SlideShare a Scribd company logo

Zarafa SummerCamp 2012 - Zarafa Cluster using a reverse proxy

Download as PPT, PDF
Z
Zarafa

The document discusses using a reverse proxy for a Zarafa multiserver configuration. Key points: - A reverse proxy can provide a single access point for clients, making firewalling easier. It also allows using off-the-shelf load balancing hardware. - Each Zarafa server node is configured with the address of the reverse proxy instead of direct connections. This allows clients connecting through the proxy to reach any node via the proxy address. - The proxy detects if a request came through a proxy by checking headers like X-Forwarded-For. It then returns the node's address via the proxy instead of direct, ensuring clients can reach the node through the proxy.

Technology
1 of 10
Download to read offline
1
2
3
4
5
6
7
8
9
10
Zarafa multiserver reverse proxy Steve Hardy
Cluster node proxy • General idea – Parts of the system • HTTP(s) proxy • Zarafa server – Some details • Session IP locking • Internal vs external connections • Network layouts – SSL offload – Loadbalancer • Configuration – Configuring – Testing (stats)
Goal • Single exposed ‘host’ to clients for cloud solutions • Host may be: – Single hostname, single IP – Single hostname, round-robin IP • Advantages: – Easier firewalling – Use off-the-shelf proxy / loadbalance hardware
Old situation
New situation
Why it doesn’t work Client Server (Node 1) Server (Node 2) What a nice day, let’s connect to my fav server revproxy.zarafa.com “Hi, please give me john’s store” “Uh, sorry, I don’t have that, you have to ask Node2, he’s at http://node2.internal.local:237/ zarafa” Dagnabbit, ok, I’ll connect to node2.internal.local and retry CONNECTION REFUSED *snore*
Why it does work with reverse proxy support Client Server (Node 1) Server (Node 2) What a nice day, let’s connect to my fav server revproxy.zarafa.com “Hi, please give me john’s store” “Uh, sorry, I don’t have that, you have to ask Node2, he’s at http:// node2.internal.local, but I see you connected through a proxy, in that case you should use http://revproxy.zarafa.com/node2 ” Dagnabbit, ok, I’ll connect to revproxy.zarafa.com/node2 and retry Here’s john’s store for you. Have fun.
Configuration of nodes • Node1 – ipHost: node1.local – zarafaPort: 236 – zarafaHttpsPort: 237 – zarafaProxy: http://proxy.domain.com/node1 • Node2 – ipHost: node2.local – zarafaPort: 236 – zarafaHttpsPort: 237 – zarafaProxy: http://proxy.domain.com/node2
To revproxy or not to revproxy • In some cases using the proxy is unnecessary – Local connects between nodes – Not very frequent – One case: • Spooler uses ‘copy to delegated sent-items after send’ feature • After sending message, spooler must copy item to sent items folder, which is possible on other host • Spooler connects to other host • Proxy not needed • Strategy is: – Only return node’s proxy address if the originating request was itself proxied – Detected by looking at header, uses setting ‘proxy_header’
Proxy headers • X-Forwarded-For header – Used as originating IP address – Used for session <-> IP locking – Used in zarafa-stats (including –top)

More Related Content

PDF
Dependency Resolution with Standard Libraries
Hiroshi SHIBATA
 
ZIP
mtl_rubykaigi
Hirotomo Oi
 
KEY
RVM, Bundler and Ruby Tracker
Keith Pitty
 
PDF
How to distribute Ruby to the world
Hiroshi SHIBATA
 
PDF
视觉中国的MongoDB应用实践(QConBeijing2011)
Night Sailer
 
PDF
RubyGems 3 & 4
Hiroshi SHIBATA
 
PDF
PHP MVC Tutorial 2
Yang Bruce
 
PDF
Построение распределенной системы сбора данных с помощью RabbitMQ, Alvaro Vid...
Ontico
 
