4

I want to practise in creation of high-available web-application using multiple Docker containers on one machine.

I launch several web-servers within Docker containers. Say, three servers rest1, rest2 and rest3.

I use Docker with HAProxy balancer, which is binded to 127.0.0.1:80 and routes queries to rest servers. This allows me to be sure, that when one or two rest servers failed, I will be able to make queries to 127.0.0.1:80 and receive correct results.

The bad thing is: when HAProxy is down, web-application is down.

I want to use several HAProxy Docker containers with Keepalived service in each container. The problem is: I need several Docker containers to listen to one IP and one PORT. E.g., I will have haproxy1 and haproxy2, which will be binded to localhost via Keepalived.

When I set IP in HAProxy configuration file, which is not an IP of current Docker container, it shows me an error, that HAProxy cannot listen this IP and PORT.

Is it possible to configure multiple Docker containers with HAProxy and Keepalived to listen to one IP and PORT?

Configuration of HAProxy:

defaults
    timeout connect 5000ms
    timeout client 50000ms
    timeout server 50000ms

frontend http-in
    mode http
    bind 172.17.0.10:80
    default_backend BACKEND

backend BACKEND
    option httpchk
    server rest1 rest1:8080 maxconn 32 check
    server rest2 rest2:8080 maxconn 32 check
    server rest3 rest3:8080 maxconn 32 check

fails with error

Starting frontend http-in: cannot bind socket [172.17.0.10:80]

172.17.0.10 is a member of Docker subnetwork and not reserved on my machine.

Charlie
  • 141
  • 1
  • 4
  • Re: ... to listen to one IP and PORT? ---- That's exactly what `keepalived` is for. How do your `haproxy` and `keepalived` configurations look like? – Ianthe the Duke of Nukem May 18 '16 at 03:27
  • @IanthetheDukeofNukem I updated the question with my HAProxy configuration. I use this tutorial https://www.howtoforge.com/setting-up-a-high-availability-load-balancer-with-haproxy-keepalived-on-debian-lenny and don't have Keepalived setup yet, because I guess, that if HAProxy cannot bind, Keepalived will not be able too. Or I'm wrong? I'll try to setup them both. And, again, I know, that Keepalived was designed for this task, but I want to launch it within Docker containers -- not connect multiple dockers from host machine via Keepalived on host. – Charlie May 18 '16 at 05:20
  • It's okay to try it out without `keepalived` first. You can add it in after. About the failure to bind, can you check what's running on `172.17.0.10:80`? (`netstat -tupan`) – Ianthe the Duke of Nukem May 18 '16 at 08:52
  • @IanthetheDukeofNukem it's free. I guess, it's just forbidden for Docker container to bind to IP, which is not equal to its address. Am I wrong? – Charlie May 18 '16 at 12:33
  • Did you ever get this working? I'm attempting to do the same thing – Erick T Oct 13 '16 at 22:04
  • @ErickT no but I've got some advices from my collegues. First thing: one load balancer is enough and even if I will balance my balancers, DNS server can fail. Second thing: if it isn't enough, I should use VirtualBox or something like this to emulate several machines, because KeepAlived won't work on one machine with several Dockers, because Docker isn't a VM. Though, I didn't try to do this. It would be cool if you will and write here about your experience :) – Charlie Oct 15 '16 at 09:55

1 Answers1

3

You may need to enable non-local binding on the docker host.

Add net.ipv4.ip_nonlocal_bind=1 to the end of the /etc/sysctl.conf file and force a reload of the file with the sudo sysctl -p command.

chicks
  • 3,639
  • 10
  • 26
  • 36
Dave
  • 131
  • 2