I have been asked to look into using Docker Swarm at our work.
We currently have a HAProxy load balancer and 8 IIS webservers.
Is it possible to keep using our HAProxy as a load balancer if we make a Docker Swarm?
But without making our HAProxy run in a container.
I have been googling like crazy, and everywhere I look, all the examples I find have HAProxy running in a container, which is not what we want.
Our goal is to have HAProxy directly connect to service in the container, without using the Docker routing mesh.
From what I can tell from my googling, it could be done by using the Docker DNS as a resolver in HAProxy.
Basically like described in this article, but with HAProxy outside the Docker Swarm:
But how do I access the Docker DNS outside the swarm?
You could use deployment contraints to restrict deployment to specific nodes and publish ports in host mode on those, Then setup your external HAProxy to forward traffic to the published host ports on those nodes, though make sure HAProxy does a healthcheck to send traffic to nodes with active instances of your containers.
You either publish ports to a host ports or use the ingress routing mesh - you have to live with either one of the solutions! There is no “but, i want to still access the container from every node without using ingress”. There is no way to access the DNS as well.
On the other side, what is wrong with putting HAProxy into a container? I would always prefer to put the Reverseproxy on dedicated nodes using global deployments and deployment constraint with host ports, then leverage the container network to forward traffic to the target service. This is especialy usefull if your target service is not suited for replication.