Dependency Resolution with Standard Libraries
Hiroshi SHIBATA
 
mtl_rubykaigi
Hirotomo Oi
 
RVM, Bundler and Ruby Tracker
Keith Pitty
 
How to distribute Ruby to the world
Hiroshi SHIBATA
 
视觉中国的MongoDB应用实践(QConBeijing2011)
Night Sailer
 
RubyGems 3 & 4
Hiroshi SHIBATA
 
PHP MVC Tutorial 2
Yang Bruce
 
Построение распределенной системы сбора данных с помощью RabbitMQ, Alvaro Vid...
Ontico
 

What's hot (20)

PDF
MongoDB开发应用实践
iammutex
 
PDF
Automating Complex Setups with Puppet
Kris Buytaert
 
PDF
Optcarrot: A Pure-Ruby NES Emulator
mametter
 
PDF
JUDCon 2010 Boston : TorqueBox
marekgoldmann
 
PDF
Gemification for Ruby 2.5/3.0
Hiroshi SHIBATA
 
PDF
What is few?
Shota Fukumori
 
PDF
Fiber in the 10th year
Koichi Sasada
 
KEY
自分をClojure化する方法
fukamachi
 
PDF
JUDCon 2010 Boston : BoxGrinder
marekgoldmann
 
PDF
Ømq & Services @ Chartboost
Kenneth Ballenegger
 
PDF
Carton
taggg
 
PDF
Gemification plan of Standard Library on Ruby
Hiroshi SHIBATA
 
PDF
The secret of programming language development and future
Hiroshi SHIBATA
 
PDF
Toster - Understanding the Rails Web Model and Scalability Options
Fabio Akita
 
PDF
Chef solo the beginning
A.K.M. Ahsrafuzzaman
 
PDF
Building Real-Time Applications with Android and WebSockets
Sergi Almar i Graupera
 
PDF
ChefConf 2012 Spiceweasel
Matt Ray
 
PDF
Deployment de Rails
elliando dias
 
PDF
Troubleshooting RabbitMQ and services that use it
Michael Klishin
 
PPTX
Ansible @ WebElement 2015
Michal Maxian
 
MongoDB开发应用实践
iammutex
 
Automating Complex Setups with Puppet
Kris Buytaert
 
Optcarrot: A Pure-Ruby NES Emulator
mametter
 
JUDCon 2010 Boston : TorqueBox
marekgoldmann
 
Gemification for Ruby 2.5/3.0
Hiroshi SHIBATA
 
What is few?
Shota Fukumori
 
Fiber in the 10th year
Koichi Sasada
 
自分をClojure化する方法
fukamachi
 
JUDCon 2010 Boston : BoxGrinder
marekgoldmann
 
Ømq & Services @ Chartboost
Kenneth Ballenegger
 
Carton
taggg
 
Gemification plan of Standard Library on Ruby
Hiroshi SHIBATA
 
The secret of programming language development and future
Hiroshi SHIBATA
 
Toster - Understanding the Rails Web Model and Scalability Options
Fabio Akita
 
Chef solo the beginning
A.K.M. Ahsrafuzzaman
 
Building Real-Time Applications with Android and WebSockets
Sergi Almar i Graupera
 
ChefConf 2012 Spiceweasel
Matt Ray
 
Deployment de Rails
elliando dias
 
Troubleshooting RabbitMQ and services that use it
Michael Klishin
 
Ansible @ WebElement 2015
Michal Maxian
 
Ad

Viewers also liked (8)

PDF
Zararfa SummerCamp 2012 - Debian packaging Giraffe and D-push
Zarafa
 
PPT
Zarafa SummerCamp 2012 - Zarafa 7.1 features
Zarafa
 
PPT
Zarafa SummerCamp 2012 - Keynote Steve Hardy - 3 Cool innovations
Zarafa
 
PPT
Zarafa SummerCamp 2012 - Exchange Web Services on Zarafa
Zarafa
 
PPT
Zarafa SummerCamp 2012 - Exchange Web Services, technical information
Zarafa
 
ODP
Zarafa SummerCamp 2012 - Tips & tricks for running Zarafa is larger scale env...
Zarafa
 
