Improving Rest Proxy Availability

Preparation

The Rest Proxy provides a REST interface to produce and consume data from the clusters.

The availability can be improved by running multiple Rest Proxy instances behind a load balancer. The setup of the load balancer must be done with care, as Rest Proxy is a stateful application and relies on TLS based client authentication.

This guide assumes that you’ve already set up multiple Rest Proxy instances in the network.

Select a load balancer and public endpoint

The selected loadbalancer needs to forward TCP request and support so called sticky sessions. The sticky session needs to direct any request from the same source IP address to the same backend machine.

Determine the public endpoint host names and/or IP address to add to the Rest Proxy server certificate Subject Alternative Names

Selecting the backend machines and port numbers

Determine the machine host names, IP addresses and port numbers used by the Rest Proxies. Note the management port numbers and the HTTPS port numbers.

This information will be used by the load balancer as backend configuration. The host names and ip address can also be added to the Rest Proxy server certificate Subject Alternative Names.

Request server certificate

Request a new server certificate for the Rest Proxy with the public host name added to the Subject Alternative Names.

The host names of the backend machines can also be added if the Rest Proxies are going to be accessed directly.

Deploy Rest Proxy

Deploy the Rest Proxy instances on the selected backend machines using the new server certificate

Restart Prometheus (Optional)

Restart prometheus with the new configurations to be able to scrape the metrics of all the Rest Proxy instances.

Only perform this step when the Axual managed Prometheus is in use.

Configure the load balancer

  • Set up the load balancer to forward the TCP request to the HTTPS port of the backend machines.

  • Use as a health probe check to http://<backend ip>:<management port number>/actuator/health

  • Make sure SSL Offloading is disabled

  • Make sure sticky sessions based on client port is enabled load balancing rules

All nodes should be marked as active and the REST calls should be forwarded to a Rest Proxy instance.