Hello Mathieu.
I understand that having RFC 1918 private IPs is the best way to go for
the Apache servers (I've been trying to use the 10.0.0.0/22 network),
but everything I've tried so far has failed badly. Even reserving a
single IP address for each Apache host hasn't worked in testing - if I
use private IPs on the Apache backend, the Zen loadbalancer simply
doesn't forward the connection through to the server. I have private IPs
set up on the Zen box, and I can reach the Apache server at the private
IP if I ssh into the Zen box then try to telnet to port 80 on the Apache
server, but I must be doing something wrong in configuring Zen to proxy
these connections from our public IPs to our private network.
I've only ever been able to get Zen to forward connections that belong
to the same network. I even have a MySQL pair managed by Zen on the
10.0.0.254 IP that load balances connections to two MySQL servers at
10.0.0.10 and 10.0.0.11, and that works, but try to forward an http
connection from <public /24>.40 to 10.0.0.15 and Zen never even tries to
connect to the Apache server - I can tell by the Apache logs.
On 2015-11-10 23:35, Mathieu Chateau wrote:
> Hello,
>
> Apache must be hidden behind Zen using private network. So they are
> not exposed over the internet.
> Using HTTP farm, you can create one service per virtual host, having
> each any number of frontend (can be different).
> Then you can set in maintenance one apache for 1 virtual host.
>
> By default you will then only see private of zen LB in apache log. But
> you can still have true client IP with this:
>
> LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\"
> \"%{User-Agent}i\"" combined
> LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\"
> \"%{User-Agent}i\"" proxy
> SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
> CustomLog "logs/www_access_log" proxy env=forwarded
>
> This will also hide all check_http done by zen to check health
>
> for 503 error, I guess it's a config error. Maybe related to https?
>
> Cordialement,
> Mathieu CHATEAU
> http://www.lotp.fr [3]
>
> 2015-11-11 2:42 GMT+01:00 James M Doherty <j...@jdoherty.net>:
>
>> I have this exact environment set up
>> I serve 3 different web sites spread across 5 backend servers
>>
>> Tomorrow I will send the key configure settings if you are
>> interested
>>
>> James M Doherty
>> President
>> Revive Consulting LLC.
>> 512-650-2997 ( O )
>> 512-217-6302 ( C )
>>
>>> On Nov 10, 2015, at 18:50, Ernie Dunbar <maill...@lightspeed.ca>
>> wrote:
>>>
>>> Hi everyone.
>>>
>>> I'm trying to set up Zen Loadbalancer against a cluster of
>> servers
>>> running Apache virtual hosts on a single, shared IP address. I
>> have the
>>> loadbalancer working fine so long as the Apache servers are
>> hosting a
>>> completely separate IP address for a virtual host, but I want to
>> be able
>>> to run many domains through the Zen Loadbalancer without having
>> to have
>>> a unique IP address for three different hosts - the Zen box,
>> Apache
>>> server 1 and Apache server 2.
>>>
>>> For example, this configuration works fine:
>>>
>>> mocku.edu [1] DNS resolves to <public /24>.41
>>> Zen Loadbalancer uses <public /24>.41
>>> Apache1 uses <public /24>.42
>>> Apache2 uses <public /24>.43
>>>
>>> When I set up a php script to show the IP address that the web
>> server is
>>> using, refreshing the page shows that the IP address switches
>> between
>>> .42 and .43. I've tried using a private IP space like 10.0.0.42
>> and
>>> 10.0.0.43 for the backends (HTTP profile), but that immediately
>> fails
>>> with a 503 message, and the Apache logs show no access attempts.
>>>
>>> Any suggestions on how to accomplish this without using hundreds
>> of
>>> precious IPv4 IP addresses would be welcome. :)
>>>
>>>
>>
> ------------------------------------------------------------------------------
>>> _______________________________________________
>>> Zenloadbalancer-support mailing list
>>> Zenloadbalancer-support@lists.sourceforge.net
>>>
>> https://lists.sourceforge.net/lists/listinfo/zenloadbalancer-support
>> [2]
>>
>>
> ------------------------------------------------------------------------------
>> _______________________________________________
>> Zenloadbalancer-support mailing list
>> Zenloadbalancer-support@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/zenloadbalancer-support
>> [2]
>
>
>
> Links:
> ------
> [1] http://mocku.edu
> [2]
> https://lists.sourceforge.net/lists/listinfo/zenloadbalancer-support
> [3] http://www.lotp.fr
>
> ------------------------------------------------------------------------------
>
> _______________________________________________
> Zenloadbalancer-support mailing list
> Zenloadbalancer-support@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/zenloadbalancer-support
------------------------------------------------------------------------------
_______________________________________________
Zenloadbalancer-support mailing list
Zenloadbalancer-support@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/zenloadbalancer-support