ODP
Zarafa SummerCamp 2012 - Basic Introduction WebApp plugin development
Zarafa
 
PPTX
Spartacus workouts
Mark McClintock
 
Zararfa SummerCamp 2012 - Debian packaging Giraffe and D-push
Zarafa
 
Zarafa SummerCamp 2012 - Zarafa 7.1 features
Zarafa
 
Zarafa SummerCamp 2012 - Keynote Steve Hardy - 3 Cool innovations
Zarafa
 
Zarafa SummerCamp 2012 - Exchange Web Services on Zarafa
Zarafa
 
Zarafa SummerCamp 2012 - Exchange Web Services, technical information
Zarafa
 
Zarafa SummerCamp 2012 - Tips & tricks for running Zarafa is larger scale env...
Zarafa
 
Zarafa SummerCamp 2012 - Basic Introduction WebApp plugin development
Zarafa
 
Spartacus workouts
Mark McClintock
 
Ad

Similar to Zarafa SummerCamp 2012 - Zarafa Cluster using a reverse proxy (20)

PPTX
Programming proxies to do what we need so we don't have to talk to the networ...
Lori MacVittie
 
PDF
tokyo.vcl発表資料(varnish+squid)
Yasuhiro Araki, Ph.D
 
PDF
Scalable Architecture 101
ConFoo
 
PPTX
Writing Portable WebSockets in Java
jfarcand
 
PPTX
Building WebSocket and Server Side Events Applications using Atmosphere
jfarcand
 
PDF
Load balancing at tuenti
Ricardo Bartolomé
 
PDF
haproxy-150423120602-conversion-gate01.pdf
PawanVerma628806
 
PPTX
HAProxy
Arindam Nayak
 
PDF
HTML5 Websockets and Java - Arun Gupta
JAX London
 
PPT
Web Server Load Balancer
MobME Technical
 
PPTX
Scaling connections in peer-to-peer applications
Bartosz Sypytkowski
 
PDF
Apache httpd 2.4 Reverse Proxy: The Hidden Gem
Jim Jagielski
 
PDF
Websocket 1.0
Arun Gupta
 
PDF
Server Load Balancing on pfSense 2.4 - pfSense Hangout July 2017
Netgate
 
PDF
Haproxy - zastosowania
Łukasz Jagiełło
 
PDF
SenchaLabs Connect & Express
Tim Caswell
 
PDF
HAProxy tech talk
icebourg
 
PDF
Relayd: a load balancer for OpenBSD
Giovanni Bechis
 
PDF
Building HTML5 WebSocket Apps in Java at JavaOne Latin America 2012
Arun Gupta
 
PDF
Intro to WebSockets and Comet
dylanks
 
Programming proxies to do what we need so we don't have to talk to the networ...
Lori MacVittie
 
tokyo.vcl発表資料(varnish+squid)
Yasuhiro Araki, Ph.D
 
Scalable Architecture 101
ConFoo
 
Writing Portable WebSockets in Java
jfarcand
 
Building WebSocket and Server Side Events Applications using Atmosphere
jfarcand
 
Load balancing at tuenti
Ricardo Bartolomé
 
haproxy-150423120602-conversion-gate01.pdf
PawanVerma628806
 
HAProxy
Arindam Nayak
 
HTML5 Websockets and Java - Arun Gupta
JAX London
 
Web Server Load Balancer
MobME Technical
 
Scaling connections in peer-to-peer applications
Bartosz Sypytkowski
 
Apache httpd 2.4 Reverse Proxy: The Hidden Gem
Jim Jagielski
 
Websocket 1.0
Arun Gupta
 
Server Load Balancing on pfSense 2.4 - pfSense Hangout July 2017
Netgate
 
Haproxy - zastosowania
Łukasz Jagiełło
 
SenchaLabs Connect & Express
Tim Caswell
 
HAProxy tech talk
icebourg
 
Relayd: a load balancer for OpenBSD
Giovanni Bechis
 
Building HTML5 WebSocket Apps in Java at JavaOne Latin America 2012
Arun Gupta
 
Intro to WebSockets and Comet
dylanks
 

More from Zarafa (20)

