I've got haproxy set up with keepalived for load balancing and ip failover of a percona cluster, and since it works great I'd like to use the same lb / failover for another service/daemon.
I've configured haproxy this way:
listen my_service 0.0.0.0:4567
mode tcp
balance leastconn
option tcpka
contimeout 500000
clitimeout 500000
srvtimeout 500000
server host1 xxx.xxx.xxx.xx1:4567 check port 4567 inter 5000 rise 3 fall 3
server host2 xxx.xxx.xxx.xx2:4567 check port 4567 inter 5000 rise 3 fall 3
The load balancing works fine, but the service sees the IP of the load balancer instead of the actual IPs of the clients. In http mode it's quite easy to have haproxy pass along the remote IP, but how do I do in tcp mode? This is critical due to the nature of the service I need to load balance.
Thanks!
Vito
Best Answer
Just for future references, keepalived is a solution for failover not load balancing (maybe you mean LVS?). the transparent proxy mode for HAProxy has nothing to do with any special way of sending the original IP, that would be the normal non-transparent HTTP mode where you can use a standardized HTTP header for this.
In my opinion the correctly answer the original question is: You could compile transparent proxy support in HAProxy on a TPROXY enabled linux kernel. This together with proper TPROXY supporting version + configuration of iptables on the same machine enables actual fully transparent tcp proxy support. This means that backend servers do NOT need any special configuration.
Note that this is actually not the recommended setup for HAProxy and should only be used if you absolutely need it.