Docker Community Forums

Share and learn in the Docker community.

How to route traffic from HAProxy to overlay network?


(Johnparn) #1

I recently setup a simple swarm environment for hosting some web sites. I quite soon realized that the ELB features are very rudimentary. I expected it at least handle host header redirects, but no. Therefor I’m trying to setup a HAProxy in front of two separate docker services, one for mobile web and the other for desktop web, both using nginx. The setup looks like this:

docker network create --driver overlay --subnet --opt encrypted proxy-net
docker network create --driver overlay --subnet --opt encrypted mobile-web-net
docker network create --driver overlay --subnet --opt encrypted desktop-web-net

docker service create --network proxy-net --name proxy --replicas 2 company/web-proxy
docker service create --network desktop-web-net --network proxy-net --name desktop-web --replicas 2 company/desktop-web
docker service create --network mobile-web-net --network proxy-net --name mobile-web --replicas 2 company/mobile-web

By putting HAProxy on the proxy-net, my hope was to be a able to route traffic from there to the mobile-web and desktop-web services based on host header.The traffic to the HAProxy is forwarded from the fronting ELB. The HAProxy is also supposed terminate SSL/TLS.

How can I route traffic from HAProxy to the overlay networks? I can’t use the name of the networks for some reasons. Is it only possible by using IP directly and should I point to the gateway from HAProxy?

By the way, as I’m writing two managers just died for unknown reason, so I will have to setup the environment from scratch. Should I consider some other solution?

The instances I used were 3 manager m4.large and 2 workers c4.large.

(Nathan Le Claire) #2

Use the DNS entry for service name. Any container in the proxy-net network will be able to route requests to the virtual IP for the services of desktop-web and mobile-web using these names via DNS, e.g. curl mobile-web:8080.

(Johnparn) #3


and thanks for your answer! Actually that is what I’ve tried.

When I do wget http://mobile-web:10001 from the managers I I just get bad address as a response. Same thing using nslookup mobile-web doesn’t resolve the name. I’ve tried different options like using service_name.net_name but to no avail.

I’m using the beta5 version of the cloud formation script at the moment.

// John