PPTX
Zarafa SummerCamp 2012 - Android Workshop
Zarafa
 
PPT
Zarafa SummerCamp 2012 - Steve Hardy Friday Keynote
Zarafa
 
ODP
Zarafa SummerCamp 2012 - Project approach when migrating to Zarafa
Zarafa
 
ODP
Zarafa SummerCamp 2012 - Keynote Peter Ganten
Zarafa
 
ODP
Zarafa SummerCamp 2012 - Yubikey integration
Zarafa
 
PDF
Zararfa SummerCamp 2012 - HA, multi-tenancy and SSO in Zentyal 2 and 3.pdf
Zarafa
 
PDF
Zararfa SummerCamp 2012 - Fedora update & PAM-MAPI Zarafa Ready certified com...
Zarafa
 
PDF
Zararfa SummerCamp 2012 - Community update and Zarafa Development Process
Zarafa
 
PDF
Zararfa summer camp 2012 interesting tips & tricks when migrating to zarafa
Zarafa
 
ODP
Zarafa SummerCamp 2012 - Deploying Zarafa Archiver
Zarafa
 
ODP
Zarafa SummerCamp 2012 - Open Generation Gap
Zarafa
 
PPTX
Zarafa SummerCamp 2012 - Z-push 2.0 changes for administrators
Zarafa
 
PDF
Zararfa SummerCamp 2012 - Performing fast backups in large scale environments...
Zarafa
 
PPT
Zarafa SummerCamp 2012 - Communication - how engineers can outperform
Zarafa
 
PDF
Zararfa SummerCamp 2012 - From RHEL to RHEV to Cloud
Zarafa
 
PDF
Zararfa SummerCamp 2012 - One solution of two vendors solves plenty needs
Zarafa
 
ODP
Zarafa SummerCamp 2012 - Zarafa in the Capgemini Open Cloud
Zarafa
 
PPTX
Zarafa SummerCamp 2012 - DMS ECM - simply for everyone
Zarafa
 
PPTX
Zarafa SummerCamp 2012 - WebApp introduction and roadmap
Zarafa
 
ODP
Zarafa SummerCamp 2012 - Project Approach when Migrating from Exchange to Zarafa
Zarafa
 
Zarafa SummerCamp 2012 - Android Workshop
Zarafa
 
Zarafa SummerCamp 2012 - Steve Hardy Friday Keynote
Zarafa
 
Zarafa SummerCamp 2012 - Project approach when migrating to Zarafa
Zarafa
 
Zarafa SummerCamp 2012 - Keynote Peter Ganten
Zarafa
 
Zarafa SummerCamp 2012 - Yubikey integration
Zarafa
 
Zararfa SummerCamp 2012 - HA, multi-tenancy and SSO in Zentyal 2 and 3.pdf
Zarafa
 
Zararfa SummerCamp 2012 - Fedora update & PAM-MAPI Zarafa Ready certified com...
Zarafa
 
Zararfa SummerCamp 2012 - Community update and Zarafa Development Process
Zarafa
 
Zararfa summer camp 2012 interesting tips & tricks when migrating to zarafa
Zarafa
 
Zarafa SummerCamp 2012 - Deploying Zarafa Archiver
Zarafa
 
Zarafa SummerCamp 2012 - Open Generation Gap
Zarafa
 
Zarafa SummerCamp 2012 - Z-push 2.0 changes for administrators
Zarafa
 
Zararfa SummerCamp 2012 - Performing fast backups in large scale environments...
Zarafa
 
