aws elastic load balancer?

#1

has any one been able to connect to crossbar through an aws elb?

i know web sockets will work when configuring the load balancer accordingly but I've not been able to connect to crossbar yet.

has anyone else had any success?

0 Likes

#2

Hi Greg,

should be no problem when configuring ELB for TCP mode. But it’ll be of little use till we release clustering …

Cheers,

/Tobias

···

Sent from Mobile (Google Nexus 5)

Am 24.12.2015 1:10 nachm. schrieb “Greg Keys” gk...@mumbacloud.com:

has any one been able to connect to crossbar through an aws elb?

i know web sockets will work when configuring the load balancer accordingly but I’ve not been able to connect to crossbar yet.

has anyone else had any success?

You received this message because you are subscribed to the Google Groups “Crossbar” group.

To unsubscribe from this group and stop receiving emails from it, send an email to crossbario+...@googlegroups.com.

To post to this group, send email to cross...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/crossbario/4e8f7def-9cbb-4456-abe4-7eceadf1444e%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

0 Likes

#3

it tries to connect but it doesnt want to upgrade, gives 400 error.

I'm connecting purely on port 443 but I have tried 80 as well haven't had any luck yet.

the plan is to stack the router and back-end ish uri's in a elastic beanstalk multi docker container with each micro service in its own docker container connecting to the router housed on the multi container, put that stack behind a load balancer and we can duplicate the stack in order to scale, that way it doesnt matter which one a front-end ish client connects to they're just duplicated container stacks.

it's a temporary scaling strategy until clustering is available, we plan to go live in February so if clustering is available by them we'll be fine but if it's going to be longer we need a scaling strategy in place, we will be pushing the connections well past 200k

0 Likes

#4

I have a feeling crossbar is having a problem with proxy_protocol from the load balancer,
I think I could put nginx in front of crossbar in order to upgrade the websocket connection but I would prefer not to do that if I don’t have to

Here are the instructions from aws in regards to proxy_protocol
https://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/enable-proxy-protocol.html

here is a guide from someone who has configured websockets with nginx and the aws elb, he notes “without proxy_protocol AWS ELBs seem to strip something important to the connection.”

https://blog.jverkamp.com/2015/07/20/configuring-websockets-behind-an-aws-elb/

My next test is to try with nginx

···

On Thursday, December 24, 2015 at 3:08:17 PM UTC-8, Greg Keys wrote:

it tries to connect but it doesnt want to upgrade, gives 400 error.
I’m connecting purely on port 443 but I have tried 80 as well haven’t had any luck yet.

the plan is to stack the router and back-end ish uri’s in a elastic beanstalk multi docker container with each micro service in its own docker container connecting to the router housed on the multi container, put that stack behind a load balancer and we can duplicate the stack in order to scale, that way it doesnt matter which one a front-end ish client connects to they’re just duplicated container stacks.

it’s a temporary scaling strategy until clustering is available, we plan to go live in February so if clustering is available by them we’ll be fine but if it’s going to be longer we need a scaling strategy in place, we will be pushing the connections well past 200k

0 Likes

#5

As said, use raw TCP on ELB … no proxy proto, no HTTP.

···

Sent from Mobile (Google Nexus 5)

Am 28.12.2015 7:57 vorm. schrieb “Greg Keys” gk...@mumbacloud.com:

I have a feeling crossbar is having a problem with proxy_protocol from the load balancer,
I think I could put nginx in front of crossbar in order to upgrade the websocket connection but I would prefer not to do that if I don’t have to

Here are the instructions from aws in regards to proxy_protocol
https://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/enable-proxy-protocol.html

here is a guide from someone who has configured websockets with nginx and the aws elb, he notes “without proxy_protocol AWS ELBs seem to strip something important to the connection.”

https://blog.jverkamp.com/2015/07/20/configuring-websockets-behind-an-aws-elb/

My next test is to try with nginx

On Thursday, December 24, 2015 at 3:08:17 PM UTC-8, Greg Keys wrote:

it tries to connect but it doesnt want to upgrade, gives 400 error.
I’m connecting purely on port 443 but I have tried 80 as well haven’t had any luck yet.

the plan is to stack the router and back-end ish uri’s in a elastic beanstalk multi docker container with each micro service in its own docker container connecting to the router housed on the multi container, put that stack behind a load balancer and we can duplicate the stack in order to scale, that way it doesnt matter which one a front-end ish client connects to they’re just duplicated container stacks.

it’s a temporary scaling strategy until clustering is available, we plan to go live in February so if clustering is available by them we’ll be fine but if it’s going to be longer we need a scaling strategy in place, we will be pushing the connections well past 200k

You received this message because you are subscribed to the Google Groups “Crossbar” group.

