Acls for Tcp level requests


#1

Hi ,

I had posted this question earlier but got no reply
My requirement is to connect using jdbc to a server cluster. ( connection String :
jdbc:teiid:OpenWorksCommonModel_OpenworksDemo@mm://34.36.74.77:31000;version=5000106)

On haproxy machine all jdbc requests should listen on one port say 31000, but based on a substring in the connection string , haproxy should route the requests to different backend .

I have read the answer for a earlier question where it was mentioned that acl could be written with frontend on http and backend on tcp. This did not work . Please find below a list of configurations i tried . Adding a mode tcp to the backend gave me an error while restarting haproxy. My intend is to see if there exists a word “OpenWorks” in the jdbc connection string and if so route it to a specific backend.

1st Configuration

frontend TEIID_PROXY
bind *:31000
mode http

acl openworks_teiid_backend path_sub OpenWorks
use_backend openworks_backend1 if openworks_teiid_backend

backend openworks_backend1
#mode tcp
balance source
server db_jdbc01 34.36.74.147:31000 check

I also tried a random configuration

listen DSIS_JDBC :31001
mode http

acl openworks_teiid_backend path_sub OpenWorks
use_backend openworks_backend if openworks_teiid_backend

backend openworks_backend
balance source
server db_jdbc01 34.36.74.147:31000 check

First configuration with mode tcp in the backend does not allow me to even start haproxy. Could you please help.


#2

Have tried to use http for front end and tcp for backendb as it was mentioned as a solution to some other question . I got the following error

frontend TEIID_PROXY
bind *:31000
mode http
acl openworks_teiid_backend url_sub OpenWorks
use_backend openworks_backend1 if openworks_teiid_backend

backend openworks_backend1
mode tcp
balance source
server db_jdbc01 34.36.74.147:31000 check

Error :

[ALERT] 121/074244 (2895) : Unable to use proxy ‘openworks_backend1’ with wrong mode, required: http, has: tcp.
[ALERT] 121/074244 (2895) : You may want to use ‘mode http’.
[ALERT] 121/074244 (2895) : Proxy ‘TEIID_PROXY’: unable to find required use_backend: ‘openworks_backend1’.
[ALERT] 121/074244 (2895) : Fatal errors found in configuration.
Errors in configuration file, check with haproxy check.
[dsds@VC9LRD02RH66002 haproxy] sudo vi haproxy.cfg [dsds@VC9LRD02RH66002 haproxy] sudo service haproxy restart
[ALERT] 121/235937 (20361) : Unable to use proxy ‘openworks_backend1’ with wrong mode, required: http, has: tcp.
[ALERT] 121/235937 (20361) : You may want to use ‘mode http’.
[ALERT] 121/235937 (20361) : Proxy ‘TEIID_PROXY’: unable to find required use_backend: ‘openworks_backend1’.
[ALERT] 121/235937 (20361) : Fatal errors found in configuration.
Errors in configuration file, check with haproxy check.


I have also tried the following configuration , but it doesnt work when i connect using jdbc . May be url_sub is not available for tcp . If so what acl could we use to writing a condition for the the connection string

frontend TEIID_PROXY
bind *:31000
mode tcp
acl openworks_teiid_backend url_sub OpenWorks
use_backend openworks_backend1 if openworks_teiid_backend

backend openworks_backend1
mode tcp
balance source
server db_jdbc01 34.36.74.147:31000 check


#3

With “mode tcp” I would use req.payload for an ACL.