Zarafa SummerCamp 2012 - Communication - how engineers can outperform
Zarafa
 
Zararfa SummerCamp 2012 - From RHEL to RHEV to Cloud
Zarafa
 
Zararfa SummerCamp 2012 - One solution of two vendors solves plenty needs
Zarafa
 
Zarafa SummerCamp 2012 - Zarafa in the Capgemini Open Cloud
Zarafa
 
Zarafa SummerCamp 2012 - DMS ECM - simply for everyone
Zarafa
 
Zarafa SummerCamp 2012 - WebApp introduction and roadmap
Zarafa
 
Zarafa SummerCamp 2012 - Project Approach when Migrating from Exchange to Zarafa
Zarafa
 

Recently uploaded (20)

PDF
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
PDF
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
PDF
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
PDF
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
PPTX
Machine Learning_overview_presentation.pptx
kondavamsidharreddy2
 
PDF
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
PDF
Assigned Numbers - 2025 - Bluetooth® Document
Bloombase
 
PDF
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
PDF
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
PDF
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
PPT
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
PDF
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
PPTX
A Presentation on Artificial Intelligence
memembruh336
 
PDF
NewMind AI Weekly Chronicles - August'25-Week II
NewMind AI
 
PDF
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
PDF
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
PDF
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
PDF
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
PPTX
MYSQL Presentation for SQL database connectivity
Swati270511
 
PPTX
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
Machine Learning_overview_presentation.pptx
kondavamsidharreddy2
 
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
Assigned Numbers - 2025 - Bluetooth® Document
Bloombase
 
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
A Presentation on Artificial Intelligence
memembruh336
 
NewMind AI Weekly Chronicles - August'25-Week II
NewMind AI
 
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
MYSQL Presentation for SQL database connectivity
Swati270511
 
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 

Zarafa SummerCamp 2012 - Zarafa Cluster using a reverse proxy

  • 1. Zarafa multiserver reverse proxy Steve Hardy
  • 2. Cluster node proxy • General idea – Parts of the system • HTTP(s) proxy • Zarafa server – Some details • Session IP locking • Internal vs external connections • Network layouts – SSL offload – Loadbalancer • Configuration – Configuring – Testing (stats)
  • 3. Goal • Single exposed ‘host’ to clients for cloud solutions • Host may be: – Single hostname, single IP – Single hostname, round-robin IP • Advantages: – Easier firewalling – Use off-the-shelf proxy / loadbalance hardware
  • 6. Why it doesn’t work Client Server (Node 1) Server (Node 2) What a nice day, let’s connect to my fav server revproxy.zarafa.com “Hi, please give me john’s store” “Uh, sorry, I don’t have that, you have to ask Node2, he’s at http://node2.internal.local:237/ zarafa” Dagnabbit, ok, I’ll connect to node2.internal.local and retry CONNECTION REFUSED *snore*
  • 7. Why it does work with reverse proxy support Client Server (Node 1) Server (Node 2) What a nice day, let’s connect to my fav server revproxy.zarafa.com “Hi, please give me john’s store” “Uh, sorry, I don’t have that, you have to ask Node2, he’s at http:// node2.internal.local, but I see you connected through a proxy, in that case you should use http://revproxy.zarafa.com/node2 ” Dagnabbit, ok, I’ll connect to revproxy.zarafa.com/node2 and retry Here’s john’s store for you. Have fun.
  • 8. Configuration of nodes • Node1 – ipHost: node1.local – zarafaPort: 236 – zarafaHttpsPort: 237 – zarafaProxy: http://proxy.domain.com/node1 • Node2 – ipHost: node2.local – zarafaPort: 236 – zarafaHttpsPort: 237 – zarafaProxy: http://proxy.domain.com/node2
  • 9. To revproxy or not to revproxy • In some cases using the proxy is unnecessary – Local connects between nodes – Not very frequent – One case: • Spooler uses ‘copy to delegated sent-items after send’ feature • After sending message, spooler must copy item to sent items folder, which is possible on other host • Spooler connects to other host • Proxy not needed • Strategy is: – Only return node’s proxy address if the originating request was itself proxied – Detected by looking at header, uses setting ‘proxy_header’
  • 10. Proxy headers • X-Forwarded-For header – Used as originating IP address – Used for session <-> IP locking – Used in zarafa-stats (including –top)