To unsubscribe from this group and stop receiving emails from it, send an email to crossbario+...@googlegroups.com.

To post to this group, send email to cross...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/crossbario/86956a43-f965-4808-ad15-96cc0727d2de%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

0 Likes

#6

I am using raw TCP the proxy_protocol is something added by the load balancer, I was wondering if something is being stripped by the amazon load balancer and placed in the proxy protocol

The stack works when connecting directly but I haven’t found a configuration that works with the load balancer yet.

···

On Sunday, December 27, 2015 at 11:07:08 PM UTC-8, Tobias Oberstein wrote:

As said, use raw TCP on ELB … no proxy proto, no HTTP.

Sent from Mobile (Google Nexus 5)

Am 28.12.2015 7:57 vorm. schrieb “Greg Keys” gk...@mumbacloud.com:

I have a feeling crossbar is having a problem with proxy_protocol from the load balancer,
I think I could put nginx in front of crossbar in order to upgrade the websocket connection but I would prefer not to do that if I don’t have to

Here are the instructions from aws in regards to proxy_protocol
https://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/enable-proxy-protocol.html

here is a guide from someone who has configured websockets with nginx and the aws elb, he notes “without proxy_protocol AWS ELBs seem to strip something important to the connection.”

https://blog.jverkamp.com/2015/07/20/configuring-websockets-behind-an-aws-elb/

My next test is to try with nginx

On Thursday, December 24, 2015 at 3:08:17 PM UTC-8, Greg Keys wrote:

it tries to connect but it doesnt want to upgrade, gives 400 error.
I’m connecting purely on port 443 but I have tried 80 as well haven’t had any luck yet.

the plan is to stack the router and back-end ish uri’s in a elastic beanstalk multi docker container with each micro service in its own docker container connecting to the router housed on the multi container, put that stack behind a load balancer and we can duplicate the stack in order to scale, that way it doesnt matter which one a front-end ish client connects to they’re just duplicated container stacks.

it’s a temporary scaling strategy until clustering is available, we plan to go live in February so if clustering is available by them we’ll be fine but if it’s going to be longer we need a scaling strategy in place, we will be pushing the connections well past 200k

You received this message because you are subscribed to the Google Groups “Crossbar” group.

To unsubscribe from this group and stop receiving emails from it, send an email to crossbario+...@googlegroups.com.

To post to this group, send email to cros...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/crossbario/86956a43-f965-4808-ad15-96cc0727d2de%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

0 Likes

#7

Hi Greg,

Crossbar.io does not support proxy_protocol, but any L4 transparent proxy. I can't believe ELB can't be put in that mode, but I haven't tried myself.

Cheers,
/Tobias

···

Am 28.12.2015 um 08:36 schrieb Greg Keys:

I am using raw TCP the proxy_protocol is something added by the load
balancer, I was wondering if something is being stripped by the amazon
load balancer and placed in the proxy protocol

The stack works when connecting directly but I haven't found a
configuration that works with the load balancer yet.

On Sunday, December 27, 2015 at 11:07:08 PM UTC-8, Tobias Oberstein wrote:

    As said, use raw TCP on ELB .. no proxy proto, no HTTP.

    Sent from Mobile (Google Nexus 5)

    Am 28.12.2015 7:57 vorm. schrieb "Greg Keys" <gk...@mumbacloud.com > <javascript:>>:

        I have a feeling crossbar is having a problem with
        proxy_protocol from the load balancer,
        I think I could put nginx in front of crossbar in order to
        upgrade the websocket connection but I would prefer not to do
        that if I don't have to

        Here are the instructions from aws in regards to proxy_protocol
        https://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/enable-proxy-protocol.html
        <https://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/enable-proxy-protocol.html>

        here is a guide from someone who has configured websockets with
        nginx and the aws elb, he notes "without |proxy_protocol| AWS
        ELBs seem to strip something important to the connection."
        https://blog.jverkamp.com/2015/07/20/configuring-websockets-behind-an-aws-elb/
        <https://blog.jverkamp.com/2015/07/20/configuring-websockets-behind-an-aws-elb/>

        My next test is to try with nginx

        On Thursday, December 24, 2015 at 3:08:17 PM UTC-8, Greg Keys wrote:

            it tries to connect but it doesnt want to upgrade, gives 400
            error.

