Configuring F5 load balancers to support Synchrony traffic
プラットフォームについて: Server および Data Center のみ。この記事は、Server および Data Center プラットフォームのアトラシアン製品にのみ適用されます。
Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.
*Fisheye および Crucible は除く
要約
This document is provided as-is
Atlassian applications allow the use of Load Balancers with our products, however Atlassian's Support Offerings do not cover infrastructure configuration. Consequently, Atlassian cannot guarantee providing any support for them.
設定でサポートが必要な場合、アトラシアン コミュニティに質問を登録してください。
This document is a template for how to configure F5 BIG-IP LTM load balancer for use with Confluence and Synchrony (Collaborative Editing).
This is aligned with the recommended configuration so that the load balancer can route traffic to both Confluence and Synchrony JVM.
See Possible Confluence and Synchrony Configurations for more details on this configuration.
This document isn't intended as a final solution, but as a starting point.
環境
This document considers a standard deployment as follows:
- Confluence Data Center with 2 nodes.
- Managed Synchrony, which was made available on 6.12 onward.
- Confluence and Synchrony running on the same server.
- Standard ports are used as described in Ports used by Atlassian Applications.
- Confluence Tomcat connector listening on port 8090 and Synchrony listening on port 8091.
- If using HTTPS, SSL offloaded on the
F5.
This document can (and should) still be used as starting point if your configuration differs from the above.
ソリューション
The F5 BIG-IP configuration is required at least on the following sections:
- Virtual Server
- iRule
- Pool
Pool
Configure two different Pools, one for Confluence and another for Synchrony. You may give any name to the Pools. See an example below.
When running with managed Synchrony, the target servers for both pools should be the same.
The main difference in the configuration is on the target port.
When using the default ports, the target port for Confluence is 8090 and the target port for Synchrony is 8091.
See an example below for the Synchrony pool.
While standard TCP health checks may work on most cases, it is recommended to configure customized HTTP health checks for both Pools as below.
| Pool | Target URL | Expected HTTP response | Expected Body response | Additional Information |
|---|---|---|---|---|
| Confluence | http://<Confluence node IP>:8090/status | 200 | {"state":"RUNNING"} | Confluence Data Center でのクラスタ化 |
| Synchrony | http://<Synchrony node IP>:8091/synchrony/heartbeat | 200 | OK | Confluence Data Center で Synchrony の状態を確認する方法 |
iRule
You need to configure an iRule so that requests to Synchrony are forwarded to the Synchrony pool and anything else is forwarded to the Confluence pool.
The following iRule works on most regular situations and can be used as a starting point if your organization needs additional configuration.
when HTTP_REQUEST {
if { [string tolower [HTTP::path]] starts_with "/synchrony" } {
pool <Synchrony pool>
} else {
pool <Confluence pool>
}
}以下の例を参照してください。
Virtual Server
You need to configure one virtual server that will use both Confluence and Synchrony pools.
If using HTTPS, SSL must be offloaded on the F5, since Synchrony cannot offload SSL.
See an example below with the following mandatory configuration:
- iRules: The Synchrony iRule must be used here; you may have any other iRule that is needed in your organization.
- Default pool: It should be set to
nonesince theiRulewill manage it. - Default Persistence Profile: Session cookie stickiness must be configured so that all requests from the same session are sent to the same Confluence node.
参考情報
Confluence および Synchrony で利用可能な設定
Confluence Data Center でのクラスタ化
Confluence Data Center で Synchrony の状態を確認する方法
スタンドアロンの Synchrony クラスタから管理対象の Synchrony に移行する