Sorry to hijack the thread. But are there any considerations or best practices to setup haproxy for ejabberd ?
Just point the SRV record to the haproxy ?
you can accept ssl connections on haproxy:
frontend access_clients_ssl
bind (you_IP):(you_port) ssl crt /etc/haproxy/.pem
default_backend cluster_clients
backend cluster_clients
log global
balance leastconn
option independant-streams
server srv1 ipsrv1:5222 check fall 3 id 1 inter 5000 rise 3 slowstart 120000 weight 50
server srv2 ipsrv2:5222 check fall 3 id 2 inter 5000 rise 3 slowstart 120000 weight 50
.......................................................................................
server srvN ipsrvN:5222 check fall 3 id N inter 5000 rise 3 slowstart 120000 weight 50
if you want to limit number connections per second, you can use maxconrate options in "global" sections (http://cbonte.github.io/haproxy-dconv/configuration-1.5.html#maxconnrate), It is avoids mnesia overload, under massive authorization on ejabberd. If you understand Russian, I can tell more in detail and promptly.
you can accept ssl connections on haproxy:
frontend access_clients_ssl
bind (you_IP):(you_port) ssl crt /etc/haproxy/.pem
default_backend cluster_clients
backend cluster_clients
log global
balance leastconn
option independant-streams
server srv1 ipsrv1:5222 check fall 3 id 1 inter 5000 rise 3 slowstart 120000 weight 50
server srv2 ipsrv2:5222 check fall 3 id 2 inter 5000 rise 3 slowstart 120000 weight 50
.......................................................................................
server srvN ipsrvN:5222 check fall 3 id N inter 5000 rise 3 slowstart 120000 weight 50
if you want to limit number connections per second, you can use maxconrate options in "global" sections (http://cbonte.github.io/haproxy-dconv/configuration-1.5.html#maxconnrate), It is avoids mnesia overload, under massive authorization on ejabberd. If you understand Russian, I can tell more in detail and promptly.
I do clustering in ejabberd and use haproxy for loadbalncing. myclients are connected to haproxy and haproxy redirect them to my ejabberd servers. ejabberd server see haproxy's IP not orginal IP of clients. I want config haproxy
I clustered my ejabberd servers and use haproxy for loadbalancing. my clients are connected to loadbalancer with 443 port and loadbalncer is connected to my ejabberd servers with 5222 port. loadbalancer dont sent orginal client's ip to ejabberd server, it sends packets to ejabberd server with self ip. I need orginal client ip. how to config loadbalncer that sended orginal client ip to ejabberd server?
We use Haproxy more than 2
We use Haproxy more than 2 yearshttp://www.haproxy.org/
Sorry to hijack the thread.
Sorry to hijack the thread. But are there any considerations or best practices to setup haproxy for ejabberd ?
Just point the SRV record to the haproxy ?
you can accept ssl
you can accept ssl connections on haproxy:
frontend access_clients_ssl
bind (you_IP):(you_port) ssl crt /etc/haproxy/.pem
default_backend cluster_clients
backend cluster_clients
log global
balance leastconn
option independant-streams
server srv1 ipsrv1:5222 check fall 3 id 1 inter 5000 rise 3 slowstart 120000 weight 50
server srv2 ipsrv2:5222 check fall 3 id 2 inter 5000 rise 3 slowstart 120000 weight 50
.......................................................................................
server srvN ipsrvN:5222 check fall 3 id N inter 5000 rise 3 slowstart 120000 weight 50
if you want to limit number connections per second, you can use maxconrate options in "global" sections (http://cbonte.github.io/haproxy-dconv/configuration-1.5.html#maxconnrate ), It is avoids mnesia overload, under massive authorization on ejabberd. If you understand Russian, I can tell more in detail and promptly.
you can accept ssl
you can accept ssl connections on haproxy:
frontend access_clients_ssl
bind (you_IP):(you_port) ssl crt /etc/haproxy/.pem
default_backend cluster_clients
backend cluster_clients
log global
balance leastconn
option independant-streams
server srv1 ipsrv1:5222 check fall 3 id 1 inter 5000 rise 3 slowstart 120000 weight 50
server srv2 ipsrv2:5222 check fall 3 id 2 inter 5000 rise 3 slowstart 120000 weight 50
.......................................................................................
server srvN ipsrvN:5222 check fall 3 id N inter 5000 rise 3 slowstart 120000 weight 50
if you want to limit number connections per second, you can use maxconrate options in "global" sections (http://cbonte.github.io/haproxy-dconv/configuration-1.5.html#maxconnrate ), It is avoids mnesia overload, under massive authorization on ejabberd. If you understand Russian, I can tell more in detail and promptly.
will this cert be for the
will this cert be for the domain or the haproxy host or the ejabberd host ?
I don't understand the
I don't understand the question
Here is a scenario. Say we
Here is a scenario.
Say we are using SRV records. So all people do is enter the domain name "example.com" in their pidgin client to connect.
In terms of DNS, this SRV record has a A record pointing to the haproxy IP.
So for this case what should our ssl cert be ?
Will the ssl cert for the SRV record work ?
hello how to see
hello
how to see original/remote ip address using haproxy not load balancer ip?
same option in http(forward-for) for tcp mode when use xmpp?
I don't understand the
I don't understand the question
I do clustering in ejabberd
I do clustering in ejabberd and use haproxy for loadbalncing. myclients are connected to haproxy and haproxy redirect them to my ejabberd servers. ejabberd server see haproxy's IP not orginal IP of clients. I want config haproxy
I clustered my ejabberd
I clustered my ejabberd servers and use haproxy for loadbalancing. my clients are connected to loadbalancer with 443 port and loadbalncer is connected to my ejabberd servers with 5222 port. loadbalancer dont sent orginal client's ip to ejabberd server, it sends packets to ejabberd server with self ip. I need orginal client ip. how to config loadbalncer that sended orginal client ip to ejabberd server?
I'm afraid it's impossible in
I'm afraid it's impossible in tcp balancing haproxy