            I'm connecting purely on port 443 but I have tried 80 as
            well haven't had any luck yet.

            the plan is to stack the router and back-end ish uri's in a
            elastic beanstalk multi docker container with each micro
            service in its own docker container connecting to the router
            housed on the multi container, put that stack behind a load
            balancer and we can duplicate the stack in order to scale,
            that way it doesnt matter which one a front-end ish client
            connects to they're just duplicated container stacks.

            it's a temporary scaling strategy until clustering is
            available, we plan to go live in February so if clustering
            is available by them we'll be fine but if it's going to be
            longer we need a scaling strategy in place, we will be
            pushing the connections well past 200k

        --
        You received this message because you are subscribed to the
        Google Groups "Crossbar" group.
        To unsubscribe from this group and stop receiving emails from
        it, send an email to crossba...@googlegroups.com <javascript:>.
        To post to this group, send email to cros...@googlegroups.com
        <javascript:>.
        To view this discussion on the web visit
        https://groups.google.com/d/msgid/crossbario/86956a43-f965-4808-ad15-96cc0727d2de%40googlegroups.com
        <https://groups.google.com/d/msgid/crossbario/86956a43-f965-4808-ad15-96cc0727d2de%40googlegroups.com?utm_medium=email&utm_source=footer>.
        For more options, visit https://groups.google.com/d/optout
        <https://groups.google.com/d/optout>.

--
You received this message because you are subscribed to the Google
Groups "Crossbar" group.
To unsubscribe from this group and stop receiving emails from it, send
an email to crossbario+...@googlegroups.com
<mailto:crossbario+...@googlegroups.com>.
To post to this group, send email to cross...@googlegroups.com
<mailto:cross...@googlegroups.com>.
To view this discussion on the web visit
https://groups.google.com/d/msgid/crossbario/c2d03734-cebb-4f24-bb23-85b05c61cf0d%40googlegroups.com
<https://groups.google.com/d/msgid/crossbario/c2d03734-cebb-4f24-bb23-85b05c61cf0d%40googlegroups.com?utm_medium=email&utm_source=footer>.
For more options, visit https://groups.google.com/d/optout.

0 Likes

#8

this is what I've tried so far
(elb = elastic load balancer, ec2 = elastic compute 2 which is basically the Amazon server)

elb tcp 443 to ec2 tcp 443
elb tcp 443 to ec2 tcp 80

elb ssl 443 to ec2 tcp 443
elb ssl 443 to ec2 tcp 80

elb ssl 443 to ec2 ssl 443
elb ssl 443 to ec2 ssl 80

elb https 443 to ec2 https 443
elb https 443 to ec2 http 80

I've tried the above with proxy protocol turned on and off

security groups for the elb and ec2 instances are set to allow all traffic

I've tried with nginx terminating the ssl and proxying to the ec2 instance

the tried using external_port set to 443 in the crossbar config.json

none of these worked to establish the websocket connection. errors I've received were 400, 500, upgrade header missing, connection lost and connection unreachable.

what does work is connecting directly to the ec2 instance and connecting directly to nginx proxying to an ec2 instance.

I was able to get the crossbar static web service working with the elb but the websocket would not connect.

I'm thinking to try ha proxy next unless someone sees something i missed or knows of a setting I didn't try.

0 Likes

#9

Hi Greg,

seems you have done quite some testing and are running out of things to try. I've filed https://github.com/crossbario/crossbar/issues/572, and will look into this - can't say how quick, as I am working on other stuff, but I will, definitely. This should work - if it doesn't, we will make it work ..

Cheers,
/Tobias

···

Am 29.12.2015 um 22:57 schrieb Greg Keys:

this is what I've tried so far
(elb = elastic load balancer, ec2 = elastic compute 2 which is basically the Amazon server)

elb tcp 443 to ec2 tcp 443
elb tcp 443 to ec2 tcp 80

elb ssl 443 to ec2 tcp 443
elb ssl 443 to ec2 tcp 80

elb ssl 443 to ec2 ssl 443
elb ssl 443 to ec2 ssl 80

elb https 443 to ec2 https 443
elb https 443 to ec2 http 80

I've tried the above with proxy protocol turned on and off

security groups for the elb and ec2 instances are set to allow all traffic

I've tried with nginx terminating the ssl and proxying to the ec2 instance

the tried using external_port set to 443 in the crossbar config.json

none of these worked to establish the websocket connection. errors I've received were 400, 500, upgrade header missing, connection lost and connection unreachable.

what does work is connecting directly to the ec2 instance and connecting directly to nginx proxying to an ec2 instance.

I was able to get the crossbar static web service working with the elb but the websocket would not connect.

I'm thinking to try ha proxy next unless someone sees something i missed or knows of a setting I didn't try.

0 Likes