Text only | Text with Images

OPNsense Forum

English Forums => General Discussion => Topic started by: spyram on April 11, 2019, 12:38:17 PM

Title: HAProxy in a High Availability scenario. How to enable statistics on both nodes?
Post by: spyram on April 11, 2019, 12:38:17 PM
Hi,

I'm currently running HAProxy on OPN19.1.5

My setup consists of two VMs configured with High Availability and config replication using XMLRPC.

To enable remote access to statistics, I'm using a management IP address of the box and it works fine for the primary node.

The problem comes with the replication. When OPNSense replicates HA Proxy config, it copies the same address/port for statistics to the secondary node.

So every time I change my config, I need to login to the secondary node and change the IP accordingly otherwise my HAProxy sometimes fails to start on the secondary node.

Could OPNSense HA plugin request an extra field to setup the statistics on the secondary server? Somehow like it already has on the peer configuration?

Or am I doing something wrong in my setup?

Thanks in advance.
Title: Re: HAProxy in a High Availability scenario. How to enable statistics on both nodes?
Post by: mimugmail on April 11, 2019, 01:14:45 PM
Are both nodes active? Normally this is only for CARP setups.
If you only want replication you can enable it for one-time sync and disable again.
Title: Re: HAProxy in a High Availability scenario. How to enable statistics on both nodes?
Post by: spyram on April 12, 2019, 06:47:51 PM
Hi,

Both nodes are indeed active (using CARP).

One is serving HA Proxy and the other is serving as default gateway for internal services. If one has a problem, the other should pick up the service.

But since I want to be able to monitor remotely HA Proxy from a nagios like platform, I need to check statistic pages from each node.
Title: Re: HAProxy in a High Availability scenario. How to enable statistics on both nodes?
Post by: hbc on April 12, 2019, 08:28:52 PM
If it is a HA setup, usually it's active-passive, one node should have the traffic and the passive one none. So why monitor the inactive node? Statistics should be zero. Just monitor the VIP. So you always get the statistics of the active node.
Title: Re: HAProxy in a High Availability scenario. How to enable statistics on both nodes?
Post by: spyram on April 12, 2019, 08:44:27 PM
Hi,

Thanks for the reply,

What you're suggesting is that I point the monitoring address to a VIP right?

The VIP served by HA Proxy is a web front-end for our public site and I'm currently monitoring this box through a management address from the inside.

So, I'm guessing the best way to do this would be to set a VIP on the management network and bind the stats IP to that one right?

I'm not sure if I can force that VIP on the private management network  to be on the same host of the Public VIP but if not, I'll make this box a true active-passive.

Thanks for the input.
Text only | Text with Images