:02+00:00] ERROR: /usr/lib64/ruby/gems/2.1.0/gems/chef-10.32.2/lib/chef/resource.rb:530:in `to_json'
 [2017-06-29T15:20:02+00:00] ERROR: /usr/lib64/ruby/2.1.0/json/common.rb:285:in `generate'
 [2017-06-29T15:20:02+00:00] ERROR: /usr/lib64/ruby/2.1.0/json/common.rb:285:in `pretty_generate'
 [2017-06-29T15:20:02+00:00] ERROR: /usr/lib64/ruby/gems/2.1.0/gems/chef-10.32.2/lib/chef/json_compat.rb:107:in `to_json_pretty'
 [2017-06-29T15:20:02+00:00] ERROR: /usr/lib64/ruby/gems/2.1.0/gems/chef-10.32.2/lib/chef/handler/error_report.rb:27:in `report'
 [2017-06-29T15:20:02+00:00] ERROR: /usr/lib64/ruby/gems/2.1.0/gems/chef-10.32.2/lib/chef/handler.rb:226:in `run_report_unsafe'
 [2017-06-29T15:20:02+00:00] ERROR: /usr/lib64/ruby/gems/2.1.0/gems/chef-10.32.2/lib/chef/handler.rb:214:in `run_report_safely'
 [2017-06-29T15:20:02+00:00] ERROR: /usr/lib64/ruby/gems/2.1.0/gems/chef-10.32.2/lib/chef/handler.rb:118:in `block in run_exception_handlers'
 [2017-06-29T15:20:02+00:00] ERROR: /usr/lib64/ruby/gems/2.1.0/gems/chef-10.32.2/lib/chef/handler.rb:117:in `each'
 [2017-06-29T15:20:02+00:00] ERROR: /usr/lib64/ruby/gems/2.1.0/gems/chef-10.32.2/lib/chef/handler.rb:117:in `run_exception_handlers'
 [2017-06-29T15:20:02+00:00] ERROR: /usr/lib64/ruby/gems/2.1.0/gems/chef-10.32.2/lib/chef/handler.rb:127:in `block in \u003cclass:Handler\u003e'
 [2017-06-29T15:20:02+00:00] ERROR: /usr/lib64/ruby/gems/2.1.0/gems/chef-10.32.2/lib/chef/client.rb:119:in `call'
 [2017-06-29T15:20:02+00:00] ERROR: /usr/lib64/ruby/gems/2.1.0/gems/chef-10.32.2/lib/chef/client.rb:119:in `block in run_failed'
 [2017-06-29T15:20:02+00:00] ERROR: /usr/lib64/ruby/gems/2.1.0/gems/chef-10.32.2/lib/chef/client.rb:118:in `each'
 [2017-06-29T15:20:02+00:00] ERROR: /usr/lib64/ruby/gems/2.1.0/gems/chef-10.32.2/lib/chef/client.rb:118:in `run_failed'
 [2017-06-29T15:20:02+00:00] ERROR: /usr/lib64/ruby/gems/2.1.0/gems/chef-10.32.2/lib/chef/client.rb:446:in `rescue in do_run'
 [2017-06-29T15:20:02+00:00] ERROR: /usr/lib64/ruby/gems/2.1.0/gems/chef-10.32.2/lib/chef/client.rb:455:in `do_run'
 [2017-06-29T15:20:02+00:00] ERROR: /usr/lib64/ruby/gems/2.1.0/gems/chef-10.32.2/lib/chef/client.rb:184:in `run'
 [2017-06-29T15:20:02+00:00] ERROR: /usr/lib64/ruby/gems/2.1.0/gems/chef-10.32.2/lib/chef/application.rb:133:in `run_chef_client'
 [2017-06-29T15:20:02+00:00] ERROR: /usr/lib64/ruby/gems/2.1.0/gems/chef-10.32.2/lib/chef/application/client.rb:306:in `block in run_application'
 [2017-06-29T15:20:02+00:00] ERROR: /usr/lib64/ruby/gems/2.1.0/gems/chef-10.32.2/lib/chef/application/client.rb:294:in `loop'
 [2017-06-29T15:20:02+00:00] ERROR: /usr/lib64/ruby/gems/2.1.0/gems/chef-10.32.2/lib/chef/application/client.rb:294:in `run_application'
 [2017-06-29T15:20:02+00:00] ERROR: /usr/lib64/ruby/gems/2.1.0/gems/chef-10.32.2/lib/chef/application.rb:65:in `run'
 [2017-06-29T15:20:02+00:00] ERROR: /usr/lib64/ruby/gems/2.1.0/gems/chef-10.32.2/bin/chef-client:26:in `\u003ctop (required)\u003e'
 [2017-06-29T15:20:02+00:00] ERROR: /usr/bin/chef-client:23:in `load'
 [2017-06-29T15:20:02+00:00] ERROR: /usr/bin/chef-client:23:in `\u003cmain\u003e'
 [2017-06-29T15:20:02+00:00] ERROR: Exception handlers complete
 [2017-06-29T15:20:02+00:00] FATAL: Stacktrace dumped to /var/chef/cache/chef-stacktrace.out
 [2017-06-29T15:20:02+00:00] FATAL: NoMethodError: undefined method `stick' for Chef::Resource::HaproxyLoadbalancer

@matelakat matelakat self-assigned this Jul 6, 2017
@matelakat
Copy link
Author

matelakat commented Jul 6, 2017

That's because we first need to merge the ha change.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@matelakat matelakat

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@matelakat @vuntz