# iri-lb-haproxy Note ## Overview [iri-lb-haproxy](https://github.com/nuriel77/iri-lb-haproxy) load balancer for IRI nodes able to support highly available setups. ###### Demo site: http://node10.puyuma.org:14276 ## Architecture  ## Installation #### Environment: * Operating system: Ubuntu 18.04 #### Latest Releases Via Apt (Ubuntu 18.04): ```shell= $ sudo apt-get update $ sudo apt-get install software-properties-common $ sudo apt-add-repository ppa:ansible/ansible $ sudo apt-get update $ sudo apt-get install ansible ``` #### Install iri-lb-haproxy: ```$ git clone https://github.com/nuriel77/iri-lb-haproxy``` ```$ ansible-playbook -i inventory -v site.yml``` ## Study ### Consul: * [Features](https://www.consul.io/intro/index.html#what-is-consul-)： * Support Prometheus! * Service Discovery * Note: Mainnet and Testnet BiiLabs, NCKU, 3rd-party IRI service discover * [Health Checking](https://www.consul.io/intro/getting-started/checks.html): * [Health Checks doc](https://www.consul.io/docs/agent/checks.html) * Health checking for IOTA full-node activity * KV Store * Dynamic configuration * Secure Service Communication * Multi Datacenter * Glossary * Agent - An agent is the long running daemon on every member of the Consul cluster. * Client - A client is an agent that forwards all RPCs to a server. * Server - A server is an agent with an expanded set of responsibilities i * Data center: * Consensus - When used in our documentation we use consensus to mean agreement upon the elected leader as well as agreement on the ordering of transactions. * Gossip - Consul is built on top of Serf which provides a full gossip protocol that is used for multiple purposes. Serf provides membership, failure detection, and event broadcast. * LAN Gossip / WAN Gossip * RPC: * Consul Architecture *  ## Deploy ### Consul: ##### Export the Consul master token to a variable so it can be reused when using curl: `# export CONSUL_HTTP_TOKEN=$(cat /etc/consul/consul_master_token)` ##### Example register a service (IRI node) ``` $ vi example.json ``` ``` { "ID": "140.116.245.162:14265", "Name": "iri", "tags": [], "Address": "140.116.245.162", "Port": 14265, "EnableTagOverride": false, "Check": { "id": "140.116.245.162:14265", "name": "API 140.116.245.162:14265", "args": ["/bin/bash", "/scripts/node_check.sh", "-a", "http://140.116.245.162:14265", "-i"], "Interval": "30s", "timeout": "5s", "DeregisterCriticalServiceAfter": "1m" } } ``` ##### Register IRI service ```$ curl -H "X-Consul-Token: $CONSUL_HTTP_TOKEN" -X PUT -d@example.json http://localhost:8500/v1/agent/service/register``` ##### Health check * "Status": "passing" ``` $ curl -s -H "X-Consul-Token: $CONSUL_HTTP_TOKEN" -X GET http://localhost:8500/v1/agent/checks | jq . { "service:140.116.245.162:14265": { "Node": "localhost", "CheckID": "service:140.116.245.162:14265", "Name": "API 140.116.245.162:14265", "Status": "passing", "Notes": "", "Output": "", "ServiceID": "140.116.245.162:14265", "ServiceName": "iri", "ServiceTags": [], "Definition": {}, "CreateIndex": 0, "ModifyIndex": 0 } } ``` ### Haproxy: ###### Haproxy status: ```$ ./roles/shared-files/show-stat``` ``` # pxname,svname,status,weight,addr iri_back,140.116.245.162:14265,UP,1,140.116.245.162:14265 ``` ###### Haproxy monitor: vi /etc/haproxy/haproxy.cfg ``` listen stats # bind 127.0.0.1:9292 bind 0.0.0.0:9292 ```  ###### Haproxy API port ``` $ sudo netstat -ntlp | grep haproxy tcp 0 0 0.0.0.0:14267 0.0.0.0:* LISTEN 486/haproxy tcp 0 0 0.0.0.0:9292 0.0.0.0:* LISTEN 486/haproxy tcp 0 0 127.0.0.1:9999 0.0.0.0:* LISTEN 486/haproxy ``` getTransactionToApprove using Haproxy: ``` curl http://node10.puyuma.org:14267 \ -X POST \ -H 'Content-Type: application/json' \ -H 'X-IOTA-API-Version: 1' \ -d '{"command": "getTransactionsToApprove", "depth": 15}' ``` Output: ``` {"trunkTransaction":"9UYHGIBHJMDXLOWBZQCJPSBKEZSQSYAHYBIOMI9UBZXXYAIXBXBFYIWYESXDQDXXGSKWOXCNLV9WZ9999","branchTransaction":"UMNV9OHJFVOOWURUV9LVVFXWNNJCR9FSJJYBPNUWLMCQBOQGRWR99BJKODKZQHCHDNFZFSDLRVBX99999","duration":13203} ``` getTransactionToApprove using backend full-node: ``` curl http://node.deviceproof.org:14265 \ -X POST \ -H 'Content-Type: application/json' \ -H 'X-IOTA-API-Version: 1' \ -d '{"command": "getTransactionsToApprove", "depth": 15}' ``` Output: ``` {"trunkTransaction":"RFWIQZEJUQMCABWNZPAQXRBJ9RWSWBEFYJYGDHKLQHF9FKWWTSYHLLLRFJCGTZENKSIOL9RAQJIKA9999","branchTransaction":"RLEDFVK9CMVMMVORZGMHRAD9OJNFMURIVWCWWCJXHDJUNVPGVXUOUOEMEZXGURSPJCRYYNFUBCQQA9999","duration":14016} ``` ## TODO: * Full-node deploy plan * Prometheus integration * Tangle Accelerator integration ## Reference * [[ 翻譯 ] Docker結合Consul實現的服務發現（一）](http://www.open-open.com/lib/view/open1464481918133.html) * [Open Directory of Public IOTA Nodes](https://iotanode.host/) ###### tags: `iri-lb-haproxy`